Oh sh*t. Everyone is going to see me naked!

This morning started out like a typical Monday morning. Hectic. This e-mail was waiting for me in my inbox:

     From: <info@beckymiles.com>

    To: Riaan@xxxx.co.za

    Subject: riaan@xxxx.co.za:bananalama32

    It appears that, (bananalama32), 's your password. Will possibly not know me and you are probably wondering why you are getting this e mail, right?


    actually, I setup a viruses on the adult vids (porno) web site and guess what happens, you visited this web site to have fun (you really know what I am talking about). During the time you were watching videos, your internet browser started off functioning like a RDP (Team Viewer) which provided accessibility to your screen and web cam. from then on, my computer software obtained your entire contacts out of your Messenger, Microsoft outlook, FB, as well as emails.


    What did I really do?


    I made a double-screen video clip. Very first part shows the video you're seeing (you have a good taste haha . . .), and Second part shows the recording of your web camera.


    what exactly should you do?


    Well, in my opinion, $1000 is a fair price for your little hidden secret. You'll make the payment by Bitcoin (if you do not know this, search "how to buy bitcoin" in Google).


    BTC Address: 1JyyFsf1RwRRkrA6rx1NzJbAH6r6Wm5uR1

    (It is case sensitive, so copy and paste it)


    Important:

    You've some days in order to make the payment. (I've a unique pixel within this e-mail, and at this moment I am aware that you have read this email message). If I do not get the BitCoins, I will certainly send your videos to all of your contacts including relatives, colleagues, and so forth. Having said that, if I get the payment, I'll destroy the recording immidiately. If you want evidence, reply with "Yes!" and I will undoubtedly send your videos to your 6 contacts. It is a non-negotiable offer, that being said don't waste my personal time and yours by answering this message.

Fuck. That is indeed my password. Well – at least one of the passwords I use on a regular basis. Where the hell am I going to get $1000? That’s over R15 000. Damnit. Everyone I know is going to see me in all my glory. I’ll have to disappear and start with a new identity in some tiny little Vrystaat town… I recall poor Margharet van Wyk that had her life destroyed when she accidentally sent a picture of her Parra to the school’s hockey Whatsapp group… I’m going to be Margharet 2.0. Sh*t.

Except. Only one or two tiny problems with the threatening e-mail.

Technically speaking

 

I know a virus that hijacks/hacks your webcam is a reality. There are countless examples of lives destroyed and people humiliated by such a virus/malware. It’s not a difficult hack.
I am in the IT industry, so I know how to protect myself. I have an anti-virus; anti-malware and a process monitor always running. I also know that I am in no way immune to viruses. I often have to check files for users to see whether it is a legit file (like a proof of payment) or a virus. I know that new viruses are written every single day and anti-virus companies are always trying to keep up. There is always the dangerous gap when users are vulnerable: The time between a new virus spreading and anti-virus companies protecting users against it. That is why I also tape a piece of paper over my webcam. This is common practice among the IT crowd; even Mark Zuckerberg is known to do this.

In other words, even if a hacker manages to get a virus on my laptop, he’s not going to be able to see anything.

So many questions 

 

Now that we’ve covered the technical implausibility of the e-mail being real, let’s consider the content of the e-mail…

If I had “dirt” on someone and I was blackmailing them, I’d give some proof. Showing me a password – which I know is my password – is supposed to give it legitimacy. But that’s not good enough in my opinion. If you’re going to blackmail someone, give them a screenshot of the material you have of them. That will give some gravity to the matter, won’t it? The (supposed) hacker welcomes you to ask for proof – only they will send the proof to 6 of your contacts… No-one is going to bite, are they?

Obvious bullshyte is obvious.

“…that being said don't waste my personal time and yours by answering this message.”

Really? Well fuck you.

And what if I actually made the payment? How are you (the hacker) going to know it was me that made the payment? I’m assuming that you are doing this with dozens if not hundreds of people… How do you know I paid the ransom? Where do I send my proof of payment? And how do I know that you are actually going to destroy the “evidence”? I pay the ransom, and you just up the stakes – ask for more. You have all the leverage, and I have none. Not a very fair game, is it? You would have to be a special kind of idiot to just pay $1000 into some random Bitcoin account.

Oh, and the “a unique pixel within this e-mail, and at this moment I am aware that you have read this email message”… Nice try. Yes, tracking pixels exist. But good lucking putting one in a plain text e-mail. Hahaha!

Hacks are a reality

Before I get to the most important part – the porn – let’s just consider the fact that they have my password - or at least a password that seems legit… How? Over there years many databases have been hacked – including South African databases.

There’s the Master Deeds hack of 2017 that meant the personal data of tens of millions of living and deceased South African residents got into the hands of hackers. The data included extensive personal attributes such as names, addresses, ethnicities, genders, birth dates, government issued personal identification numbers and 2.2 million email addresses.

The 2016 Ster-kinekor hack which lead to extensive personal information such as names, addresses, birthdates, genders and plain text passwords of 1.6 million users being leaked. (This is where they got my password to try and blackmail me.)

The most recent hack was the ViewFines website (May 2018) where over 934 000 records containing 778 000 unique email addresses were exposed and included names, phone numbers, government issued IDs and passwords stored in plain text were leaked.

This is scary stuff people. Your private information is out there available to criminals. Not much you can do about it, except change your passwords regularly, but important to keep in mind if suspicious things start to happen (i.e. signs of identity theft). To check if your information was leaked, you can check your e-mail address on haveibeenpwned.com. Yes, it’s a legit and safe site.

 You are only human

Now, back to the most important point: The Porn and what I’ve been doing in front of my webcam. Allegedly.

My office door is always open. Some days my office is busier than your local Gautrain station at 7 AM. In other words, I would have to have a giant set of testicles to sit and tickle the monkey in broad daylight in my office with the possibility of someone walking in on me at any second… I’m not that kind of stupid. How embarrassing would it be if you were busy Jackin' the Beanstalk and your boss walks in…!? Nope. No way I’m ever wandering down that avenue. Never have. Never will. It’s a career destroyer.

 

 

With that being said, why is human sexuality such a taboo? I mean Pornhub.com gets 75 million unique visitors every day – and that’s just one of millions upon millions of porn sites on the Internet. Sex is one of (if not THE) biggest industries on the Internet. Clearly millions and millions of people are visiting naughty websites every day, and let’s be honest, it’s not just to look… Yet, it’s one of things people consider to be "a skeleton in the closet". A great, big secret.
Yes, masturbation is a private matter. But is it really scandalous? We all pee and poop, and we don’t mention it in civilized discussions, but we don’t consider it “shameful”.

Most teenage boys would vehemently deny that they polish the staff, yet statistically all teenage boys do it. And yet, if one is caught out he is teased endlessly – as if he is the only one that does it.
 

 

I agree that sex is a private matter. The rest of us don’t want to see it – without consent at least. But it’s not shameful nor should you be blackmailed in any way or form for normal human behaviour. You shouldn’t have to break out in cold sweat at the idea of everyone you know knowing or seeing that you had a bit of “me time”. That’s bullshyte. We have to applaud people like Margharet van Wyk for having a great sex life and for keeping it interesting. Chris is a very lucky man for having such an adventurous wife. Yes, the entire nation knows what her kwakkie looks like. But so what? Show me a single person that does not have a kwakkie or willy of their own… Show me a single person that does not have sexual urges in some form or took care of business at some time…
It’s human nature. It’s a private matter for most – but even so, it’s not something to be embarrassed about. It’s not a shameful act. (However, it becomes one when it’s an obsession or if it hurts other people in any way or form, but that is a whole other discussion.)

So, to conclude: Dear “Mister Hacker”. Even if you did have anything to blackmail me with, so what? You are a vile creature for wanting to extort money out of people for being human and doing human things in private. It is you that should be embarrassed. You should be locked up and the key thrown away. A video of someone in a private moment may be a bit gross, but playing on people’s fears and trying to exploit them is disgusting, nauseating and despicable. Mister “Hacker”, excuse the pun but go fuck yourself.