You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

I received an email that included my password, is my iPhone Hacked?

I received an email that my PC has been hacked including all devices that I read my email on. In this email they also included the correct password for my email account and sent the actual email from my own email address.


This looks very legit. They are blackmailing me for Bitcoin. Should I be concerned or is this a phishing expedition?


[Re-Titled by Moderator]

iPhone SE, iOS 16

Posted on Oct 18, 2023 1:48 AM

Reply
Question marked as Top-ranking reply

Posted on Oct 18, 2023 2:45 AM

No, that is not possible. The email is an absolute scam. The scammers/criminals have purchased the list of emails/passwords from other criminals that have hacked email services. They are now attempting to recoup their money from unsuspecting victims. Please don’t fall for their lies, and become one of their victims.

12 replies
Question marked as Top-ranking reply

Oct 18, 2023 2:45 AM in response to Maerk_H

No, that is not possible. The email is an absolute scam. The scammers/criminals have purchased the list of emails/passwords from other criminals that have hacked email services. They are now attempting to recoup their money from unsuspecting victims. Please don’t fall for their lies, and become one of their victims.

Oct 18, 2023 2:51 AM in response to Maerk_H

Maerk_H wrote:

Is it possible though for hackers to access the camera and microphone on an iphone? If yes, how would one be able to determine the fact on an individual iphone?


The chances of someone "hacking" the camera and microphone on a non-jailbroken iPhone seem remote. I am not going to make any guarantees that it is impossible.


I am going to point out that if you are worried about someone spying on you using the camera and microphone, you need to ask yourself

  • Which apps have permission to access the camera and microphone?
  • Do I really trust them?


Control access to hardware features on iPhone - Apple Support


Oct 18, 2023 3:04 AM in response to Maerk_H

Yes, we are familiar with the email. As stated above, it is a very common scam attempt. The one thing these emails have in common is that they are all scams, 100% of the time, no exceptions. The correct course of action is to delete the email, do not interact with the message, and move on with your day.


If you still use the email they claim to have the password for, change that password.

Oct 18, 2023 3:21 AM in response to Maerk_H

Sounds like a mixture of lies, half-truths, threats, and empty threats – with a few true statements thrown in for plausibility ("It is wise to change all of your passwords …"). Meant to scare you out of your mind, cause you to panic, and deliver you directly into the "loving arms" of this criminal.


Have you ever heard of the expression "Throwing a bunch of (****) against the wall to see what sticks?" That seems to be the approach of this particular scammer.

Oct 18, 2023 1:59 AM in response to Maerk_H

It sounds like a criminal expedition regardless of the exact type of criminal expedition that it is. There's nothing legit about it, even if they are in your e-mail account and have found something with which to blackmail you.


I would suggest immediately changing the passwords to all accounts that you think may have been compromised. If they have locked you out of your e-mail account, report that to your e-mail provider. You might want to change your iPhone passcode and Apple ID password, too.


Placing a credit freeze or fraud alert may make it harder for them to take out credit in your name.

https://consumer.ftc.gov/articles/what-know-about-credit-freezes-fraud-alerts

Oct 18, 2023 2:09 AM in response to Maerk_H

BTW, the claim that your computer, phone, or iCloud account has been "hacked" or is infected with a million viruses is a common one in "phishing" messages. Usually it is a complete pack of lies, designed to frighten you into taking some action that will deliver you right into the criminals' waiting hands.


The twist here, is that, according to you, these criminals actually know your e-mail account's password. The rest of what they say could be a complete pack of lies, but if they have proven that they know the password to one of your accounts, that means that account is compromised, and if there's any way it can compromise others, they may be.


E.g., if you have a Google account and they know your Google "e-mail" password, that is a threat wider than just to e-mail, given the very large number of Web sites that let you "sign in with Google". If the compromised account is one of these accounts that supports authentication all over the Web, you might need to contact the provider – and see what they say to do (if anything) about potential collateral damage.

Oct 18, 2023 3:00 AM in response to Servant of Cats

Below is the email that I received in full. Some additional info is that my PC does not have a microphone or webcam attached/installed:


Dear [here it stated my email adress]



I regret to inform you that there has been a security breach involving your

devices used for internet browsing.


Several months ago, I gained unauthorized access to these devices and have been

monitoring your internet activities.


Recently, I successfully hacked into your email accounts, including your

password: [here it stated the correct password for the email account].




Furthermore, I have installed a Trojan virus on all the devices you use to

access your email.


This was made possible because you clicked on links from your inbox emails,

making it relatively easy for me to infiltrate your systems.


Through this software, I have obtained access to various features of your

devices, such as the microphone, video camera, and keyboard.


I have also retrieved and stored your personal information, data, photos, and

web browsing history on my servers.


Additionally, I have gained access to your messengers, social networks, email

correspondence, chat history, and contact list.


To remain undetected, my virus continuously refreshes its signatures, making it

invisible to antivirus software.




During my investigation, I discovered that you frequently visit adult websites

and engage in explicit content.


I have managed to record explicit videos of you and have created a montage that

showcases your intimate moments and self-pleasure.


If you doubt the authenticity of my claims, I can easily share these videos

with your friends, colleagues, and relatives, or even make them publicly

accessible.




I believe it is in your best interest to prevent this from happening,

considering the potential consequences of exposing such explicit content.


Therefore, I propose a solution: transfer $500 USD to my bitcoin wallet

(details provided below), based on the exchange rate at the time of the

transaction.


Once the transfer is completed, I will promptly delete all compromising

material.


Following this, we shall part ways, and I assure you that I will deactivate and

remove all harmful software from your devices.


You can trust that I will uphold my end of the agreement.




Considering the extensive information I possess about you and the time I have

invested in monitoring your activities, I believe this is a fair and reasonable

offer.


If you are unsure about purchasing and transferring bitcoins, I suggest using a

search engine for guidance.




Bitcoin wallet: bc1qz2zlgndxmn64uu9lyvuwvsj6ft8encugw39t40




Please refrain from taking the following actions:




Do not reply to this email, as I have created it within your inbox and

generated the return address.


Do not attempt to contact the police or other security services. Moreover, do

not inform your friends, as it would be effortless for me to discover such

actions, given my control over your systems. In such a case, I will immediately

share the videos publicly.


It is futile to try and locate me, as all cryptocurrency transactions are

anonymous.


Reinstalling the operating system or disposing of your devices will not be effective,

as the videos have already been stored on remote servers.




There are a few things you need not worry about:




I will promptly receive your funds transfer, as I continuously monitor your

activities through my trojan virus, which has remote-control capabilities

similar to TeamViewer.


Once the funds transfer is completed, I have no intention of sharing your

videos. I have no interest in further complicating your life, as I would have

done so already if that were my intention. Rest assured, everything will be

handled fairly.




Lastly, I strongly advise you to avoid similar situations in the future. It is

wise to change all your passwords regularly to enhance your online security.

Oct 18, 2023 3:40 AM in response to Maerk_H

The scammer wrote:

Following this, we shall part ways, and I assure you that I will deactivate and
remove all harmful software from your devices.

You can trust that I will uphold my end of the agreement.


Everyone knows that you can place complete trust in an anonymous criminal who claims that he has been victimizing you in exceedingly obnoxious ways for months on end!


If you believe that, I have a bridge to sell you …


Please refrain from taking the following actions:

Do not attempt to contact the police or other security services.


Criminals don't like police. Who would have known?


There are a few things you need not worry about:

I will promptly receive your funds transfer


LOL!


I received an email that included my password, is my iPhone Hacked?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.