I’ve received an email from a hacker from my email account!

Scam.

Do not respond to, or engage with, the message. Certainly do not, under any circumstances, attempt to contact anyone using the contact details that may have been provided within the message itself.

Most scam alerts are designed to scare the unwary into giving away sensitive information - or to fool you into doing something that you shouldn’t - usually to defraud you financially.

Email address spoofing is trivial. It is not uncommon to see email with your own email address as the sender; and I'm not referring to simple character substitutions.

If you suspect that your AppleID account or Password has been compromised:

If you think your Apple ID has been compromised - Apple Support

I had the exact same email recently. Spam. Delete it and don't click on any links within the email. Spammers are getting very tricky. I'm not sure how they make it look like it came from recipient. Just be happy that your spam blocker is working correctly and put it in the Junk Mail folder.

Pexus wrote:

I went into my junk box ready to delete everything as usual. There was a threatening email saying I was going to have my browsing history exposed and that I was a pervert. The demand is for 1500$.

I checked to see if it was a usual scam with a rubbish email address. My surprise when all my details came up as if I’d sent it. I clicked on reply arrow and yep, my email address came up. The scammer also told me it would. I have less than 48 hours to accede to their demands to put the money into a bitcoin account. I won’t be doing that. I’ve changed my passwords and mostly use strong ones and two factor authentication.

How can this happen and what can I do now?

This is a very common phishing scam. Delete it.

Pexus wrote:

I went into my junk box ready to delete everything as usual. There was a threatening email saying I was going to have my browsing history exposed and that I was a pervert. The demand is for 1500$.

I checked to see if it was a usual scam with a rubbish email address. My surprise when all my details came up as if I’d sent it. I clicked on reply arrow and yep, my email address came up. The scammer also told me it would. I have less than 48 hours to accede to their demands to put the money into a bitcoin account. I won’t be doing that. I’ve changed my passwords and mostly use strong ones and two factor authentication.

If you view the raw message source you will find it is not your address; there will be letter substitutions in it that will make it look like your address, such as an upper case “i” rather than a lower case “L” or similar substitutions.

Dinosaur185 wrote:

Hi there. I have had the exact same thing calling me a sick pervert and apparently recording me watching indecent stuff!

They were not recording you. They were lying about that.

first question what’s a me.com email address? I know it’s connected to iCloud but how do I know if it’s from my account and has been hacked (with empty threats?)

A me.com address is the format that existed before icloud.com addresses. When Apple converted, people who had those address were allowed to keep them. Nothing has been hacked.

it went to my junk box - what action do I need to take?

As has been explained, all you have to do is delete the email.

Pexus wrote:

I went into my junk box ready to delete everything as usual. There was a threatening email saying I was going to have my browsing history exposed and that I was a pervert. The demand is for 1500$.

It's an extortion scam – more specifically, a "sextortion" one. The term "sextortion" seems to cover a variety of criminal activities – ranging from what was aimed at you, all the way up to child predators actively encouraging unsuspecting child victims to send them inappropriate images as a prelude to God-knows-what.

This U.K. Government Web site describes something that sounds exactly like what you experienced – and their advice is to not engage with the criminals.

https://www.ncsc.gov.uk/files/sextortion-scams-infographic.pdf

My surprise when all my details came up as if I’d sent it. I clicked on reply arrow and yep, my email address came up.

My mother sometimes got calls from telemarketers where the Caller ID said that the spammers or scammers were calling from her phone number. Obviously impossible, also obviously meant to bypass call filters (since who would think to block calls from their own phone number?).

As the others said, just because they can play games with the e-mail system doesn't mean they're all-knowing, or all-powerful. They just want you to think that, so you will fall for the extortion scam. And with extortion/blackmail, paying the criminals may get you in deeper, because then the criminals figure they can keep blackmailing you and keep threatening you to get you to cough up more.

I have less than 48 hours to accede to their demands to put the money into a bitcoin account. I won’t be doing that. I’ve changed my passwords and mostly use strong ones and two factor authentication.

Good! You didn't fall for it!

Dinosaur185 wrote:

Thank you so much for explaining! I know they were lying but it makes you wonder if they still have access to anything!

I know they haven’t been recording anything but I was more concerned about pictures and videos of my children - that’s what scares me!

Do not trust extortionists to tell you the truth. They don't have access to anything. It's much easier and cheaper to lie to you and say that they do. That way, they scare you into paying money, and all they had to do was send an email. Actually, compromising your phone remotely would cost them a lot of money.

That latest scam has been reported.

You have nothing to worry about.

The only thing to remember is:

Do not reply to that email‼️⚠️

As long as you delete it, then you are good to go!

Hi there. I have had the exact same thing calling me a sick pervert and apparently recording me watching indecent stuff!

first question what’s a me.com email address? I know it’s connected to iCloud but how do I know if it’s from my account and has been hacked (with empty threats?) it went to my junk box - what action do I need to take?

Thank you so much for explaining! I know they were lying but it makes you wonder if they still have access to anything!

I know they haven’t been recording anything but I was more concerned about pictures and videos of my children - that’s what scares me!