I did have one of these emails, which alleged I was “relieving myself” whilst looking at porn, that they had a photo of me doing this! Of course, that’s nonsense, but what really worried me is that they put in that email the password of my Macbook Pro!
Naturally, I changed the password immediately and deleted the email. I’ve heard nothing since.
Do you share passwords (i.e. use the same password for any internet sites)?
It’s as safe a practice as IV drug users sharing needles!
I think the safest thing is not the password itself but a 2-step authentication, I would use it whenever a bank offers it.
They will try to provide anything they can to make their threat seem credible. One way they could get a MacBook Pro password is to pop up a box looking like one of Apple’s requests for your password and inviting you to type it in. They would have needed to convince you this was a legit prompt from within MacOS. Not saying this happened, but it is one possibility.
As you’ve changed your password then it should be OK now. Use a strong password or two factor authentication if you are concerned. Somebody knowing my MBP password would only be problematic if I had some sharing options enabled and they were on the same LAN as me. I only allow very limited sharing and turn it off if I’m not on my own LAN.
I use my ISP’s filters to block dodgy sites: I don’t block gambling though as it blocks NS&I (nsandi) so I couldn’t see if ERNIE has picked out one of my premium bonds (not that he ever does).
I use a fairly safe option - no online banking.
2 step authentication is not without its own unique set of issues.
I don’t recall anyone in this thread mentioning blocking the relevant email addresses.
It doesn’t help when the email apparently comes from some other random person whose address they have - or as I received once, apparently from myself!
I get that all the time. Within the Apple client you just click the address and the real one is revealed and then you get the option to block it. Subsequent emails from the same alleged domain do come in but go straight to junk and you get told it’s from someone you blocked.
Email spoofing like that is pretty common - they make it LOOK like its coming from you.
I own my own domain, and from time to time I get email bounces from when some email spammer has been sending out emails spoofed to look like they come from me or another address at my domain. It was disturbing at first, but the simple facts are that email can be spoofed, and it happens.
If you have used that same password anywhere else, it is much more likely that they obtained the password from a data breach of some site, vs actually from your Macbook. The data obtained from data breaches is all over the (dark) web and anyone who tries just a little can find it. Names/emails/passwords abound from various breaches.
I was in the middle of five annoying and critical things last week, sleep deprived and generally harassed. So that’s my excuse out of the way. My crime is that I managed to install ransomware. As soon as I clicked I knew it and started kicking myself. But it was too late. My Web Root protection software didn’t catch it. I will look into this. I don’t know if I need to look elsewhere or if my expectations of such software are too high.
The good news is that I have the correct installation media to hand and everything is religiously backed up at multiple locations using my own facilities, not those of a third party. So although it kept me up late (early!), I was able to format C, install and restore, so that I could start the next day’s session (I was away at a meeting) with a working laptop. It’s all restored now.
This was a bloody nuisance of my own making. But not a disaster. I was properly equipped to wipe and restore I urge anybody to take time to check that they can recover from such situations.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.