We Are Not Going To Steal A Lot Of Time Email Scam

Also Known As: possible malware infections
Distribution: Low
Damage level: Severe

"We are not going to steal a lot of time" removal guide

What is "We are not going to steal a lot of time"?

"We are not going to steal a lot of time" is a typical scam proliferated by sending many threatening emails. Scammers use the emails to trick people into paying to prevent compromising material (in this case a video) being distributed. The video does not actually exist. Note that there are many similar scam campaigns, and they should never be trusted. If you receive the "We are not going to steal a lot of time" email, the best option is to simply ignore it.

We are not going to steal a lot of time spam campaign

This email scam contains a message from scammers who claim that they have infected about 1100 computers with a malicious program (malware). They state this happened when recipients of the email were visiting a pornography website and clicked the 'play' button. Clicking this button caused installation of the aforementioned malware that is supposedly capable of using a computer webcam. Scammers claim that they used the webcam to record a humiliating video of the recipient watching the pornographic video. Furthermore, they claim that they have stolen social media passwords and made a copy of all contacts. Scammers behind this email threaten that they will proliferate the humiliating/compromising video to all of the victim's contacts unless $450 (in Bitcoins) is paid to a Bitcoin wallet provided. This is a typical scam and should not be trusted. Your computer is not infected with their virus and they did not record videos using your webcam. Delete this email and never trust any other scam of this type.

Threat Summary:
Name We Are Not Going To Steal A Lot Of Time Email Scam
Threat Type Phishing, Scam, Social Engineering, Fraud
Symptoms Unauthorized online purchases, changed online account passwords, identity theft, illegal access of one's computer.
Distribution methods Deceptive emails, rogue online pop-up ads, search engine poisoning techniques, misspelled domains.
Damage Loss of sensitive private information, monetary loss, identity theft.
Removal

To eliminate possible malware infections our malware researchers recommend scanning your computer with Spyhunter.
▼ Download Spyhunter
Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

Many scammers use various email campaigns for the same purpose: to extort money from recipients of emails by making them believe that scammers have obtained compromising material (humiliating photos, videos, and so on) that can be used against them. A few examples of other similar scam campaigns are I Am A Spyware Software Developer, So I'm The Hacker Who Broke Your Email, and I'm A Programmer Who Cracked Your Email. Some of these campaigns are used to infect computers with viruses through presented malicious attachments. Cyber criminals send emails that contain Microsoft Office documents, PDF documents, archive files, executables (.exe) or other files that, if opened, download and install high-risk infections. Cyber criminals often proliferate viruses such as LokiBot, TrickBot, Emotet, AZORult, Adwind, and other similar infections. Malicious programs of this type steal passwords, banking details, and other personal information that can be used to generate revenue. Thus, having a computer infected with these viruses often results in financial loss, problems with browsing safety, privacy, and other issues. Some of these infections might be designed to proliferate other malicious programs such as ransomware.

We receive a great deal of feedback from concerned users about this scam email. Here is the most popular question we receive:

Q: Hi pcrisk.com team, I received an email stating that my computer was hacked and they have a video of me. Now they are asking for a ransom in Bitcoins. I think this must be true because they listed my real name and password in the email. What should I do?

A: Do not worry about this email. Neither hackers nor cyber criminals have infiltrated/hacked your computer and there is no video of you watching pornography. Simply ignore the message and do not send any Bitcoins. Your email, name, and password was probably stolen from a compromised website such as  Yahoo (these website breaches are common). If you are concerned, you can check if your accounts have been compromised by visiting the haveibeenpwned website.

How do spam campaigns infect computers?

Spam email campaigns that are used to infect computers through attachments can only do damage to systems/computers if the malicious attachment is downloaded and opened. Note, however, that different files infect computers in different ways. If the attachment is a Microsoft Office document, it will demand permission to enable macro commands (if opened). Enabling these commands gives the malicious attachment permission to download/install viruses. Archive files need to be extracted first, malicious executables, executed, and so on. In summary, the attachments cannot do any damage if they remain unopened.

How to avoid installation of malware?

If you receive an email from an unknown, untrustworthy or suspicious address, or the email context is irrelevant to you, do not open the presented link or attachment. Furthermore, do not download software using untrustworthy, unofficial websites, third party downloaders, and so on. Install/download software with care: check all available settings or options such as "Custom", "Advanced", "Manual". Deselect additionally-included apps that you do not wish to download/install, and only then complete the installation. Never use third party software updaters, since these are classed as untrustworthy and they often install viruses rather than the promised updates. Use functions or tools provided by official software developers. Use Microsoft Office versions no older than version 2010. Later versions have "Protected View" feature that prevents malicious attachments from downloading and installing malware or other threats of this kind. If you have already opened malicious attachments, we recommend running a scan with Spyhunter for Windows to automatically eliminate infiltrated malware.

Text presented in the "We are not going to steal a lot of time" email message:

Subject: Edie Falco and Sopranos stars have family reunion in NYC with the... nontyaw
Dear Megan Schwartz
You can easily get off - ( DEB ) delivered by participant with the number:801
____


We are not going to steal a lot of time... Take it seriously. Our group will not ruin your life if you go to a deal with us.
There are too many various specifications about security on the web space- proхy , install the latest system protectors, close cameras with a scotch. But it was neglected by you.
I counted something about 1100 computers which emplaced my malware...
It was implemented on faked site of flash plug-in. People downloaded it and did not suspect any danger, because this software is necessary for all devices to process videos in web...
You were not eхception and now also have big problems.
Our inbuilt parser responded to web-pages with porn that you were visiting. Directly after you clicked on a play button the malware turned on the web-camera to shoot you paying with yourself. Later the computer worm made a copy of the movie which you were watching on your device. With the help of formgrabber deleted coockies and stolen all passwords from your social media which you have visited from last Tuesday. I made a copy of your contacts with your mates.
Let's put it all together... we have vid with you paying with yourself; contacts with your matesand movie that you were watching on the device.
If you do not want to be dishonored just send me 450 united states dollars with bitcoin.
It is my wallet number - 1425bbFBXW81ycj25PYMtRQtHKPVxfqgxj, 14JLSAk9TKR6hVFswC6oRPoeAcydSecLFX, 1H3Lap6KvPajEMSVSTecQ6zJaFHvV4FmMa, 1EtkXcUaRuZqK8Lvoe4QRtjM3zBjoxKtnK, 1Nic4CFBGdy8QBEnJPFMmBBR7Nz8tfu9ve, 1NpcMaFyBd5jCMdf5Q83keBfEsoc4BoAh3, 19bXWxSNQbxXBQ9wuFSjyTBdiBcG59ivra, 1HrXjGDeD54LVT83MTrvRPZpk3kpAApNwb, 1Jr3ksswMQ9Wgw1T4VnJCq55SH1iqRyTuF, 1L6ZB2JG7vsYhr6hZCB75iX1j2aUJSXUjo, 1C4HdTTucQ8AY9zybZ3kAW1kj2rZv8k5wH, 1HTqQjPHF5ELyVBefsK4UTZhyZvJYxZXdQ
Decide yourself: become popular or pay this little sum to safe your social status.
Cops cant help. We use bot network, moreover I live abroad. You cant find my ip in a header of this message.
For some questions just reply.
Think twice.

Second variant of "We are not going to steal a lot of time" scam email:

We are not going to steal a lot of time email scam (sample 2)

Text presented within this email:

Subject: account yiftsoosp

Dear -


Maybe next time you will hide your camera- ( OLu ) from bot numero:1175

I do not want to laugh at you... Read our message carefully. Our crew doesnt want to hurt you if you obey.

You can find a lot of varied manuals about safe web surfing- connections only throug proхy servers , download actual antivirus base; clip web cam with the tape. In your opinion this is silly.

I counted more than 900 soft marks which installed my malware...

It was placed in illegitimate web-site with flash plug-in... Users installed everything and did not suspect any danger, as you know this plug-in is necessary for operative systems to process videos in web.

You were not exception and now also have big problems.

Our inbuilt parser reacted to your requests for porn sites. Instantly when the play button was tapped my soft activated your webcam to catch you paying with yourself. After the malicious software sent the link of a vid that you opened on your screen. With the help of form grab. deleted coockies and collected all passwords from your social media that were visited from previous Monday. We made a copy of the contact list of your friends, collegues and relatives.

Let's sum up the results... we have record with you paying with yourself, contacts with your mates; movie which you opened on your device.
If you do not want to be dishonored just pay me 490 united states dollars in btc cryptocurrency.
Pay here -
1KpioVDQJ47uQ8vepwwtaKDwUpyWLXV8cJ, 19ZMFx4yDB7u7g6fBghQS7r2qouebeSZD2, 1HobmRJRA3SyqhTW7Yf4AiPFpCKbTQed8a, 1k7YCQBgMm91j9TjNZrqtouSkD1ay1tTw, 15g2SvwcrLmWew93MDrqfzwPvCGHutnMtQ, 14pcQCMwE1CqkuQDndMsdWNkREXt7qcCd2, 1M1QHnLf6Cmc3yJskrYXX91U1pP7spKhef, 1P6iqrsvV4Xn2A1gxJfvHs3qF8iCaiKMAp, 1DCoG4fxNNZAJS3oesZxfvsDNioFukzakj, 14ABznQQd48f8ZCFLhjsRSiaVLWwAoA5MR, 1QzBGQrnkPbXMU38rvH9mwuqErY9azE5v, 14QGh3FWhWwrMEx2BhHjLcSJcyD73Rhe24

Decide yourself- be a star among friends or pay little bit not to lose your habitual life.
You can complain cops, but they can not find us. I use anonymous bot system, also I do not live in your country. You cant find my ip in a header of this message.
For some questions just reply.
Think better.

Third variant of "We are not going to steal a lot of time" scam email:

We are not going to steal a lot of time email scam (sample 3)

Text presented within this email:

Subject: your account nosscren

Your family counts on your intelligence ; ( vNu ) from vps number:2464


I do not want to scoff at you... Read this letter attentively. My group will not spoil you social status if you follow our advices...

You can find a lot of varied specifications about security on the web space: using proxy ; download the latest antiviruses, hide web cam with the tape... But it was neglected by you.

There are 1550 victims that were infected by my virus.

I implemented it in faked site of adobe player... Victims downloaded everything and did not suspect any danger, because this soft must be downloaded on all devices to play video files.

You were not exception and now also have big problems.

Our inbuilt parser responded to your requests for porn sites. Directly when the play button was tapped the malware activated your camera to catch you masturbating. Right after that my virus copied the video which you were watching on your device. With form-grabber demolished history and collected all details from your accounts that you have visited from previous week. We made a copy of the contacts of your friends, collegues and relatives.

Let's put it all together: we have record with you caressing your body; contact list of your mates, movie which you were watching on the device.
If you want to avoid the shame you must pay us 650 united states dollars with btc cryptocurrency.
It is our wallet number -
1KpioVDQJ47uQ8vepwwtaKDwUpyWLXV8cJ, 19ZMFx4yDB7u7g6fBghQS7r2qouebeSZD2, 13KFgfRnwa65pb3qBaj5jtLr94jJj5hetT, 1FpcMDZxNa4DFRcZjAqNBHji5egA6WTu5X, 1GW77UfKwVUBFMbypYftqPxAcx2jgYTqBG, 1Q62hWRHJMhFpQmdaNWkDyNSzVFZPmNaGR, 19eLbQK2QvsnGvBjXWtzhtuCuUtufhTnDw

Decide yourself- be a star among friends or pay this little sum not to lose your habitual life.
Cops cant help. We write you through our anonymous bot system, also we live abroad. You cant find my ip in a header of this message.
If you have some problems write me back.
Dont be fullish.

Fourth variant of "We are not going to steal a lot of time" spam email:

We are not going to steal a lot of time email spam campaign (sample 4)

Text presented within this email:

Subject: account prokfosh

Do not regret the decision; ( djk ) from vds with the number:8119

____


I will not joke about you. Read this letter attentively. Our crew doesnt want to ruin your life if you follow our advices.

There are too many various specifications about safe internet surfing: using proxy servers , update actual antivirus base, close webcameras with the scotch. But you think that this is not necessary.

I counted more than 1050 victims that downloaded my virus...

It was placed in faked web-page with adobe player. Victims downloaded everything and did not suspect any danger, because this plug-in must be downloaded on all computers to process videos in web...

You were not exception and now also have big problems.

With the help of a parser reacted to calls to porn-sites in your connections. Directly after the play button was pushed the malicious soft activated your camera to catch you paying with yourself. After the computer worm sent the link of the vid that you opened on the computer. With form grab. deleted coockies and stolen all details from your accounts that were visited since previous Tuesday. We copied the contact list with your mates.

Let's sum up the results. we have vid with you masturbating; contact list with your friends, collegues and relatives; video which you were watching on your device.

If you do not want to be dishonored you must pay me 800 united states dollars with bitcoin.
It is our wallet number -


14JLSAk9TKR6hVFswC6oRPoeAcydSecLFX

Decide yourself- become popular or pay little bit not to lose your habitual life.
You can complain cops, but they can not find us. We use botnet, and of course we do not live in your country. IP in a header is not mine.
For some questions just reply.
Think better.

Fifth variant of "We are not going to steal a lot of time" spam email:

We are not going to steal a lot of time email spam campaign (sample 5)

Text presented within this email:

Subject: your account groospvund

Dear ***********

I advise you not to do this any more : ( SbE ) from bot #:3071

____
We will not scoff at your problem. Read our message carefully. Our squad doesnt want to poison your life if you go to a deal with us.

You can find a lot of varied specifications about safe internet surfing- proxy , download the latest antivirus base, hide web cam with a tape. In your opinion it is not necessary.

I counted more than 1150 computers that were infected by my private computer worm...

It was placed in counterfeit internet page of flash plug-in... Users installed everything and didnt surmise something bad, because this software should be installed on all devices to play video files...

You have also fallen for my bait.

My built-in parser reacted to your requests for porn sites. Instantly after the play button was pushed the malicious soft activated the camera to catch you caressing your body. Right after that the computer worm copied a vid that you watched on your computer. With the help of form grab. deleted coockies and stolen all passwords from your social media which were visited since previous Friday. We made a copy of your contacts with your friends, collegues and relatives.

Let's sum up the results. I got record with you masturbating; contact list with your friends, collegues and relativesand video which you opened on the screen.

If you want to avoid the shame just send us 650 united states dollars in btc cryptocurrency.
Pay here - 14JLSAk9TKR6hVFswC6oRPoeAcydSecLFX, 19MzyQCboSV9sS46nnqgZB54DTcgkp7YtL, 12BTouEjWdich7cbP4CjrjCK2ZRjGfXmNQ, 1H4qTR7fq7rMhfKnD8QPXVBJ8yciLycLHU, 1LM5v5dN9t9zsgGivCAiWwbimQJnnazLNV, 1GEwHyLaZEkAbFZGLhJLtg8Y8VDKT1vtY3, 1KGnSUjhtQrG6DKM394d9j7ihGcYb3V1t5, 1BhLEhVD48MEo1bW7fVhdrtWEtWSWZDNfC, 1EWDK5AsRpvYr519Yu2PGy6zZBzKY7LgQG, 1LhAosMbw5eahVtJAuuUstcN3eS6hiKHLr, 1AzZJRBPydfzQRGe5y3v6AE3vetmF9BEih, 146Z71rkCpWRmHnL9BQQg3s9WHLsMp1qQ9

Think better: become popular or pay little bit to safe your social status.
You can complain cops, but they can not find us. I use anonymous bot system, moreover we do not live in your country. IP in a header is not mine.
If you have some problems write me back.
Dont be fullish.

Another variant of this email scam:

surf web cautiosly email scam

Text presented in this variant:

Camera ready,Notification: 25-02-2019 08:47:37
Status: Waiting for Reply 95xuNaJy1A5f18wDnGmHkR8BrI0Wy58Uu5_Priority: Normal
----------------------------------------------------------------------------------------------------
Howdy,dear user of 123456@pcert.postecert.it
During all your life u was notified to surf web catiously,but you didnt.Whats the problem?
U are thinking right now.The whole point is that I set the malicious soft on a web-site with videos for adults (Рorn web-page) (u know whats up).
Object clicked on a play button and device began working as rdp with keylogger function.Moreover all cams and screen immediately started recording.Then my virus got all ur contacts from messengers,e-mails and social networks.
So whatsup? I created a double screen video (1st part-screen rec.(you have a nice interests lmao),second- cam rec.) and all your contacts. Consequently in my opinion 550 usd is fairly for that petite misstep.
My btc wallet address: 12r21bguQUYernkBBWZfy1voJ1Z8osFrre
Ask internet how to buy it.It is not very hard.Just write "how to get bitcoins" Ill wait 1 day after opening this letter(I placed a tracking pixel in it,Ill see when you read it).If I don't recieve my bitcoins All your contacts will recieve video with you When I get btc- the compromising will be destroyed.If u charge me to give proofs,reply "yeah" and Ill 10 contacts Ive collected from u.
Can go to cops,but searching me is more long-lasting than 1 day,im from Hungary,so ull be a star among friends.

Instant automatic removal of possible malware infections: Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Spyhunter is a professional automatic malware removal tool that is recommended to get rid of possible malware infections. Download it by clicking the button below:
▼ DOWNLOAD Spyhunter By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

Quick menu:

How to remove malware manually?

Manual malware removal is a complicated task - usually it is best to allow antivirus or anti-malware programs to do this automatically. To remove this malware we recommend using Spyhunter for Windows. If you wish to remove malware manually, the first step is to identify the name of the malware that you are trying to remove. Here is an example of a suspicious program running on a user's computer:

malicious process running on user's computer sample

If you checked the list of programs running on your computer, for example, using task manager, and identified a program that looks suspicious, you should continue with these steps:

manual malware removal step 1 Download a program called Autoruns. This program shows auto-start applications, Registry, and file system locations:

screenshot of autoruns application

manual malware removal step 2Restart your computer into Safe Mode:

Windows XP and Windows 7 users: Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer start process, press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, and then select Safe Mode with Networking from the list.

Safe Mode with Networking

Video showing how to start Windows 7 in "Safe Mode with Networking":

Windows 8 users: Start Windows 8 is Safe Mode with Networking - Go to Windows 8 Start Screen, type Advanced, in the search results select Settings. Click Advanced startup options, in the opened "General PC Settings" window, select Advanced startup. Click the "Restart now" button. Your computer will now restart into the "Advanced Startup options menu". Click the "Troubleshoot" button, and then click the "Advanced options" button. In the advanced option screen, click "Startup settings". Click the "Restart" button. Your PC will restart into the Startup Settings screen. Press F5 to boot in Safe Mode with Networking.

Windows 8 Safe Mode with networking

Video showing how to start Windows 8 in "Safe Mode with Networking":

Windows 10 users: Click the Windows logo and select the Power icon. In the opened menu click "Restart" while holding "Shift" button on your keyboard. In the "choose an option" window click on the "Troubleshoot", next select "Advanced options". In the advanced options menu select "Startup Settings" and click on the "Restart" button. In the following window you should click the "F5" button on your keyboard. This will restart your operating system in safe mode with networking.

windows 10 safe mode with networking

Video showing how to start Windows 10 in "Safe Mode with Networking":

 

manual malware removal step 3Extract the downloaded archive and run the Autoruns.exe file.

extract autoruns.zip and run autoruns.exe

manual malware removal step 4In the Autoruns application, click "Options" at the top and uncheck the "Hide Empty Locations" and "Hide Windows Entries" options. After this procedure, click the "Refresh" icon.

Click 'Options' at the top and uncheck 'Hide Empty Locations' and 'Hide Windows Entries' options

manual malware removal step 5Check the list provided by the Autoruns application and locate the malware filename that you want to eliminate.

You should write down its full path and name. Note that some malware hides process names under legitimate Windows process names. At this stage, it is very important to avoid removing system files. After you locate the suspicious program you wish to remove, right click your mouse over its name and choose "Delete".

locate the malware file you want to remove

After removing the malware through the Autoruns application (this ensures that the malware will not run automatically on the next system startup), you should search for the malware name on your computer. Be sure to enable hidden files and folders before proceeding. If you find the filename of the malware, be sure to remove it.

searching for malware file on your computer

Reboot your computer in normal mode. Following these steps should remove any malware from your computer. Note that manual threat removal requires advanced computer skills. If you do not have these skills, leave malware removal to antivirus and anti-malware programs. These steps might not work with advanced malware infections. As always it is best to prevent infection than try to remove malware later. To keep your computer safe, install the latest operating system updates and use antivirus software.

To be sure your computer is free of malware infections, we recommend scanning it with Spyhunter for Windows.

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

Malware activity

Global virus and spyware activity level today:

Medium threat activity
Medium

Increased attack rate of infections detected within the last 24 hours.

QR Code
possible malware infections QR code
A QR code (Quick Response Code) is a machine-readable code which stores URLs and other information. This code can be read using a camera on a smartphone or a tablet. Scan this QR code to have an easy access removal guide of possible malware infections on your mobile device.
We Recommend:

Get rid of possible malware infections today:

▼ REMOVE IT NOW with Spyhunter

Platform: Windows

Editors' Rating for Spyhunter:
Editors ratingOutstanding!

[Back to Top]

Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.