Do not get scammed by :Coloquei malware no site adulto email

Also Known As: possible malware infections
Distribution: Low
Damage level: Medium

"Coloquei malware no site adulto" email removal guide

What is "Coloquei malware no site adulto" email?

"Coloquei malware no site adulto" ("I put malware on the adult site") is an email scam targeting Portuguese users. The scheme uses the sextortion scam model, with the intent to scam recipients of their money, by blackmailing them with threats to expose their sexual activity. The letter claims that the user's device has been hacked and exploited to obtain compromising material (via the webcam). It warns victims that should they fail to pay a specified sum - this content will be publicized. "Coloquei malware no site adulto" is a scam and the alleged material (videos) - do not exist, the user's system has not been infected either.

Coloquei malware no site adulto spam campaign

According to a rough translation, the letter urges recipients not to ignore it, if they value their privacy. It proclaims that the users' devices has been infected with malware (spyware to be exact), which has originated from an adult-themed site. The individuals responsible for this infection, state that they have recorded the users' via webcam, while they were visiting adult websites. Additionally, the scammers have made screenshots of the content, which was being viewed at the time. After this blackmail material has been gathered, the nonexistent malware had collected the users' email, messenger and social media contact lists. The letter declares that as this compromising content has already been exfiltrated - it cannot be deleted by reinstalling the OS (Operating System). The scam demands recipients pay 7 690 GBP (worth approximately 10 000 USD) in Bitcoin cryptocurrency, else the videos will be sent to all of their (email, various messaging platform, Facebook and other social media account) contacts. Furthermore, the recorded material will be published online, on YouTube and similar sites. The letter recommends to search YouTube and/or use a search engine (e.g. Google, Yahoo, Bing, etc.) to find out how to acquire Bitcoins, if they are unfamiliar with this digital currency. The recipients supposedly have eight hours to make the transaction from the moment they open the email. If they pay, the fictitious content will be destroyed and the scammers promise to never contact them again. The users are warned that reporting this to the authorities can at most get the cryptowallet blocked, this will allegedly only force publication of videos made of victims, who are yet to pay. Therefore, implying that the recipient will not only be responsible for their own integrity but compromise others as well. The scammers inform users to only make contact in order to reconfirm the Bitcoin address and/or to make similar queries, due to them using a hacked and compromised email account. It must be emphasized that all of the claims made in "Coloquei malware no site adulto" are not true. Recipients' devices have not been hacked/infected, no data has been stolen and no compromising material exists. This email is merely a scam and must be ignored. However, in general - regardless of the validity of claims made by cyber criminals, it is expressly advised against meeting their ransom demands. They cannot be trusted and there are no guarantees that the criminals will hold up their end of the bargain.

Threat Summary:
Name Coloquei malware no site adulto email scam
Threat Type Phishing, Scam, Social Engineering, Fraud
Fake Claim Email claims that cyber criminals have made compromising videos of the recipient and will publicize them, if they are not paid.
Ransom Amount £7,690.00 GBP in Bitcoin (~10,000 USD)
Cyber Criminal Cryptowallet Address 13j2z2t6F59qndXekHwqvazgnFDNsUyqkt (Bitcoin)
Symptoms Unauthorized online purchases, changed online account passwords, identity theft, illegal access of the computer.
Distribution methods Deceptive emails, rogue online pop-up ads, search engine poisoning techniques, misspelled domains.
Damage Loss of sensitive private information, monetary loss, identity theft.
Removal

To eliminate possible malware infections our malware researchers recommend scanning your computer with Spyhunter.
▼ Download Spyhunter
Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

Deceptive emails are sent during mass scale scam campaigns. Wide variety of scam models are used to trick users' into performing certain tasks. The latter may be making monetary transactions, revealing personal information, downloading/installing/purchasing untrustworthy or malicious software and so on. "I KNOW YOU OPENED MY LAST MAIL", "The last time you visited a Porn website", "Hacker Who Has Access To Your Operating System" and "Looked at you for several months" are a few examples of other email scams similar to "Coloquei malware no site adulto".

How do spam campaigns infect computers?

Systems are infected via virulent files attached to and/or linked in deceptive emails. The letters are usually disguised as "urgent", "official", "important" or as otherwise priority mail. These files can be in various formats, like: Microsoft Office and PDF documents, executable (.exe, .run) and archive (RAR, ZIP) files, JavaScript, etc. Once an infectious file is opened - the infection process is initiated. In other words, it begins downloading/installing malware. For example, MS Office docs caused infections by executing malicious macro commands. Opening these documents with MS versions released prior to 2010 - is enough to jumpstart the infection. However, newer versions ask users to enable macros (i.e. enable editing), only if they are enabled - the malicious software installation begins.

How to avoid installation of malware?

It is recommended not to open suspicious and/or irrelevant emails, especially ones received form unknown addresses. Any attachments (or links) present in suspect letters - must never be opened, as these files are potential sources of infection. Only official and verified download channels should be used, as opposed to Peer-to-Peer sharing networks, free file-hosting websites, third party downloaders and other untrustworthy sources. Programs must be activated and updated with tools/functions, provided by legitimate developers; illegal activation ("cracking") tools and third party updaters are high-risk and should not be used. It is important to have a dependable anti-virus/anti-spyware suite installed and kept up-to-date. This software is to be used for regular system scans and removal of detected threats. If you've already opened malicious attachments, we recommend running a scan with Spyhunter for Windows to automatically eliminate infiltrated malware.

Text presented in the "Coloquei malware no site adulto" email letter:

Subject: ::RESPONDA AGORA: MENSAGEM URGENTE

 

Acho que você es=á se perguntando por que está recebendo este e-mail, certo? Seria alt=mente benéfico para sua privacidade se você não a ignorasse.
Coloquei um malwar= em um site adulto (… P… 0… r… n) e, ao visitar e=assistir ao vídeo, seu dispositivo foi afetado, colocando um spyware em=sua máquina. Que gravou vocês dois com webcam e captura de tela enquanto você se divertia, me permitindo ver exatamente o que você vê=
Isso também afet=u seu smartphone por meio de um expl0it. Portanto, não pense por um min=to que você pode contornar isso reinstalando o sistema operacional. Voc=EA já foi gravado.
Depois disso, meus=malwares coletaram todos os seus mensageiros, e-mails e contatos de redes=sociais.
Acho que não sã= boas notícias, certo?
Mas não se preoc=pe, há uma maneira de corrigir esse problema de privacidade. Tudo o que=eu preciso é de um pagamento em Bitcoin de £7,690.00 GBP, o que eu acho que é um preço justo, consideran=o as circunstâncias.
O endereço do=Bitcoin para efetuar o pagamento é: 13j2z2t6F59qndXekHwqvazgnFDNsUyqkt
NOTA: Lembre-se de=reconfirmar o endereço de Bitcoin conosco antes de fazer o pagamento pa=a evitar fazer o pagamento duas vezes.
Se você não en=ende o bitcoin, acesse o YouTube e pesquise "como comprar bitcoin&qu=t; ou o google para "bitcoins locais", é muito fácil fazê=lo.
Você tem apenas =8 horas depois de ler este e-mail para enviar o pagamento. Esteja avisado=quando você abriu e leu este e-mail. Coloquei uma imagem em pixel dentr= dele. O que me permite saber quando você abriu a mensagem exatamente que dia e hora)
Se você decidir =gnorar este e-mail, não terei outra opção a não ser encaminhar o =ídeo para todos os contatos coletados que você possui na sua conta de=e-mail, postar nas suas contas de mídia social e enviar como uma mensagem pessoal a todos os contatos do Facebook . e, é claro,=disponibilize o vídeo publicamente na Internet, via YouTube e sites adu=tos. considerando sua reputação, duvido muito que você queira ser e=posto a sua família / amigos / colegas de trabalho durante esse período atual.
Você pode realme=te ir à polícia, mas essas pessoas provavelmente não farão nada, = coisa mais significativa que podem fazer é trancar minha carteira e vo=ê privará outras pessoas da oportunidade de me pagar. Então pense duas vezes antes de fazer coisas tolas.
Se eu receber o pa=amento, todo o material será destruído e você nunca mais terá not=EDcias minhas. Se eu não receber meus fundos por praticamente qualque= motivo, como a incapacidade de enviar dinheiro para uma carteira na lista negra - sua reputação será destruída. Entã= seja rápido.
Lembre-se, aqui=está o endereço do Bitcoin para efetuar o pagamento : 13j2z2t6F59qndXekHwqvazgnFDN=Uyqkt
Responda apenas pa=a reconfirmar o endereço do Bitcoin para pagamento ou se você tiver d=FAvidas sobre como efetuar o pagamento, clique em responder. Não tente =ntrar em contato comigo porque estou usando um e-mail de vítima que foi invadido e exposto.

Aviso de Confidencialidad:

Toda la informacion contenida en este mensaje es confidencial y de uso exc=usivo
de COSAPI S.A. su divulgacion, copia, adulteracion o cualquier otro tipo d= accion
estan prohibidas y solo debe ser conocida por la persona a quien se dirige=este
mensaje.
Si Ud. ha recibido este mensaje por error por favor proceda a eliminarlo y=notificar
al remitente.

(Tildes omitidas intencionalmente)

Instant automatic removal of possible malware infections: Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Spyhunter is a professional automatic malware removal tool that is recommended to get rid of possible malware infections. Download it by clicking the button below:
▼ DOWNLOAD Spyhunter By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

Quick menu:

How to remove malware manually?

Manual malware removal is a complicated task - usually it is best to allow antivirus or anti-malware programs to do this automatically. To remove this malware we recommend using Spyhunter for Windows. If you wish to remove malware manually, the first step is to identify the name of the malware that you are trying to remove. Here is an example of a suspicious program running on a user's computer:

malicious process running on user's computer sample

If you checked the list of programs running on your computer, for example, using task manager, and identified a program that looks suspicious, you should continue with these steps:

manual malware removal step 1Download a program called Autoruns. This program shows auto-start applications, Registry, and file system locations:

screenshot of autoruns application

manual malware removal step 2Restart your computer into Safe Mode:

Windows XP and Windows 7 users: Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer start process, press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, and then select Safe Mode with Networking from the list.

Safe Mode with Networking

Video showing how to start Windows 7 in "Safe Mode with Networking":

Windows 8 users: Start Windows 8 is Safe Mode with Networking - Go to Windows 8 Start Screen, type Advanced, in the search results select Settings. Click Advanced startup options, in the opened "General PC Settings" window, select Advanced startup. Click the "Restart now" button. Your computer will now restart into the "Advanced Startup options menu". Click the "Troubleshoot" button, and then click the "Advanced options" button. In the advanced option screen, click "Startup settings". Click the "Restart" button. Your PC will restart into the Startup Settings screen. Press F5 to boot in Safe Mode with Networking.

Windows 8 Safe Mode with networking

Video showing how to start Windows 8 in "Safe Mode with Networking":

Windows 10 users: Click the Windows logo and select the Power icon. In the opened menu click "Restart" while holding "Shift" button on your keyboard. In the "choose an option" window click on the "Troubleshoot", next select "Advanced options". In the advanced options menu select "Startup Settings" and click on the "Restart" button. In the following window you should click the "F5" button on your keyboard. This will restart your operating system in safe mode with networking.

windows 10 safe mode with networking

Video showing how to start Windows 10 in "Safe Mode with Networking":

 

manual malware removal step 3Extract the downloaded archive and run the Autoruns.exe file.

extract autoruns.zip and run autoruns.exe

manual malware removal step 4In the Autoruns application, click "Options" at the top and uncheck "Hide Empty Locations" and "Hide Windows Entries" options. After this procedure, click the "Refresh" icon.

Click 'Options' at the top and uncheck 'Hide Empty Locations' and 'Hide Windows Entries' options

manual malware removal step 5Check the list provided by the Autoruns application and locate the malware file that you want to eliminate.

You should write down its full path and name. Note that some malware hides process names under legitimate Windows process names. At this stage, it is very important to avoid removing system files. After you locate the suspicious program you wish to remove, right click your mouse over its name and choose "Delete".

locate the malware file you want to remove

After removing the malware through the Autoruns application (this ensures that the malware will not run automatically on the next system startup), you should search for the malware name on your computer. Be sure to enable hidden files and folders before proceeding. If you find the filename of the malware, be sure to remove it.

searching for malware file on your computer

Reboot your computer in normal mode. Following these steps should remove any malware from your computer. Note that manual threat removal requires advanced computer skills. If you do not have these skills, leave malware removal to antivirus and anti-malware programs. These steps might not work with advanced malware infections. As always it is best to prevent infection than try to remove malware later. To keep your computer safe, install the latest operating system updates and use antivirus software.

To be sure your computer is free of malware infections, we recommend scanning it with Spyhunter for Windows.

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

QR Code
possible malware infections QR code
A QR code (Quick Response Code) is a machine-readable code which stores URLs and other information. This code can be read using a camera on a smartphone or a tablet. Scan this QR code to have an easy access removal guide of possible malware infections on your mobile device.
We Recommend:

Get rid of possible malware infections today:

▼ REMOVE IT NOW with Spyhunter

Platform: Windows

Editors' Rating for Spyhunter:
Editors ratingOutstanding!

[Back to Top]

Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.