Do not respond to I monitored your device on the net for a long time

Also Known As: possible malware infections
Distribution: Low
Damage level: Medium

I monitored your device on the net for a long time email scam removal guide

What is I monitored your device on the net for a long time email scam?

Sextortion email scam is a type of scam where scammers claim that to have hacked into computers and recorded a humiliating video of recipients watching some adult video. As a rule, scammers threaten to send that video to other people on the contact list unless recipients pay a certain amount of money (usually in cryptocurrency). Such emails should be ignored, especially when a computer has no webcam connected to it (or integrated in it).

I monitored your device on the net for a long time email scam

Scammers behind this email claim to have monitored the device for a long time and managed to hack it and infect it with a virus. According to scammers, they have access to the camera, microphone, messengers, phone book, passwords to all social networks, etc. Scammers attempt to trick recipients into believing that they have used the connected/integrated webcam and the access to the screen to record a video of recipients watching pornography and, if recipients do not pay $1200 (in Bitcoins) to the provided BTC wallet address within 48 hours, then that video will be uploaded on social networks. Such emails should not be responded, and more importantly, payments to scammers should not be made. It is advisable to delete such emails and mark them as spam. It is worthwhile to mention that scammers behind such emails can use a spoofing technique. This technique is used to make it look like an email came from someone it did not. In other words, scammers forge the sender's address to trick recipients into believing that they have received the email from someone they know. It is common that scammers make the sender's address the same as the recipient's.

Threat Summary:
Name I Monitored Your Device On The Net For A Long Time Email Scam
Threat Type Phishing, Scam, Social Engineering, Fraud
Fake Claim Scammers claim to have recorded a humiliating video and threaten to release (publish) it
Ransom Amount $1200 in Bitcoins
Cyber Criminal Cryptowallet Address bc1qnkxjyxtdjmr8tkwzfz2t3rc4scdmnr4ll99kg9, bc1qpae26vlj5dnlxgwt2xjyw69sz3e596xs9xtwkn, bc1qyg3srjs0gz9l97xdp00vms4sgxa3ymj7aw7vae
Symptoms Unauthorized online purchases, changed online account passwords, identity theft, illegal access of the computer.
Distribution methods Deceptive emails, rogue online pop-up ads, search engine poisoning techniques, misspelled domains.
Damage Loss of sensitive private information, monetary loss, identity theft.
Malware Removal (Windows)

To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Malwarebytes.
▼ Download Malwarebytes
To use full-featured product, you have to purchase a license for Malwarebytes. 14 days free trial available.

More examples of email scams are "COVID-19 Vaccination NHS Email Scam", "Ruralvía Seguridad Email Scam" and "Stopped Processing Incoming Emails Scam". It is important to mention that scammes/cyber criminals can use emails as tools to trick recipient into providing sensitive information (e.g., credit card details, login credentials, social security numbers) or into opening malicious files designed to install malicious software (e.g., ransomware, Trojan-type malware).

How do spam campaigns infect computers?

When cybercriminals use emails as a channel to deliver malware, they send emails that contain a malicious attachment of a download link for a malicious file. In one way or another, their main goal is to trick unsuspecting recipients into downloading and opening a malicious file that is designed to infect the operating system with malware. Examples of files that cybercriminals use in their malspam campaigns are archive files (e.g., RAR, ZIP), executable files (like .exe, .run), Microsoft Office, PDF documents, JavaScript files. It is noteworthy that malicious Office documents cannot infect computers unless users enable editing/content (malicious macros) in them. Although, if such documents are opened with the Microsoft Office version that was released prior to 2010, then they install malware without asking any permissions. Microsoft Office 2010 and newer versions have the "Protected View" mode that prevents malicious documents from installing malware automatically.

How to avoid installation of malware?

Neither files or programs should be downloaded (or installed) via third party downloaders (or installers), Peer-to-Peer networks (for example, torrent clients, eMule), from unreliable, unofficial pages. The only safe sources for downloading software are official websites and direct links. Installed programs should never be updated or activated with unofficial, third party tools. Those tools can be and often are malicious. Installed software has to be updater or activated with implemented functions or tools from official developers. It is noteworthy that it is not legal to use unofficial tools to activate software, or use pirated software. One more important thing is not to open attachments or links if they are include in emails that are not relevant and sent from suspicious addresses. Such emails can be used as channels to deliver malware. Lastly, it is advisable to have a reputable antivirus or anti-spyware suite installed on a computer and scan for threats regularly. If you've already opened malicious attachments, we recommend running a scan with Malwarebytes for Windows to automatically eliminate infiltrated malware.

Appearance of the email (GIF):

i monitored your device on the net for a long time email scam appearance

Text in the email:

Subject: The device has been successfully hacked.

Greetings.
I monitored your device on the net for a long time and successfully managed to hack it. It was not difficult for me, as I have been in this business for a long time.

When you visited a pornography site, I was able to put a virus on your computer that gave me full access to your device, namely your camera, microphone, phone calls, messengers, what happens on your screen, phone book, passwords to all social networks, etc.

To hide my virus, I have written a special driver which is updated every 4 hours and makes it impossible to detect it.

I captured video of your screen and camera device and edited a video of you masturbating in one part of the screen and a pornographic video that you opened at that moment in the other part of the screen.

I can safely send any data from your device to the Internet, as well as anyone who is recorded in your contacts, messengers and social networks.
I can also give anyone access to your social networks, emails and messengers.

If you don't want me to do it, then:
Transfer $1200 (US dollars) to my Bitcoin wallet.

My Bitcoin wallet address: bc1qnkxjyxtdjmr8tkwzfz2t3rc4scdmnr4ll99kg9, bc1qpae26vlj5dnlxgwt2xjyw69sz3e596xs9xtwkn

I give you 48 hours to transfer the money. Otherwise, I will perform the above.
The timer started automatically as soon as you opened the email.
I am also automatically notified when this email is opened.


If you do not know how to transfer money and what Bitcoin is. Then type "Buy Bitcoin" into Google


As soon as I receive a transfer of the required amount, the system will automatically inform me about the received payment and offer to delete from my servers all the data I received from you.
And therefore, I will confirm the deletion.

Do not try to complain anywhere, as a purse does not track, mail from where the letter came, and is not tracked and created automatically, so there is no point in writing to me.
If you try to share this email with anyone, the system will automatically send a request to the servers and they will proceed to upload all the data to social networks. Also, changing passwords in social networks, mail, device will not help you, because all the data is already downloaded to a cluster of my servers.

Good luck.

A Czech variant of "I Monitored Your Device On The Net For A Long Time" scam email:

Czech variant of I Monitored Your Device On The Net For A Long Time spam email

Text presented within:

Subject: Vás systém byl napaden virem. Vase zarízení bylo úspesne hacknuto.

 

Ahoj.
Sleduji vaše zarízení online dlouho a dokázal jsem ho hacknout. Nebylo to pro me težké, protože jsem v tomto oboru dlouho.

Když jste navštívili porno stránku, dokázal jsem do vašeho pocítace dát virus, který mi umožnil plný prístup k vašemu zarízení, a to ke kamere, mikrofonu, hovorum, zprávám, obsahu na obrazovce, telefonnímu seznamu, heslum do všech sociálních sítí , atd.

Abych skryl svuj virus, napsal jsem speciální ovladac, který se aktualizuje každých nekolik hodin a znemožnuje jeho detekci.

Porídil jsem videozáznam vaší obrazovky a kamery a pripojil jsem video, kde jedna cást obrazovky obsahuje video vaší masturbace a druhá cást pornografické video, které jste v tomto okamžiku otevreli.

Mohu bezpecne prenést všechna data z vašeho zarízení na internet, stejne jako na všechny vaše kontakty, posly a sociální síte.
Také mohu komukoli poskytnout prístup k vašim sociálním sítím, e-mailum a poselum.

Pokud nechcete, abych:
Prevedte 1300 $ do mé bitcoinové peneženky.

Dávám vám 48 hodin na prevod vašich penez. Udelám to jinak.
Hodiny se spustí automaticky, když otevrete e-mail.
Také jsem byl automaticky upozornen, když byl tento e-mail otevren.


Pokud nevíte, jak prevést peníze a co je to bitcoin. Poté na Googlu zadejte „Koupit Bitcoin“.
Adresa mé Bitcoin peneženky: bc1qyg3srjs0gz9l97xdp00vms4sgxa3ymj7aw7vae

Jakmile obdržím prevod požadované cástky, systém me automaticky informuje o prijaté platbe a požádá me o smazání všech údaju, které jsem od vás obdržel.
Potvrdím tedy odstranení.

Neobtežujte se nikde si stežovat, protože peneženka nesleduje poštu, odkud dopis pochází, a není sledována a vytvárena automaticky, takže mi nemá smysl psát.
Pokud se pokusíte tuto zprávu s nekým sdílet, systém automaticky odešle požadavek na servery a on bude pokracovat v prenosu všech dat na sociální síte. Zmena hesel na sociálních sítích, e-mailu a zarízení vám také nepomuže, protože všechna data jsou již stažena do mého serverového clusteru.

Hodne štestí a nedelejte nic hloupého.

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Malwarebytes is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Malwarebytes By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Malwarebytes. 14 days free trial available.

Quick menu:

How to remove malware manually?

Manual malware removal is a complicated task - usually it is best to allow antivirus or anti-malware programs to do this automatically. To remove this malware we recommend using Malwarebytes for Windows. If you wish to remove malware manually, the first step is to identify the name of the malware that you are trying to remove. Here is an example of a suspicious program running on a user's computer:

malicious process running on user's computer sample

If you checked the list of programs running on your computer, for example, using task manager, and identified a program that looks suspicious, you should continue with these steps:

manual malware removal step 1Download a program called Autoruns. This program shows auto-start applications, Registry, and file system locations:

screenshot of autoruns application

manual malware removal step 2Restart your computer into Safe Mode:

Windows XP and Windows 7 users: Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer start process, press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, and then select Safe Mode with Networking from the list.

Safe Mode with Networking

Video showing how to start Windows 7 in "Safe Mode with Networking":

Windows 8 users: Start Windows 8 is Safe Mode with Networking - Go to Windows 8 Start Screen, type Advanced, in the search results select Settings. Click Advanced startup options, in the opened "General PC Settings" window, select Advanced startup. Click the "Restart now" button. Your computer will now restart into the "Advanced Startup options menu". Click the "Troubleshoot" button, and then click the "Advanced options" button. In the advanced option screen, click "Startup settings". Click the "Restart" button. Your PC will restart into the Startup Settings screen. Press F5 to boot in Safe Mode with Networking.

Windows 8 Safe Mode with networking

Video showing how to start Windows 8 in "Safe Mode with Networking":

Windows 10 users: Click the Windows logo and select the Power icon. In the opened menu click "Restart" while holding "Shift" button on your keyboard. In the "choose an option" window click on the "Troubleshoot", next select "Advanced options". In the advanced options menu select "Startup Settings" and click on the "Restart" button. In the following window you should click the "F5" button on your keyboard. This will restart your operating system in safe mode with networking.

windows 10 safe mode with networking

Video showing how to start Windows 10 in "Safe Mode with Networking":

 

manual malware removal step 3Extract the downloaded archive and run the Autoruns.exe file.

extract autoruns.zip and run autoruns.exe

manual malware removal step 4In the Autoruns application, click "Options" at the top and uncheck "Hide Empty Locations" and "Hide Windows Entries" options. After this procedure, click the "Refresh" icon.

Click 'Options' at the top and uncheck 'Hide Empty Locations' and 'Hide Windows Entries' options

manual malware removal step 5Check the list provided by the Autoruns application and locate the malware file that you want to eliminate.

You should write down its full path and name. Note that some malware hides process names under legitimate Windows process names. At this stage, it is very important to avoid removing system files. After you locate the suspicious program you wish to remove, right click your mouse over its name and choose "Delete".

locate the malware file you want to remove

After removing the malware through the Autoruns application (this ensures that the malware will not run automatically on the next system startup), you should search for the malware name on your computer. Be sure to enable hidden files and folders before proceeding. If you find the filename of the malware, be sure to remove it.

searching for malware file on your computer

Reboot your computer in normal mode. Following these steps should remove any malware from your computer. Note that manual threat removal requires advanced computer skills. If you do not have these skills, leave malware removal to antivirus and anti-malware programs. These steps might not work with advanced malware infections. As always it is best to prevent infection than try to remove malware later. To keep your computer safe, install the latest operating system updates and use antivirus software.

To be sure your computer is free of malware infections, we recommend scanning it with Malwarebytes for Windows.

Click to post a comment

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

Removal Instructions in other languages
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

QR Code
possible malware infections QR code
A QR code (Quick Response Code) is a machine-readable code which stores URLs and other information. This code can be read using a camera on a smartphone or a tablet. Scan this QR code to have an easy access removal guide of possible malware infections on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

▼ REMOVE IT NOW
Download Malwarebytes

Platform: Windows

Editors' Rating for Malwarebytes:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Malwarebytes. 14 days free trial available.