Ransomware Cybersecurity - Detection and Response

Have you received a ransom email?

Hackers send ransom emails to prey on your fear. Here are some tips on how to respond.

Have you received an email from a hacker trying to blackmail you in exchange for ransom? And did it include a real password you’ve used in the past (or still use)? You’re not alone, and the only thing you should do about it is change any compromised passwords. These extortion email scams have been going on all year, and this article explains one of the recent iterations.

A few of our clients have received these emails—containing real passwords. Here’s what everyone needs to know:

  • The emails will pretend to come from your address, and may even show up in your “sent” items folder, but are actually originating in other countries. The “from” address is completely fake, which is easy for a hacker to do.
  • These emails are not an indication that your email account or computer are compromised, regardless of what the text might claim.
  • Paying the “ransom” is not only unwise, it’s completely pointless. The senders of these emails have no way of knowing if you’ve paid or not. They send out tens of thousands of emails and hope enough people fall for it so they make money.
  • The password included in the email is a real password, but not a newly hacked one. It was taken from one of the hundreds of lists of leaked passwords available online.
  • If you use the included password for any services, change it immediately. But this data has been available publicly for months or even years, so any data protected by that credential may have already been compromised.
  • As always, we encourage everyone to use a different password for every service. We recommend using password managers like LastPass to securely keep track of your credentials.
  • Sites like are a good way to check to see which of your accounts may have been compromised. If that site indicates you’ve been part of a breach, those credentials should be changed immediately, as should any accounts that share the same password.

If you have any questions, let us know by contacting your Account Manager or by calling us at 888-484-1012.