Scam emails target Potsdam Central students
POTSDAM — Some Potsdam Central School students reportedly received scam emails in their student email.
PCS Assistant Superintendent for Curriculum & Instruction Mark Bennett, who is the former HS principal, said the district was notified Sunday morning that several students received an email that claims that their computer device has been hacked and the hacker has gathered sensitive information about them. The anonymous sender also says that unless they receive payment the information will be released.“This is a scam,” Bennett said. ‘Unfortunately, this is a common phishing scam that is sent out to millions of people at a time in an attempt to extort money.”
Students are advised to let their parents know if they received the email and then forward the email to Bennett at [email protected].
Bennett asked for parents to speak with their child about the situation.
“Remind them that they should tell you if they receive any concerning communication through email or any social media,” Bennett said.
The district uses Google Education to host student email services, as it has robust security features, Bennett said.
“However, scammers and hackers are always looking for ways to get around these security measures. It is important that students and parents are aware of these scams and have open communication with each other and the school,” he said.
In addition, with the start of the school year, the district will integrate digital citizenship and internet safety instruction into daily instruction.
Bennett said the district is looking into additional ways to block these types of emails.
“This is not a situation unique to Potsdam Central; it happens across our country and around the world,” Bennett said. It needs to be addressed and stopped for the safety and well-being of all children.”
A copy of the text of the email is below for your reference:
"I am sorry to inform you that your device was compromised.
I'll explain what led to all of this. I have used a Zero Day vulnerability with a special code to infect your device through a website.
This is a complicated software that requires precise skills that I have. It works as a chain with specially crafted and unique code and that’s why this type of an attack can go undetected.
You only need one not patched vulnerability to be infected, and unfortunately for you – it works that simple.
You were not targeted specifically, but just became one of the quite a few unlucky people who got hacked that day.
All of this happened a few month ago. So I’ve had time to collect information on you.
I think you already know what is going to happen next.
During that time, my software was quietly collecting information about your habits, websites that you visit, searches you do, texts you send.
There is more to it, but I have listed a few reasons for you to understand how serious this is.
For you to clearly understand, my software controlled your camera and microphone as well and it was impossible for you to know about it.
It was just about right timing for me to get you privacy violated.
I’ve been waiting enough and have decided that it’s time to put an end to this.
So here is my offer. I need a consulting fee to delete the media content I have been collecting.
Your privacy stays untouched, if I get paid.
Otherwise, I will leak the most damaging content to your contacts and post it to a public tube for perverts to explore.
I understand how damaging this will be for you, and amount is not that big for you to keep your privacy.
Please dont blame me – we all have different ways of making a living.
I have no intention of destroying your reputation or life, but only if I get paid.
I don’t care about you personally, that's why you can be sure that all files I have and software on your device will be deleted immediately after I receive the transfer.
I only care about getting paid.
My modest consulting fee is 1650 US Dollars transferred in Bitcoin. Exchange rate at the time of the transfer.
You need to send that amount to this wallet:
The fee is non negotiable, to be transferred within 2 business days.
We use Bitcoin to protect my identity.
Obviously do not try to ask for any help from anybody unless you want your privacy to be violated.
I will monitor your every move until I get paid. If you keep your end of the agreement, you wont hear from me ever again. Take care."