login   |    register
User Support
This forum deals with technical issues, email problems or other support related issues.
Joined: September 20, 2012
KitMaker: 102 posts
AeroScale: 3 posts
Posted: Wednesday, January 23, 2019 - 03:55 AM UTC
Administrator: My password for this site has just been sent to me with a blackmail demand regarding material which I know cannot exist. Password duly changed. This is the second time.
Staff MemberTOS Moderator
Stockholm, Sweden
Joined: November 29, 2006
KitMaker: 6,350 posts
AeroScale: 19 posts
Posted: Wednesday, January 23, 2019 - 04:01 AM UTC
They keep on trying. Passwords have leaked from many sites, Kitmaker is one of them.
The scammers still make a profit if they send out scam attempts to 10000 e-mail addresses and only one or two of those recipients fall for it and pay up. Practically zero cost for the e-mails and any cash received is pure profit.

Just make sure that you do not reuse passwords between sites.
/ Robin
Staff MemberEditor-in-Chief
England - South West, United Kingdom
Joined: May 14, 2006
KitMaker: 10,914 posts
AeroScale: 287 posts
Posted: Wednesday, January 23, 2019 - 04:16 AM UTC
John I have been sent over 50 of these demands so far and it is a scam that UK police are investigating at this time. As I understand it they get your password by running the encrypted password through software that eventually decodes it. They are not interested in your password it is just an attempt to extort money from you. I have been told to use a mix of upper and lower case letters along with numbers and symbols to help reduce the this occurring.
Staff MemberCampaigns Administrator
Scotland, United Kingdom
Joined: June 08, 2015
KitMaker: 1,387 posts
AeroScale: 171 posts
Posted: Wednesday, January 23, 2019 - 04:44 AM UTC
John, i would also add: stay away from things that can be associated with you when you choose your password such as names and dates (birthdays etc) and make the password longer than 8 digits, the longer the better.

also do not rely on google to remember you password as there is an easy way for you to track down passwords yourself on chrome and if someone is using remote viewing software then they too can access that option.

also if you have a webcam, have something that you can cover it( an old winter sock, something thick that can not bee seen through) with as remote viewing can be accessed without you knowing about it.

hope this helps
Staff MemberPublisher
New Hampshire, United States
Joined: December 15, 2001
KitMaker: 12,490 posts
AeroScale: 507 posts
Posted: Wednesday, January 23, 2019 - 06:35 AM UTC
This has pretty much been answered above, but just so you know if they have backwards decoded your password twice then you really should (for ALL sites, not just this one) think about using more secure passwords. Of course since KitMaker stores nothing like credit card data or other personal info you can use whatever password you'd like.

My passwords these days tend to look something like this:


And yes I have to save them somewhere securely to get at them when I need them. Remember this is a problem on the ENTIRE Internet, not just here. This is why pretty much all sites that do have valuable personal data are switching to dual login types of systems (where they text you to put in codes, etc.).

Joined: January 08, 2013
KitMaker: 2 posts
AeroScale: 0 posts
Posted: Friday, April 17, 2020 - 04:04 AM UTC
I got the same email. I used to have a relatively weak password, now it's strong. At least I use unique passwords, so I know where's coming from.
Georgia, United States
Joined: July 26, 2013
KitMaker: 2,183 posts
AeroScale: 157 posts
Posted: Friday, April 17, 2020 - 10:12 AM UTC
There is already another thread on this. As I stated on that one, no one has hacked your email or this web site and then sent you a letter. This scam has been going on for several years now and is a form of scareware, not malware. Nothing has been installed or intruded upon your machine. These con artists buy up tons of data mined email accounts that some other hacker collected years ago and then packaged up and sold on the dark web. They send a form letter out to every address with a few keys words tossed in to make it seem legit. I have received 17 of these in the last couple of years and they are all almost exactly the same text. However, I don't have a Facebook or any other social media account, nor a connected web cam, and the password the idiot had was the first one I had on the site, which I had to change because I forgot it. And he only had the first half of it.

This is a social engineering weapon meant to cause people to react out of ignorance and fear and pay up before realizing the scam. Ignore it. Absolutely nothing will happen. Don't respond; that will do nothing as the email will go to no one (Obviously, did you think they would use their real address?). The scammer is off sending out a new email blast to some other site whose member email addresses were stolen, while waiting for some sap to make a deposit into his Bitcoin purse.

This look familiar?:

Quoted Text

I am aware, ######, is your password.

I need your full attention for the next 24 hours, or I will certainly make sure you that you live out of shame for the rest of your life span.

Hello, you don't know me. However I know all the things concerning you. All of your fb contact list, smartphone contacts plus all the digital activity in your computer from past 125 days.

Consisting of, your masturbation video, which brings me to the main motive why I am writing this specific email to you.

Well the last time you visited the sexually graphic webpages, my spyware was triggered inside your computer which ended up shooting a eye-catching video clip of your self pleasure play simply by activating your webcam.
(you got a unquestionably unusual taste by the way lmao)

I have the full recording. If, perhaps you think I am playing around, simply reply proof and I will be forwarding the particular recording randomly to 4 people you know.

It could be your friends, co workers, boss, parents (I don't know! My software program will randomly choose the contacts).

Would you be able to look into anyone's eyes again after it? I doubt that...

Nonetheless, doesn't necessarily have to be that route.

I'm going to make you a one time, non negotiable offer.

Get USD 2000 in bitcoin and send it on the down below address:

[case SENSITIVE so copy & paste it, and remove *** from it]

(If you do not know how, google how to acquire bitcoin. Do not waste my precious time)

If you send out this 'donation' (let us call this that?). Right after that, I will go away and under no circumstances get in touch with you again. I will delete everything I have about you. You may continue living your ordinary day to day life with zero concerns.

You've 24 hours to do so. Your time will begin as quickly you read through this mail. I have an unique program code that will tell me as soon as you read this e-mail so do not try to play smart.

It's been about three days since I got that one and no one has called me to ask how I shot my 'video', unless my boss or friends weren't impressed enough to bother.
United States
Joined: September 01, 2011
KitMaker: 116 posts
AeroScale: 34 posts
Posted: Friday, April 17, 2020 - 01:21 PM UTC
i got a similar email saying they'd activated my web cam but i dont have a cam or visit those sites. I did tell him to go *** himself. nothing since.