Extortion scam e-mails – “Your ConfTool e-mail account has been hacked”

We’ve recently received an e-mail saying that our account xxx@conftool.com had been hacked and our passwords had been retrieved. In the message, the senders assert (for instance) that they copied private files or that our screen was (or we were) recorded while visiting adult websites. Now we are being blackmailed into paying a substantial sum in Bitcoins. If we don't comply, all of our private data, pictures, videos etc. will be released to all of our private and business contacts.

(A German version of this article is available.)

Please simply ignore these mails. They are scam/spam sent to arbitrary e-mail addresses the perpetrators find on the internet. Nothing has been hacked or recorded, as:

• There is no mailbox for xxx@conftool.com and no login or password connected with it. The address is just an alias we created to prevent that other e-mail servers consider e-mails sent by our servers as spam. All e-mails sent to that address are directly forwarded to the main conference e-mail address.
• Unfortunately, the sender address of an e-mail can easily be forged by anyone. So it does not mean anything that the sender e-mail address is your alias xxx@conftool.com.
• More information can be found at: https://www.dailydot.com/debug/porn-email-scam/ and https://www.heise.de/security/meldung/Vorsicht-vor-neuen-Porno-Erpresser-Mails-4190719.html (in German).
  

Please note: There are some versions of such e-mails that include passwords that you use for other sites. These passwords were stolen trough cybercrime attacks from big online service providers like Adobe, Yahoo, LinkedIn or MySpace. If one of your passwords is mentioned in the scam e-mail, please update the passwords of all your affected accounts as soon as possible. (This is also the reason why it is highly recommended to use different passwords for each online account).
 
If you want to check if your e-mail address has been compromised during one of these hacks, please have a look at: https://haveibeenpwned.com/ and https://sec.hpi.de/ilc/search?lang=en

For more information on secure passwords, please have a look at entry Requirements for user login passwords in our support forum.

Please note that we received reports in November 2018 about mails with .doc attachments, that seem to come from a colleague or client. These attachments are virus-infected (include a Trojan) and will compromise your PC if opened and the Word macros are enabled. More information can be found at: https://www.heise.de/security/meldung/Achtung-Rechnungs-Trojaner-vom-Kollegen-4221813.html
We recommend using Libre Office or to "Disable all Macros without Notification" in Microsoft Word as described here: https://support.office.com/en-us/article/enable-or-disable-macros-in-office-files-12b036fd-d140-4e74-b45e-16fed1a7e5c6