We have hacked your website
This scam is simply fear based, your website is unlikely to be hacked and nothing has been extracted. The scammer works on the panic that this might cause to extort $3000 from the unfortunate recipient. Let's break this down into sections;
First it slams into the "we have hacked your website" followed by some made up reason as to how it happened, this approach, for the non-technical is about building the fear, that something terrible has happened.
Secondly, The threat, We will damage your reputation, and reputation is important to many, we will sell your data, we will damage your website position.
Ultimately we now get the IF/BUT, if you pay us money we won't follow through on our threat.
Now to me, this email is clearly fake and nonsense, its poorly written, provides no supporting evidence and was delivered using the websites 'contact us' button. Had the website actually been 'hacked' then the hacker would obviously have access to your real email address.
Delete and Forget is the best approach to this sort of scam, its mass mailed out to thousands or hundreds of thousands of websites in the hope that a few will panic and pay, and there will always be a few who do, don't let it be you.
If you're still worried, our team are more than willing to take a look and confirm you're ok, contact us via Our Website. (and for UK Small Businesses, at time of writing, we're still offering free consultancy)
An Example Email Below
PLEASE FORWARD THiS EMAíL TO SOMEONE íN YOUR COMPANY WHO iS ALLOWED TO MAKE íMPORTANT DECíSiONS!
We have hacked your website https://www.somewebsite.com and extracted your databases.
How díd thís happen?
Our team has found a vulnerabílity wíthin your site that we were able to exploít. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the informatíon to an offshore server.
What does thís mean?
We will systematically go through a seríes of steps of totally damagíng your reputation. First your database will be leaked or sold to the híghest bídder whích they wíll use with whatever theír intentions are. Next íf there are e-maíls found they wíll be e-maíled that their ínformation has been sold or leaked and your site https://www.darkstarmusic.uk was at fault thusly damagíng your reputation and havíng angry customers/associates wíth whatever angry customers/assocíates do. Lastly any links that you have indexed ín the search engínes will be de-índexed based off of blackhat techniques that we used ín the past to de-index our targets.
How do í stop this?
We are wíllíng to refrain from destroying your site’s reputatíon for a small fee. The current fee is $3000 in bítcoíns (BTC).
Please send the bitcoin to the followíng Bítcoin address (Make sure to copy and paste):
Once you have paíd we will automatically get ínformed that ít was your payment. Please note that you have to make payment wíthín 5 days after receiving this e-mail or the database leak, e-maíls díspatched, and de-index of your site WiLL start!
How do i get Bítcoíns?
You can easily buy bitcoins vía several websítes or even offlíne from a Bítcoin-ATM.
What if i don’t pay?
íf you decíde not to pay, we will start the attack at the índicated date and uphold ít untíl you do, there’s no counter measure to thís, you will only end up wastíng more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.
Thís ís not a hoax, do not reply to this email, don’t try to reason or negotiate, we wíll not read any replies. Once you have paid we wíll stop what we were doing and you wíll never hear from us agaín!
Please note that Bitcoín ís anonymous and no one wíll fínd out that you have complíed.