Payment from your account Email

Payment from your account

“Payment from your account” is a malicious Windows program that uses disguise to enter user computers and carry out harmful tasks without getting detected. “Payment from your account” belongs to the Trojan horse malware family, which is currently the most widespread and most versatile type of computer viruses.

Payment from your account

The Payment from your account Email is created with the single purpose of tricking users into thinking their system is infected.

The goal of a given Trojan horse threat depends on the situation and on what the hackers behind it are trying to achieve.

For instance, a virus such as “Payment from your account” could be used to gather sensitive personal data from your machine by secretly spying on you until it acquires information it can use against you. Depending on what type of data the virus collects from your machine, it could later use it as blackmailing leverage or, if the virus has acquired your credit/debit card numbers, it could directly drain your banking accounts and send the money to the hackers.

Many of our users reported to us about an ongoing email spam with the following message:

Subject: Payment from your account.
 Greetings!
I have to share bad news with you.
Approximately few months ago I have gained access to your devices, which you use for internet browsing.
After that, I have started tracking your internet activities.
Here is the sequence of events:
Some time ago I have purchased access to email accounts from hackers (nowadays, it is quite simple to purchase such thing online).
Obviously, I have easily managed to log in to your email account (************).
One week later, I have already installed Trojan virus to Operating Systems of all the devices that you use to access your email.
In fact, it was not really hard at all (since you were following the links from your inbox emails).
All ingenious is simple. =)
This software provides me with access to all the controllers of your devices (e.g., your microphone, video camera and keyboard).
I have downloaded all your information, data, photos, web browsing history to my servers.
I have access to all your messengers, social networks, emails, chat history and contacts list.
My virus continuously refreshes the signatures (it is driver-based), and hence remains invisible for antivirus software.
Likewise, I guess by now you understand why I have stayed undetected until this letter…
While gathering information about you, I have discovered that you are a big fan of adult websites.
You really love visiting porn websites and watching exciting videos, while enduring an enormous amount of pleasure.
Well, I have managed to record a number of your dirty scenes and montaged a few videos, which show the way you masturbate and reach orgasms.
If you have doubts, I can make a few clicks of my mouse and all your videos will be shared to your friends, colleagues and relatives.
I have also no issue at all to make them available for public access.
I guess, you really don’t want that to happen, considering the specificity of the videos you like to watch, (you perfectly know what I mean) it will cause a true catastrophe for you.
Let’s settle it this way:
You transfer $1500 USD to me (in bitcoin equivalent according to the exchange rate at the moment of funds transfer), and once the transfer is received, I will delete all this dirty stuff right away.
After that we will forget about each other. I also promise to deactivate and delete all the harmful software from your devices. Trust me, I keep my word.
This is a fair deal and the price is quite low, considering that I have been checking out your profile and traffic for some time by now.
In case, if you don’t know how to purchase and transfer the bitcoins – you can use any modern search engine.
Here is my bitcoin wallet: 1GGZpqXsqKWSRnjJ1SHFaE5VPkMHHsKToX
You have less than 48 hours from the moment you opened this email (precisely 2 days).
Things you need to avoid from doing:
*Do not reply me (I have created this email inside your inbox and generated the return address).
*Do not try to contact police and other security services. In addition, forget about telling this to you friends. If I discover that (as you can see, it is really not so hard, considering that I control all your systems) – your video will be shared to public right away.
*Don’t try to find me – it is absolutely pointless. All the cryptocurrency transactions are anonymous.
*Don’t try to reinstall the OS on your devices or throw them away. It is pointless as well, since all the videos have already been saved at remote servers.
Things you don’t need to worry about:
*That I won’t be able to receive your funds transfer.
– Don’t worry, I will see it right away, once you complete the transfer, since I continuously track all your activities (my trojan virus has got a remote-control feature, something like TeamViewer).
*That I will share your videos anyway after you complete the funds transfer.
– Trust me, I have no point to continue creating troubles in your life. If I really wanted that, I would do it long time ago!
Everything will be done in a fair manner!
One more thing… Don’t get caught in similar kind of situations anymore in future!
My advice – keep changing all your passwords on a frequent basis

The Payment from your account email

Another common use of threats like the “Payment from your account” email is when they allow the hackers behind them to remotely initiate different processes on your computer without your knowledge or permission. Oftentimes, the processes launched on the infected computers are ones that force the machine to mine cryptocurrency (such as bitcoins).

While this doesn’t directly damage the system or compromise your privacy, it can make the computer nearly unusable because the resources spent on the cryptocurrency mining process are likely to leave little to nothing for other tasks. This would, in turn, make the computer extremely sluggish and prone to freezes and crashes. Until the virus is removed, you won’t be able to stop it from forcing your computer to use most (if not all) of its free RAM, CPU, and GPU for the mining process.

Trojans such as “Payment from your account” could also be potent malware distribution tools. In many cases, the main threat that attacks your computer won’t be the Trojan itself, but another virus that the Trojan brings to your computer. This is oftentimes the case with viruses of the infamous Ransomware cryptovirus family. Those threats are commonly delivered to the computers of their potential victims with the help of a Trojan horse virus that has already infected the targeted machine. In many instances, the Trojan may also operate as a rootkit (or download a rootkit) on the attacked machine. A rootkit is a piece of malware that is capable of hiding its presence and the presence of other viruses in the system. The presence of a rootkit Trojan on the computer could mean that the Ransomware (or any other threat) would be free to operate without any chance of it getting spotted by the user or the antivirus present on the computer.

Removing “Payment from your account”

If you think that your computer may currently be infected by “Payment from your account”, it is of great importance that you take immediate action towards cleaning your computer from any piece of data that may be related to the Trojan. Our suggestion for you is to follow the removal guide manual you will see below. Complete each step exactly as shown and, by the end of the guide, you should have managed to fully remove the dangerous Trojan virus.

SUMMARY:

Name Payment from your account
Type Trojan
Danger Level High (Trojans are often used as a backdoor for Ransomware)
Symptoms The symptoms that a Trojan could cause are many – BSOD crashes, computer sluggishness, different changes in the system and browser settings, obnoxious ads in the browser, and so on.
Distribution Method Most viruses of the Trojan horse type are distributed with the help of misleading web ads, harmful spam email attachments, and pirated or otherwise illegally distributed software.
Detection Tool

Payment from your account Email Removal

If you are looking for a way to remove “Payment from your account” you can try this:

  1. Click on the Start button in the bottom left corner of your Windows OS.
  2. Go to Control Panel -> Programs and Features -> Uninstall a Program.
  3. Search for “Payment from your account” and any other unfamiliar programs.
  4. Uninstall “Payment from your account” as well as other suspicious programs.

Note that this might not get rid of “Payment from your account” completely. For more detailed removal instructions follow the guide below.

If you have a Windows virus, continue with the guide below.

If you have a Mac virus, please use our How to remove Ads on Mac guide.

If you have an Android virus, please use our Android Malware Removal guide.

If you have an iPhone virus, please use our iPhone Virus Removal guide


Step1

Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).

Step2

WARNING! READ CAREFULLY BEFORE PROCEEDING!

Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous. 

malware-start-taskbar

Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Drag and Drop File Here To Scan
Drag and Drop File Here To Scan
Loading
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.


    After you open their folder, end the processes that are infected, then delete their folders. 

    Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections. 

    Step3

    Hold together the Start Key and R. Type appwiz.cpl –> OK.

    appwiz

    You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:

    virus-removal1

    Step4

    Type msconfig in the search field and hit enter. A window will pop-up:

    msconfig_opt

    Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.

    • Remember this step – if you have reason to believe a bigger threat (like ransomware) is on your PC, check everything here.

    Hold the Start Key and R –  copy + paste the following and click OK:

    notepad %windir%/system32/Drivers/etc/hosts

    A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

    hosts_opt (1)

    If there are suspicious IPs below “Localhost” – write to us in the comments.

    Step5

    Type Regedit in the windows search field and press Enter.

    Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:

    • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
      HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
      HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

    If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


    About the author

    blank

    Violet George

    Violet is an active writer with a passion for all things cyber security. She enjoys helping victims of computer virus infections remove them and successfully deal with the aftermath of the attacks. But most importantly, Violet makes it her priority to spend time educating people on privacy issues and maintaining the safety of their computers. It is her firm belief that by spreading this information, she can empower web users to effectively protect their personal data and their devices from hackers and cybercriminals.

    Leave a Comment