You just got a message from a cybercriminal claiming that he has obtained your IP address, he claims that he will hack you, and that you have to follow the orders given by the criminal.
Do not panic, follow these steps
Check your public IP and match it
Before you respond, take a look if the cybercriminal has given the IP address in the message, if that is the case, please go to whatsmyip.org and check if your external IP matches the IP provided by the cybercriminal.
If it does not match, the message is a bluf.
If your public IP is known
If your IP is known, people can contact your router. That happens several thousand times a day, but after an incident like this, it is wise to perform a check if everything is in order on your router.
Update your router
Make sure your router is up to date in terms of firmware and do not fool yourself about the settings if you are not sure what you are doing. Ask a friend if you need to.
Scan your devices
It can also indicate that your system has been compromised, in that case, please take a look if you have an antivirus program installed. Run the antivirus updates and perform a full scan on your device.
What can a cybercriminal do with your IP?
A cybercriminal can scan which ports you have open at that IP address. Possibly there are vulnerable services with open ports, so you can possibly be hacked. But if you use a router with a firewall, you are reasonably secure.
Details on what your public IP is
You should see an IP address as the license plate of your PC. If I know the license plate XX-YY-ZZ, I can’t do anything with it. Only agencies such as the police can link this to a person. If a cybercriminals wants to hack a PC, he needs an IP. But it is not the case that you can hack a PC directly with an IP.
What is true is that you can access a specific computer with a specific IP. If a cybercriminals knows that you do not know how computer security works and the cybercriminal has your IP, he can immediately “attack” your PC.
Making your IP public increases the chance of an attack because people are sure that the IP exists and that there is “someone”.
- Change your passwords
- Make use of unique passwords for each account
- Do not pay anything, if the cybercriminal gets personal, call the cops