Hello,
As some of you may be aware, I am quite fanatical about Information Security, having also recently switched to using Elementary OS Linux as my main home computer operating system.
A few days ago, I received an email from an unknown source claiming they had my outlook.com password, reading through the email, it transpired that they did indeed have it. But they also were trying to blackmail me for $900 of bitcoin, claiming that they had infected my PC with malware, remotely turned on my webcam and filmed me and my wife / girlfriend having sex. Well 2 things are wrong with that last bit. I'm currently single ish and 2, I don't have a webcam. So I'm ignoring the email.... apart from them having my password.
It wasn't that worrying, because I do have 2 factor authentication switched on for everything that supports it, but I decided to change the passwords anyway, just to be sure. I don't believe the malware story since PC has been scanned to within an inch of it's life and found nothing, but the fact is they still had my password. The most likely source has come from a data breach elsewhere that is not in our control.
The moral of the story is, use a strong password and also use 2 factor authentication for everything that supports it. And if you do own a webcam and get caught like they claimed I was, get on to pornhub, find your video and bump up the views... you may get some advertising revenue