- Don’t panic. They absolutely do not have the keys to your computer.
- See if the email in question pops up over on Haveibeenpwned.
- See if your password does the same thing.
- At this point, you may have a fairly good idea which breach they grabbed your old login from, which is always useful information to have.
- Delete the email you were sent, and under no circumstances pay them a penny/dime/insert currency of choice here.
Since you're quarantined and have nothing else to do, you can also file a complaint at the FBI's Internet Crime Complaint Center. Click here for the form: (IC3).