Forum Discussion
Scary Email Scams...
Just got a beaut...
Email claims to have captured me in a compromising video by hacking my webcam and will send it to everyone in my addressbook unless I send $1900 to his bitcoin account. Includes an old password of mine as 'proof'.
As if... Did a little research and apparently four people have already fallen for this. The Bitcoin account was flagged as fraudulent: https://bitcoinwhoswho.com/address/1JHwenDp9A98XdjfYkHKyiE3R99Q72K9X4
Came through an MS Outlook.com server, so I reported it to their abuse and legal and offered to assist in any prosection. Let's see how far that goes (not expecting much).
Be careful out there folks...
Did it look like this?
I blacked out a section due to it being a little too racy to be on here.
The hilarious thing is that the last time I used a webcam was to face time with my father through Yahoo Messenger. It was about seven or eight years ago. My laptop and notebook have their built in webcams covered with electrical tape.
The password listed is correct, though one that I used on numerous, non sensitive websites. When I say nonsensitive I mean nothing more than my name and email address and no financial information whatsoever. They were also from years ago, before websites started needing more info. Wikipedia, original Youtube, etc. I started using real passwords for every site years ago, though there are almost certainly sites out there that still use that password. I'll change the ones I can think of, if they still exist.
And, interestingly enough, the bitcoin address isn't showing as fraudulent...yet.
https://bitcoinwhoswho.com/address/1Abom759v2dr6oFnXvC395zWJz5qqLguZr
Edit: I would so love to reply and request 80s synth music to be added to the alleged video before it's sent out. :p
So how are they doing this? Have they hacked your computers?
Edit: Found this article about this scam: https://techcrunch.com/2018/07/12/ransomware-technique-uses-your-real-passwords-to-trick-you/
Yup, that's it.
You should know that the majority of what's in there is fake.They have nothing else on you - no video, no nothing. There is usually no active pixel image in the html, either (the kind that spams use to validate you've opened it - why you should never, ever download remote images in an email).
Your email/password combination was likely obtained from a prior breach posted to the dark web, and retrieved by whoever created this thing. Have to admit that combined with the text, it adds a pretense of credulity.
The bitcoin accounts are always valid, otherwise they'd have no way of getting compensated, and yes they are barely traceable back to the offender. Seems they've not received a dime on that account tho.
But, if you have the headers you can look at the first "received from" line, reverse lookup the IP and figure out what the last server was used to send it to you (anything past that in the headers is likely forged). You might want to forward to their abuse/legal team and hint at possibly prosecuting the illicit activity. That's what I did with Microsoft - they'll sit up and take notice of that.
My advice is to send it to the abuse/legal team of the server that sent it last as well as possibly the FBI via the link that's earlier in the thread. I would also definitely change any passwords - especially the one stated in the email. However, I would not do anything to engage these people in any way, not even jokingly, because you validate youe existence and you don't know what they'll do as a response.
"They have nothing else on you - no video, no nothing."
OR DO THEY??????? MUAHAHAHAHHAHAHA!
Oh, my! That's an interesting one.
Was the old password they used as proof real? If so, that's a scary thought. Not in that the threat is real, but how it could convince people that it is.
MarkJFine wrote:ho.com/address/1JHwenDp9A98XdjfYkHKyiE3R99Q72K9X4
There are so many scammers out there now. I even get them in snailmail: "Warning your vehicle warranty is about to expire! Contact us immediately." . I bought the truck new in May,
Scary about the password though.Just got another one with a different Bitcoin acct and an extra $1k added on.
This might be an epidemic to outlook.com, so it's a good thing I'm sending them to MS.
Yesterday' came from a production server in Asia/Pacific. Today from Europe (if I correctly interpret how they name them). If so, and if their servers aren't distributed, it's likely two different people with the same virus.
