computer blackmail

amandstu

I got this in my inbox today.

Should I report it to anyone(authorities?)

Pretty sure it is bluster but is it a criminal offense to be sending out stuff like this presumably on the off chance that the cap will fit for a statistical subset of receivers?


edit: basically ,apart from a few banking websites I don't give a s** what anyone finds on my "device"(but that is not the point ,is it?)




Hello ****

My nickname in darknet is alf11.
I'll begin by saying that I hacked this mailbox (please look on 'from' in your header) more than six months ago,
through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

Even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right?
If you are of the same opinion, then I think that $500 is quite a fair price to destroy the dirt I created.

Send the above amount on my bitcoin wallet: 1MN7A7QqQaAVoxV4zdjdrnEHXmjhzcQ4Bq
As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device.
Also, I'll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 48 hours!
After your reading this message, I'll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson.
Do not be so nonchalant, please visit only to proven resources, and don't enter your passwords anywhere!
Good luck!

Sinus pain

I’ve seen posts about this before - do not engage

mloc123

Nigerian princes have diversified

Sinus pain

https://www.techlicious.com/blog/is-the-porn-blackmail-scam-real/comments-/CP2/

davyboy1975

Complete scam. You pay them the money then they come back looking for more.
I would report it if I was you as there are people who believe this rubbish and end up taking their own life because of it, the sooner its stopped the better

DesperateDan

Well I don't think the Gardai would really give a bollox but you can be sure none of that is true because its so lovely and vague. I would change your password and scan your machine though.

spurious

Surprisingly good English for that class of a thing, apart from please look on 'from' and 'please visit only'.

irishgrover

Personally I'd just get a better spam filter.... That's a completely generic spam phishing mail

amandstu

I got an earlier one a week ago (someone else probably) saying my eircom account email was hacked (it gave the wrong password)

edit: ie to another one of my email accounts

reedit:I did scan my computer then

begbysback

Id report them for using darknet as s name

bobby lingen

I got 3 of the very same last week, the feckers had one of correct passwords in the subject line, so that kinda freaked me. Anyway I just deleted the emails and changed my password.

AndrewJRenko

If you like to post your browsing history here, we will review it and see if you have anything to worry about.

bobby lingen

bobby lingen wrote: »

I got 3 of the very same last week, the feckers had one of correct passwords in the subject line, so that kinda freaked me. Anyway I just deleted the emails and changed my password.

Check your email here. I suspect your listed.

https://haveibeenpwned.com/


Scammers scrape known harvest lists and then deploy them in an email campaign.

20/20

NoDrama what is that **** you posted ?
Every email entered is corrupt
I entered Leo Varadkar email and it says.. Oh no - catastrophic failure!

TheValeyard

It's a clever scam. But do what other users suggest and ignore it



Edit: a word.

Ronan|Raven

20/20 wrote: »

NoDrama what is that **** you posted ?
Every email entered is corrupt
I entered Leo Varadkar email and it says.. Oh no - catastrophic failure!

WTF are you on about? https://haveibeenpwned.com/ is one the best sites for people to see if their email accounts have ended up on lists.

fxotoole

Engage with them, just to wind them up, and waste their time. The more time of theirs you waste is time where they’re not scamming more gullible people

Avatar MIA

20/20 wrote: »

NoDrama what is that **** you posted ?
Every email entered is corrupt
I entered Leo Varadkar email and it says.. Oh no - catastrophic failure!

Enter an email into that and guarantee spam. So, anyone you don't like

OldMrBrennan83

It used to be excellent but whether it was bought out or what, it's basically just a 1Password ad now.

Mean Laqueefa

Go with other advice

Also go watch Black Mirror episode ''Shut up and dance'', it will calm you down

enniscorthy

Nothing to worry about mate same reason i live life openly and freely advocating my use of cam4 and smotri hehe

Johnboy1951

NoDrama wrote: »

Check your email here. I suspect your listed.

https://haveibeenpwned.com/


Scammers scrape known harvest lists and then deploy them in an email campaign.

Is there any way through that site that you can determine if your email address has been breached, rather than just the valid address found?

I could post an email address in this post and it could easily end up on one of the lists they check, but that would not mean anyone did, or could do, anything nefarious with it.

20/20

Enniscorthy are you not on https://reallifecam.com.

bpmurray

I got one once where they said that they had been hired to assassinate me, but if I paid more they wouldn't. Well, I didn't pay and I'm still here :-)

Ive looked at the bitcoin wallet. There have been 5 transactions, all in the last 24 hours each has been about $500, so it looks like a few people have payed up. I'd be fairly sure he doesn't have any of your data, he has just spammed a load of people in the hope they'll pay up, and 5 people have.

If I was you I'd go back and tell him youve no idea how to send bitcoin and basically just waste his time. Eventually he'll get bored and leave you alone. If he had some of your data he'd have attached proof to the email.

mvl

May I ask what address domain was this sent from ?

I also got one couple of weeks ago - and I think I opened a thread on AH about it. It was from a dummy mail ending in outlook.com - now I have them filtered out.

My issue was that I got it on my work address (the mail contained an old linkedin password I never used for work, a bitcoin ID, and was looking for 3000 usd) - so did get a couple of hours of panic until I found out about similar messages.

As a consequence, now I am contemplating about getting rid of my linkedin account - they were bloody breached in 2012, and it is a big deal if those names/passwords are used now for crap like this.

AndrewJRenko

mvl wrote: »

As a consequence, now I am contemplating about getting rid of my linkedin account - they were bloody breached in 2012, and it is a big deal if those names/passwords are used now for crap like this.

The horse has bolted. Getting rid of your LinkedIn account now does nothing to protect you from past breaches.

Your best option is to stop reusing passwords across different sites and use a password manager.

mvl

AndrewJRenko wrote: »

The horse has bolted. Getting rid of your LinkedIn account now does nothing to protect you from past breaches.

Your best option is to stop reusing passwords across different sites and use a password manager.

I know - its just that I am so annoyed at them ... my professional address is out there because of their security failure
- so another advice for ppl is don't open too many (social media) accounts you don't need.

anewme

I got a new mail, in fact a load of them, very similar style, saying I was watching porn and they were sending it to my contacts if I did not pay. Funny thing is, I wasnt watching any porn ever so knew from day 1 it was a spoof.

They had my password, one I used years ago.

That breach came from linkedin.

amandstu

mvl wrote: »

May I ask what address domain was this sent from ?

I also got one couple of weeks ago - and I think I opened a thread on AH about it. It was from a dummy mail ending in outlook.com - now I have them filtered out.

My issue was that I got it on my work address (the mail contained an old linkedin password I never used for work, a bitcoin ID, and was looking for 3000 usd) - so did get a couple of hours of panic until I found out about similar messages.

As a consequence, now I am contemplating about getting rid of my linkedin account - they were bloody breached in 2012, and it is a big deal if those names/passwords are used now for crap like this.

this is the header from my spam filter prog(mailwasher)
edited out my own details
Return-Path: <**@**.ie>
Delivered-To: **@**.ie
Received: from bravo.iccmhosting.com
by bravo.iccmhosting.com with LMTP id mLV8HGNYwlvTqAAA44OKVg
for <**@**.ie>; Sat, 13 Oct 2018 21:41:07 +0100
Return-path: <**@**.ie>
Envelope-to: **@**.ie
Delivery-date: Sat, 13 Oct 2018 21:41:07 +0100
Received: from [37.231.100.62] (port=24905)
by bravo.iccmhosting.com with esmtp (Exim 4.91)
(envelope-from <**@**.ie>)
id 1gBQig-000CzY-Qd
for **@**.ie; Sat, 13 Oct 2018 21:41:07 +0100
From: <**@**.iee>
To: <**@**.ie>
Subject: **@**.ie was hacked
Date: 14 Oct 2018 01:21:20 +0200
Message-ID: <002901d4634e$07cc9444$e402e7bb$@**.ie>
MIME-Version: 1.0
Content-Type: text/plain;
charset="cp-850"
Content-Transfer-Encoding: 8bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Actb0h3fx2jk7sbrqt0h3fx2jk7sbr==
Content-Language: en
x-cr-hashedpuzzle: 2D4= 2egj p8o4 134u x42e gjp8 o413 4ux4 2egj p8o4 134u x42e mi62 qg56 7vhw 1emi;1;62qg567vhw1emi62qg567vhw1emi62qg567vhw1emi62qg56;Sosha1_v1;7;\{E286F6E9-3192-992E-4A3A-25FD5E55E286\};ZQB3AGUAZg1emi62qg567vhw1emi62qg567vhw1emi62qg56;14 Oct 2018 01:21:20 +0200;x8vhgbgx8vhgbgx8
x-cr-puzzleid: \{E286F6E9-3192-992E-4A3A-25FD5E55E286\}
X-Antivirus: Avast (VPS 181014-0, 14/10/2018), Inbound message
X-Antivirus-Status: Clean

It is not clear to me where that came from . It does look like it might be my own account .....or could it be forged?...can't say

FanadMan

amandstu wrote: »

this is the header from my spam filter

Received: from B]37.231.100.62[/B (port=24905)
by bravo.iccmhosting.com with esmtp (Exim 4.91)
(envelope-from <**@**.ie>)
id 1gBQig-000CzY-Qd


It is not clear to me where that came from . It does look like it might be my own account .....or could it be forged?...can't say

That IP is from Kuwait https://www.whois.com/whois/37.231.100.62

But god only know's where the mail originated

Ten Pin

...does look like it might be my own account .....or could it be forged?

Unless the sender is authenticated then it's possible to spoof the header with any address. Search "spoof email sender" for an explanation.

amandstu

Just an update for anyone interested. I got another of those emails claiming to have hacked one of my free eircom.net email addresses (tinet.ie for those with longer memories).

She/he gave the right (old) password but I remember that password from the time that eircom was hacked and we were all given new passwords by eircom .

That must be at least 15 years ago I would say

So they must still be hawking around those lists of old compromised passwords....

Graniteville

fxotoole wrote: »

Engage with them, just to wind them up, and waste their time. The more time of theirs you waste is time where they’re not scamming more gullible people

Engage from a totally different and temporary Gmail address - they'll have sent so many that they won't know the difference

amandstu

Graniteville wrote: »

Engage from a totally different and temporary Gmail address - they'll have sent so many that they won't know the difference

There is a name for that activity which I can't remember.Be careful though.Those are professional criminals and you have to be sure they cannot identify you I would have thought.

demanufactured

We received this I to our IT helpdesk in work yesterday.
I'd love to reply asking which server or pc they have infected.
But alas I have deleted and blocked the address on the mail server.

unkel

1MN7A7QqQaAVoxV4zdjdrnEHXmjhzcQ4Bq
1MN7A7QqQaAVoxV4zdjdrnEHXmjhzcQ4Bq QR code
Total Received: 1.61651067

Total Sent: 1.61651067

Final Balance: 0.00000000

Total transactions: 26

Recent transactions:

Date ▼ Amount Balance
⛁ 2018-10-22 13:55:09 -1.61651067 0.00000000
⛁ 2018-10-16 15:36:54 0.07660000 1.61651067
⛁ 2018-10-16 08:50:15 0.07783900 1.53991067
⛁ 2018-10-15 18:02:22 0.07528000 1.46207167
⛁ 2018-10-15 16:52:55 0.07484459 1.38679167
⛁ 2018-10-15 15:08:40 0.00006826 1.31194708
⛁ 2018-10-15 14:20:09 0.06741952 1.31187882
⛁ 2018-10-15 12:07:16 0.07919730 1.24445930
⛁ 2018-10-15 11:29:30 0.06945419 1.16526200
⛁ 2018-10-15 09:15:02 0.01626612 1.09580781
⛁ 2018-10-15 08:52:26 0.07347500 1.07954169
⛁ 2018-10-15 07:31:14 0.07893525 1.00606669
⛁ 2018-10-15 05:20:30 0.08880381 0.92713144
⛁ 2018-10-15 01:03:15 0.08415000 0.83832763
⛁ 2018-10-15 00:47:29 0.08400000 0.75417763
⛁ 2018-10-14 23:13:36 0.06536933 0.67017763
⛁ 2018-10-14 23:05:36 0.02384445 0.60480830
⛁ 2018-10-14 19:00:43 0.08014100 0.58096385
⛁ 2018-10-14 17:49:32 0.00010080 0.50082285
⛁ 2018-10-14 17:39:08 0.03992138 0.50072205
⛁ 2018-10-14 16:59:15 0.08150000 0.46080067
⛁ 2018-10-14 02:07:19 0.06041315 0.37930067
⛁ 2018-10-13 16:44:59 0.08060382 0.31888752
⛁ 2018-10-13 05:38:27 0.08100000 0.23828370
⛁ 2018-10-13 04:06:05 0.08100000 0.15728370
⛁ 2018-10-13 03:58:37 0.07628370 0.07628370

A lot of people paid him about BTC0.07, which is roughly USD500. Then he cleared the balance. A lot of gullible people out there feeling guilty about their secret online behaviour

unkel

His BTC address was reported 283 times

Linky

circadian

Yeah I just checked the address too, first time I've seen one of these with deposits.

GrumpyMe

bpmurray wrote: »

I got one once where they said that they had been hired to assassinate me, but if I paid more they wouldn't. Well, I didn't pay and I'm still here :-)

Where exactly?