The Scammers Keep Trying

Image result for sextortion

I don’t get much spam these days with Gmail, their filters are pretty good at sifting out the chaff. But I still have an account with another provider that lets a few things through.

The first one I saw this week was the old “Nigerian Prince” ploy, it amazes me that people are still trying this one.

Hello

I am contacting you to see if we can make a business together, My names are  Suvo  sarkar the Chief Executive Director of Emirates NBD  in United Arab Emirate  U.A.E. I discovered a dormant account with a holding balance of US$63M in the bank where I am working in United Arab Emirate U.A.E, Actually I do not have to involve myself officially because of my job and position in the bank, but I know what will be required to release the fund to you as I will present you as next of kin to the inheritance. I know all about the depositor who has passed away leaving no beneficiary to the account he deposited the funds.

Please get back to indicate your interest so I can give you the full details of the transaction for us to commence immediately.

Best regards,
Suvo Sarka

By now, everyone should know about this kind of thing – but just in case, this is 100% pure bull manure – there’s no money, you’re  not next of kin, and if you respond, there will be “taxes,” “fees,” “bribes,” “administrative stamps,” and other things to be paid until you run out of money, time, or patience.

These people are criminals, thieves, bad actors with no conscience and no morals. Many of them justify their theft by saying to themselves, “The White Man plundered our country, it’s only fair to take their money.” Others are just evil men with no conscience. Do not interact with them.

The second scam, commonly known as “sextortion,” was more interesting, I had not seen one of these before.

From: nightmarе <bogus_email@phoney.com>
To: <redacted>
Subject: You are my viсtim.

Hi, my prey.

THIS IS MY LAST WARNING!

I write you because I put a virus on the web page with pornography which you have viewed.
My trоjan caрtured аll your рrivate dаta аnd switсhed on yоur сamеrа whiсh rеcordеd thе act оf yоur solitаry sex. Just аfter thаt thе trоjаn saved your contact list.
I will erаsе thе cоmрrоmising videо rесords аnd informаtiоn if you send me 750 USD in bitcoin.
This is address fоr pаymеnt : 1PLtH8HPHQLboeFvrBN2XJPJz99TxayGCo
I give you 30 hours after yоu opеn my mеssаgе fоr making thе payment.
Аs sоon аs you reаd thе mеssаgе I’ll sеe it right аwаy.
It is nоt nесessаry to tell me that yоu hаvе sеnt mоney to mе. This аddress is connectеd to yоu, my systеm will еrased autоmаticаlly after transfer соnfirmatiоn.
If you nеed 48h just Opеn thе calculatоr on yоur desktор and press +++
If yоu don’t раy, I’ll send dirt tо all your contасts.
Let me remind you-I sеe what you’re dоing!
Yоu cаn visit thе policе officе but anybody cаn’t help you.
If yоu try to dеceivе me , I’ll know it immediately!
I dоn’t live in your cоuntry. So аnyоnе cаn not trаck my lосаtion еvеn fоr 9 mоnths.
byе. Don’t fоrgеt аbоut the shame and tо ignorе, Your lifе сan be ruined.

First:

This is sheer nonsense, blasted out to all and sundry with harvested or leaked emails in the hopes of catching a scared victim. Because some people do visit adult sites, and some people do have webcams, and it is possible for hackers to access these cameras remotely if people are foolish enough to download the appropriate malware.

Second:

  1. I don’t have a webcam, I don’t visit adult sites, and my computer is well-protected against malware, so all his noise about trojans and “compromising video records” are nothing but lies.
  2. Opening a calculator app and pressing “+++” could not possibly interact with an email program to let a scammer know that I needed 48 hours instead of 30 to send him his blackmail money.
  3. You can go to https://bitcoinwhoswho.com/ and look up bitcoin addresses like the one the scammer lists above. According to the report generated, this particular address has been reported multiple times for fraudulent activity, always the same sextortion scam but often with varying messages

Ransomware that encrypts your data is a different kind of beast, and it is more prevalent, and easier to be affected by even if you don’t visit infected websites. Don’t open attachments from unknown senders, regardless of how innocent or official they may look. Verify first.

This is an example of a ransomware scam:

From: “Troy Almaguer” <bogusmail@bitbucket.com>
Subject: Wire Transfer
To: <redacted>

Did you authorize a wire transfer to our accounts?
We have acquired a sum of USD $2000,00 from your bank account and we do not understand what the funds are for.
We do not have any purchases with your firm that we know about. So why are you generating settlements to us?
Please see the attached remittance files and double check with your corporation and bank.
Password is 1234


[Attached Document with clickable link]

It looks really official, and an administrator, or assistant, or secretary might be easily fooled into clicking on that innocent-looking attachment. Don’t ever do it, you’ll likely end up with all your data encrypted and no way to get it back unless you have robust backups.

There are a lot of scumbags out there. Be careful, practice safe computing, and don’t let the criminals win.

The Old Wolf has spoken.

One response to “The Scammers Keep Trying

  1. Thanks for the Bitcoin who’s who address. I’ve been reporting the sextortion to the FBI. I’ve also received it at work and reported it to the system office security department. The versions I get cite very old passwords they get from the dark web after breaches, but I haven’t used in years.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s