I don’t get much spam these days with Gmail, their filters are pretty good at sifting out the chaff. But I still have an account with another provider that lets a few things through.
The first one I saw this week was the old “Nigerian Prince” ploy, it amazes me that people are still trying this one.
I am contacting you to see if we can make a business together, My names are Suvo sarkar the Chief Executive Director of Emirates NBD in United Arab Emirate U.A.E. I discovered a dormant account with a holding balance of US$63M in the bank where I am working in United Arab Emirate U.A.E, Actually I do not have to involve myself officially because of my job and position in the bank, but I know what will be required to release the fund to you as I will present you as next of kin to the inheritance. I know all about the depositor who has passed away leaving no beneficiary to the account he deposited the funds.
Please get back to indicate your interest so I can give you the full details of the transaction for us to commence immediately.
By now, everyone should know about this kind of thing – but just in case, this is 100% pure bull manure – there’s no money, you’re not next of kin, and if you respond, there will be “taxes,” “fees,” “bribes,” “administrative stamps,” and other things to be paid until you run out of money, time, or patience.
These people are criminals, thieves, bad actors with no conscience and no morals. Many of them justify their theft by saying to themselves, “The White Man plundered our country, it’s only fair to take their money.” Others are just evil men with no conscience. Do not interact with them.
The second scam, commonly known as “sextortion,” was more interesting, I had not seen one of these before.
From: nightmarе <firstname.lastname@example.org>
Subject: You are my viсtim.
Hi, my prey.
THIS IS MY LAST WARNING!
I write you because I put a virus on the web page with pornography which you have viewed.
My trоjan caрtured аll your рrivate dаta аnd switсhed on yоur сamеrа whiсh rеcordеd thе act оf yоur solitаry sex. Just аfter thаt thе trоjаn saved your contact list.
I will erаsе thе cоmрrоmising videо rесords аnd informаtiоn if you send me 750 USD in bitcoin.
This is address fоr pаymеnt : 1PLtH8HPHQLboeFvrBN2XJPJz99TxayGCo
I give you 30 hours after yоu opеn my mеssаgе fоr making thе payment.
Аs sоon аs you reаd thе mеssаgе I’ll sеe it right аwаy.
It is nоt nесessаry to tell me that yоu hаvе sеnt mоney to mе. This аddress is connectеd to yоu, my systеm will еrased autоmаticаlly after transfer соnfirmatiоn.
If you nеed 48h just Opеn thе calculatоr on yоur desktор and press +++
If yоu don’t раy, I’ll send dirt tо all your contасts.
Let me remind you-I sеe what you’re dоing!
Yоu cаn visit thе policе officе but anybody cаn’t help you.
If yоu try to dеceivе me , I’ll know it immediately!
I dоn’t live in your cоuntry. So аnyоnе cаn not trаck my lосаtion еvеn fоr 9 mоnths.
byе. Don’t fоrgеt аbоut the shame and tо ignorе, Your lifе сan be ruined.
This is sheer nonsense, blasted out to all and sundry with harvested or leaked emails in the hopes of catching a scared victim. Because some people do visit adult sites, and some people do have webcams, and it is possible for hackers to access these cameras remotely if people are foolish enough to download the appropriate malware.
- I don’t have a webcam, I don’t visit adult sites, and my computer is well-protected against malware, so all his noise about trojans and “compromising video records” are nothing but lies.
- Opening a calculator app and pressing “+++” could not possibly interact with an email program to let a scammer know that I needed 48 hours instead of 30 to send him his blackmail money.
- You can go to https://bitcoinwhoswho.com/ and look up bitcoin addresses like the one the scammer lists above. According to the report generated, this particular address has been reported multiple times for fraudulent activity, always the same sextortion scam but often with varying messages
Here’s another example, just for reference:
From: “Anonymous Hacker – Ma” email@example.com
Subject: This is my last warning [redacted]
LAST WARNING [redacted]
You have the last chance to save your social life – I am not kidding!!
I give you the last 72 hours to make the payment before I send the video with your [indecent activity] to all your friends and associates.
The last time you visited a erotic website with young Teens, you downloaded and installed the software I developed.
My program has turned on your camera and recorded your [indecent activity] and the video you were watching.
My software also downloaded all your email contact lists and a list of your Facebook friends.
I have both the ‘Info.mp4’ with your [indecent activity] and a file with all your contacts on my hard drive. You are very perverted!
If you want me to delete both files and keep your secret,you must send me Bitcoin payment. I give you the last 72 hours. If you don’t know how to send Bitcoins, visit Google.
Send 2000 USD to this Bitcoin address immediately:
32u7BDdEb48LXNTDDTe9q9Nce5Z9QAJG1g (copy and paste)
1 BTC = 3470 USD right now, so send exactly 0.588241 BTC to the address above.
Do not try to cheat me! As soon as you open this Email I will know you opened it.
This Bitcoin address is linked to you only, so I will know if you sent the correct amount. When you pay in full, I will remove both files and deactivate my software.
If you don’t send the payment, I will send your [perverted] video to ALL YOUR FRIENDS AND ASSOCIATES from your contact list I hacked.
Here are the payment details again:
Send 0.588241 BTC to this Bitcoin address:
You can visit the police but nobody will help you. I know what I am doing. I don’t live in your country and I know how to stay anonymous.
Don’t try to deceive me – I will know it immediately – my spy ware is recording all the websites you visit and all keys you press.
If you do – I will send this ugly recording to everyone you know, including your family.
Don’t cheat me! Don’t forget the shame and if you ignore this message your life will be ruined.
I am waiting for your Bitcoin payment.
P.S. If you need more time to buy and send 0.588241 BTC, open your notepad and write ’48h plz’.
I will consider giving you another 48 hours before I release the vid, but only when I really see you are struggling to buy bitcoin.
And one more:
Subject: You are my victim.
Dо nоt mind оn my illitеrасy, I am frоm China.
I uрlоаdеd thе mаliciоus рrоgram on your systеm.
Sinсе thаt mоment I рilfеrеd аll рrivy bасkgrоund frоm yоur systеm. Аdditiоnally I have somе morе соmрromising evidеnсе. The mоst intеrеsting еvidenсе thаt I stоlе- its а videоtаpе with your [indecent activity]. I аdjustеd virus оn а роrn web sitе аnd аftеr yоu lоadеd it. Whеn yоu dесidеd with thе vidеo аnd tарpеd on a рlаy buttоn, my dеlеtеriоus sоft at оncе sеt up on your systеm. Аfter adjusting, yоur саmerа shoоt thе vidеоtаpе with your [indecent activity], in аdditiоn it saved рreсisеly thе рorn vidеo yоu were watching. In nеxt fеw dаys my mаlwаre cоllесtеd аll your sociаl and wоrk сontaсts.
If yоu wаnt tо dеlеtе thе recоrds- pay mе 340 еuro in BTC(сryрtосurrenсy).
I provide you my Btc number – 1JRMsH8xnm2Uk3XZQfS63woi4uFyM2gBLC
Yоu hаvе 24 hours after rеаding. Whеn I gеt trаnsfer I will dеstrоy the videotaрe еvermоrе.
If you need 50 hours just Open the calculator on your desktop and press +++
Оther way I will send thе tаpе to аll yоur cоlleaguеs and friеnds.
Again, these messages are sheer nonsense, but might well frighten some people into paying. The criminals who are perpetrating these scams are very evil. Never respond to them, never send any money to them.
Ransomware that encrypts your data is a different kind of beast, and it is more prevalent, and easier to be affected by even if you don’t visit infected websites. Don’t open attachments from unknown senders, regardless of how innocent or official they may look. Verify first.
This is an example of a ransomware scam:
From: “Troy Almaguer” <firstname.lastname@example.org>
Subject: Wire Transfer
Did you authorize a wire transfer to our accounts?
We have acquired a sum of USD $2000,00 from your bank account and we do not understand what the funds are for.
We do not have any purchases with your firm that we know about. So why are you generating settlements to us?
Please see the attached remittance files and double check with your corporation and bank.
Password is 1234
[Attached Document with clickable link]
It looks really official, and an administrator, or assistant, or secretary might be easily fooled into clicking on that innocent-looking attachment. Don’t ever do it, you’ll likely end up with all your data encrypted and no way to get it back unless you have robust backups.
There are a lot of scumbags out there. Be careful, practice safe computing, and don’t let the criminals win.
The Old Wolf has spoken.
Thanks for the Bitcoin who’s who address. I’ve been reporting the sextortion to the FBI. I’ve also received it at work and reported it to the system office security department. The versions I get cite very old passwords they get from the dark web after breaches, but I haven’t used in years.
Pingback: The scammers are getting desperate | Playing in the World Game