Author Topic: sextortion-scam and spoofing email  (Read 216 times)

0 Members and 1 Guest are viewing this topic.

Offline ValentineWeather

  • Forecaster
  • *****
  • Posts: 5364
sextortion-scam and spoofing email
« on: October 09, 2018, 07:51:28 AM »
This was the second such email like this I've received asking for bitcoin.  What got me thinking of this is Cumulus forum was hacked. This time it looks like they spoofed my email address because it was sent from same and real email address. It's a scam for sure because nothing is true and I don't have an indoor camera or visit porn sites.  The password they used was real, at one time my hikvision camera pass and may have been used on different forums I no longer visit.
I found this information about sextorion-scam
https://www.eff.org/deeplinks/2018/07/sextortion-scam-what-do-if-you-get-latest-phishing-spam-demanding-bitcoin

This was the email: The user on first line is my real email address. They never mention by name any real site, jut the email address and the old password.

Hi, dear user of xxx@xxx.com
We have installed one RAT software into you device.
For this moment your email account is hacked (see on <from address>, I messaged you from your account).
Your password for xxx@xxxx.com: xxxxxxx

I have downloaded all confidential information from your system and I got some more evidence.
The most interesting moment that I have discovered are videos records where you masturbating.

I posted my virus on porn site, and then you installed it on your operation system.
When you clicked the button Play on porn video, at that moment my trojan was downloaded to your device.
After installation, your front camera shoots video every time you masturbate, in addition, the software is synchronized with the video you choose.

For the moment, the software has collected all your contact information from social networks and email addresses.
If you need to erase all of your collected data, send me $800 in BTC (crypto currency).
This is my Bitcoin wallet: 1HqUfvPooEY3fQPsuM4dRzq5uzTQjDoYpt
You have 48 hours after reading this letter.

After your transaction I will erase all your data.
Otherwise, I will send video with your pranks to all your colleagues and friends!!!

And henceforth be more careful!
Please visit only secure sites!
Bye!


« Last Edit: October 09, 2018, 08:01:13 AM by ValentineWeather »
Randy

Offline SLOweather

  • Administrator
  • Forecaster
  • *****
  • Posts: 3434
    • http://www.sloweather.com
Re: sextortion-scam and spoofing email
« Reply #1 on: October 09, 2018, 10:40:14 AM »
Yeah, my 95 year old mother got one of these. Sheesh..

Offline ValentineWeather

  • Forecaster
  • *****
  • Posts: 5364
Re: sextortion-scam and spoofing email
« Reply #2 on: October 09, 2018, 10:45:35 AM »
Yeah, my 95 year old mother got one of these. Sheesh..

 :lol:
Randy

Offline CNYWeather

  • Forecaster
  • *****
  • Posts: 2159
  • Yeah, I'm hugging my traffic light.
    • http://www.cnyweather.com
Re: sextortion-scam and spoofing email
« Reply #3 on: October 09, 2018, 12:07:31 PM »
I've gotten 1 a day for the past week. I'm sure i'll get more.
Tony




Offline saratogaWX

  • Administrator
  • Forecaster
  • *****
  • Posts: 6766
  • Saratoga, CA, USA Weather - free PHP scripts
    • Saratoga-Weather.org
Re: sextortion-scam and spoofing email
« Reply #4 on: October 09, 2018, 12:31:50 PM »
It's a common scam.  They're using userid/passwords obtained from various hacked sites.

You can see if your email address(es) are amongst the fallen at https://haveibeenpwned.com/

If you find your address was on the list, then change your password for that address ASAP.  That won't prevent future scam posts, but will thwart someone trying to use that account.
Ken True/Saratoga, CA, USA main site: saratoga-weather.org
Davis VP1+ FARS, Boltek-PCI/NexStorm, microSferics ToA, Blitzortung RED, GRLevel3, WD, WL, VWS, Cumulus, Meteobridge/hub
Free weather PHP scripts/website templates - update notifications on Twitter saratogaWXPHP

Offline ValentineWeather

  • Forecaster
  • *****
  • Posts: 5364
Re: sextortion-scam and spoofing email
« Reply #5 on: October 09, 2018, 01:26:55 PM »
Thanks, I got a message from one of the credit check sites I belong, about 3 months ago to change all passwords associated with my email address. They apparently cross checked and notified customers. 
Randy

Offline miraculon

  • Sunrise Side Weather
  • Forecaster
  • *****
  • Posts: 3178
  • KE8DAF
    • Sunrise Side Weather in Rogers City MI USA
Re: sextortion-scam and spoofing email
« Reply #6 on: October 09, 2018, 02:17:09 PM »
It's a common scam.  They're using userid/passwords obtained from various hacked sites.

You can see if your email address(es) are amongst the fallen at https://haveibeenpwned.com/

If you find your address was on the list, then change your password for that address ASAP.  That won't prevent future scam posts, but will thwart someone trying to use that account.

Thanks for the link, Ken. I had one account affected. My Dad's account was also compromised.

I had some trouble with Thunderbird accessing gmail after trying 2-factor (a mistake) and had trouble getting it to work again, but I finally got it.

Greg H.


Blitzortung Stations #706 and #1682
CoCoRaHS: MI-PI-1
CWOP: CW4114 and KE8DAF-13
WU: KMIROGER7
Amateur Radio Callsign: KE8DAF

Offline vreihen

  • El Niņo chaser
  • Forecaster
  • *****
  • Posts: 849
  • K2BIG
Re: sextortion-scam and spoofing email
« Reply #7 on: October 09, 2018, 05:09:07 PM »
I've gotten 1 a day for the past week. I'm sure i'll get more.

Only one per day?  The mail gateway filters that I have at work are flagging 1-2 per *minute* just from the fingerprint text strings "Bitcoin Wallet" and "BTC Wallet" and a regex looking for wallet addresses.....
WU Gold Stars for everyone! :lol: