ARCHIVE: Australian Ham Radio Discussion Forum ( AHRDF )

Full Version: Email spam / scam / spoof / hoax Oct 2018
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Got an email today that says it came from my email account but originates from 90.165.54.92 with subject "XXXXXX@XXXXX.XXX is hacked".  I am aware of others who have received the same email over the last month or so, maybe from a different IP, but I didn't personally see those messages.  Funnily enough, no trace of it exists in my Sent items - simply because the email address was spoofed for the purpose of this email....

'
Hello!

My nickname in darknet is delainey77.
I hacked this mailbox more than six months ago, through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

If you don't belive me please check 'from address' in your header, you will see that I sent you an email from your mailbox.

Even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right?
If you are of the same opinion, then I think that $543 is quite a fair price to destroy the dirt I created.

Send the above amount on my BTC wallet (bitcoin): 19D67Tgb3neJiTHd8pZDEBYmUn2qSjxEeB
As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device.
Also, I'll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 50 hours!
After your reading this message, I'll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson.
Do not be so nonchalant, please visit only to proven resources, and don't enter your passwords anywhere!
Good luck!

"

To the would-be scammer : sorry, it isn't going to work !!!

To others : ignore and delete !!!

VK5ZD

I got one similar a few months back. As usual, I chose to ignore it and guess what?
The world (or my PC) didn't come crashing down.

Big Grin Big Grin Big Grin

VK2WP

Honestly these jerks are desperate lowlifers. Still it makes me glad that when I purchased this computer only some months ago put a piece of insulation tape across the camera lens before I switched it on.
Yea, had them as well.

Same as '5ZD', totally ignored it and lo and behold - nothing happened.

Wife opened her email one day a couple of months ago to find 3700+ emails - she HAD been hacked and her account was sending out thousands of spam emails.
Fixed it before even our internet provider noticed.
Hello,   I strongly suggest you visit: https://haveibeenpwned.com/ and enter your email address (read the FAQ's on the site first)

you may find your details have been harvested from a site breach (some of these data dumps are very old)

Peter, vk5pj
Did that and yes her email address is on there.

Password change and some other security options from the internet provider solved the problem (why they have to bury these options in hard to find places amazes me).
Slightly different email this time. Same extortion attempt though.   Interestingly, the password suggested is one I haven't used EVER so methinks it is again a scam / hoax with (again) my (different) email address spoofed... It makes it a little harder to accept as being true when the PC doesn't have a web-camera to grab images from...

Why am I putting up on the forum ? Quite simple really: so others who get it can ignore it too.   Make sure you have good antivirus running and current.... and forget.

Email source: mail.nuevasideas.com.py (mail.nuevasideas.com.py [190.128.205.114]

Hello!


I'm a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.
This is your password from XXXX@XXXX.XXX on moment of hack: doug1013

Of course you can will change it, or already changed it.
But it doesn't matter, my malware updated it every time.

Do not try to contact me or find me, it is impossible, since I sent you an email from your account.

Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.

You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.

I am in shock of your fantasies! I've never seen anything like this!

So, when you had fun on piquant sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.

There will be laughter when I send these photos to your contacts!
BUT I'm sure you don't want it.

Therefore, I expect payment from you for my silence.
I think $891 is an acceptable price for it!

Pay with Bitcoin.
My BTC wallet: 1JTtwbvmM7ymByxPYCByVYCwasjH49J3Vj

If you do not know how to do this - enter into Google "how to transfer money to a bitcoin wallet". It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.

My Trojan have auto alert, after this email is read, I will be know it!

I give you 2 days (48 hours) to make a payment.
If this does not happen - all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)

Do not be silly!
Police or friends won't help you for sure ...

p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.

I hope for your prudence.
Farewell.

Well my prudence says laugh, ignore, delete.
Funny how a non-existent camera can take pictures of you sitting in front of your computer (I never have one connected unless actually using it, then it gets unplugged again - reminds me, must go and put some tape over the laptop camera Smile ).

Unfortunately a lot of less knowledgeable computer users will get caught by this scam.
Just heard from a colleague that a few students and staff at a S.A Uni have paid up to the demands of that email   LOL
Someone goofed badly with sending an scam / extortion email to me today - and it always pays to check where this type of email originates from...

No VPN used this time so the users basic details were there in the message properties:

ppp046177180020.access.hol.gr (ppp046177180020.access.hol.gr [46.177.180.20])  BIG OOPS !!!!!!!   Big Grin

Now if there was only a way for the authorities to track down the offender.

The email contents for reference for other web searchers :
"
Hello!

I'm a programmer who cracked your email account and device about half year ago.
You entered a password on one of the insecure site you visited, and I catched it.

Of course you can will change your password, or already made it.
But it doesn't matter, my rat software update it every time.

Please don't try to contact me or find me, it is impossible, since I sent you an email from your email account.

Through your e-mail, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a rat software on your device and long tome spying for you.

You are not my only victim, I usually lock devices and ask for a ransom.
But I was struck by the sites of intimate content that you very often visit.

I am in shock of your reach fantasies! Wow! I've never seen anything like this!
I did not even know that SUCH content could be so exciting!

So, when you had fun on intime sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I jointed them to the content of the currently viewed site.

Will be funny when I send these photos to your contacts! And if your relatives see it?
BUT I'm sure you don't want it. I definitely would not want to ...

I will not do this if you pay me a little amount.
I think $845 is a nice price for it!

I accept only Bitcoins.
My BTC wallet: 17XHRucfd4kx3W5ty7ySLGiKHqmPUUdpus

If you have difficulty with this - Ask Google "how to make a payment on a bitcoin wallet". It's easy.
After receiving the above amount, all your data will be immediately removed automatically.
My virus will also will be destroy itself from your operating system.

My Trojan have auto alert, after this email is looked, I will be know it!

You have 2 days (48 hours) for make a payment.
If this does not happen - all your contacts will get crazy shots with your dirty life!
And so that you do not obstruct me, your device will be locked (also after 48 hours)

Do not take this frivolously! This is the last warning!
Various security services or antiviruses won't help you for sure (I have already collected all your data).

Here are the recommendations of a professional:
Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

I hope you will be prudent.
Bye.
"

DELETE KEY, Gone .....
Hi Doug,

Did you forward the details to ACMA's Scam Watch?

https://www.scamwatch.gov.au/
Tried to but the Scamwatch reporting page doesn't seem to cater for instances where you don't have actual details about the email's sender. They don't have an option to just forward a suspicious email to.

I have sent details to Acorn.gov.au in lieu.
Australian Cybercrime Online Reporting Network
I had no idea about 'acorn'.

I must make a note of that.

Cheers