XYMer's Home away from Home

When http://bbs.xlr8yourmac.com is down (i.e. always)
Privacy Policy
It is currently Thu Mar 21, 2019 3:06 am

All times are UTC - 8 hours




Post new topic Reply to topic  [ 21 posts ] 
Author Message
 Post subject: Extortion email scam
PostPosted: Thu Dec 20, 2018 10:30 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10366
Location: Caught between the moon and NYC
I have a story to share.

I got one of those funny extortion emails where they claim to have installed a virus on my system that sniffed my email address and password and they're going to share all my porn viewing habits with every single person in my online address book unless I send them $5000 in bitcoin. IMMEDIATELY.

What makes it funny is that upon some sleuthing tonight the combination of email & password they're threatening me with was only ever used on a single site. So I know precisely which site they compromised. Its also an alias to an email account and not the email account itself, so there are parts of the extremely poorly written email which basically states they'll log into that email account using that password, which would never have worked.

What makes it hilarious is that I reused that password only on sites that I absolutely totally didn't give a flying crap about, although the only site still using that password is the one they compromised. Frankly I thought that site went belly up years ago (maybe it did and this brain trust bought the assets).

Oh, and of course, I have no online address book for them to use because I don't use yahoo.com or another lame-ass provider that keeps track of everyone I receive mail from or send mail to.

So, moral of this story is... don't reuse passwords.


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Thu Dec 20, 2018 10:45 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15547
Good to share, thanks.


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Fri Dec 21, 2018 5:25 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:07 pm
Posts: 2624
Location: Inside Flatus Maximus
MonkeyBoy wrote:
I have a story to share.

I got one of those funny extortion emails where they claim to have installed a virus on my system that sniffed my email address and password and they're going to share all my porn viewing habits with every single person in my online address book unless I send them $5000 in bitcoin. IMMEDIATELY.

What makes it funny is that upon some sleuthing tonight the combination of email & password they're threatening me with was only ever used on a single site. So I know precisely which site they compromised. Its also an alias to an email account and not the email account itself, so there are parts of the extremely poorly written email which basically states they'll log into that email account using that password, which would never have worked.

What makes it hilarious is that I reused that password only on sites that I absolutely totally didn't give a flying crap about, although the only site still using that password is the one they compromised. Frankly I thought that site went belly up years ago (maybe it did and this brain trust bought the assets).

Oh, and of course, I have no online address book for them to use because I don't use yahoo.com or another lame-ass provider that keeps track of everyone I receive mail from or send mail to.

So, moral of this story is... don't reuse passwords.


And also use 2FA where available. They can't log in without it. :D

_________________
Official Mac Tech Support Forum Cookie™ (Mint Chocolate Chip)
Guaranteed tasty; Potentially volatile when dipped in WWIII Forum Syrup®
Caution: This cookie bites back.


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Fri Dec 21, 2018 7:21 am 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6404
Location: NYC
Image

all right, sir, we don't morally censure, we just want the money



Image


One of my favorite Python sketches.

https://www.youtube.com/watch?v=NFtFCODNY0s


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Fri Dec 21, 2018 10:28 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10366
Location: Caught between the moon and NYC
Although 2FA that relies on text messages isn't actually 2FA. Criminals find it trivially easy to hijack your phone due to lax/corrupt security at phone companies. A system that relies on an app to generate a code (e.g. Google Authenticator) is 2FA. Duo's app generates a prompt that must be interacted with. A text message is simply sent to whoever is currently in control of your phone number.

Though the grandaddy of all security breaches is the social exploit. Someone who can call the provider and bluff their way through a password reset. You can have all the hurdles in the world and it'll do exactly bumpkis if the provider removes all of them.


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Fri Dec 21, 2018 2:55 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10366
Location: Caught between the moon and NYC
They followed up with another threatening email, this time with my (gasp) myspace password. That I only ever used on myspace and is laughably bad (much like myspace itself).

Why are they threatening me again? I thought they were going to email everyone my porn viewing habits after I didn't give them money from the last email?


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Fri Dec 21, 2018 6:05 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9969
Location: North of the State of Jefferson
LOL! So which site was it?

- Anonymous


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Fri Dec 21, 2018 7:31 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10366
Location: Caught between the moon and NYC
I don't even remember why I signed up for highschoolalumni but apparently it was to create my doom! DOOM! :D

I kind of feel sorry for people who reuse the same passwords, they'll get one of these and freak out because the scumbags really could make their lives miserable. What makes it funny is that I almost never reuse passwords so if they keep rifling off passwords I'll keep figuring out the site they compromised. The only sites I reused passwords on were sites I totally could care less about. My Adaptec support account is compromised, oh noes.

I'll have to check when I get home tonight if the two emails were sent from the same mail host. Probably not, but if they were, could contact the upstream ISP and let them know their customer's system is compromised. Not that they'll probably do a damn thing about it.

I hope they start listing personal details. I have a dozen or so fake identities I register accounts with. "Dear Señor Spielbergo..."


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Sun Dec 23, 2018 7:54 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10366
Location: Caught between the moon and NYC
Well no personal details yet but they have moved on to more websites (and email aliases). Funny that they keep mentioning that they recorded a video using my webcam... which I don't have. :roll:

These emails are written in the style of 419 so I'm pretty sure they'll start threatening to share my webcam video with a Nigerian prince soon.


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Sun Dec 23, 2018 8:15 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15547
Just musing as to how the scenario would work out if they contacted somebody that liked exposing themselves in the Internet.


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Sat Dec 29, 2018 4:21 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10366
Location: Caught between the moon and NYC
Well they've kept coming. Only now they've started sending them in foreign languages. Spanish. Portuguese. Korean. Chinese. I guess my passwords being gobbledygook has led to a certain amount of confusion.

Each time they send another I get a pang of sorrow for people who reuse passwords.

I'm willing to take a small bet on if they ever send a threat in Russian. I would bet not.


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Sat Dec 29, 2018 7:40 am 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6404
Location: NYC
You are facing an implacable, relentless foe. Sounds like you'll be getting robocalls, telegrams, even very large men in ski masks knocking at your door before long. My advice would be to pay up. I mean what's a few bitcoin compared to having your good name dragged through the mud, your reputation ruined for life, maybe even some broken knees?

And the last thing you want to do is report these to the FBI. Don't even think about it. The deep state will only come back to bite you bigly.

Some serious reading: https://krebsonsecurity.com/2018/08/who ... tion-scam/

And Happy New Year! Just think, in a matter of a few days we won't have to read any more insufferable "Best of 2018" lists: Best Movies, Best TV, Best Books--almost none of which I will ever come near to seeing or reading, Best Designer Underpants, Best Inane Home Devices, Best Vegetarian Recipes, Best Bad Jokes, Best Almost Forgotten By Now Horrible Edge Of Cliff Political Moments (we'll have brand new ones for '19 that may not stay on the edge), Best You Name It.


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Sat Dec 29, 2018 5:39 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10366
Location: Caught between the moon and NYC
My miscreant(s) seem to be a little different, they're using unsecured open SMTP relays (shocking that any still exist) to send their threats. But since they don't seem to be taking the hint and have moved on to doublebyte languages after a pretty lengthy series of non-repeated passwords, I suppose forwarding the information along to authorities is my only option.

I used a paid reporting service that has worked very reliably for spam, which is partially why I know the SMTP servers they're using don't fit Krebs mold, but each time its a different server and if they're running an open relay in 2018 they obviously don't give a crap about, well, anything so receiving an abuse report probably isn't going to amount to much.

Hmm. I suppose I should probably check my lesser-used email addresses and see if they're also getting these useless threats. I used to actually create one-off email addresses back when I was colo-ing a server but with hosted services thats... a lot of work. So I kind of bunch them up now across a variety of services, but each login still gets its own unique password of the lengthy variety.

Of course the reason these threats are completely pointless is that a little over 90 days ago I went through and changed all my passwords due to an intrusion at work. Though the LinkedIn stuff is doubly and triply pointless because they're sending me passwords from 2 and 3 and more changes ago due to all their breaches. :shock: If it wasn't for me keeping track of previously used passwords I'd have no idea what they're sending.

Happy New Years to all, I forgot to cancel some grocery home delivery service after the trial so, among a whole ton of other things, I loaded up on beer today. The first time in a couple years I've had that in the home. Mmmm, black & tans...


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Sun Jan 20, 2019 9:17 pm 
Offline
he who stacks pork
User avatar

Joined: Thu May 15, 2008 8:04 pm
Posts: 4398
Location: Uranus
And of course, no one looks at porn online. :roll:

-he who stacks pork

_________________
Powerbook 180, System 7.1, 100MB HD, 8MB Ram, external 20MB SCSI HD
2009 Surly 1x1 Anniversary Edition Rat Ride, 2016 9:zero:7 fatbike, 2014 9:zero:7 SS fatbike, 2013 SS PRC carbon 29er
I enjoy picnics on the beach with hot and crazy women


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Tue Jan 22, 2019 5:41 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10366
Location: Caught between the moon and NYC
Well they stopped telling me the password, but every 2-3 weeks a new threat comes in. Maybe one of these days they'll figure out how to record from a webcam that doesn't exist. Until then I figure everyone I know is safe from the horror.

I've continued running them through my spam reporting service. At least I can get the SMTP server they're using shut down or blacklisted.


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Wed Mar 13, 2019 12:44 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15547
I finally got caught!...

FINAL WARNING bdaqua@************.com! (A disposable addy, only ever used on eBay & mentioned here)

You have the last chance to save your social life - I am not kidding!!

I give you the last 72 hours to make the payment before I send
the video with your masturbation to all your friends and associates.

The last time you visited a erotic website with young Teens,
you downloaded and installed the software I developed.

My program has turned on your camera and recorded your act of
Masturbation and the video you were masturbating to.
My software also downloaded all your email contact lists
and a list of your Facebook friends.

I have both the 'Bdaqua.mp4' with your masturbation
and a file with all your contacts on my hard drive.
You are very perverted!

If you want me to delete both files and keep your secret,
you must send me Bitcoin payment. I give you the last 72 hours.
If you don't know how to send Bitcoins, search Google.

Send 2000 USD to this Bitcoin address immediately:

3Qzu8X8u9Up7Agc****************************
(copy and paste)

1 BTC = 3850 USD right now, so send exactly 0.521093 BTC
to the address above.

Do not try to cheat me!
As soon as you open this Email I will know you opened it.

This Bitcoin address is linked to you only,
so I will know if you sent the correct amount.
When you pay in full, I will remove both files and deactivate my software.

If you don't send the payment, I will send your masturbation video
to ALL YOUR FRIENDS AND ASSOCIATES from your contact list I acquired.

Here are the payment details again:

Send 0.521093 BTC to this Bitcoin address:

----------------------------------------
3Qzu8X8u9Up7A******************************
----------------------------------------

You саn visit the police but nobody will help you.
I know what I am doing.
I don't live in your country and I know how to stay anonymous.

Don't try to deceive me - I will know it immediately - my spy ware is
recording all the websites you visit and all keys you press.
If you do - I will send this ugly recording to everyone you know,
including your family.

Don't cheat me! Don't forget the shame and if you ignore this message
your life will be ruined.

I am waiting for your Bitcoin payment.

Jin
Anonymous Hacker

P.S. If you need more time to buy and send 0.521093 BTC,
open your notepad and write '48h plz'.
I will consider giving you another 48 hours before I release the vid,
but only when I see you are really struggling to buy bitcoin.

I wonder how much for just a list of my FaceBook friends... since I have none!?


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Wed Mar 13, 2019 1:56 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10366
Location: Caught between the moon and NYC
I still get one every 2 or 3 weeks but if I don't catch them within a few hours I can't report them through my semi-automated service. They've stopped listing passwords completely, gave up on non-English languages, and honestly are sounding a bit more desperate.

Someone at work fell for a phishing scam but thankfully stopped before they actually did anything useful, they just replied back with a form that the phisher then filled out and returned to try and scam their way to filthy lucre. Thankfully the person picked up the phone and talked to the individual the phisher was masquerading as instead of just submitting the form. And now there's a group that's a-tizzy that people on the internet are able to use any "from:" address they want and why aren't we doing something about it. :roll:


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Wed Mar 13, 2019 2:48 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6404
Location: NYC
First one I've seen that uses the M word. All the others refer euphemistically to "self abuse". Also tries to be much more persuasive. Really lays it on with the puritanical guilt. Scammer must have first hand knowledge of said guilt.

Have received 2 total, and had I not gone to AOL webmail to see the spam folder, wouldn't have known about either. Not a fan of AOL mail, but one thing in their favor is they catch all the spam, unlike the Verizon predecessor, which made almost zero effort to stop it.

Second one came from a Vietnamese IP. See what happens when you let a country be overrun by Communists!


Last edited by WZZZ on Wed Mar 13, 2019 2:59 pm, edited 1 time in total.

Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Wed Mar 13, 2019 2:53 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15547
Did you mean...

See what happens when you let a country be overrun by Capitalists?


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Wed Mar 13, 2019 2:57 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6404
Location: NYC
BDAqua wrote:
Did you mean...

See what happens when you let a country be overrun by Capitalists?

Lately not much difference. But comment written with interior component of mouth inside interior part of face.


Top
 Profile  
 
 Post subject: Re: Extortion email scam
PostPosted: Wed Mar 13, 2019 3:03 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15547
.


Attachments:
ROFL.gif
ROFL.gif [ 26.46 KiB | Viewed 22 times ]
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 21 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group