this post was submitted on 25 Jul 2023
22 points (78.9% liked)

Security

5047 readers
12 users here now

Confidentiality Integrity Availability

founded 5 years ago
MODERATORS
 

I was organizing and cleaning my mail today, and I saw a mail from a few days ago that I left unread.

This is a copypaste of that mail:

Hello!

Unfortunately, there are some bad news for you. Around several months ago I have obtained access to your devices that you were using to browse internet. Subsequently, I have proceeded with tracking down internet activities of yours.

Below, is the sequence of past events: In the past, I have bought access from hackers to numerous email accounts (today, that is a very straightforward task that can be done online). Clearly, I have effortlessly logged in to email account of yours ([email protected]).

A week after that, I have managed to install Trojan virus to Operating Systems of all your devices that are used for email access. Actually, that was quite simple (because you were clicking the links in inbox emails). All smart things are quite straightforward. (>_<)

The software of mine allows me to access to all controllers in your devices, such as video camera, microphone and keyboard. I have managed to download all your personal data, as well as web browsing history and photos to my servers. I can access all messengers of yours, as well as emails, social networks, contacts list and even chat history. My virus unceasingly refreshes its signatures (since it is driver-based), and hereby stays invisible for your antivirus.

So, by now you should already understand the reason why I remained unnoticed until this very moment...

While collecting your information, I have found out that you are also a huge fan of websites for adults. You truly enjoy checking out porn websites and watching dirty videos, while having a lot of kinky fun. I have recorded several kinky scenes of yours and montaged some videos, where you reach orgasms while passionately masturbating.

If you still doubt my serious intentions, it only takes couple mouse clicks to share your videos with your friends, relatives and even colleagues. It is also not a problem for me to allow those vids for access of public as well. I truly believe, you would not want this to occur, understanding how special are the videos you love watching, (you are clearly aware of that) all that stuff can result in a real disaster for you.

Let's resolve it like this: All you need is $1450 USD transfer to my account (bitcoin equivalent based on exchange rate during your transfer), and after the transaction is successful, I will proceed to delete all that kinky stuff without delay. Afterwards, we can pretend that we have never met before. In addition, I assure you that all the harmful software will be deleted from all your devices. Be sure, I keep my promises.

That is quite a fair deal with a low price, bearing in mind that I have spent a lot of effort to go through your profile and traffic for a long period. If you are unaware how to buy and send bitcoins - it can be easily fixed by searching all related information online.

Below is bitcoin wallet of mine: 13g3WtdxuoB9AVyy54QW9xxbDtFjE2iNHk

You are given not more than 48 hours after you have opened this email (2 days to be precise).

Below is the list of actions that you should not attempt doing:

Do not attempt to reply my email (the email in your inbox was created by me together with return address). Do not attempt to call police or any other security services. Moreover, don't even think to share this with friends of yours. Once I find that out (make no doubt about it, I can do that effortlessly, bearing in mind that I have full control over all your systems) - the video of yours will become available to public immediately. Do not attempt to search for me - there is completely no point in that. All cryptocurrency transactions remain anonymous at all times. Do not attempt reinstalling the OS on devices of yours or get rid of them. It is meaningless too, because all your videos are already available at remote servers.

Below is the list of things you don't need to be concerned about:

That I will not receive the money you transferred.

  • Don't you worry, I can still track it, after the transaction is successfully completed, because I still monitor all your activities (trojan virus of mine includes a remote-control option, just like TeamViewer).

That I still will make your videos available to public after your money transfer is complete.

  • Believe me, it is meaningless for me to keep on making your life complicated. If I indeed wanted to make it happen, it would happen long time ago!

Everything will be carried out based on fairness!

Before I forget...moving forward try not to get involved in this kind of situations anymore! An advice from me - regularly change all the passwords to your accounts.

The thing is, this was sent on July 13 and I just opened it today. So I went through the 48 hours without paying and nothing happened, didn't send any more mail and my family and friends certainly had not gotten any videos of my jerking off. Also the language is very vague. " You truly enjoy checking out porn websites and watching dirty videos, while having a lot of kinky fun." That could apply to almost anyone. If someone tried to black mail me, they gotta be more specific.

Also, a trojan? I use GNU/Linux and most of my current devices are Raspberry Pi's because my main computer died and I'm waiting for a new laptop to ship. And I never used TeamViewer in my life.

BTW my mail is public, so I'm not concerned about being doxxed lol.

I changed my mail password which is a painless process and needed to be updated anyway.

What do you think? Should I watch my back?

top 23 comments
sorted by: hot top controversial new old
[–] scaredofplanes 30 points 1 year ago

No, mark it as spam. There are probably 800 addresses in the BCC if that lame phishing attempt. I see hundreds of these in quarantine for the email server I run. They're all the same. No one did anything except find your email address, maybe, and send you this garbage.

[–] [email protected] 15 points 1 year ago

It's too late, OP.

I have been passionately masturbating to videos of you passionately masturbating for days now.

[–] MorksEgg 12 points 1 year ago (1 children)

Probably going to get downvoated for this. If you use GNU/Linux as your daily driver and you're familiar with Raspberry Pi's, how is it you don't know that this is obviously a phishing attempt? Seems to me someone might be fishing for up votes. But I'm just an undeniably cynical bastard. I'll show myself out.

[–] [email protected] 6 points 1 year ago (1 children)

It is not phishing. They are not for personal information. They are after money. It is blackmail and bluff at the same time.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

It's probably more accurately described as extortion phishing. With blackmail, I think you actually have to have damaging information that your withholding in return for payment (or other benefit). But this is clearly a non-tatgered phishing attack sent to many individuals in the hopes of extorting a payment, without the sender actually having anything damaging on the recipients.

https://www.getcybersafe.gc.ca/en/blogs/extortion-phishing-scams-what-they-are-and-how-protect-yourself#defn-phishing

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

This is the refinishing of fishing from the link (have to click couple of times) that you provided:

An attempt by a third party to solicit confidential information from an individual, group, or organization by mimicking or spoofing, a specific, usually well-known brand, usually for financial gain.

In OP case, the person who is extorting money specially made it such that the victim can not contact them back. So they are not after confidential information, thus, not phishing.

But it looks like they coined a new term “extortion-phishing”.

[–] [email protected] 1 points 1 year ago

Maybe this phishing definition and background on why that term was coined will resonate better.

From https://www.csoonline.com/article/514515/what-is-phishing-examples-types-and-techniques.html

"Phishing is a type of cyberattack that uses disguised email to trick the recipient into giving up information, downloading malware, or taking some other desired action."

"... the analogy is of an angler throwing a baited hook out there (the phishing email) and hoping you bite."

Common phishing schemes involve getting someone to divulge some form of personal information but not all fall into this category. Phishing attempts can involve trying to trick the target into taking some form of action, including making a payment.

[–] [email protected] 9 points 1 year ago (1 children)

That's an incredibly common spam email. You haven't been hacked and the sender has no idea who you are. Everyone in the world gets those emails.

[–] [email protected] 2 points 1 year ago

I've never had one of thee sent to me directly (at least nothing that actually made it through my spam filters), but I see this email all the time in mailing lists.

[–] robolemmy 9 points 1 year ago

They have nothing on you. It's a phishing email. Ignore it and move on with your life.

[–] [email protected] 9 points 1 year ago

Ahahaha! Oh wait, it's an email, not even a printed letter? Let me laugh even harder: AHAHAHAHA!

For an extra laugh, report it to the police and refuse to leave until they let you file a blackmail complaint. Make sure the complaint mentions that the criminal has videos "where you reach orgasms while passionately masturbating". If the police are not amused they might confiscate your laptop "for evidence" though, so bring a disposable one.

P.S. I like how the scammer used gender-neutral language to describe the sordid videos!

[–] [email protected] 8 points 1 year ago

should i watch my back

no, this is just spam sent to 1000 addresses at once. but if you want to be free from worry in the future, just cover your webcam with a sticker. everyone does it now :)

[–] [email protected] 7 points 1 year ago

Why did they include 2 days to be precise? 2 days is less precise than 48 hours...

[–] Biff 7 points 1 year ago (1 children)

"My virus unceasingly refreshes its signatures (since it is driver-based), and hereby stays invisible for your antivirus."

I just don't even know where to begin with that statement and its ridiculousness. 😂

[–] [email protected] 3 points 1 year ago

Is not hard to stay invinsible for my antivirus of I dont use an antivirus lol

[–] [email protected] 7 points 1 year ago

I get these all the time, one even had an old password i used...nothing ever comes of these...

[–] [email protected] 6 points 1 year ago (1 children)

I've never seen the long version of this particular spam. The ones that show up in my junk mailbox are shorter but have a similar message.

And the blackmail attempt itself is also somewhat entertaining. People are using the internet to look at adult pictures or videos? Oh my god, what a surprise! ... Oh wait, that's pretty normal these decades. :-)

Pretty much anything like that is going to be pure spam. It's just not worth anyone's time to try to hack individual computers. For companies that's a different story, but for you and me, we're just not good targets.

If you're ever in doubt, it's safe to assume that something that looks like spam is spam, but the other giveaway tends to be the fact that a lot of spam does not have your name in it. They got your email address somewhere, but they don't know what to call you. Of course some spam email lists also include names, but many or most don't, so it's a handy thing to look for.

[–] [email protected] 5 points 1 year ago

Yeah, I'm pretty sure none of my friends and family want to see me jarring off.

[–] [email protected] 5 points 1 year ago

Brother there was really no personal detail in this at all, just your average kid who thinks hes hard as rocks, but is only hard as those rubber chickens at the pet store.

[–] [email protected] 4 points 1 year ago

That's a phishing attempt. Had a few of those in the past. At least in my case they attempted to make it a bit more convincing by adding an old password of mine that got leaked online.

[–] [email protected] 3 points 1 year ago

It's fine, they're phishing and hoping someone will bite. I got a version of this that listed a date and time they "hacked" me also. Too bad for the spammer they picked a day when the desktop was in the back of my car moving across the country! I got a few more over maybe 6 months? First in English, then Chinese, then Japanese...
Nothing will happen. Just delete it and forget about it.

[–] [email protected] 3 points 1 year ago

The key here is there's nothing specific. If they were actually trying to blackmail you they'd at least list the sites you visited or something.

[–] [email protected] 1 points 1 year ago

Phishing. Unless he provided some sort of specific information, it's just bait and nothing to worry about. Honestly, these people are dumb too. Even psychics know when they're finding new people, they just say something super specific and hope it matches. The signs that say "Clara, I'm waiting for you" and shit

load more comments
view more: next ›