![]() Sextortion - even semi-automated scams like this one with no actual physical leverage to backstop the extortion demand - is a serious crime that can lead to devastating consequences for victims. Tech support scammers also may begin latching onto this method as well. ![]() email addresses) and passwords stolen in some of the biggest data breaches to date.Īlternatively, an industrious scammer could simply execute this scheme using a customer database from a freshly hacked Web site, emailing all users of that hacked site with a similar message and a current, working password. That’s because there are a number of shady password lookup services online that index billions of usernames (i.e. I suspect that as this scam gets refined even more, perpetrators will begin using more recent and relevant passwords - and perhaps other personal data that can be found online - to convince people that the hacking threat is real. It is likely that this improved sextortion attempt is at least semi-automated: My guess is that the perpetrator has created some kind of script that draws directly from the usernames and passwords from a given data breach at a popular Web site that happened more than a decade ago, and that every victim who had their password compromised as part of that breach is getting this same email at the address used to sign up at that hacked Web site. However, all three recipients said the password was close to ten years old, and that none of the passwords cited in the sextortion email they received had been used anytime on their current computers. In every case, the recipients said the password referenced in the email’s opening sentence was in fact a password they had previously used at an account online that was tied to their email address. KrebsOnSecurity heard from three different readers who received a similar email in the past 72 hours. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. Nonetheless, if I do get paid, I will erase the video immidiately. If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. (I have an unique pixel within this email message, and right now I know that you have read this email). You have 24 hours in order to make the payment. (It is cAsE sensitive, so copy and paste it) ![]() You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).īTC Address: 1Dvd7Wb72JBTbAcfTrxSJCZZuf4tsT 8V72 Well, I believe, $1400 is a fair price for our little secret. ![]() First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!). Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account. While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). You don’t know me and you’re thinking why you received this e mail, right? “I’m aware that is your password,” reads the salutation. But this one begins with an unusual opening salvo: The basic elements of this sextortion scam email have been around for some time, and usually the only thing that changes with this particular message is the Bitcoin address that frightened targets can use to pay the amount demanded. The new twist? The email now references a real password previously tied to the recipient’s email address. The missive threatens to release the video to all your contacts unless you pay a Bitcoin ransom. The message purports to have been sent from a hacker who’s compromised your computer and used your webcam to record a video of you while you were watching porn. Here’s a clever new twist on an old email scam that could serve to make the con far more believable.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |