Blackmail variant – 2019-02-14

I recently heard of this scam from Jim Browning. Full disclosure: I do support him on Patreon. So I’ll let him describe how this scam works, since he discusses a variation of it in one of his videos:

I recently received the below scam message. And it’s nearly identical to the scam I wrote about earlier, just with the slight twist of making it look like they sent it from my own e-mail account:

Hey There,

We have hacked your device. To show you we have complete access to it we’ve sent you this message from your own private email account (see the “from” email address). We furthermore know that among the list of passwords you used to use is “[REDACTED]” for example. Don’t fear, we will explain how it all happened and what you can do about it.

Some time ago you went to a web site with xxx contents, that web site had a trojan that was developed by us, this trojan mounted itself onto your device opening a backdoor that grants us complete access into your device. Changing passwords will not help because our backdoor will constantly stay open if we don’t terminate it our selves.

We also downloaded all your social contacts, email contacts, data and information to our server. Moreover we triggered your camera from time to time and recorded movies of you while you “satisfied” your self observing xxx content on the web. Those videos are also kept on our server. To sum up we now posses all your important information and some “naughty” clips of you.

You are probably asking yourself what we are going to do with this content. Possibly we utilize it to ruin your social life by sending all the info we posses with browser history and the filthy clips of you to all your social and email contacts. Picture the negative impact this will have on your life! Imagine how this will impact the relationship with your family members! Or maybe we delete it all, shut the backdoor on your system and don’t use it and you can go on living your life like this never took place. It’s all under your control….

When you opened up this e-mail our system initiated a timer (our system tracks the mail header to see when you launched it), starting now you posses 6 hrs (6 hours is 6 hours, not a moment more) to complete the following action:

Listed below you will find our bitcoin address (copy/paste it, it’s case sensitive). If you do not want us to destroy your social life and relationship with your loved ones you need to transfer $550 (USD) to it. You can browse Google how to purchase bitcoins, it is very easy and you can do it immediately. Don’t forget that you need to do this within the given timeframe so you better do it right now.

Our system is watching this address, when the transaction happens in time the timer will stop counting, we will remove all the info on our server we have on you, the backdoor on your device will close and you will without doubt never ever hear from us again… case closed and nobody needs to know about your dirty secrets. If it does not come in in time, your life will change in a very damaging way.

Our bitcoin address: 3QNVqEz3aKvCUDivsnASGEGqafYfdry4Eb

Good-luck!

I’ll say this up front: don’t be alarmed if you happen to receive an e-mail that appears to have come from your own e-mail account. It is not difficult to spoof an e-mail address. It’s very easy, actually. Something anyone can learn within a very short time. Much easier than spoofing a phone number.

But this can seem rather alarming to someone who isn’t well versed in how Internet mail servers work.

And given the ready availability of leaked passwords on the web, again this can potentially alarm people. It probably isn’t difficult to find the leaked password I redacted above, which would’ve been leaked during the LinkedIn data breach a number of years ago. But that password is worthless to anyone who finds it since I don’t use that password anywhere anymore.

So if you receive an e-mail like this, don’t be alarmed. Indeed to many, it’ll probably provide a good laugh. And thankfully at least with the above Bitcoin address, it appears no one has taken the bait.

And if you want to check to see if your e-mail address has ever been involved in a data breach, go to “Have I Been Pwned?” and type in your address. And make sure to adopt good password usage and management practices. And enable two-factor authentication where possible.