Blackmail variant – 2022-12-15

Another variant. This one came across with the subject “(~_~)”. On 2022-12-20, I received a similar email with badly-formed HTML as the body text with the subject “Your personal data has leaked due to suspected harmful activities.”

Hi there!

I am a professional hacker and have successfully managed to hack your operating system.
Currently I have gained full access to your account.

In addition, I was secretly monitoring all your activities and watching you for several months.
The thing is your computer was infected with harmful spyware due to the fact that you had visited a website with porn content previously. ╭ᑎ╮

Let me explain to you what that entails. Thanks to Trojan viruses, I can gain complete access to your computer or any other device that you own.
It means that I can see absolutely everything in your screen and switch on the camera as well as microphone at any point of time without your permission.
In addition, I can also access and see your confidential information as well as your emails and chat messages.

You may be wondering why your antivirus cannot detect my malicious software.
Let me break it down for you: I am using harmful software that is driver-based,
which refreshes its signatures on 4-hourly basis, hence your antivirus is unable to detect it presence.

I have made a video compilation, which shows on the left side the scenes of you happily masturbating,
while on the right side it demonstrates the video you were watching at that moment..ᵔ.ᵔ

All I need is just to share this video to all email addresses and messenger contacts of people you are in communication with on your device or PC.
Furthermore, I can also make public all your emails and chat history.

I believe you would definitely want to avoid this from happening.
Here is what you need to do – transfer the Bitcoin equivalent of 700 USD to my Bitcoin account
(that is rather a simple process, which you can check out online in case if you don’t know how to do that).

Below is my bitcoin account information (Bitcoin wallet): 1AJE9vhLVAzFdU9Cj8dct28vALG9MeqCSa

Once the required amount is transferred to my account, I will proceed with deleting all those videos and disappear from your life once and for all.
Kindly ensure you complete the abovementioned transfer within 50 hours (2 days +).
I will receive a notification right after you open this email, hence the countdown will start.

Trust me, I am very careful, calculative and never make mistakes.
If I discover that you shared this message with others, I will straight away proceed with making your private videos public.

Good luck!

Other BTC addresses associated with this:

Metamask – 2022-12-12

Another phishing attempt. The URL was set to link to a phishing site. That’s one of the ways they get you to click on these sites and enter your credentials so they can either sell the credentials or drain your account. They’ll then also change the access credentials if they sell off the account.

Metamask – 2022-12-07

It’s easy to tell for me, at least, when emails are phishing attempts. Especially when they come from companies for whom I have zero relationship. Like Metamask – since I avoid NFTs and most cryptocurrencies like the plague. (And I took the step of removing the link that would’ve been accessible by clicking “Verify My Metamask”. And, obviously, it did NOT take you to Metamask’s website.)


Verify your Metamask

Our system has shown that your Metamask has not yet been verified, this verification can be done easily via the button below. Unverified accounts will be suspended on:
Friday, 09 December, 2022.

We are sorry for any inconvenience caused by this, but please note that our intention is to keep our customers safe and happy. Safety is and remains our priority

Note: Never share your word Secret Recovery Phrase (SRP) or private keys.

Verify My Metamask

Variation – 2022-12-13:

I recently received this variation of the above message. The only significant difference is the last paragraph before the button being removed.


Verify your MetaMask Wallet

Our system has shown that your MetaMask wallet has not yet been verified, this verification can be done easily via the button below. Unverified accounts will be suspended on:
Friday, 16 December, 2022.

We are sorry for any inconvenience caused by this, but please note that our intention is to keep our customers safe and happy. Safety is and remains our priority.

Verify My MetaMask

Crypto phishing email – 2022-12-05

And, of course, the buttons for “Cancel Transaction” and “Log In” go to fake login pages. Classic phishing scam email.

Text for accessibility: Wallet

Your funds have been sent

You’ve sent 0.13506102 BTC from your Private Key Wallet. Your transaction is pending confirmation from the BTC network. You can also view this transaction in your transaction history.

If this wasn’t you, please cancel the transaction immediately by clicking the button below, then follow the steps on our website.


The Team

Geek Squad – 2022-11-28

This one came through with the subject “Verify and confirm your order @436753464758-DZXCDRTWETWET#!” from “nad iosa” (

Text for accessibility:


Order Date: 11-28-2022
Security Type: Antivirus
Payment Method: Plastic Card
Charge: $417.00

Dear Customer,

Your subscription with GEEK SQUAD will renew today and $417.00 is about to be debited from your account by today. The debited amount will be reflected within the next 24hrs. In case of any further clarifications or block the auto-renewal service please reach out to our, Customer Help Center +1 (888) 616-4196

> Product Name:-Security Services
> Product Amount:-$417.00
> Product Code:-347658568
> Order ID:-GE21254664EK

If you didn’t authorize this charge, you have 24 Hrs. To cancel & get an instant refund of your annual subscription, please Contact our customer care: +1 (888) 616-4196

Please do not reply to this email. This mailbox is not monitored, and you will not receive a response.

Thanks And Regards,
Best Buy,
Customer Support: +1 (888) 616-4196

Blackmail variant – 2022-11-23

Slight mutation on the one from Halloween.

Hello there!

Unfortunately, there are some bad news for you.
Around several months ago I have obtained access to your devices that you were using to browse internet.
Subsequently, I have proceeded with tracking down internet activities of yours.

Below, is the sequence of past events: 
In the past, I have bought access from hackers to numerous email accounts (today, that is a very straightforward task that can be done online).
Clearly, I have effortlessly logged in to email account of yours (REDACTED).

A week after that, I have managed to install Trojan virus to Operating Systems of all your devices that are used for email access.
Actually, that was quite simple (because you were clicking the links in inbox emails).
All smart things are quite straightforward. (^^)

The software of mine allows me to access to all controllers in your devices, such as video camera, microphone and keyboard.
I have managed to download all your personal data, as well as web browsing history and photos to my servers.
I can access all messengers of yours, as well as emails, social networks, contacts list and even chat history.
My virus unceasingly refreshes its signatures (since it is driver-based), and hereby stays invisible for your antivirus.

So, by now you should already understand the reason why I remained unnoticed until this very moment...

While collecting your information, I have found out that you are also a huge fan of websites for adults.
You truly enjoy checking out porn websites and watching dirty videos, while having a lot of kinky fun.
I have recorded several kinky scenes of yours and montaged some videos, where you reach orgasms while passionately masturbating.

If you still doubt my serious intentions, it only takes couple mouse clicks to share your videos with your friends, relatives and even colleagues.
It is also not a problem for me to allow those vids for access of public as well.
I truly believe, you would not want this to occur, understanding how special are the videos you love watching, (you are clearly aware of that) all that stuff can result in a real disaster for you.

Let's resolve it like this:
All you need is $1750 USD transfer to my account (bitcoin equivalent based on exchange rate during your transfer), and after the transaction is successful, I will proceed to delete all that kinky stuff without delay.
Afterwards, we can pretend that we have never met before. In addition, I assure you that all the harmful software will be deleted from all your devices. Be sure, I keep my promises.

That is quite a fair deal with a low price, bearing in mind that I have spent a lot of effort to go through your profile and traffic for a long period.
If you are unaware how to buy and send bitcoins - it can be easily fixed by searching all related information online.

Below is bitcoin wallet of mine: 1LvLZiu25g3iTJSUka6FgdWSx4m3heQ3c4

You are given not more than 48 hours after you have opened this email (2 days to be precise).

Below is the list of actions that you should not attempt doing:
> Do not attempt to reply my email (the email in your inbox was created by me together with return address).
> Do not attempt to call police or any other security services. Moreover, don't even think to share this with friends of yours. Once I find that out (make no doubt about it, I can do that effortlessly, bearing in mind that I have full control over all your systems) - the video of yours will become available to public immediately. 
> Do not attempt to search for me - there is completely no point in that. All cryptocurrency transactions remain anonymous at all times.
> Do not attempt reinstalling the OS on devices of yours or get rid of them. It is meaningless too, because all your videos are already available at remote servers.

Below is the list of things you don't need to be concerned about:
> That I will not receive the money you transferred.
- Don't you worry, I can still track it, after the transaction is successfully completed, because I still monitor all your activities (trojan virus of mine includes a remote-control option, just like TeamViewer).
> That I still will make your videos available to public after your money transfer is complete.
- Believe me, it is meaningless for me to keep on making your life complicated. If I indeed wanted to make it happen, it would happen long time ago! 

Everything will be carried out based on fairness!

Before I forget...moving forward try not to get involved in this kind of situations anymore!
An advice from me - regularly change all the passwords to your accounts.

Additional Bitcoin addresses associated with this:

Geek Squad – 2022-11-23

‘Tis the season for scams, I guess. This came in with the subject “Account creation needs validation #768680#”. The area code for the phone number, 808, is Hawaii.

And for accessibility technologies:

Dear customer,

We are glad to serve you as our registered customer.

We have the premium security services ready for installation.

As per our connect with you. Your plan will be auto renewed with in 24hrs and it will charge you $419.00

> Order ID:- 384687101929
> Renewal Amount:- $419.00
> Product Code:- SAD345F4GR7
> Project Name:- Security Services

Contact Our Customer Support +1 (808) 493-1799


Customer Support Team: +1 (808) 493-1799

Thanks for choosing Geek squad.

* * * * *

So basically the way this appears to work is they want you to call in to either dispute the charge or have the “Security Services” installed. Either way, they gain access to your system or device, manage to talk you through doing some things that allow them access to your bank account, and that’s how they get your money.

Extended warranties and repair plans

“Extended warranties” have a bad rep in retail. In large part because they are pushed by cashiers and sales persons who earn a commission selling them. But they do actually have a purpose. Though anymore, they aren’t called “extended warranties”, but “protection plans”.

Often what creates the bad taste in people’s mouths about these plans is the fact that taking advantage of one can be difficult. And which option you have is entirely up to the retailer selling you the item on which they’re also trying to sell the protection plan. Things have, thankfully, gotten a lot easier. But you still need to be vigilant to protect your consumer rights.

As I’ve detailed on a couple articles on this blog, I’m a photographer. And two years ago I treated myself to a new Nikon Z5 mirrorless camera as an upgrade to my D7200 DSLR. This past summer I also purchased an electric scooter to take some of the burden off my vehicle for maneuvering around to find shots to take around town.

On Sept 24, I was heading out on the scooter when I hit a bump and went down. And my Z5 went down with me. The lens, thankfully, is fine and still working. The Z5, however, showed an error on the screen: “Press shutter-release button to reset.” Except pressing the shutter release did nothing.

When I bought the Z5 from Adorama, I bought a protection plan with it. The plan went through New Leaf Service Contracts, LLC. (All plans Adorama currently sells now go through Extend.) I filed the claim online that same day, providing some basic details of what happened. In the mean time, I also looked at other repair options, including sending it directly to Nikon. (Which would’ve been $400 up front, possibly more later depending on what they found.)

New Leaf called me the following Monday to discuss the claim and get some additional details. About an hour later, I got a follow-up voice mail saying they were denying the claim because the camera was not “properly secured”.


I tried calling back the same day, but I was told the claim was denied by a manager, so I’d need to speak to a manager, but none were at the office at the time. Unfortunately I wasn’t able to call back in during the needed hours. The initial email I received when the claim was approved included a follow-up email address, so I sent this message to that email:

Good day,

I intended to call in about this to speak to a manager but didn’t have the time today, unfortunately. I received a voice mail yesterday late afternoon informing me this claim had been rejected. According to the voice mail, it was due to my camera not being “properly secured” at the time the drop occurred.

I cannot recall exactly what I said over the phone, but I do not recall being asked whether I had the camera secured in any fashion, and how it was secured if I did. Nor do I recall giving any details of such. I want to clarify that I had the camera secured on a cross-body strap. And a cross-body camera strap is a common means of carrying around a camera. Again, I do not recall ever being asked whether or how I had the camera secured, so hopefully this provides some clarification.

Please re-open this claim in light of this information.

That went on Sept 27.

There is an exception in the coverage policy for “mishandling”, which is understandable. The protection plan covers accidental damage to the camera, and I have the same protection plan over one of my lenses. So clear negligence is not covered, and that’s reasonable.

But as my email above shows, I wasn’t mishandling the camera. And I wasn’t given a chance to say that I had the camera secured let alone how I had the camera secured.

In the interim, I looked at my options for repair, even considering Best Buy’s Geek Squad. And I set up an appointment to drop off the camera body on Sept 30 for mid-afternoon. And who should call about two hours before that appointment? New Leaf.

They re-opened and approved the claim and forwarded everything off to Photo Tech Repair Services. They reached out to me on October 3rd, and I had a shipping label the next day. It went out via FedEx on October 6th and arrived at the repair center the following Monday. Their email said to expect the repairs to take about 2 to 3 weeks, depending on whether they needed to order in parts.

My only complaint with the process was never getting any kind of status update during the repair. No ETA. If they had a page where I could log in and see the repair progress, I was never informed of it. The only indication the repairs were complete came in the form of a FedEx shipping alert the camera was being sent back to me.

So are extended warranties worth it? That really depends on what you’re buying one against and how much it’ll cost to repair versus replace. I say No to a lot of inquiries to purchase repair/replacement plans simply because the device in question is inexpensive to replace.

For expensive electronics, like my aforementioned camera, and major home appliances, they make sense. The repair plan will cost less than the repair cost, especially looking at the quote from Nikon, and it’s certainly far less than the replacement cost.

So in my instance, I definitely came out ahead – once I told the insurance company I wasn’t being cavalier with the camera.

Insurrection, the Fourteenth Amendment, and the President of the United States

The Fourteenth Amendment at Section 3 says this:

No person shall be a Senator or Representative in Congress, or elector of President and Vice-President, or hold any office, civil or military, under the United States, or under any State, who, having previously taken an oath, as a member of Congress, or as an officer of the United States, or as a member of any State legislature, or as an executive or judicial officer of any State, to support the Constitution of the United States, shall have engaged in insurrection or rebellion against the same, or given aid or comfort to the enemies thereof. But Congress may by a vote of two-thirds of each House, remove such disability.

And Section 5 gives Congress the power to “enforce, by appropriate legislation, the provisions of this article”.

The United States Code declares such at 18 USC §2383:

Whoever incites, sets on foot, assists, or engages in any rebellion or insurrection against the authority of the United States or the laws thereof, or gives aid or comfort thereto, shall be fined under this title or imprisoned not more than ten years, or both; and shall be incapable of holding any office under the United States.

Since all the discussion on this is about Donald Trump, the question comes down to this and the presumption that January 6, 2021, was an “insurrection”: could he be disqualified under the Fourteenth Amendment from holding Federal office?

Not letting him campaign

If you’re looking to disqualify him before the fact, your only option is to indict him with violating the Federal insurrection statute – 18 USC §2383 – and winning a conviction that is not then overturned on appeal. There is no other option available.

Congress can pass a resolution declaring Trump ineligible, citing what happened on January 6, 2021, as justification. But resolutions have no force of law.

Bills do have the force of law, but only if properly passed by Congress and signed by the President. So let’s say that Rep. Davide Cicilline (D-RI) gets his wish and gets a bill through the ringer declaring Trump specifically to be ineligible under the Fourteenth Amendment. What then?

It’ll die in the Court the moment Trump challenges it because it’d be a bill of attainder.

So, then, let’s say he gets on the ballot and wins reelection in 2024. What now? Is there no remedy?

Impeach him… yet again

The House always has the power to impeach the President, Vice President, or any civil officer for really… any reason they want. This means if Trump is reelected in 2024 and is sworn into office in 2025, the House could bring impeachment articles against him the moment he is sworn in.

They tried to do that in 2017, so why not? Only this time it’d be on allegation he’s disqualified under the Fourteenth Amendment. He’s already been tried twice, acquitted both times, so.. third time’s a charm?

Writ of quo warranto

There is another option. This could be exercised if the House does not impeach him or the Senate fails to convict or decides against holding a trial. It’s called a writ of quo warranto. I should elaborate first that the writ itself doesn’t remove the person from public office. It leads to a Court trial to determine, by a preponderance of the evidence, whether they should be removed.

Not long after the Fourteenth Amendment was ratified came the Enforcement Act of 1870. Section 14 of that Act required a United States District Attorney to initiate a writ of quo warranto action against any person suspected of holding an office in violation of Section 3, excluding “a member of Congress or of some State legislature”.1“That whenever any person shall hold office, except as a member of Congress or of some State legislature, contrary to the provisions of the third section of the fourteenth article of amendment of the Constitution of the United States, it shall be the duty of the district attorney of the United States for the district in which such person shall hold office, as aforesaid, to proceed against such person, by writ of quo warranto, returnable to the circuit or district court of the United States in such district, and to prosecute the same to the removal of such person from office;”

Why that exclusion? Under the Constitution of the United States, only the House and Senate has the power to remove its own members.2Article I, Section 5: “Each House shall be the Judge of the Elections, Returns and Qualifications of its own Members… Each House may determine the Rules of its Proceedings, punish its Members for disorderly Behavior, and, with the Concurrence of two thirds, expel a member.” And excluding members of a State legislature is about preserving the separation of sovereignty between the Federal and State governments.

That section was repealed in 1948 as being obsolete. Which it actually was by that time. The political landscape even then was far different from 1870 when the Enforcement Act was enacted. Congress chose the writ was an option to remove quickly any Confederates who may have been elected or appointed to Federal office in contradiction of the Fourteenth Amendment. The statute even provided that any writs requested by a United States District Attorney be given priority over all other entries on the docket at a Circuit or District Court.3“and any writ of quo warranto so brought, as aforesaid, shall take precedence of all other cases on the docket of the court to which it is made returnable”

The repeal left behind the existing insurrection statute enacted as part of the Confiscation Act of 1862. That Act also declared that someone guilty of those crimes is “forever incapable and disqualified to hold any office under the United States”. But Congress realized that statutes cannot expand upon the qualifications laid out in the Constitution. Meaning Congress cannot then declare their own where the Constitution is silent. Further the Act was passed in 1862, meaning under the prohibition of ex post facto laws, it couldn’t apply to anyone already engaged in insurrection before the statute was signed into law.

The repeal, though, does not mean quo warranto is not a remedy. Only that no officer of the United States is specifically charged with the “duty” of pursuing one.

The existing quo warranto statute4Chapter 35 of the Code of the District of Columbia says the Attorney General “may” bring action against a person who “unlawfully holds or exercises… a public office of the United States”.

But Trump would easily have a… trump card: insurrection is a specifically-defined crime under the United States Code. As the Fourteenth Amendment grants only Congress the power to enforce Section 3, the argument could easily be made that Congress chose the Federal criminal code as the means of enforcing it, nullifying the writ of quo warranto as an option.

That Congress previously had enacted quo warranto specifically as an option for enforcing Section 3, then later repealed it, supports that argument. That the insurrection criminal statute specifically declares disqualification from office as part of the penalty for conviction also supports it.

Congress intends for a criminal conviction to invoke the Fourteenth Amendment, not mere assertion exercised via a quo warranto action that someone engaged in an insurrection.

This means quo warranto doesn’t become an option unless the person has been previously convicted of insurrection or removed from office via impeachment.

That is, unless Congress makes it one again.

Does Section 3 even apply to Trump?

But then there’s this question: does Section 3 of the Fourteenth Amendment apply to the Office of the President of the United States? This debate is arising out of this clause: “having previously taken an oath, as a member of Congress, or as an officer of the United States”.

The President is not an “officer of the United States”. He commissions them. We see this in Article II of the Constitution at Section 2:

[The President] shall nominate, and by and with the Advice and Consent of the Senate, shall appoint Ambassadors, other public Ministers and Consuls, Judges of the supreme Court, and all other Officers of the United States…

And in the same at Section 4:

The President, Vice President and all civil Officers of the United States, shall be removed from Office on Impeachment for, and Conviction of, Treason, Bribery, or other high Crimes and Misdemeanors.

The President is separately listed from “officers of the United States”. As such the President is exempt from Section 3 of the Fourteenth Amendment. That is a plain reading of the Constitution.

This also means no person who served as President who is then convicted of insurrection under 18 USC §2383 for acts undertaken while that person was President cannot be disqualified from office. The provision of 18 USC §2383 could not apply. To apply it would mean a statute enacting an additional qualification for office beyond that stated in the Constitution.

Amending the Constitution is the only way to make it stick.

State legislatures and the Electors

No one has so far described this as another remedy, so I just wanted to put it out there to get ahead of it: State legislatures declaring that the Electors they appoint cannot cast a vote for Donald Trump.

I’ve said before that the State legislatures have the sole power to determine how the Electoral Votes are cast. That they put that question before the people of that State is a mere courtesy and one that can be revoked at any time.

But I’ve also said this in arguing that the National Popular Vote Interstate Compact is unconstitutional: “If a State turns to the People therein to determine how to award the Electoral Votes, then they must not award them in such fashion that is obviously contrary to how those people vote.”

So could the State legislatures pass a binding resolution forbidding Electors from casting votes for Donald Trump? No. Not only would such be unconstitutional since it would amount to casting votes in contradiction to how the people of that State voted, it could also be construed as a bill of attainder.


In short, absent an amendment to the Constitution enacting otherwise, impeachment by the House and conviction by the Senate is the only way Donald Trump can be deemed ineligible by the Constitution of the United States from ever again holding any office under the United States.


Everything will be used against you

I’ve said before that we need to make it clearer than crystal that rape victims (male or female) absolutely must cooperate with law enforcement with collecting evidence to ensure the perpetrator is prosecuted.

As part of that collection, they’ll also collect a DNA sample from the victim so they can identify it within a collected evidence sample. So if the lab, for example, identifies three unique individuals within the sample, having the victim’s DNA readily available means one of those three unique DNA profiles is identified, leaving the other two – likely the perpetrators.

But what happens to the DNA profile that is collected from the victim? Is it retained only for the investigation or can the police retain it for future use?

A woman in California learned the hard way that the police will retain it for future investigations. As the DNA profile generated from a sample she provided as part of a rape kit was retained by law enforcement and later used to identify her as a perpetrator in another crime.

So is that a Fifth Amendment violation? No.

Unless there is a statute saying otherwise, when you submit fingerprints or DNA to the police, the police will record that evidence in their databases. This includes DNA evidence submitted as part of a “rape kit”.

One of the core messages in the Miranda warning is simply this: anything you give to the police will be used against you. Anything you give the police voluntarily they will retain until the police feel it is no longer useful.

DNA and fingerprints, however, are never not useful to law enforcement.

Let me repeat this for the people in the back: “Anything you say CAN and WILL be used AGAINST you!” Anything you voluntarily give to the police will also be used against you. There is nothing in the Constitution protecting you from that happening because anything you turn over to law enforcement voluntarily is pretty much fair game.

As I’ve said before, the Constitution protects you from being compelled to testify against yourself. It doesn’t protect you when you willingly (even if unwittingly) do so. And handing anything over to the police is a form of testimony. And doing so willingly exempts that from the Fifth Amendment.

That doesn’t mean this situation isn’t problematic. It absolutely is because it has the potential to dissuade sex assault victims – especially victims who are poor or a minority – from cooperating with law enforcement to avoid being the target of an in-progress or future investigation. But can anything be done about this? Absolutely. And it’s pretty simple, too.

It’ll take a statute by the State legislatures to exempt any victim DNA provided for a sex crime investigation from being retained in any database or used for any investigation beyond the one for which it was submitted. Instead the victim DNA profile should be tagged with a specific case number and not used for any other investigation – unless, by some stroke of bad luck, the victim is victimized again. Congress would need to pass a similar statute for the Federal and military jurisdiction.

And hopefully California and other States will move on making this exemption. Since the DNA evidence was turned over likely with the idea in mind of identifying her DNA in the collected sample, just so they know which is hers and which is the assailant. That they retained that DNA profile and used it against her later is… troubling for the aforementioned reasons, but perfectly allowable under the Constitution. Again only a statute can prevent that from happening in the future.

At the same time, if you know the police have your DNA or fingerprints, how does that not dissuade you from committing any crimes in the future?