I received an email this morning attempting to extort $6000 from me in untraceable Bitcoin. The perpetrator does have my password, or should I say a password that I have used quite some time ago. They claim to have my contact list (9 of them), which also indicates old data. He claims to have spied on me through my web cam (I don't have one) and hacked a porn site to install a keystroke logger (I have never visited a porn site). I don't have Messenger or FB accounts either. My guess is that he bought some list of names and passwords from a Russian hacker (or IS the Russian hacker) and is fishing for a guilty conscious with $6000 to spare. This email was in my spam box which means that this perp sent out a lot of these.
It seems that we get a letter notifying of a data breach almost every few weeks. I'm trying to figure out which data breach triggered this. I'm guessing it's Yahoo, but it could be LinkedIn. Yahoo assumed my old Bellsouth email account when Bellsouth turned back into AT&T. Both were breached around the time frame I used that password.
Anyone out there get one of these and used either Yahoo email, or LinkedIn?
It seems that we get a letter notifying of a data breach almost every few weeks. I'm trying to figure out which data breach triggered this. I'm guessing it's Yahoo, but it could be LinkedIn. Yahoo assumed my old Bellsouth email account when Bellsouth turned back into AT&T. Both were breached around the time frame I used that password.
Anyone out there get one of these and used either Yahoo email, or LinkedIn?
I heard about that scam on CBC News over the summer. Their threat of social shaming must be pretty powerful for those who've engaged in the activities they mention and don't have their webcams taped over. Even for those who don't engage in such activities, it must be pretty eye-opening to be confronted with your password. That's sort of an intimate detail that only you are supposed to know.
Here's the news piece: '''They'''re threatening me with porn''': Scam using old LinkedIn data alarms Canadians | CBC News
Apparently, the passwords are from the 2012 LinkedIn data breach.
Tom
Here's the news piece: '''They'''re threatening me with porn''': Scam using old LinkedIn data alarms Canadians | CBC News
Apparently, the passwords are from the 2012 LinkedIn data breach.
Tom
No.
You are reacting to this situation in an overly concerned and emotional manner.
That is precisely what extortionists aim to affect.
I propose two solutions.
1. Be indifferent. Be...debonair. Approach the situation with, 'Devil may care' attitude.
Tell the extortionist that you have a lot more contacts--including family--whom you would like to receive a copy of the video...they would find it hilarious.
2. Offer to pay the $6000.00, but in cash.
Tell the extortionist you will patiently wait for him/her and any comrades at home...armed. Underline that it has been some time since you laid anyone to rest, and that you...just miss that happy feeling the 'other voice' inside you cherishes whenever you indulge in a spontaneous release of violence.
(disclaimer: the fore noted comment is strictly satire. sort of.)
You are reacting to this situation in an overly concerned and emotional manner.
That is precisely what extortionists aim to affect.
I propose two solutions.
1. Be indifferent. Be...debonair. Approach the situation with, 'Devil may care' attitude.
Tell the extortionist that you have a lot more contacts--including family--whom you would like to receive a copy of the video...they would find it hilarious.
2. Offer to pay the $6000.00, but in cash.
Tell the extortionist you will patiently wait for him/her and any comrades at home...armed. Underline that it has been some time since you laid anyone to rest, and that you...just miss that happy feeling the 'other voice' inside you cherishes whenever you indulge in a spontaneous release of violence.
(disclaimer: the fore noted comment is strictly satire. sort of.)
This is a good site to help identify who compromised your information:
Have I Been Pwned: Check if your email has been compromised in a data breach
Have I Been Pwned: Check if your email has been compromised in a data breach
Pft.
IF, I replied I'd tell em to have at it.
Oh noooo someone looked at an adult site. How terrible, planes will fall from the sky..
If you wanted to do anything, I'd report it to the authorities in your country.
Doesn't matter what they call it, it's still extortion.
I have no doubt bitcoins are traceable.
As will the ip chain from the original email.
To much in that email smells like a fishing trip to me.
IF, I replied I'd tell em to have at it.
Oh noooo someone looked at an adult site. How terrible, planes will fall from the sky..
If you wanted to do anything, I'd report it to the authorities in your country.
Doesn't matter what they call it, it's still extortion.
I have no doubt bitcoins are traceable.
As will the ip chain from the original email.
To much in that email smells like a fishing trip to me.
I proudly received a spam like this a few days ago. But now after reading the juice he had on you, I'm disappointed he only had two digits of my phone number, only 6 of my contacts, and only asked for $1000....
Get revenge:
419 Eater - The largest scambaiting community on the planet!
Get revenge:
419 Eater - The largest scambaiting community on the planet!
Last edited:
Well... The video he had on you was a bit grainy and you couldn't quite see your face, so he could only charge $1000.
Tom
haha I had a good laugh after reading this. I've seen pictures of tubelab, and I'm pretty sure that footage of tubelab in front of a webcam during a personal moment is highly prised and valuable footage and that he could sell that video himself to make plenty more money than $6,000.
The scammer should be paying him.
The scammer should be paying him.
That site lists my email address as being involved in 8 separate incidents, LinkedIn is on the list and Yahoo is not. The LinkedIn breach includes the password.
That makes the most sense. In 2012 Motorola was in full scale layoff and downsizing mode. Several competitors came to South Florida, set up shop and started hiring the laid off engineers. RIM (Blackberry) was one, and the only one still remaining in Florida. Many of us had opened LinkedIn accounts to keep track of our friends that would be scattered all over the world over the next few years.
My LinkedIn account was locked for several months due to suspected fraud some time in 2012. It took me a while to convince them that I could really be logged in from Florida and Chicago simultaneously, then in Atlanta and Pittsburgh on the next day (airport WiFi), and West Virginia a day later.
The LinkedIn hack, and the Yahoo hack were well known and I did use the password provided by the hacker on both sites at one time.
I chose to laugh and do nothing, then decided to post it here. I had figured that it was likely one of those two data breaches, but maybe someone here had received the same email and only used one of those services thereby telling me which one provided the password. Yahoo still says only "encrypted" passwords were stolen, but given time and processing power, things can be unencrypted.
Not picking on the Russians. I have used the same Yahoo email address for over 25 years and have had trouble with a person purposely giving out my email address whenever he had to provide an email address and didn't want to. This has generated some spam usually from car dealers, insurance salesman and the like, all from a small geographic area in southern Virginia.
About 2 months ago the spam rate went from irritating to hundreds a day. Many of these offer "Russian women", or "Russian brides". This put the "Russian" thought in my head, and led me to believe that this email came from the Yahoo breach. I am now convinced that it was LinkedIn, based on what I have read here today.
Some time in 2012 Motorola was targeted in a huge multi layered cyber attack and at least one "inside job" aimed at stealing cell phone design data. We all had to go through a week of cyber security training, and those of us in "high risk" environments had to implement some extra log in layers, some of which had to be changed weekly or even daily. The training listed the number of intercepted attacks by country and China was at the top of the list with more attacks than all others combined. Russia was in the top 10 somewhere as were the US and Canada.
A tracking pixel in a text based email which is read through a web mail provider (none of the text is actually resident on my PC), yeah right, more hot air like the rest of the email.......post my pictures, we need to check out your Photoshop skills. They are probably just as pathetic.
There are no internet connected cameras in my house, and I unplug the Xbox whenever I'm not using it. I know that it contains some rather funny pictures of myself, Sherri, our daughter, and her kids jumping around like idiots in front of the Kinect while playing some of the physically active games. While funny and embarrassing, all are "G" rated.
We refuse to have one of those voice controlled thingies in the house since they just increase laziness and may transmit everything they hear to their central computer. Coming from the cell phone design world, I know what the right person could do with a cell phone, so mine stays in a drawer when it's not in my pocket.
I get those all the time, only here it's usually a Fedex or DHL number. Don't forget the Nigerian "money for nothing" scams. They never give up, but they only come once a week or so now.
I wouldn´t specially worry.
You say 6000 Linkedin passwords were stolen?
Then he probably got a copy of the list and sent 6000 emails, baited hooks, and will passively wait for answers , hopefully some of them cash, that´s within his capabilities.
*Actively* monitoring you and 6000 others? ... how could he do that?
He´s bluffing with the single, not-tooo-powerful card he has.
You say 6000 Linkedin passwords were stolen?
Then he probably got a copy of the list and sent 6000 emails, baited hooks, and will passively wait for answers , hopefully some of them cash, that´s within his capabilities.
*Actively* monitoring you and 6000 others? ... how could he do that?
He´s bluffing with the single, not-tooo-powerful card he has.
No, 164 MILLION sets of LinkedIn login credentials were stolen. The purp obviously sent a large number of these emails out, probably using some kind of script to generate an email with the unique password embedded in it. Enough of these were set to Yahoo email accounts to cause Yahoo to put them in the spam bucket, which is where I found it.
Unfortunately, their spam filter catches some legitimate email, so I must sort through a hundred or so spams a day to find the one or two legitimate emails. The fact that it was apparently sent from Japan is why I opened it in the first place since I have used this email address to sell stuff on Ebay, and I have shipped to Japan. This guy could be anywhere using several email redirects to make it appear like he is in Japan.
Of course he is, since his email is generic and most of the claims do not apply to me. I'm sure that there are plenty of his targets that his claims do apply to, and maybe a few that feel guilty enough to send him some Bitcoin. If I wer to send him anything, it would be a digital mail bomb loaded with a script to wipe every drive in the computer.
Revenge is Sweet !
I got a Very similar one a few months ago. I don't have cam/fb/tw/li etc etc.
I thought i would give him/them a taste of their own medicine So i visted a malware research security www i'm a member of, & downloaded a new nasty that was unlikely to be detected by Antivirus etc.
I then changed it's name to MyPornoPics45 & also the visable file extension & replied to the email with the nasty as an Att. I asked if the sample pics i had sent in the Att. were the ones they were talking about.
I never heard back & presumed they should have been infected with a REAL malware file
I got a Very similar one a few months ago. I don't have cam/fb/tw/li etc etc.
I thought i would give him/them a taste of their own medicine
So i visted a malware research security www i'm a member of, & downloaded a new nasty that was unlikely to be detected by Antivirus etc.I then changed it's name to MyPornoPics45 & also the visable file extension & replied to the email with the nasty as an Att. I asked if the sample pics i had sent in the Att. were the ones they were talking about.
I never heard back & presumed they should have been infected with a REAL malware file
> if I do get paid, I will destroy the video immediately.
Yeah, right. _IF_ he had you making faces at your webcam with one hand under the table, he'd take your $6K _and_ sell-on the info to another fraud-scum.
I got an interesting cell-phone call. Came up as "Missouri". Don't know anyone there anymore, but I'd dropped my hammer and had my specs on so I fumbled the "answer" swipe (stupid Android).
"This is AT&T Mobile. Your account has been suspended for verification!"
Well, my phone is a TracFone. But I think in this area TF contracts AT&T for tower-time. But AT&T would not care about TF's individual customers, just the monthly bulk billing.
"Please enter your AT&T access code."
OK...... I don't have such a thing. And it would be reckless to enter it on a call *claiming* to be AT&T.
I assume that with my phone number (they called me) and the account access code, someone could have control of my AT&T Mobile account (if I had one). What could they do? Clone my number and call Peru? Buy stuff charged to my bill? Listen to my *other* spam-calls in VoiceMail?
I wish there was a way to hang-up an Android with a SLAM.
Yeah, right. _IF_ he had you making faces at your webcam with one hand under the table, he'd take your $6K _and_ sell-on the info to another fraud-scum.
I got an interesting cell-phone call. Came up as "Missouri". Don't know anyone there anymore, but I'd dropped my hammer and had my specs on so I fumbled the "answer" swipe (stupid Android).
"This is AT&T Mobile. Your account has been suspended for verification!"
Well, my phone is a TracFone. But I think in this area TF contracts AT&T for tower-time. But AT&T would not care about TF's individual customers, just the monthly bulk billing.
"Please enter your AT&T access code."
OK...... I don't have such a thing. And it would be reckless to enter it on a call *claiming* to be AT&T.
I assume that with my phone number (they called me) and the account access code, someone could have control of my AT&T Mobile account (if I had one). What could they do? Clone my number and call Peru? Buy stuff charged to my bill? Listen to my *other* spam-calls in VoiceMail?
I wish there was a way to hang-up an Android with a SLAM.
My mother had a stroke in her early 80's which left her unable to carry on an intelligent conversation. She could come up with words that almost fit together, but sometimes the words were just gibberish. She had no credit cards or bank accounts and the house and other assets had been put into a trust for tax shelter, so she had nothing to lose, so....
Whenever a telemarketer would call we would hand the phone to her. She would get some amusement, and often it would take the caller several minutes to figure out that she wasn't all there and hang up.
More recently I kept getting calls on both the house and cell phone from the same female voice, but each time it was a different spoofed local phone number. I kept a list of the numbers. She was representing "Resort Rewards" and trying to give us a free trip. I told her to quit calling, but the calls kept coming. She called my cell phone one day as I was driving to Walmart. The number displayed as Ohio Valley Ford which was in front of me, so I turned in and handed the phone to a salesman. He said that it had happened 3 times that day and he had already called the police who took a report. The next day it was 84 Lumber.
I talked to a friend who is a Sheriff"s Deputy in a neighboring county, who said that they also take a report, but could do nothing. I asked if this could be prosecuted as identity theft since they are temporarily "stealing" the identity of local businesses. He said that it was a novel idea, but might fly, depending on the judge. Would it be considered a felony? Yes it would.
The next time Miss Annoying called me I explained that she was committing a felony and could serve time for impersonating several businesses......She had no idea what was going on. She was just doing her minimum wage job and started crying. She, and several other young women were hired to sit in front of a phone and answer it with a script. She had a series of scripts to use for each of several responses. Her mission was to extract a $49 fee, paid by credit card of course, for "processing." All the dialing and spoofing was carried out by the "people in the next room." Yeah, the robo-dialer somewhere else in the building. I explained that I had the entire conversation recorded and along with my list of "stolen identities" was going to the police. Not really, but it scared her.
I'm not sure what ever happened to Miss Annoying, but the calls instantly ceased. It seems that a company In Florida was running the call scam operation and it got busted by the FDLE (Florida Department of Law Enforcement) for illegal activities about 6 months later. I never heard if anyone went to jail.
We still get spoofed local ID's, but now they are ordinary people, usually elderly, not local businesses. I have learned not to answer any call that isn't from someone I don't know, but in doing so, I have missed some important calls.
Whenever a telemarketer would call we would hand the phone to her. She would get some amusement, and often it would take the caller several minutes to figure out that she wasn't all there and hang up.
More recently I kept getting calls on both the house and cell phone from the same female voice, but each time it was a different spoofed local phone number. I kept a list of the numbers. She was representing "Resort Rewards" and trying to give us a free trip. I told her to quit calling, but the calls kept coming. She called my cell phone one day as I was driving to Walmart. The number displayed as Ohio Valley Ford which was in front of me, so I turned in and handed the phone to a salesman. He said that it had happened 3 times that day and he had already called the police who took a report. The next day it was 84 Lumber.
I talked to a friend who is a Sheriff"s Deputy in a neighboring county, who said that they also take a report, but could do nothing. I asked if this could be prosecuted as identity theft since they are temporarily "stealing" the identity of local businesses. He said that it was a novel idea, but might fly, depending on the judge. Would it be considered a felony? Yes it would.
The next time Miss Annoying called me I explained that she was committing a felony and could serve time for impersonating several businesses......She had no idea what was going on. She was just doing her minimum wage job and started crying. She, and several other young women were hired to sit in front of a phone and answer it with a script. She had a series of scripts to use for each of several responses. Her mission was to extract a $49 fee, paid by credit card of course, for "processing." All the dialing and spoofing was carried out by the "people in the next room." Yeah, the robo-dialer somewhere else in the building. I explained that I had the entire conversation recorded and along with my list of "stolen identities" was going to the police. Not really, but it scared her.
I'm not sure what ever happened to Miss Annoying, but the calls instantly ceased. It seems that a company In Florida was running the call scam operation and it got busted by the FDLE (Florida Department of Law Enforcement) for illegal activities about 6 months later. I never heard if anyone went to jail.
We still get spoofed local ID's, but now they are ordinary people, usually elderly, not local businesses. I have learned not to answer any call that isn't from someone I don't know, but in doing so, I have missed some important calls.
Ya know the phone companies could stop all this nonsense.
The spoofed number is transmitted after the originating phone number in the data field which is displayed on the receiving phone, as I remember from when I built my own answering machine.
All the phone company has to do is compare the originating phone number to the data field, and if it is another number block the spoofed address, record the originating source and cut off their service as a violation of law.
The phone companies are getting paid not to. Simple as that.
The spoofed number is transmitted after the originating phone number in the data field which is displayed on the receiving phone, as I remember from when I built my own answering machine.
All the phone company has to do is compare the originating phone number to the data field, and if it is another number block the spoofed address, record the originating source and cut off their service as a violation of law.
The phone companies are getting paid not to. Simple as that.
- Status
- This old topic is closed. If you want to reopen this topic, contact a moderator using the "Report Post" button.