XMS Systems


    Facebook Page LinkedIn Pinterest Twitter YouTube Facebook Messenger

Back to Fred Mac Donald's Blog

What is I'm a programmer who cracked your email Scam?

What is I'm a programmer who cracked your email Scam?

Latest scam email using blackmail in an attempt to extort money from you.

The latest scam email that ended in my inbox is an interesting one and could potentially be a bit nerve-wracking if you frequent the “darker” side of the internet. These kind of scams are not new and usually, claim to hold some compromising information on you. The threat is if you do not pay up, they will lock your device and send to compromised information to all your email contacts.

Note that it is just a typical scam and you should not worry about it.

I can vaguely remember a case a couple of years ago where a young man (England?) received a similar email and committed suicide for fear of his family finding out about his “habits”

Here is a screenshot of the e-mail

Scam blackmail email

The problem here is that the email “looks” like it has been sent from your email account and the password included might even be your current password or a previous password you used.

In this case, the email was actually sent from a server located in San José, Costa Rica.

I reality, the email address and password was most probably leaked from a compromised website somewhere in the past. It is rather common for websites to be compromised and a couple of notable websites recently is:

  • Apollo: In July 2018, the sales engagement startup Apollo left a database containing billions of data points publicly exposed without a password. 
  • LinkedIn: In May 2016, LinkedIn had 164 million email addresses and passwords exposed.
  • Money Bookers: Sometime in 2009, the e-wallet service known as Money Bookers suffered a data breach which exposed almost 4.5M customers.
  • Adobe: In October 2013, 153 million Adobe accounts were breached 

What should I do?

PCRisk.com answer to this question is: Do not worry about it, no hacker or cybercriminals have infiltrated/hacked your computer and there is no video (or images) of you watching pornography. The most important thing is to simply ignore them and do not send them any Bitcoins. If you are wondering how they got your email, name and/or password, then you should know that it is very likely that such information was stolen from some compromised website, like yahoo. Website breaches is a common thing. If needed, you can check if any of your accounts is compromised by visiting haveibeenpwned website.

To be on the save side, change all your important passwords to something new and secure.

The actual text of the email

Hello!

I'm a programmer who cracked your email account and device about half year ago.
You entered a password on one of the insecure site you visited, and I catched it.
Your password from name@some-domain.com on moment of crack: 12345678

Of course you can will change your password, or already made it.
But it doesn't matter, my rat software update it every time.

Please don't try to contact me or find me, it is impossible, since I sent you an email from your email account.

Through your e-mail, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a rat software on your device and long tome spying for you.

You are not my only victim, I usually lock devices and ask for a ransom.
But I was struck by the sites of intimate content that you very often visit.

I am in shock of your reach fantasies! Wow! I've never seen anything like this!
I did not even know that SUCH content could be so exciting!

So, when you had fun on intime sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I jointed them to the content of the currently viewed site.

Will be funny when I send these photos to your contacts! And if your relatives see it?
BUT I'm sure you don't want it. I definitely would not want to ...

I will not do this if you pay me a little amount.
I think $811 is a nice price for it!

I accept only Bitcoins.
My BTC wallet: 1BncH5WxBSYJ6mmcJC9bCRxQ6Z1evvtRxk

If you have difficulty with this - Ask Google "how to make a payment on a bitcoin wallet". It's easy.
After receiving the above amount, all your data will be immediately removed automatically.
My virus will also will be destroy itself from your operating system.

My Trojan have auto alert, after this email is looked, I will be know it!

You have 2 days (48 hours) for make a payment.
If this does not happen - all your contacts will get crazy shots with your dirty life!
And so that you do not obstruct me, your device will be locked (also after 48 hours)

Do not take this frivolously! This is the last warning!
Various security services or antiviruses won't help you for sure (I have already collected all your data).

Here are the recommendations of a professional:
Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

I hope you will be prudent.
Bye.

A quick search on the “BTC wallet: 1BncH5WxBSYJ6mmcJC9bCRxQ6Z1evvtRxk” will return that this wallet has been reported for scam a number of times already and a search for the actual wording of the email will return a vast number of results. You are definitely not the only one that received this email.

 

Written by:  - 30 Oct, 2018  
comments powered by Disqus
flashy