A Brazen but "Clever" Scam

[AlanHo]

I received this Email today :-

 

Quote

Hello A*****[email protected], I do know alien1901 is your passphrase. Lets get directly to purpose. You don't know me and you are probably wondering why you are getting this mail? Absolutely no one has paid me to check about you.

 

In fact, I actually installed a software on the adult streaming (pornographic material) web-site and you know what, you visited this web site to experience fun (you know what I mean). While you were viewing video clips, your internet browser started working as a RDP having a key logger which provided me with access to your display as well as web cam. after that, my software program collected every one of your contacts from your Messenger, social networks, as well as e-mail . And then I made a double-screen video. First part displays the video you were watching (you have a nice taste omg), and next part shows the view of your web camera, and it is you.

You got just two solutions. Let us study these possibilities in details:

 

First alternative is to ignore this e mail. As a consequence, I am going to send your very own video recording to just about all of your contacts and then think concerning the shame you experience. Do not forget in case you are in a relationship, how it would affect?

 

Next choice will be to give me $1000. We are going to think of it as a donation. Consequently, I will instantaneously delete your video. You could go on with everyday life like this never happened and you will not hear back again from me.

 

You'll make the payment through Bitcoin (if you do not know this, search for "how to buy bitcoin" in Google).

BTC Address to send to: 1FW7wMSgVWXU9fkPWexGYm9Dfed5SJpxcP
[case sensitive so copy & paste it]

 

If you are looking at going to the authorities, okay, this mail cannot be traced back to me. I have taken care of my actions. I am also not attempting to charge you a huge amount, I prefer to be compensated. I have a unique pixel in this mail, and right now I know that you have read this mail. You now have one day to make the payment. If I do not receive the BitCoins, I definitely will send your video to all of your contacts including members of your family, colleagues, and many others. Nevertheless, if I do get paid, I will destroy the video immediately. This is the nonnegotiable offer, thus do not waste mine time and yours by responding to this e mail. If you want to have proof, reply  Yes! & I will certainly send out your video recording to your 12 friends.=
[unquote]

 

 

It was sent to an old Email address which I have not used for about 5 years but it is a subsidiary to my main Virgin Media account - hence I still receive any Emails sent there. The passphrase quoted is indeed one I have used in the past for a couple of mail order shops where current credit card details are not stored and for registering some software (I still use the software). This scammer has somehow found a password I used on one of these sites several years ago - and with an Email address which is 5 years obsolete.

 

Hence I am not concerned for a number of reasons :-

I have never visited a site and entered a passphrase to download porn

I don't have a webcam on my computer - it's a desktop

I am not a member of any social networks .

I have used Malwarebytes Premium and Microsoft Security Essentials or Windows Defender for a few years and would expect malware to be intercepted.

Hence it is an empty threat in my case - but some other recipients might be sweating.

[andsome]

I had another one from Nigeria a few days ago. The problem is that some folk do fall for them.

[Gandalph]

This was sent out by Police Scotland earlier this week Alan.

 

Cyber Alert - Sextortion Scam

Alert: Cyber criminals send victims their own passwords in new sextortion scam   The following information has been recently posted by Action Fraud: www.actionfraud.police.uk   Cyber criminals are sending victims their own passwords in an attempt to trick them into believing they have been filmed on their computer watching porn and demanding payment.    There have been over 110 of reports made to Action Fraud from concerned victims who have received these scary emails.    In a new twist not seen before by Action Fraud, the emails contain the victim’s own password in the subject line. Action Fraud has contacted several victims to verify this information, who have confirmed that these passwords are genuine and recent.    The emails demand payment in Bitcoin and claim that the victim has been filmed on their computer watching porn.  An example of email reads: I'm aware, XXXXXX is your password. You don't know me and you're probably thinking why you are getting this mail, right?    Well, I actually placed a malware on the adult video clips (porno) web site and guess what, you visited this website to experience fun (you know what I mean). While you were watching video clips, your internet browser started out working as a RDP (Remote Desktop) with a key logger which gave me access to your display screen as well as web camera. Just after that, my software program gathered every one of your contacts from your Messenger, Facebook, and email.    What did I do?   I made a double-screen video. First part shows the video you were watching (you have a nice taste omg), and 2nd part displays the recording of your webcam.    xactly what should you do?   Well, I believe, $2900 is a fair price tag for our little secret. You'll make the payment by Bitcoin (if you do not know this, search "how to buy bitcoin" in Google).  BTC Address: 1HpXtDRumKRhaFTXXXXXXXXXX   (It is cAsE sensitive, so copy and paste it)   Important:   You now have one day to make the payment. (I have a special pixel within this email message, and now I know that you have read this e mail). If I do not receive the BitCoins, I will definately send out your video recording to all of your contacts including close relatives, co-workers, and many others. Nevertheless, if I receive the payment, I'll destroy the video immidiately. If you need evidence, reply with "Yes!" and I will send your video to your 10 friends. It is a non-negotiable offer, therefore do not waste my time and yours by responding to this message.   Suspected data breach Action Fraud suspects that the fraudsters may have gained victim’s passwords from an old data breach.    After running some of the victim’s email addresses through ‘Have i been pwned?’ a website that allows people to check if their account has been compromised in a data breach, Action Fraud found that almost all of the accounts were at risk.    Last month, fraudsters were also sending emails demanding payment in Bitcoin, using WannaCry as a hook.      How to protect yourself Don’t be rushed or pressured into making a decision: paying only highlights that you’re vulnerable and that you may be targeted again. The police advise that you do not pay criminals. Secure it: Change your password immediately and reset it on any other accounts you’ve used the same one for. Always use a strong and separate password. Whenever possible, enable Two-Factor Authentication (2FA). Do not email the fraudsters back.   Always update your anti-virus software and operating systems regularly.   Cover your webcam when not in use.   If you have receive one of these emails and paid the fine, report it to your local police force on 101. If you have not paid, report it as a phishing attempt to Action Fraud on 0300 123 2040

Message Sent By Willie Clark (NHWN, Community Engagement Officer, NW Scotland)

To reply or forward this email please use the buttons below or these links: Reply, Rate, Forward / Share.

To login to your account, click here, To report a fault, click here

[-pops-]

Just had a phone call from 0116 318 0705 Starts off nice and amicable saying they are from HMRC and then the attitude changes and tells me I must get in touch with my solicitor and it quickly gets threatening, warning of dire consequences if I don't comply. At no point does the caller say what I have supposed to have done wrong but I must return their call "soon".

[andsome]

It really is getting worse and worse. 

[Gandalph]

They will try anything pops. To be honest, if ever I received a telephone call like that, or something along those lines I would tell them where to go. 

[andsome]

1 hour ago, Gandalph said:

They will try anything pops. To be honest, if ever I received a telephone call like that, or something along those lines I would tell them where to go. 

Where would that be?

[Gandalph]

6 hours ago, andsome said:

Where would that be?

I refuse to answer the question on the grounds that I may incriminate myself. 

[-pops-]

14 hours ago, Gandalph said:

They will try anything pops. To be honest, if ever I received a telephone call like that, or something along those lines I would tell them where to go. 

I'm usually like that with this type of message but, this one was very professional, starting off very friendly and gradually building up to the aggression as it gained your confidence and couched in such a way as to make you want to hear more. The message was a recording so I was unable to meaningfully interrupt until, of course, I ended the call. I don't know how it progressed after that, obviously but I can understand how it could be very disturbing to a number of people.

[Gandalph]

There are too many of these things happening pops. I have installed, through BT, a call blocker, It only costs £1.25 a Month or thereabouts. Any calls I get from people like that now are sent to the blocker and that is the end of that, providing they don't use a different number. If they do, I send that one as well. I am in a state of perfect peace, until the next one of course. 

[andsome]

Our hands free telephones offer the chance to block a number. You can either enter it, or select the last number. Whatever we do on one phone is automatically done on the other one.

[AlanHo]

Our 5 Panasonic DEC phones do the same - the address book and black list are stored on the answer phone unit. What you do to one phone is replicated on the other 4 over the wireless link.

 

We previously had some Phillips phones - but they had individual address books and it was a pain adding, editing and deleting people - you had to do it 5 times.

[andsome]

6 hours ago, AlanHo said:

Our 5 Panasonic DEC phones do the same - the address book and black list are stored on the answer phone unit. What you do to one phone is replicated on the other 4 over the wireless link.

 

We previously had some Phillips phones - but they had individual address books and it was a pain adding, editing and deleting people - you had to do it 5 times.

Our last phones had to be programmed individually and it was a psin

[-pops-]

I do have a call blocker but the thing with that is that it needs to be trained to know which calls I don't want - this number I'm moaning about was a new one to me and the phone didn't know what to do with it.

That number is most certainly on the blocked calls list now.

[catgate]

I am on Linux and I think these shifty Johnnies have not got round to this........YET.

I'm hoping they get shot down before that happens.

[AlanHo]

Not true Geoff - some Linux users report being scammed too.

[catgate]

1 hour ago, AlanHo said:

Not true Geoff - some Linux users report being scammed too.

   Oh Hekky Thump!!! There have I been sitting in a cloud of false safety.

   Perhaps I can be getting some protection from Mozilla Firefox?

[catgate]

I have just had a telephone call that had all the signs of  coming from the "robbers".  I just let the thing bumble on for a few seconds and then shut it down.

[Belatucadrus]

We had a chap, sounded English who claimed to b e from a company calling about our washing machine. "Which washing machine would that be" I asked ? It's a Bosch he says, I tell him we don't have a Bosch washing machine and the line goes dead, odd that.

We also get foreign calls claiming we're paying so much a month on TV maintenance, which is bollix as we always buy outright and never cough up on extended warranties, I don't have the patience to find out what they want, I just hang up on them.