cancel
Showing results for 
Search instead for 
Did you mean: 

Ransom try on?

Highlighted
Hero
Posts: 4,701
Thanks: 875
Fixes: 8
Registered: ‎31-07-2007

Ransom try on?

This is one of my mailboxes today.

Hi, dear user of ******.plus.com

We have installed one RAT software into you device 
For this moment your email account is hacked too.

Changed your password? You're doing great!
But my software recognizes every such action. I'm updating passwords!
I'm always one step ahead....

So... I have downloaded all confidential information from your system and I got some more evidence.
The most interesting moment that I have discovered are videos records where you masturbating.

I posted EternalBlue Exploit modification on porn site, and then you installed my malicious code (trojan) on your operation system.
When you clicked the button Play on porn video, at that moment my trojan was downloaded to your device.
After installation, your front camera shoots video every time you [-Censored-], in addition, the software is synchronized with the video you choose.

For the moment, the software has harvrested all your contact information from social networks and email addresses.
If you need to erase all of your collected data and video with your enjoy, send me $600(usd) in BTC (crypto currency).

This is my Bitcoin wallet: 15Z4Y1q5QufvFPvRBKhwVhQyFTLwEQ5f4J
You have 48 hours after reading this letter.

After your transaction I will erase all your data.
Otherwise, I will send video with your pranks to all your colleagues, friends and relatives!!!

P.S. I'm asking you - not to answer this letter because the sender's address is fake, just to keep me incognito.

And henceforth be more careful!
Please visit only secure sites!
Bye,Bye

It could be genuine, except that one activity mentioned for me at my stage of life would be pointless. It couldn't even raise a laugh.

What do you all think?

 

No one has to agree with my opinion, but in the time I have left a miracle would be nice.
33 REPLIES 33
Highlighted
Anonymous
Not applicable

Re: Ransom try on?

I'm with you here @Luzern just trying it on, ignore it and move on.

Highlighted
Pro
Posts: 535
Thanks: 154
Registered: ‎08-06-2011

Re: Ransom try on?

Scam.  Both Gmail and Thunderbird have put similar posts in the Spam folder for me.

Highlighted
Community Veteran
Posts: 19,607
Thanks: 2,472
Fixes: 35
Registered: ‎06-11-2007

Re: Ransom try on?

QUOTE...

We have installed one RAT software into you device 

UNQUOTE

Shocked

You dirty rotten rat, ... you...Cheesy

Highlighted
Seasoned Champion
Posts: 1,603
Thanks: 1,334
Registered: ‎21-11-2018

Re: Ransom try on?

Yes criminals love Bitcoin - but to me the whole Bitcoin hype seems like a scam in itself, relying on peoples gullibility and greed

Highlighted
Hero
Posts: 3,672
Thanks: 1,238
Fixes: 27
Registered: ‎24-02-2012

Re: Ransom try on?

@Luzern I had the exact same crud yesterday. One problem, for them, is that my camera is disabled.

The email itself had a 100% scam score from CloudMark, and a second one from MailWasher, so didn't even get on to my machine.

It is a slight variation on the spate earlier in the year, but from Indian sub-continent servers, rather than the usual Eastern European.

John
Highlighted
Aspiring Legend
Posts: 11,367
Thanks: 3,704
Fixes: 1
Registered: ‎04-11-2014

Re: Ransom try on?

@Luzern 

Well you could just offer to send him some more videos. Wink

Me? I'm too old for such things, but I still have sticky tape over the camera on my computer and Kindle!

Highlighted
Hero
Posts: 4,701
Thanks: 875
Fixes: 8
Registered: ‎31-07-2007

Re: Ransom try on?


@ffox wrote:

Scam.  Both Gmail and Thunderbird have put similar posts in the Spam folder for me.


TB just stuck it in my catchall, and PN filters seem weak,

And....

My wife got one supposedly from HMRC, but I know she does not pay tax and HMRC do not send emails.

I don't think I'll let her collect her £9**  windfall.

We have to support the country in these turbulent times, you know.Funny

No one has to agree with my opinion, but in the time I have left a miracle would be nice.
Highlighted
Hero
Posts: 4,701
Thanks: 875
Fixes: 8
Registered: ‎31-07-2007

Re: Ransom try on?


@jab1 wrote:

@Luzern I had the exact same crud yesterday. One problem, for them, is that my camera is disabled.

The email itself had a 100% scam score from CloudMark, and a second one from MailWasher, so didn't even get on to my machine.

It is a slight variation on the spate earlier in the year, but from Indian sub-continent servers, rather than the usual Eastern European.


There must be a cloud over Cloudmark for me,

Return-path: <david.dodgen@aquapodkit.com>
Envelope-to: 123456@.plus.com
Delivery-date: Wed, 24 Jul 2019 02:20:21 +0100
Received: from [84.93.223.83] (helo=avasin01.plus.net)
	  by inmx11.plus.net with esmtp (PlusNet MXCore v2.00) id 1hq5x7-0000cP-Cn 
	  for 123456@gersau.plus.com; Wed, 24 Jul 2019 02:20:21 +0100
Received: from [190.237.162.188] ([84.93.223.46])
	by Plusnet Cloudmark Gateway with ESMTP
	id q5wwhjhnOfDBgq5wxhHarI; Wed, 24 Jul 2019 02:20:16 +0100
X-CM-Score: 100.00
X-CNFS-Analysis: v=2.3 cv=CsiRjEwD c=1 sm=1 tr=0 p=fJSU0PsH-xRmXJWl:21
 p=TlVJM3le6HRrEhDU:21 p=4zilaML35GEA:10 p=d8vdUJ5fiS4A:10
 a=t1A14LVAsJ8csEQeVeuYqg==:117 a=t1A14LVAsJ8csEQeVeuYqg==:17
 a=N659UExz7-8A:10 a=G7ipKTrHp8AA:10 a=EBOSESyhAAAA:8 a=xYW6Vrys5VhT75LVsZEA:9
 a=pILNOxqGKmIA:10 a=yJM6EZoI5SlJf8ks9Ge_:22 a=pHzHmUro8NiASowvMSCR:22
 a=xoEH_sTeL_Rfw54TyV31:22
Message-ID: <9C083B637FAF5027B380D8C414EB9C08@8BI9MC2G6EB>
From: "elliott04" <david.dodgen@aquapodkit.com>
To: <123456@.plus.com>
Date: 23 Jul 2019 13:59:10 -0600
MIME-Version: 1.0
Content-Type: text/plain;
	charset="windows-1252"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Mailer: Microsoft Windows Live Mail 16.4.3505.912
X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3505.912
X-CMAE-Envelope: MS4wfMjqFx9CStm7HP87bw8f+MYBAgzXw8nfckq3vZAeB3QltJRcjsBQm1AEMfNnmP8zDbE6D2s6X6VyzO/YAXw9qv0k4ieSZbx7mXKt5oLA74b6EbWd8AGV
 0O1rzxVIdYzvT5BafQ01iITvOALPe+5UnBfa+IfaNBmos3Rbtt6tz9jG6zhgXz763H4IaKJmeGUoGQ==
X-PN-Spam-Filtered: by PlusNet MXCore (v5.00)

No one has to agree with my opinion, but in the time I have left a miracle would be nice.
Highlighted
Seasoned Pro
Posts: 928
Thanks: 325
Fixes: 4
Registered: ‎22-10-2015

Re: Ransom try on?

@Luzern  I used to get a few...(yawn). I used to delete them every time without being read - usually the sender isn't in my address book or safe senders list so they automatically go straight into the junk folder.

 

I've gone a bit further since. As I don't have any interest in Bitcoin(s) or know anyone who uses it, I just created a rule that if Bitcoin(s) was mentioned in the subject or in the message body, delete it. Haven't seen any since. Do I care, not really. I'd soon know if someone was trying to access my email account(s) from another box / device.

 

Its the same with those emails that appear to come from yourself. Again, another rule, that if my email address is shown as the sender, delete it. Once the rules are in place, its surprising what affect it has on spam. I get very little nowadays. Certainly haven't had any Viagra etc emails for years. Do you think I might be missing out Cheesy Grin

Ever helpful. Grin Sure, I’d love to help you out. Now which way did you come in?
Highlighted
Hero
Posts: 4,137
Thanks: 1,803
Fixes: 119
Registered: ‎30-06-2016

Re: Ransom try on?

@Luzern 

Check your email address here and if it comes up positive, as I suspect it will, then change it: https://haveibeenpwned.com/ . It's a pain to change addresses but it does stop these scare emails and more subtle ones that just might catch you out..

Highlighted
Seasoned Pro
Posts: 928
Thanks: 325
Fixes: 4
Registered: ‎22-10-2015

Re: Ransom try on?

@Luzern wrote: My wife got one supposedly from HMRC, but I know she does not pay tax and HMRC do not send emails.

Hope you reported it to phishing@hmrc.gsi.gov.uk  Smiley  More info

Ever helpful. Grin Sure, I’d love to help you out. Now which way did you come in?
Highlighted
Seasoned Pro
Posts: 928
Thanks: 325
Fixes: 4
Registered: ‎22-10-2015

Re: Ransom try on?

@Baldrick1  My main email address (had it since 2007) was pawned years ago. I still use it.

 

One advantage of it being a Hotmail account. Once you set the account to exclusive, anybody not in your safe sender list goes straight into junk. Whether the junk is read is up to the individual but the only time I go there is when I'm expecting new mail, otherwise its just another folder - any mail older than 30 days gets automatically deleted.

 

Usually the email address is pawned but very rare for passwords etc to go that way too. Nowadays, even if the password was pawned it still wouldn't get anybody in. Need my mobile for that. Smiley

Ever helpful. Grin Sure, I’d love to help you out. Now which way did you come in?
Highlighted
Hero
Posts: 4,137
Thanks: 1,803
Fixes: 119
Registered: ‎30-06-2016

Re: Ransom try on?

@idonno 

Obviously the choice is yours. I would not be happy entrusting my emails to hotmail. Maybe I'm overcautious but if I know that the bad guys have my emailaddress then I take action immediately.

My reply was pointed at @Luzern who I suspect may not have a similar set up, nor possibly 2FA, set up on all accounts.

Highlighted
Hero
Posts: 4,701
Thanks: 875
Fixes: 8
Registered: ‎31-07-2007

Re: Ransom try on?

@Baldrick1 Operation P.assword is being dealt with. Funny thing is that I use strong words formatted like  ~9hc38ju2 with variants for each mailbox, so would have thought myself reasonably safe.

No one has to agree with my opinion, but in the time I have left a miracle would be nice.