I received some remarkable spam with an attempt to extort some bitcoin from me today, and wanted to share:
Subject: (Your password XXXXXXX) It seems that, XXXXXXX, is your password. You may not know me and you are probably wondering why you are getting this e mail, right? actually, I setup a malware on the adult vids (porno) web-site and guess what, you visited this site to have fun (you know what I mean). While you were watching videos, your internet browser started out functioning as a RDP (Remote Desktop) having a keylogger which gave me accessibility to your screen and web cam. afterthat, my software program obtained all of your contacts from your Messenger, FB, as well as email. What did I do? I created a double-screen video. 1st part shows the video you were watching (you've got a good taste haha . . .), and 2nd part shows the recording of your web cam. exactly what should you do? Well, in my opinion, $1000 is a fair price for our little secret. You'll make the payment by Bitcoin (if you do not know this, search "how to buy bitcoin" in Google). BTC Address: 1Bb446YF8AZK3nKchPJQ3J5KwPGRHRARJ5 (It is cAsE sensitive, so copy and paste it) Important: You have one day in order to make the payment. (I've a unique pixel in this e mail, and at this moment I know that you have read through this email message). If I do not get the BitCoins, I will certainly send out your video recording to all of your contacts including relatives, coworkers, and so on. Having said that, if I receive the payment, I'll destroy the video immidiately. If you need evidence, reply with "Yes!" and I will certainly send out your video recording to your 6 contacts. It is a non-negotiable offer, that being said don't waste my personal time and yours by responding to this message.
The password in the subject was indeed one of my oldest “throwaway-passwords”, which I would use to sign up at websites which required to make a user account for no good reason. That’s why it catched my eye.
Notably, if you look at the address given in the email, you can see that (at this time) eight people have already sent around 0.15 BTC (that’s roughly $1000) each to this address, which is sad – but also a clear sign that this address was apparently used to scam multiple people and not personalized for me.
Most likely, my old password is contained in some publicly available leaked database of some website, along with my email address. So the scammer just mailed every address with their respective password. And it seemed to work.
By the way, the email did in fact not contain a “unique pixel”, it was plain text. It originated from some Japanese email provider, however I guess it’s pointless to try and trace the actual sender.
The next morning I woke up to another email: this time the subject was:
Subject: (Part num your Hacked phone. +XX XXXXX1234)
It contained the last four digits of my old mobile phone number, otherwise the same text as above, and a different BTC address. This one has only received little Bitcoin so far.
So it looks like the last four digits of my phone number were included in said leaked database as well. If they had the whole number, they would have used it. Maybe I can find out which leak exactly that might be.
Have a nice day, and be vigilant 😉
P.S. my apologies to everyone who is going to receive those videos of me “having fun” 😉