“Sextortion” bitcoin email scam . . .


Hippychick

Hippychick

Member
#1
I was 'lucky' enough to get one of these a few days ago & usually delete such emails immediately but was alarmed to see it seemed to come from MY email address – & of course should have checked my sent folder straightaway (nothing sent, so it wasn’t) but instead got straight on to my web hosting people. It was obviously nonsense when it referred to my viewing dodgy porn etc. & just a nasty threat to scare some into paying up, & I sorted my password regardless . . . but wondered if anyone knew how they make it LOOK like it was sent from one’s own email address as I’ve never seen that before.

& it’s a particularly nasty one cos on reading stuff via Google, these sickos have had some success – probably with most vulnerable who have simply been intimidated & paid to be left the hell alone.
 
Levi

Levi

Moderator
Staff member
#2
you can use some php scripting to spoof the sender address etc iirc, I've been getting a LOT of them of late and it's clear they're spam as it says a webcam and I don't have one lol

We can basically thank adobe for these because this all comes from their hack where our email addresses etc got accessed
 
Hippychick

Hippychick

Member
#3
you can use some php scripting to spoof the sender address etc iirc, I've been getting a LOT of them of late and it's clear they're spam as it says a webcam and I don't have one lol

We can basically thank adobe for these because this all comes from their hack where our email addresses etc got accessed
Scripting – right. I've been using email for last 20 years & this is first time I've seen or been aware of it. I just wish there was some way of sending out an email to all these people who may succumb to this shit.
 
Levi

Levi

Moderator
Staff member
#4
Scripting – right. I've been using email for last 20 years & this is first time I've seen or been aware of it. I just wish there was some way of sending out an email to all these people who may succumb to this shit.
there is, you just need the adobe email list (likely on the darknet) that got hacked and use the same sort of scripting that the scammers have to 'warn' people lol.

What should be happening is the email servers we use should be configured to automatically block this type of message but sadly they're not in most cases.
 
Hippychick

Hippychick

Member
#5
there is, you just need the adobe email list (likely on the darknet) that got hacked and use the same sort of scripting that the scammers have to 'warn' people lol.

What should be happening is the email servers we use should be configured to automatically block this type of message but sadly they're not in most cases.
Sounds easy as . . . & if configuring servers is simple too but people who could just don't – maybe they're in on it. lol.
 
scotty

scotty

Moderator
Staff member
#6
I've had these and some have included an old password I'd used before.

Also had them from my own e-mail threatening that they'd hacked my e-mail account and threatening to shut it down.
 
Hippychick

Hippychick

Member
#7
I've had these and some have included an old password I'd used before.

Also had them from my own e-mail threatening that they'd hacked my e-mail account and threatening to shut it down.
I only had one old password that I unfortunately used for my email, which is why I was fleetingly rattled.
 
Paul Murray

Paul Murray

Moderator
Staff member
#8
I get them all the time, I see why people are conned by them, especially when it shows their passwords. I dread to think how many people have paid money. Basically it means a server that you have an account stored on has been hacked and your email address and password have been 'decrypted'. They then use a script/bot to send an email to the address with the password added in the hopes of getting you to cough up.

With weak encryption (like md5 hashing) you can crack a weak password very easily. Here's a video demonstrating how easy it is to crack multiple passwords in a matter of seconds.

 
Hippychick

Hippychick

Member
#9
I get them all the time, I see why people are conned by them, especially when it shows their passwords. I dread to think how many people have paid money. Basically it means a server that you have an account stored on has been hacked and your email address and password have been 'decrypted'. They then use a script/bot to send an email to the address with the password added in the hopes of getting you to cough up.

With weak encryption (like md5 hashing) you can crack a weak password very easily. Here's a video demonstrating how easy it is to crack multiple passwords in a matter of seconds.

Evil. I got a 'final warning' one last night. These people – my God – they've got wonky wiring & should really be locked up. I can't even – I believe there have even been suicides. & what if a relative had died that day or they'd just been diagnosed with something terminal? I guess they're not only sociopaths but deny any responsibility cos the 'computer did it'.
 
Top