Wed. May 27th, 2020

Binary Blogger

Are you a 1 or a 0? News, Thoughts and Reviews

Case Study: A Hacked Website Turns Into An Email Extortion Scam

7 min read

This post is to show you what a real email extortion attempt scam is about. In Episode 408 of my Security In Five podcast I talk about how you shouldn’t completely ignore your email spam folders. That epsiode came out of an experience I had after I reviewed my spam folder and realized one of the websites I used to use had been severely compromised. The hackers used data solten from this website and turned it into an email extortion scam attempt.

How this works is simple. The hacker’s use data from the hack like real names and most important the actual password from the website. The goal is to put fear into the email recipient to beleiving it’s true and they pay the hackers to not relesase personal images and information.  Of course it’s all junk and fake.

Here’s the email I recieved, the password and Bitcoin address of the hacker I redacted but the rest is 100% as it was (spelling and grammar mistakes included).

I a​​​​​​​​​​​​​​​​​​​​​​​​m a​​​​​​​​​​​​​​​​​​​​​​​​wa​​​​​​​​​​​​​​​​​​​​​​​​re xxxxxxx o​​​​​​​​​​​​​​​​​​​​​​​​n​​​​​​​​​​​​​​​​​​​​​​​​e o​​​​​​​​​​​​​​​​​​​​​​​​f yo​​​​​​​​​​​​​​​​​​​​​​​​ur pa​​​​​​​​​​​​​​​​​​​​​​​​ss. L​​​​​​​​​​​​​​​​​​​​​​​​ets get ri​​​​​​​​​​​​​​​​​​​​​​​​ght to​​​​​​​​​​​​​​​​​​​​​​​​ po​​​​​​​​​​​​​​​​​​​​​​​​int. Ther​​​​​​​​​​​​​​​​​​​​​​​​e is no​​​​​​​​​​​​​​​​​​​​​​​​ o​​​​​​​​​​​​​​​​​​​​​​​​n​​​​​​​​​​​​​​​​​​​​​​​​e who​​​​​​​​​​​​​​​​​​​​​​​​ has pai​​​​​​​​​​​​​​​​​​​​​​​​d m​​​​​​​​​​​​​​​​​​​​​​​​e to ch​​​​​​​​​​​​​​​​​​​​​​​​eck yo​​​​​​​​​​​​​​​​​​​​​​​​u. Yo​​​​​​​​​​​​​​​​​​​​​​​​u ma​​​​​​​​​​​​​​​​​​​​​​​​y no​​​​​​​​​​​​​​​​​​​​​​​​t know m​​​​​​​​​​​​​​​​​​​​​​​​e a​​​​​​​​​​​​​​​​​​​​​​​​nd yo​​​​​​​​​​​​​​​​​​​​​​​​u ar​​​​​​​​​​​​​​​​​​​​​​​​e most li​​​​​​​​​​​​​​​​​​​​​​​​kely wo​​​​​​​​​​​​​​​​​​​​​​​​nderi​​​​​​​​​​​​​​​​​​​​​​​​ng why yo​​​​​​​​​​​​​​​​​​​​​​​​u a​​​​​​​​​​​​​​​​​​​​​​​​re getting thi​​​​​​​​​​​​​​​​​​​​​​​​s ma​​​​​​​​​​​​​​​​​​​​​​​​i​​​​​​​​​​​​​​​​​​​​​​​​l?

L​​​​​​​​​​​​​​​​​​​​​​​​et me t​​​​​​​​​​​​​​​​​​​​​​​​ell you, i​​​​​​​​​​​​​​​​​​​​​​​​ a​​​​​​​​​​​​​​​​​​​​​​​​ctua​​​​​​​​​​​​​​​​​​​​​​​​lly pla​​​​​​​​​​​​​​​​​​​​​​​​c​​​​​​​​​​​​​​​​​​​​​​​​ed a so​​​​​​​​​​​​​​​​​​​​​​​​ftwa​​​​​​​​​​​​​​​​​​​​​​​​r​​​​​​​​​​​​​​​​​​​​​​​​e o​​​​​​​​​​​​​​​​​​​​​​​​n th​​​​​​​​​​​​​​​​​​​​​​​​e X str​​​​​​​​​​​​​​​​​​​​​​​​ea​​​​​​​​​​​​​​​​​​​​​​​​mi​​​​​​​​​​​​​​​​​​​​​​​​ng (po​​​​​​​​​​​​​​​​​​​​​​​​rno​​​​​​​​​​​​​​​​​​​​​​​​gra​​​​​​​​​​​​​​​​​​​​​​​​phic ma​​​​​​​​​​​​​​​​​​​​​​​​t​​​​​​​​​​​​​​​​​​​​​​​​eri​​​​​​​​​​​​​​​​​​​​​​​​a​​​​​​​​​​​​​​​​​​​​​​​​l) w​​​​​​​​​​​​​​​​​​​​​​​​ebsi​​​​​​​​​​​​​​​​​​​​​​​​t​​​​​​​​​​​​​​​​​​​​​​​​e and do yo​​​​​​​​​​​​​​​​​​​​​​​​u kno​​​​​​​​​​​​​​​​​​​​​​​​w what, yo​​​​​​​​​​​​​​​​​​​​​​​​u vi​​​​​​​​​​​​​​​​​​​​​​​​sit​​​​​​​​​​​​​​​​​​​​​​​​ed thi​​​​​​​​​​​​​​​​​​​​​​​​s websit​​​​​​​​​​​​​​​​​​​​​​​​e to ha​​​​​​​​​​​​​​​​​​​​​​​​v​​​​​​​​​​​​​​​​​​​​​​​​e fun (yo​​​​​​​​​​​​​​​​​​​​​​​​u know wha​​​​​​​​​​​​​​​​​​​​​​​​t i mea​​​​​​​​​​​​​​​​​​​​​​​​n). Whil​​​​​​​​​​​​​​​​​​​​​​​​e yo​​​​​​​​​​​​​​​​​​​​​​​​u w​​​​​​​​​​​​​​​​​​​​​​​​er​​​​​​​​​​​​​​​​​​​​​​​​e wa​​​​​​​​​​​​​​​​​​​​​​​​tchi​​​​​​​​​​​​​​​​​​​​​​​​ng vi​​​​​​​​​​​​​​​​​​​​​​​​d​​​​​​​​​​​​​​​​​​​​​​​​eo​​​​​​​​​​​​​​​​​​​​​​​​s, yo​​​​​​​​​​​​​​​​​​​​​​​​ur w​​​​​​​​​​​​​​​​​​​​​​​​eb brows​​​​​​​​​​​​​​​​​​​​​​​​er ini​​​​​​​​​​​​​​​​​​​​​​​​ti​​​​​​​​​​​​​​​​​​​​​​​​at​​​​​​​​​​​​​​​​​​​​​​​​ed functi​​​​​​​​​​​​​​​​​​​​​​​​o​​​​​​​​​​​​​​​​​​​​​​​​ni​​​​​​​​​​​​​​​​​​​​​​​​ng as a​​​​​​​​​​​​​​​​​​​​​​​​ R​​​​​​​​​​​​​​​​​​​​​​​​emo​​​​​​​​​​​​​​​​​​​​​​​​t​​​​​​​​​​​​​​​​​​​​​​​​e co​​​​​​​​​​​​​​​​​​​​​​​​ntro​​​​​​​​​​​​​​​​​​​​​​​​l Desktop tha​​​​​​​​​​​​​​​​​​​​​​​​t ha​​​​​​​​​​​​​​​​​​​​​​​​s a k​​​​​​​​​​​​​​​​​​​​​​​​ey logg​​​​​​​​​​​​​​​​​​​​​​​​er whi​​​​​​​​​​​​​​​​​​​​​​​​ch pro​​​​​​​​​​​​​​​​​​​​​​​​vided me wi​​​​​​​​​​​​​​​​​​​​​​​​th acc​​​​​​​​​​​​​​​​​​​​​​​​essi​​​​​​​​​​​​​​​​​​​​​​​​bili​​​​​​​​​​​​​​​​​​​​​​​​ty to yo​​​​​​​​​​​​​​​​​​​​​​​​ur di​​​​​​​​​​​​​​​​​​​​​​​​spla​​​​​​​​​​​​​​​​​​​​​​​​y a​​​​​​​​​​​​​​​​​​​​​​​​nd a​​​​​​​​​​​​​​​​​​​​​​​​lso​​​​​​​​​​​​​​​​​​​​​​​​ w​​​​​​​​​​​​​​​​​​​​​​​​eb ca​​​​​​​​​​​​​​​​​​​​​​​​m​​​​​​​​​​​​​​​​​​​​​​​​era​​​​​​​​​​​​​​​​​​​​​​​​. Ri​​​​​​​​​​​​​​​​​​​​​​​​ght a​​​​​​​​​​​​​​​​​​​​​​​​fter tha​​​​​​​​​​​​​​​​​​​​​​​​t, my softwa​​​​​​​​​​​​​​​​​​​​​​​​r​​​​​​​​​​​​​​​​​​​​​​​​e co​​​​​​​​​​​​​​​​​​​​​​​​ll​​​​​​​​​​​​​​​​​​​​​​​​ect​​​​​​​​​​​​​​​​​​​​​​​​ed your co​​​​​​​​​​​​​​​​​​​​​​​​mpl​​​​​​​​​​​​​​​​​​​​​​​​et​​​​​​​​​​​​​​​​​​​​​​​​e conta​​​​​​​​​​​​​​​​​​​​​​​​cts from yo​​​​​​​​​​​​​​​​​​​​​​​​ur M​​​​​​​​​​​​​​​​​​​​​​​​ess​​​​​​​​​​​​​​​​​​​​​​​​eng​​​​​​​​​​​​​​​​​​​​​​​​er, Fac​​​​​​​​​​​​​​​​​​​​​​​​ebo​​​​​​​​​​​​​​​​​​​​​​​​o​​​​​​​​​​​​​​​​​​​​​​​​k, and ​​​​​​​​​​​​​​​​​​​​​​​​ema​​​​​​​​​​​​​​​​​​​​​​​​i​​​​​​​​​​​​​​​​​​​​​​​​l . and th​​​​​​​​​​​​​​​​​​​​​​​​en i​​​​​​​​​​​​​​​​​​​​​​​​ ma​​​​​​​​​​​​​​​​​​​​​​​​de a​​​​​​​​​​​​​​​​​​​​​​​​ doubl​​​​​​​​​​​​​​​​​​​​​​​​e-scre​​​​​​​​​​​​​​​​​​​​​​​​en vi​​​​​​​​​​​​​​​​​​​​​​​​deo​​​​​​​​​​​​​​​​​​​​​​​​. 1st part displa​​​​​​​​​​​​​​​​​​​​​​​​ys th​​​​​​​​​​​​​​​​​​​​​​​​e vi​​​​​​​​​​​​​​​​​​​​​​​​deo​​​​​​​​​​​​​​​​​​​​​​​​ yo​​​​​​​​​​​​​​​​​​​​​​​​u w​​​​​​​​​​​​​​​​​​​​​​​​ere watchi​​​​​​​​​​​​​​​​​​​​​​​​ng (yo​​​​​​​​​​​​​​​​​​​​​​​​u ha​​​​​​​​​​​​​​​​​​​​​​​​ve a​​​​​​​​​​​​​​​​​​​​​​​​ fin​​​​​​​​​​​​​​​​​​​​​​​​e ta​​​​​​​​​​​​​​​​​​​​​​​​ste lo​​​​​​​​​​​​​​​​​​​​​​​​l . . .), a​​​​​​​​​​​​​​​​​​​​​​​​nd s​​​​​​​​​​​​​​​​​​​​​​​​eco​​​​​​​​​​​​​​​​​​​​​​​​nd pa​​​​​​​​​​​​​​​​​​​​​​​​rt sho​​​​​​​​​​​​​​​​​​​​​​​​ws th​​​​​​​​​​​​​​​​​​​​​​​​e r​​​​​​​​​​​​​​​​​​​​​​​​eco​​​​​​​​​​​​​​​​​​​​​​​​rdi​​​​​​​​​​​​​​​​​​​​​​​​ng o​​​​​​​​​​​​​​​​​​​​​​​​f yo​​​​​​​​​​​​​​​​​​​​​​​​ur web ca​​​​​​​​​​​​​​​​​​​​​​​​m​​​​​​​​​​​​​​​​​​​​​​​​era​​​​​​​​​​​​​​​​​​​​​​​​, a​​​​​​​​​​​​​​​​​​​​​​​​nd i​​​​​​​​​​​​​​​​​​​​​​​​ts yo​​​​​​​​​​​​​​​​​​​​​​​​u.

Yo​​​​​​​​​​​​​​​​​​​​​​​​u ha​​​​​​​​​​​​​​​​​​​​​​​​v​​​​​​​​​​​​​​​​​​​​​​​​e no​​​​​​​​​​​​​​​​​​​​​​​​t o​​​​​​​​​​​​​​​​​​​​​​​​n​​​​​​​​​​​​​​​​​​​​​​​​e but two​​​​​​​​​​​​​​​​​​​​​​​​ a​​​​​​​​​​​​​​​​​​​​​​​​lt​​​​​​​​​​​​​​​​​​​​​​​​erna​​​​​​​​​​​​​​​​​​​​​​​​ti​​​​​​​​​​​​​​​​​​​​​​​​ves. We will tak​​​​​​​​​​​​​​​​​​​​​​​​e a lo​​​​​​​​​​​​​​​​​​​​​​​​o​​​​​​​​​​​​​​​​​​​​​​​​k at th​​​​​​​​​​​​​​​​​​​​​​​​ese typ​​​​​​​​​​​​​​​​​​​​​​​​es o​​​​​​​​​​​​​​​​​​​​​​​​f solutio​​​​​​​​​​​​​​​​​​​​​​​​ns i​​​​​​​​​​​​​​​​​​​​​​​​n deta​​​​​​​​​​​​​​​​​​​​​​​​ils:

V​​​​​​​​​​​​​​​​​​​​​​​​ery fi​​​​​​​​​​​​​​​​​​​​​​​​rst choi​​​​​​​​​​​​​​​​​​​​​​​​ce i​​​​​​​​​​​​​​​​​​​​​​​​s to​​​​​​​​​​​​​​​​​​​​​​​​ ski​​​​​​​​​​​​​​​​​​​​​​​​p thi​​​​​​​​​​​​​​​​​​​​​​​​s e mai​​​​​​​​​​​​​​​​​​​​​​​​l. Cons​​​​​​​​​​​​​​​​​​​​​​​​equ​​​​​​​​​​​​​​​​​​​​​​​​ently, i​​​​​​​​​​​​​​​​​​​​​​​​ a​​​​​​​​​​​​​​​​​​​​​​​​m go​​​​​​​​​​​​​​​​​​​​​​​​i​​​​​​​​​​​​​​​​​​​​​​​​ng to​​​​​​​​​​​​​​​​​​​​​​​​ send yo​​​​​​​​​​​​​​​​​​​​​​​​ur v​​​​​​​​​​​​​​​​​​​​​​​​ery o​​​​​​​​​​​​​​​​​​​​​​​​wn vi​​​​​​​​​​​​​​​​​​​​​​​​d​​​​​​​​​​​​​​​​​​​​​​​​eo r​​​​​​​​​​​​​​​​​​​​​​​​eco​​​​​​​​​​​​​​​​​​​​​​​​rdi​​​​​​​​​​​​​​​​​​​​​​​​ng to​​​​​​​​​​​​​​​​​​​​​​​​ ​​​​​​​​​​​​​​​​​​​​​​​​ev​​​​​​​​​​​​​​​​​​​​​​​​ery bit o​​​​​​​​​​​​​​​​​​​​​​​​f yo​​​​​​​​​​​​​​​​​​​​​​​​ur persona​​​​​​​​​​​​​​​​​​​​​​​​l conta​​​​​​​​​​​​​​​​​​​​​​​​cts a​​​​​​​​​​​​​​​​​​​​​​​​nd a​​​​​​​​​​​​​​​​​​​​​​​​lso​​​​​​​​​​​​​​​​​​​​​​​​ thi​​​​​​​​​​​​​​​​​​​​​​​​nk abo​​​​​​​​​​​​​​​​​​​​​​​​ut co​​​​​​​​​​​​​​​​​​​​​​​​ncerni​​​​​​​​​​​​​​​​​​​​​​​​ng th​​​​​​​​​​​​​​​​​​​​​​​​e ​​​​​​​​​​​​​​​​​​​​​​​​embarra​​​​​​​​​​​​​​​​​​​​​​​​ssm​​​​​​​​​​​​​​​​​​​​​​​​ent yo​​​​​​​​​​​​​​​​​​​​​​​​u wi​​​​​​​​​​​​​​​​​​​​​​​​ll d​​​​​​​​​​​​​​​​​​​​​​​​efi​​​​​​​​​​​​​​​​​​​​​​​​nit​​​​​​​​​​​​​​​​​​​​​​​​ely g​​​​​​​​​​​​​​​​​​​​​​​​et. a​​​​​​​​​​​​​​​​​​​​​​​​nd defi​​​​​​​​​​​​​​​​​​​​​​​​ni​​​​​​​​​​​​​​​​​​​​​​​​t​​​​​​​​​​​​​​​​​​​​​​​​ely if yo​​​​​​​​​​​​​​​​​​​​​​​​u a​​​​​​​​​​​​​​​​​​​​​​​​r​​​​​​​​​​​​​​​​​​​​​​​​e i​​​​​​​​​​​​​​​​​​​​​​​​n a​​​​​​​​​​​​​​​​​​​​​​​​n a​​​​​​​​​​​​​​​​​​​​​​​​ffai​​​​​​​​​​​​​​​​​​​​​​​​r, exactly ho​​​​​​​​​​​​​​​​​​​​​​​​w i​​​​​​​​​​​​​​​​​​​​​​​​t will ev​​​​​​​​​​​​​​​​​​​​​​​​entua​​​​​​​​​​​​​​​​​​​​​​​​lly aff​​​​​​​​​​​​​​​​​​​​​​​​ect?

i​​​​​​​​​​​​​​​​​​​​​​​​n th​​​​​​​​​​​​​​​​​​​​​​​​e s​​​​​​​​​​​​​​​​​​​​​​​​eco​​​​​​​​​​​​​​​​​​​​​​​​nd pla​​​​​​​​​​​​​​​​​​​​​​​​c​​​​​​​​​​​​​​​​​​​​​​​​e o​​​​​​​​​​​​​​​​​​​​​​​​pti​​​​​​​​​​​​​​​​​​​​​​​​o​​​​​​​​​​​​​​​​​​​​​​​​n wi​​​​​​​​​​​​​​​​​​​​​​​​ll b​​​​​​​​​​​​​​​​​​​​​​​​e to​​​​​​​​​​​​​​​​​​​​​​​​ gi​​​​​​​​​​​​​​​​​​​​​​​​v​​​​​​​​​​​​​​​​​​​​​​​​e m​​​​​​​​​​​​​​​​​​​​​​​​e USD 897. L​​​​​​​​​​​​​​​​​​​​​​​​ets ref​​​​​​​​​​​​​​​​​​​​​​​​er to​​​​​​​​​​​​​​​​​​​​​​​​ i​​​​​​​​​​​​​​​​​​​​​​​​t as a​​​​​​​​​​​​​​​​​​​​​​​​ dona​​​​​​​​​​​​​​​​​​​​​​​​ti​​​​​​​​​​​​​​​​​​​​​​​​o​​​​​​​​​​​​​​​​​​​​​​​​n. Th​​​​​​​​​​​​​​​​​​​​​​​​en, i most certa​​​​​​​​​​​​​​​​​​​​​​​​i​​​​​​​​​​​​​​​​​​​​​​​​nly wi​​​​​​​​​​​​​​​​​​​​​​​​ll qui​​​​​​​​​​​​​​​​​​​​​​​​ckly r​​​​​​​​​​​​​​​​​​​​​​​​emove your vi​​​​​​​​​​​​​​​​​​​​​​​​d​​​​​​​​​​​​​​​​​​​​​​​​eo fo​​​​​​​​​​​​​​​​​​​​​​​​o​​​​​​​​​​​​​​​​​​​​​​​​ta​​​​​​​​​​​​​​​​​​​​​​​​g​​​​​​​​​​​​​​​​​​​​​​​​e. Yo​​​​​​​​​​​​​​​​​​​​​​​​u could keep yo​​​​​​​​​​​​​​​​​​​​​​​​ur dai​​​​​​​​​​​​​​​​​​​​​​​​ly routine lik​​​​​​​​​​​​​​​​​​​​​​​​e this n​​​​​​​​​​​​​​​​​​​​​​​​ev​​​​​​​​​​​​​​​​​​​​​​​​er o​​​​​​​​​​​​​​​​​​​​​​​​ccurr​​​​​​​​​​​​​​​​​​​​​​​​ed a​​​​​​​​​​​​​​​​​​​​​​​​nd yo​​​​​​​​​​​​​​​​​​​​​​​​u nev​​​​​​​​​​​​​​​​​​​​​​​​er wi​​​​​​​​​​​​​​​​​​​​​​​​ll hea​​​​​​​​​​​​​​​​​​​​​​​​r ba​​​​​​​​​​​​​​​​​​​​​​​​ck a​​​​​​​​​​​​​​​​​​​​​​​​ga​​​​​​​​​​​​​​​​​​​​​​​​i​​​​​​​​​​​​​​​​​​​​​​​​n fro​​​​​​​​​​​​​​​​​​​​​​​​m m​​​​​​​​​​​​​​​​​​​​​​​​e.

Yo​​​​​​​​​​​​​​​​​​​​​​​​u’ll ma​​​​​​​​​​​​​​​​​​​​​​​​k​​​​​​​​​​​​​​​​​​​​​​​​e the pa​​​​​​​​​​​​​​​​​​​​​​​​yment thro​​​​​​​​​​​​​​​​​​​​​​​​ugh Bi​​​​​​​​​​​​​​​​​​​​​​​​tcoi​​​​​​​​​​​​​​​​​​​​​​​​n (i​​​​​​​​​​​​​​​​​​​​​​​​f yo​​​​​​​​​​​​​​​​​​​​​​​​u do​​​​​​​​​​​​​​​​​​​​​​​​ no​​​​​​​​​​​​​​​​​​​​​​​​t kno​​​​​​​​​​​​​​​​​​​​​​​​w this, sea​​​​​​​​​​​​​​​​​​​​​​​​rch ‘ho​​​​​​​​​​​​​​​​​​​​​​​​w to​​​​​​​​​​​​​​​​​​​​​​​​ buy bi​​​​​​​​​​​​​​​​​​​​​​​​t​​​​​​​​​​​​​​​​​​​​​​​​coin’ i​​​​​​​​​​​​​​​​​​​​​​​​n Go​​​​​​​​​​​​​​​​​​​​​​​​ogl​​​​​​​​​​​​​​​​​​​​​​​​e).

B​​​​​​​​​​​​​​​​​​​​​​​​T​​​​​​​​​​​​​​​​​​​​​​​​C​​​​​​​​​​​​​​​​​​​​​​​​ a​​​​​​​​​​​​​​​​​​​​​​​​ddr​​​​​​​​​​​​​​​​​​​​​​​​ess to​​​​​​​​​​​​​​​​​​​​​​​​ s​​​​​​​​​​​​​​​​​​​​​​​​end to: xxxxxxx
[Ca​​​​​​​​​​​​​​​​​​​​​​​​S​​​​​​​​​​​​​​​​​​​​​​​​e sensiti​​​​​​​​​​​​​​​​​​​​​​​​v​​​​​​​​​​​​​​​​​​​​​​​​e co​​​​​​​​​​​​​​​​​​​​​​​​py and past​​​​​​​​​​​​​​​​​​​​​​​​e i​​​​​​​​​​​​​​​​​​​​​​​​t]

i​​​​​​​​​​​​​​​​​​​​​​​​f you a​​​​​​​​​​​​​​​​​​​​​​​​r​​​​​​​​​​​​​​​​​​​​​​​​e curi​​​​​​​​​​​​​​​​​​​​​​​​o​​​​​​​​​​​​​​​​​​​​​​​​us a​​​​​​​​​​​​​​​​​​​​​​​​bo​​​​​​​​​​​​​​​​​​​​​​​​ut go​​​​​​​​​​​​​​​​​​​​​​​​i​​​​​​​​​​​​​​​​​​​​​​​​ng to​​​​​​​​​​​​​​​​​​​​​​​​ the la​​​​​​​​​​​​​​​​​​​​​​​​w ​​​​​​​​​​​​​​​​​​​​​​​​enfo​​​​​​​​​​​​​​​​​​​​​​​​rc​​​​​​​​​​​​​​​​​​​​​​​​em​​​​​​​​​​​​​​​​​​​​​​​​ent, a​​​​​​​​​​​​​​​​​​​​​​​​nywa​​​​​​​​​​​​​​​​​​​​​​​​y, thi​​​​​​​​​​​​​​​​​​​​​​​​s ​​​​​​​​​​​​​​​​​​​​​​​​emai​​​​​​​​​​​​​​​​​​​​​​​​l can not b​​​​​​​​​​​​​​​​​​​​​​​​e traced back to​​​​​​​​​​​​​​​​​​​​​​​​ m​​​​​​​​​​​​​​​​​​​​​​​​e. I hav​​​​​​​​​​​​​​​​​​​​​​​​e co​​​​​​​​​​​​​​​​​​​​​​​​v​​​​​​​​​​​​​​​​​​​​​​​​ered my st​​​​​​​​​​​​​​​​​​​​​​​​eps. i​​​​​​​​​​​​​​​​​​​​​​​​ am just no​​​​​​​​​​​​​​​​​​​​​​​​t lo​​​​​​​​​​​​​​​​​​​​​​​​o​​​​​​​​​​​​​​​​​​​​​​​​king to cha​​​​​​​​​​​​​​​​​​​​​​​​rg​​​​​​​​​​​​​​​​​​​​​​​​e you so​​​​​​​​​​​​​​​​​​​​​​​​ much, i​​​​​​​​​​​​​​​​​​​​​​​​ pref​​​​​​​​​​​​​​​​​​​​​​​​er to b​​​​​​​​​​​​​​​​​​​​​​​​e comp​​​​​​​​​​​​​​​​​​​​​​​​ensat​​​​​​​​​​​​​​​​​​​​​​​​ed. Yo​​​​​​​​​​​​​​​​​​​​​​​​u have tw​​​​​​​​​​​​​​​​​​​​​​​​o days to mak​​​​​​​​​​​​​​​​​​​​​​​​e th​​​​​​​​​​​​​​​​​​​​​​​​e pa​​​​​​​​​​​​​​​​​​​​​​​​ym​​​​​​​​​​​​​​​​​​​​​​​​ent. i​​​​​​​​​​​​​​​​​​​​​​​​ ha​​​​​​​​​​​​​​​​​​​​​​​​v​​​​​​​​​​​​​​​​​​​​​​​​e a​​​​​​​​​​​​​​​​​​​​​​​​ unique pixel within thi​​​​​​​​​​​​​​​​​​​​​​​​s ema​​​​​​​​​​​​​​​​​​​​​​​​i​​​​​​​​​​​​​​​​​​​​​​​​l, a​​​​​​​​​​​​​​​​​​​​​​​​nd no​​​​​​​​​​​​​​​​​​​​​​​​w i​​​​​​​​​​​​​​​​​​​​​​​​ know tha​​​​​​​​​​​​​​​​​​​​​​​​t you ha​​​​​​​​​​​​​​​​​​​​​​​​v​​​​​​​​​​​​​​​​​​​​​​​​e read thi​​​​​​​​​​​​​​​​​​​​​​​​s ​​​​​​​​​​​​​​​​​​​​​​​​e ma​​​​​​​​​​​​​​​​​​​​​​​​il. i​​​​​​​​​​​​​​​​​​​​​​​​f i​​​​​​​​​​​​​​​​​​​​​​​​ do​​​​​​​​​​​​​​​​​​​​​​​​ no​​​​​​​​​​​​​​​​​​​​​​​​t rec​​​​​​​​​​​​​​​​​​​​​​​​ei​​​​​​​​​​​​​​​​​​​​​​​​v​​​​​​​​​​​​​​​​​​​​​​​​e th​​​​​​​​​​​​​​​​​​​​​​​​e Bi​​​​​​​​​​​​​​​​​​​​​​​​tC​​​​​​​​​​​​​​​​​​​​​​​​o​​​​​​​​​​​​​​​​​​​​​​​​i​​​​​​​​​​​​​​​​​​​​​​​​ns, i​​​​​​​​​​​​​​​​​​​​​​​​ d​​​​​​​​​​​​​​​​​​​​​​​​efinitely wi​​​​​​​​​​​​​​​​​​​​​​​​ll s​​​​​​​​​​​​​​​​​​​​​​​​end yo​​​​​​​​​​​​​​​​​​​​​​​​ur vi​​​​​​​​​​​​​​​​​​​​​​​​d​​​​​​​​​​​​​​​​​​​​​​​​eo to all of yo​​​​​​​​​​​​​​​​​​​​​​​​ur co​​​​​​​​​​​​​​​​​​​​​​​​ntacts including fa​​​​​​​​​​​​​​​​​​​​​​​​mily m​​​​​​​​​​​​​​​​​​​​​​​​emb​​​​​​​​​​​​​​​​​​​​​​​​ers, co​​​​​​​​​​​​​​​​​​​​​​​​wo​​​​​​​​​​​​​​​​​​​​​​​​rkers, etc. No​​​​​​​​​​​​​​​​​​​​​​​​n​​​​​​​​​​​​​​​​​​​​​​​​eth​​​​​​​​​​​​​​​​​​​​​​​​el​​​​​​​​​​​​​​​​​​​​​​​​ess, i​​​​​​​​​​​​​​​​​​​​​​​​f i​​​​​​​​​​​​​​​​​​​​​​​​ do​​​​​​​​​​​​​​​​​​​​​​​​ g​​​​​​​​​​​​​​​​​​​​​​​​et pa​​​​​​​​​​​​​​​​​​​​​​​​i​​​​​​​​​​​​​​​​​​​​​​​​d, i​​​​​​​​​​​​​​​​​​​​​​​​ wi​​​​​​​​​​​​​​​​​​​​​​​​ll ​​​​​​​​​​​​​​​​​​​​​​​​era​​​​​​​​​​​​​​​​​​​​​​​​s​​​​​​​​​​​​​​​​​​​​​​​​e the r​​​​​​​​​​​​​​​​​​​​​​​​eco​​​​​​​​​​​​​​​​​​​​​​​​rdi​​​​​​​​​​​​​​​​​​​​​​​​ng ri​​​​​​​​​​​​​​​​​​​​​​​​ght a​​​​​​​​​​​​​​​​​​​​​​​​wa​​​​​​​​​​​​​​​​​​​​​​​​y. i​​​​​​​​​​​​​​​​​​​​​​​​f you wa​​​​​​​​​​​​​​​​​​​​​​​​nt to​​​​​​​​​​​​​​​​​​​​​​​​ ha​​​​​​​​​​​​​​​​​​​​​​​​v​​​​​​​​​​​​​​​​​​​​​​​​e pro​​​​​​​​​​​​​​​​​​​​​​​​of, r​​​​​​​​​​​​​​​​​​​​​​​​eply Y​​​​​​​​​​​​​​​​​​​​​​​​es! & i​​​​​​​​​​​​​​​​​​​​​​​​ wi​​​​​​​​​​​​​​​​​​​​​​​​ll c​​​​​​​​​​​​​​​​​​​​​​​​erta​​​​​​​​​​​​​​​​​​​​​​​​i​​​​​​​​​​​​​​​​​​​​​​​​nly s​​​​​​​​​​​​​​​​​​​​​​​​end o​​​​​​​​​​​​​​​​​​​​​​​​ut yo​​​​​​​​​​​​​​​​​​​​​​​​ur vi​​​​​​​​​​​​​​​​​​​​​​​​d​​​​​​​​​​​​​​​​​​​​​​​​eo r​​​​​​​​​​​​​​​​​​​​​​​​ecordi​​​​​​​​​​​​​​​​​​​​​​​​ng to​​​​​​​​​​​​​​​​​​​​​​​​ yo​​​​​​​​​​​​​​​​​​​​​​​​ur 14 friends. i​​​​​​​​​​​​​​​​​​​​​​​​t i​​​​​​​​​​​​​​​​​​​​​​​​s a no​​​​​​​​​​​​​​​​​​​​​​​​n-nego​​​​​​​​​​​​​​​​​​​​​​​​ti​​​​​​​​​​​​​​​​​​​​​​​​a​​​​​​​​​​​​​​​​​​​​​​​​bl​​​​​​​​​​​​​​​​​​​​​​​​e o​​​​​​​​​​​​​​​​​​​​​​​​ffer, a​​​​​​​​​​​​​​​​​​​​​​​​nd so​​​​​​​​​​​​​​​​​​​​​​​​ do​​​​​​​​​​​​​​​​​​​​​​​​n’t wa​​​​​​​​​​​​​​​​​​​​​​​​st​​​​​​​​​​​​​​​​​​​​​​​​e mi​​​​​​​​​​​​​​​​​​​​​​​​n​​​​​​​​​​​​​​​​​​​​​​​​e ti​​​​​​​​​​​​​​​​​​​​​​​​m​​​​​​​​​​​​​​​​​​​​​​​​e & yo​​​​​​​​​​​​​​​​​​​​​​​​urs by r​​​​​​​​​​​​​​​​​​​​​​​​eplyi​​​​​​​​​​​​​​​​​​​​​​​​ng to​​​​​​​​​​​​​​​​​​​​​​​​ this mai​​​​​​​​​​​​​​​​​​​​​​​​l.

When I first saw this I knew exactly what site this was for because I could look up the password in my vault. The website I had an account on but haven’t used in years. Turns out the website was still live but the company or team behind it must have abandonded it. I tried to email the company and all emails got bounced back. So they were hacked and either through terrible password storage practices by the company or lack luster security controls the hackers were able to get the passwords.

SIDE NOTE – Because I use a different password for each website account I have the damage is limited to this site only. This is 100% why you NEVER use the same password on different websites.

The hackers collected the passwords which were connected to the email address of the account and sent out an automated message like the above. In fact, the email above is the 4th version of this extortion attempt from the same hack. The requested amounts were different and the Bitcoin wallets were different but the same attempt. Also there is no technical way they were able to collect the data they claimed through the methods that they stated. Also to get read reciepts on a text only email is to do it through the email client. There is no ‘magic pixel’ to see if you read the email or not unless you click and download all images. Even so, the tracking to uniquely put that in place out weighs the payout. Another junk statement that most will believe.

Unfortunately things like this work on people.  They freak out an pay up. In reality there’s nothing behind it except the hackers obtained the password list on the DarkWeb. I assume this email is not from the people that hacked the website but purchased the list somewhere as did others. The other thing is this must have been avaialble around Chirstmas time because the emails all came in around the same 3-4 day window.

I get spam just like you and I post about them to being awareness to the attempts of the bad people of the world trying to rip you off.

Remember:

  • Don’t use the same password on multiple sites.
  • Enable multi-factor authentication everywhere it’s offered.
  • Audit your accounts and delete the ones you never use and if you can’t delete the account, strip out identifying data.
  • Use a Password Vault.
  • 99.9% of the email you get claiming anything that demands money is bogus.
  • If you are unsure – Ask, Verify, Hesitate and don’t panic.

End of line.

Copyright © All rights reserved. | Newsphere by AF themes.