General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsBrace Yourselves For This Shocking Porn Revelation - I'm Not Paying My Blackmailer
If you haven't gotten this spam email yet, then you might want to see this one, since it is amusing.
The subject line will sometimes contain an actual password you've used on a low security site possibly years ago. This one started with a weak password I used on a throwaway account for some message board site ages ago.
Anywho, the hook is that someone has infected your computer while you've been masturbating to porn on the internet, and they've recorded split screen video of what you were watching and what you were doing. They also have obtained all of your contacts, and will send the video to all of them if you don't send $1500 in bitcoin to a bitcoin wallet address which they provide.
Usually, these kinds of emails are just one-offs, but I like the style of this person, who sends a followup email:
Now, I'm not too sure what a 2008 Smart Car Cabriolet is going to look like with my dick and my face on it, but he says he is going to be uploading the video to "the online forum".
I just don't care anymore, so you better get the popcorn ready.
I can imagine there are, unfortunately, people who are susceptible to this kind of thing.
One thing that is often educational, is to use the search in quotes function in Google, in order to see whether an email you have received might just be something that is relatively well known.
For example, if you put "stop shopping and fucking around" in quotes into a Google search, the results are illuminating:
https://www.google.com/search?q=%22stop+shopping+and+fucking+around%22
I like this result, personally:
https://support.google.com/mail/thread/13007705?hl=en
Got blackmail 2x (2nd warning from previous email) is it true? 1 Reply
Hi,
Would like to us whether this blackmail is true or not? I've got 2x blackmail (2nd was warning from first email).
Kindly really need community help..
I like the question... "Is it true?"
And this is why I'm not a good customer support kind of person, since my first question would be, "Well, golly, I don't know if it's true. Let's start with 'How much internet porn have you been masturbating to?'"
Another good practice, if you do not do so, is to put a piece of tape over your laptop camera if you don't use it for anything.
If you do use your laptop camera for things like teleconferencing, then you can always fold a post-it over the camera, or you can get fancy with a stick-on camera privacy cover:
The Velveteen Ocelot
(115,693 posts)ck4829
(35,076 posts)Renew Deal
(81,859 posts)This is basically what this is about: https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/
jberryhill
(62,444 posts)
KrebsOnSecurity heard from three different readers who received a similar email in the past 72 hours. In every case, the recipients said the password referenced in the emails opening sentence was in fact a password they had previously used at an account online that was tied to their email address.
However, all three recipients said the password was close to ten years old, and that none of the passwords cited in the sextortion email they received had been used anytime on their current computers.
Even though it is an ancient and now-unused password - I think I may have used it on DU circa 2006 - it really does catch your attention in the subject line, and there is a brief moment of "uh-oh" when you see it in a subject line.
It's a cute one.
cwydro
(51,308 posts)Id never recognize one from 10 years ago.
lapucelle
(18,258 posts)jberryhill
(62,444 posts)Dennis Donovan
(18,770 posts)Did you just come out of a pool?
jberryhill
(62,444 posts)mr_lebowski
(33,643 posts)jberryhill
(62,444 posts)onenote
(42,703 posts)It's been reported to the FBI IC3 (Internet Crime Complaint Center). The thought it is that these clowns may not do a very good job of covering their tracks if they're flooding the net with these extortion threats.
Codeine
(25,586 posts)Besides, the video I was watching was of the blackmailers mom, so he cant say shit.
ismnotwasm
(41,980 posts)Aaaad, Right now, I have a clay face mask on.
BUT, if I did indulge in pornography I would probably want to be safer than sorrier.
jberryhill
(62,444 posts)Who knew?
ismnotwasm
(41,980 posts)Very discreet stuff from what I understand
jberryhill
(62,444 posts)One of those fun search games is to come up with something that fills in ______ porn as a search, and bet on whether there is actually any porn responsive to that term.
ismnotwasm
(41,980 posts)Of COURSE I had the google that. Not exactly what I was expecting...
jberryhill
(62,444 posts)ismnotwasm
(41,980 posts)Withywindle
(9,988 posts)didn't do anything sexy in it (it's not sexy) but I was dicking around online and I guess a cam capture could accuse me of "blackface."
guillaumeb
(42,641 posts)"Whenever I search, I always get ads for porn. Does this happen to you too?"
I said no, it does not. But I suggested that he might want to stop looking at porn and the ads might disappear. Or, he could open a private search window, or clean out his browser cache.
mr_lebowski
(33,643 posts)We're a web development shop so we very often want an easy way to test pages where nothing is being cached.
I'd bet that it's used like 1000X more by web devs than people watching porn, for reals.
And I'm being dead serious.
However, it's a good idea to use it when watching porn as well, if for no other reason than because of the one you describe.
ret5hd
(20,491 posts)friends and family.
In fear of losing their lunch and/or eyesight, they hastily scraped together the $2000 that was asked for and BEGGED/DEMANDED that I pay it immediately.
I took the money, said I would take care of it immediately, and went out for a very nice lunch, filled the car with gas, and settled in for some Netflix.
I wonder if this will work next week?
mr_lebowski
(33,643 posts)Skittles
(153,160 posts)YER KILLING ME
Big Chief
(28 posts)My mom was really freaked out by it. Didnt really want to put too much thought into why.
TheBlackAdder
(28,201 posts)Last edited Fri Jan 3, 2020, 07:23 PM - Edit history (2)
See where that host lookup points to. Send the registrar an email if it is sourced from AWS, Virgin, or other offshore. Most have legal complaint departments. Then, DO NOT click on the link to see the host of the destination server, do a mouse over to see the URL at the bottom of the browser window. Perform a WhoIs on that to find the contact info of the Registrar and if they have ICANN information posted. If not, at the bottom of the WhoIs is the ICANN reporting site, rat them out for not having contact info. Then, if they have a legit address, find out if it's from a mailbox store, contact their legal department and they will pull that guys account.
Hit that MFer from all sides. The sending side, the receiving side, the ICANN side and the postal address side.
Update: DO NOT click on the link, just do a mouse over and see the URL at the bottom of the browser window.
====
So, as a recap:
1) Your email viewer should give an option to view the email data. In there, down past the first big paragraph will be the Sender IP. Copy that.
2) Open a DOS window and type nslookup and the IP address, ex. nslookup 123.456.789.123
3) See the domain name of the nslookup, most will provide one. Other IP addresses won't give one.
4) Contact that provider's complaint department, and report the threat.
5) Hover over the hyperlink to see the URL where this link will take you. Note that domain.
6) Go to: https://www.whois.com/ and enter the hostname in the upper right search box.
7) You will get the registrar of that domain and any contact info. If no contact info, use this link and report them:
https://forms.icann.org/en/resources/compliance/complaints/whois/inaccuracy-form
8) Do the same reporting of this domain as to the threat to that domain's registrar.
9) If there is contact information, Google the address and find out what is points to and then track down that firm and report them to the facility owner.
jberryhill
(62,444 posts)radius777
(3,635 posts)Heres a clever new twist on an old email scam that could serve to make the con far more believable. The message purports to have been sent from a hacker whos compromised your computer and used your webcam to record a video of you while you were watching porn. The missive threatens to release the video to all your contacts unless you pay a Bitcoin ransom. The new twist? The email now references a real password previously tied to the recipients email address.
People who don't know better (and have alot to lose) could get scammed. In most cases the hackers have nothing, they are just pretending to have dirt on the victim.
Smartest thing is to disable the webcam (sometimes there is a bios option) or place tape over it when not in use. And of course keep your device protected with a good antimalware program.
Also be aware that ANY site you sign up for (whether free or paid) using your 'real' name/address/email etc could be breached, and you could be exposed as a subscriber to that site.
If you don't want that info being potentially tied to yourself, use a made up name/handle and secondary email. Or only browse sites that don't require sign up of any kind.
0rganism
(23,954 posts)somehow along the way we reached a point where our instinctive desires became socially unacceptable and now we can be blackmailed by strangers claiming to have images of us being the animals we are.
jberryhill
(62,444 posts)The Velveteen Ocelot
(115,693 posts)jberryhill
(62,444 posts)The Velveteen Ocelot
(115,693 posts)They'd happily lick their balls on national television.
jberryhill
(62,444 posts)If I could, its all Id do!
The Velveteen Ocelot
(115,693 posts)A little yoga to limber up your spine could make it possible.
jberryhill
(62,444 posts)Seriously. Not even in elementary school.
I have always been the least flexible person I know.
The Velveteen Ocelot
(115,693 posts)One of them will just saunter into the room, sit down, wrap a hind leg around his own head and get busy. It's just as well that you can't do that since your guests might be a bit put off.
cwydro
(51,308 posts)VOX
(22,976 posts)Its been a remarkably shitty day, but your back-and-forth on cats abilities has me bellowing with laughter.
Thank you both for sharing this hilarious exchange! Much appreciated. Its another reason why DU is invaluable.
msongs
(67,406 posts)Hekate
(90,688 posts)...just as a heads-up. They're a small local provider, so I know someone actually sees my emails. Have not been able to do so again as it now goes straight to the spam filter.
Like you, I wonder how much extortion money these blackmailers are actually making. I also noticed that while their command of English is good, their keyboard seems to be for a foreign language.
jberryhill
(62,444 posts)First, they send the video of me masturbating to all of my contacts and post it on forums.
THEN, they record all of the people masturbating to the video of me masturbating!
So, boom, right there, within just a couple generations of the scam, they'll have billions!
mr_lebowski
(33,643 posts)And THEY tell two friends, and so on, and so on ...
relayerbob
(6,544 posts)brettdale
(12,381 posts)This is what that reminds me of.
Horrific episode.
Dr. Strange
(25,921 posts)It told me to send $500 worth of bitcoin. And failure to do so would result in them sending me the video they had of jberryhill masturbating.
So, anyway, I'm now out $500.
mr_lebowski
(33,643 posts)Heck, ya might've rolled a Bonus Status Effect on that sucker ...
trueblue2007
(17,218 posts)MLAA
(17,289 posts)jberryhill
(62,444 posts)Jake Stern
(3,145 posts)Emailed back that I was unemployed and didn't have any money so they were just going to have to send the video.
Haven't received another such email since.
Kaleva
(36,301 posts)marble falls
(57,083 posts)relayerbob
(6,544 posts)The best part is I don't use a computer with a camera, except for my cell phone. Good luck with finding videos, phisherman. LOL
RandySF
(58,835 posts)nini
(16,672 posts)The use of an old password creeped me out at first but then I realized the only time I used that password it wasn't for anything too important and was a one time need I had. I forwarded it to the IT security group and they took over.
Not to mention if I was going to watch porn it certainly wouldn't be on a work computer, though I'm sure some idiots do.
Vinca
(50,271 posts)H2O Man
(73,537 posts)H2O Man
(73,537 posts)Thanks for making me laugh! Oh, I needed that!
Demonaut
(8,916 posts)no worries tho, I grew a thin mustache so I look like a porn star
keithbvadu2
(36,806 posts)Quite a long intro considering you must have typed it one handed.
Hopefully the blackmailers appreciate the effort.
MissMillie
(38,558 posts)phleshdef
(11,936 posts)I wouldn't actually do it, but it would be pretty fucking funny.