PDA

View Full Version : Another plausible-looking scam


Otto
27th October 2018, 06:01 PM
I've received a couple of e-mails lately apparently sent from my e-mail address that claim my e-mail account has been hacked, and include the actual password of that account. That is what makes it a bit scary .. Here's some of the text:Hello!

I'm a programmer who cracked your email account and device about half year ago.
You entered a password on one of the insecure site you visited, and I catched it.
Your password from <address@domain.com> on moment of crack: password

Of course you can will change your password, or already made it.
But it doesn't matter, my rat software update it every time.

Please don't try to contact me or find me, it is impossible, since I sent you an email from your email account.

It goes on to talk about ransomware and gives you 48 hours to deposit some bitcoins into the scammer's account. Having done some investigations it has proved to be yet another scam and it's nothing to worry about so if you receive one just delete it.


The reason for posting it here is that in my case the scammer got my details through a data breach at Adobe.com where I have an account. I dare say a number of members of this forum have one too, so to check whether your details have been compromised enter your e-mail address(es) at https://haveibeenpwned.com/. That will reveal if they have, and if so the origin of the leak. Just change your password and delete the scam message.


More information here: https://botcrawl.com/programmer-who-cracked-your-email-scam/

TimP
27th October 2018, 08:44 PM
I take it it’s the webcam / watching pron one that’s apparently doing the rounds at the moment.

mik
28th October 2018, 09:49 AM
Just Adobe back in 2013 for me.

Otto
28th October 2018, 09:57 AM
I take it itís the webcam / watching porn one thatís apparently doing the rounds at the moment.


I've had plenty of those too; this one made me think a bit harder because it quoted the actual address and password for my e-mail account. I did assume immediately that it was a scam of some sort but it was worth making certain as the only way the scammer could have got my password would be by hacking into the account or using compromised data. I do occasionally get a lot of "undeliverable mail" messages from my server due to spammers spoofing my e-mail address so it's obvious it has been compromised at some point.

MikeOxon
28th October 2018, 10:09 AM
A reminder to us all to change passwords regularly.

Adagio
28th October 2018, 07:25 PM
A reminder to us all to change passwords regularly.

I don't think changing your password will fix this issue. I have had about 100 spam messages which are all essentially the same claiming to have my email pass word and hacked my computer. Demands Bitcoin payment within 48 hours or will circulate an embarrassing video taken by my non-existent web-cam to all my contacts.

The password quoted bears no resemblance to that of my email. I believe my email address and this pword were harvested by a hack of the Disqus site.

Gate Keeper
28th October 2018, 08:32 PM
A reminder to us all to change passwords regularly.

2 months ago, I had to take my macbook pro into Apple in Nairobi for repairs and it had to be in their workshop for 24 hours. The technician handling the mac in the workshop had shifty looking eyes. After I picked it up, I got an email from my internet provider that someone had tried to access my emails. Then at around the same time, I received an email on my phone. I did not open it, but was able to read the first 5 lines, which thanked me for ordering 3 months of unlimited music from the iStore. On another device, I checked my account at Apple and it turned out to be a scam, a load of BS. I took no chances and changed all of my passwords. I had to change my passwords again last week, after Apple refused to allow me to log into the iCloud, a security alert.

TimP
28th October 2018, 08:50 PM
Sounds like a dodgy employee at Apple in Nigeria then? Did you report him to Apple US?

Gate Keeper
28th October 2018, 09:18 PM
Sounds like a dodgy employee at Apple in Nigeria then? Did you report him to Apple US?

Yep, I did all that. Could the same thing happen in the UK?

Otto
28th October 2018, 10:32 PM
I don't think changing your password will fix this issue. I have had about 100 spam messages which are all essentially the same claiming to have my email pass word and hacked my computer. Demands Bitcoin payment within 48 hours or will circulate an embarrassing video taken by my non-existent web-cam to all my contacts.

The password quoted bears no resemblance to that of my email. I believe my email address and this pword were harvested by a hack of the Disqus site.

My point is that the email quoted my GENUINE password. That suggests an actual hack or a data compromise. In fact my login details HAD been stolen; this was not a standard phishing attempt. That was verified by the web site I linked in the OP. Iím on my phone at the moment so cannot easily repeat the link here.

TimP
29th October 2018, 07:13 AM
Sounds like a dodgy employee at Apple in Nigeria then? Did you report him to Apple US?

Why on earth did I put Nigeria, itís not like you can easily misspell Kenya!

Apologies for imagining you somewhere where you werenít

Jim Ford
29th October 2018, 08:03 AM
Why on earth did I put Nigeria, itís not like you can easily misspell Kenya!

You were thinking of the Nigerian '419' scam. They seem to have dried up, I've not seen one for a couple of year or more.

Jim

TimP
29th October 2018, 08:28 AM
Probably Jim!
No, I’ve not seen one for a while. I used to enjoy reading them, quite inventive some of them but with a really quirky style. There is , or used to be a wonderful site where people string these people along for ages an often get them doing all kind of things in the process.
Then of course there are the people that fall for it.

Otto
29th October 2018, 05:21 PM
Today I've had two e-mails telling me my new account has been set up and would I click here to authenticate. Yeah right! One of them actually looks like a genuine site but I have no interest in it. Obviously I need to change not only all my passwords associated with that address, and probably change the login for each site too. There aren't many fortunately as it's an address I used for business. PITA :(.

Jax
30th October 2018, 10:49 AM
Today I've had two e-mails telling me my new account has been set up and would I click here to authenticate. Yeah right! One of them actually looks like a genuine site but I have no interest in it. Obviously I need to change not only all my passwords associated with that address, and probably change the login for each site too. There aren't many fortunately as it's an address I used for business. PITA :(.

It's maybe not a good idea to post your email address on an open forum, assuming the address in your first post is a genuine one. I'm not suggesting any members of the forum would mis-use it but it's visible to thousands of others who visit here.

Jax

Otto
30th October 2018, 11:27 AM
Good point Jax and I hadn't spotted I'd done that. Duh! Now edited - thanks :).

Grumpy Hec
31st October 2018, 02:09 PM
How to deal with scam emails.

Hope you find this as funny as I do.


https://youtu.be/C4Uc-cztsJo


Hec

chris
6th November 2018, 07:30 PM
I had the same one last week, but my password that it quoted, while genuine, hadn't been used for at least 5 years. I did a bit of checking and read that many details were harvested from a data breach some years ago and the scammers are using those.