A reader of this blog forwarded me yet another extortion phishing scam. Here’s what the reader got:
I am sorry to inform you but your device was hacked.
That’s what happened. I have used a Zero Click vulnerability with a special code to hack your device through a website.
A complicated software that requires precise skills that I posess.
This exploit works in a chain with a specially crafted unique code and such type of an attack goes undetected.
You only had to visit a website to be infected, and unfortunately for you it’s that simple for me.
You were not targeted, but just became one of the many unlucky people who got hacked through that webpage.
All of this happened in August. So I’ve had enough time to collect the information.
I think you already know what is going to happen next.
For a couple of month my software was quietly collecting information about your habits, websites you visit, websearches, texts you send.
There is more to it, but I have listed just a few reasons for you to understand how serious this is.
To be clear, my software controlled your camera and microphone as well.
It was just about right timing to get you privacy violated. I have made a few pornhub worthy videos with you as a lead actor.
I’ve been waiting enough and have decided that it’s time to put an end to this.
Here is my offer. Let’s name this a “consulting fee” I need to get, so I can delete the media content I have been collecting.
Your privacy stays untouched, if I get the payment.
Otherwise, I will leak the most damaging content to your contacts and post it to a public website for perverts to view.
You and I understand how damaging this will be to you, it’s not that much money to keep your privacy.
I don’t care about you personally, that’s why you can be sure that all files I have and software on your device will be deleted immediately after I receive the transfer.
I only care about getting paid.
My modest consulting fee is 1700 US Dollars to be transferred in Bitcoin. Exchange rate at the time of the transfer.
You need to send that amount to this wallet: [BITCOIN ADDRESS REDACTED]
The fee is non negotiable, to be transferred within 2 business days.
Obviously do not try to ask for help from the law enforcement unless you want your privacy to be violated.
I will monitor your every move until I get paid. If you keep your end of the agreement, you wont hear from me ever again.
Take care and have a good day.
So let’s ignore the questionable English in this email and start with you cannot see. The email address was spoofed so that it seems like it was sent from your account, but it really wasn’t. That’s meant to get your attention. Second, it claims that you were hit with via “zero click vulnerability”. I call BS on that. Basically, they’re trying to take advantage of people’s lack of knowledge of computers by saying that they used some super scary exploit to hack you. To be clear, there are such things as “zero click” vulnerabilities, but they are so valuable that a guy like this wouldn’t have access to them. Or anyone with that level of skill would be working for a nation state trying to do some form of espionage and not trying to extort people.
So as usual, the scumbag claims to have recorded you “pleasuring yourself” so to speak. And they even mention PornHub. That’s pretty ballsy. I’ll dole out my usual advice. If you are worried about some piece of software using your camera to record you without your knowledge, put some tape over your camera.
And judging from the fact that when I checked his Bitcoin wallet, there were no deposits in it, it either means that nobody has fallen for this scam. Or nobody has fallen for it yet. Seeing as you’re reading this, you won’t be falling for this scam.
Finally, the scumbag says to not to go to law enforcement for help. Whatever.
Really, the quality of these extortion phishing email scams is really low. I’ve shown off a few of them in the last couple of weeks and I remain unimpressed. Absolutely nobody should be falling for these because they are so badly done. And I do mean nobody.
Like this:
Like Loading...
Related
This entry was posted on September 15, 2022 at 8:57 am and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
My Day Would Not Be Complete Without Reporting On An Extortion Phishing #Scam
A reader of this blog forwarded me yet another extortion phishing scam. Here’s what the reader got:
I am sorry to inform you but your device was hacked.
That’s what happened. I have used a Zero Click vulnerability with a special code to hack your device through a website.
A complicated software that requires precise skills that I posess.
This exploit works in a chain with a specially crafted unique code and such type of an attack goes undetected.
You only had to visit a website to be infected, and unfortunately for you it’s that simple for me.
You were not targeted, but just became one of the many unlucky people who got hacked through that webpage.
All of this happened in August. So I’ve had enough time to collect the information.
I think you already know what is going to happen next.
For a couple of month my software was quietly collecting information about your habits, websites you visit, websearches, texts you send.
There is more to it, but I have listed just a few reasons for you to understand how serious this is.
To be clear, my software controlled your camera and microphone as well.
It was just about right timing to get you privacy violated. I have made a few pornhub worthy videos with you as a lead actor.
I’ve been waiting enough and have decided that it’s time to put an end to this.
Here is my offer. Let’s name this a “consulting fee” I need to get, so I can delete the media content I have been collecting.
Your privacy stays untouched, if I get the payment.
Otherwise, I will leak the most damaging content to your contacts and post it to a public website for perverts to view.
You and I understand how damaging this will be to you, it’s not that much money to keep your privacy.
I don’t care about you personally, that’s why you can be sure that all files I have and software on your device will be deleted immediately after I receive the transfer.
I only care about getting paid.
My modest consulting fee is 1700 US Dollars to be transferred in Bitcoin. Exchange rate at the time of the transfer.
You need to send that amount to this wallet: [BITCOIN ADDRESS REDACTED]
The fee is non negotiable, to be transferred within 2 business days.
Obviously do not try to ask for help from the law enforcement unless you want your privacy to be violated.
I will monitor your every move until I get paid. If you keep your end of the agreement, you wont hear from me ever again.
Take care and have a good day.
So let’s ignore the questionable English in this email and start with you cannot see. The email address was spoofed so that it seems like it was sent from your account, but it really wasn’t. That’s meant to get your attention. Second, it claims that you were hit with via “zero click vulnerability”. I call BS on that. Basically, they’re trying to take advantage of people’s lack of knowledge of computers by saying that they used some super scary exploit to hack you. To be clear, there are such things as “zero click” vulnerabilities, but they are so valuable that a guy like this wouldn’t have access to them. Or anyone with that level of skill would be working for a nation state trying to do some form of espionage and not trying to extort people.
So as usual, the scumbag claims to have recorded you “pleasuring yourself” so to speak. And they even mention PornHub. That’s pretty ballsy. I’ll dole out my usual advice. If you are worried about some piece of software using your camera to record you without your knowledge, put some tape over your camera.
And judging from the fact that when I checked his Bitcoin wallet, there were no deposits in it, it either means that nobody has fallen for this scam. Or nobody has fallen for it yet. Seeing as you’re reading this, you won’t be falling for this scam.
Finally, the scumbag says to not to go to law enforcement for help. Whatever.
Really, the quality of these extortion phishing email scams is really low. I’ve shown off a few of them in the last couple of weeks and I remain unimpressed. Absolutely nobody should be falling for these because they are so badly done. And I do mean nobody.
Share this:
Like this:
Related
This entry was posted on September 15, 2022 at 8:57 am and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.