For the last few years I’ve been telling you about extortion phishing scam emails. If you’re not familiar with them, here’s how this scam works. You get an email from someone who claims to be some sort of elite hacker who has taken control of your PC and they’ve got some sort of incriminating video of you. And to keep the video from getting out to the public, you have to pay them. Pretty simple and straightforward. In this case, the scam takes a bit of a different twist. Let me start with the scam email that I got:
***The driver installation was successful***
The system has been added to the tracking list.
Your device has been successfully attacked by our bot-virus, which, once on the device, spreads to all layers of the device.
These are drivers, cameras, microphone, operating system services.
Your entire device is under our control. We can delete any data on it, write anything on it.
We copied all the data from your device to our server clusters recording dialogs, video from the web camera, from the main camera of the device, as well as everything that happened on the screen.
There is some very interesting nude video.
All your movements with the phone were recorded by GPS data during the entire time.
You have 48 hours to transfer 1100$ US dollars to our Bitcoin wallet [BITCOIN Wallet Address Redacted]
If no money is received after that time, all the data will be on the Internet.
Your social networking friends and phone contacts will especially like it.
As soon as the funds are credited to our account, your data will be deleted from our servers and the virus will be automatically deleted from your device and won’t bother you anymore.
Don’t forget that your device is completely under our control and don’t try anything foolish things.
If any action is suspected of finding a virus, contacting law enforcement, all your friends will be familiar with the fine selection of materials involving you.
***The timer was automatically run after you’ve opened this email.
So let’s unpack this email.
- In this case, the email was sent directly to my email address from what I presume is a “burner” email account. That’s interesting because usually, these scam emails are clearly sent to a mailing list of people. By clearly I mean that it the scam emails that I usually see are not addressed to your email address. I am guessing that this is meant to get your attention.
- This email also says that the so called hacker installed the “bot virus” on your computer. I am assuming that this is a deliberate attempt to circumvent spam filters which would be looking for words like “trojan virus” which is what I often see in scam emails. Or it could be that the threat actor isn’t that bright and is using terminology that they don’t understand.
- Any threat actor who can take complete control of your system (as in drivers, cameras, microphone, operating system services) via a virus wouldn’t be doing this sort of thing. They would instead be working for a nation state doing espionage or something similar.
- The threat actor claims to have gotten access to my phone and is monitoring my movements. Again, ignoring the fact that he started out saying he had control of your computer, someone this skilled would be working for a nation state doing espionage or something similar as opposed to trying to get $1100 from you.
- The threat actor wants you to pay him via Bitcoin. Fact: There’s no way for the scammer to know that you’ve paid him which means that there’s no way for him to delete the data that he allegedly has on you.
- The English used in this email is not that good.
- It tries to play on your fears of being outed for having a nude video on your computer and goes as far as not to tell your friends or law enforcement.
The bottom line is that this guy has created a scam that isn’t all that good and is likely to convince few people to hand over their cash. And having a look at the Bitcoin wallet in the email, nobody has fallen for it yet. But since the number of people who could fall for this is not zero, I’m putting this out there so that the number gets as close to zero as possible.
Like this:
Like Loading...
Related
This entry was posted on June 9, 2023 at 1:18 pm and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
A Somewhat Different Sort Of Extortion #Phishing #Scam Email Has Hit My Inbox Today
For the last few years I’ve been telling you about extortion phishing scam emails. If you’re not familiar with them, here’s how this scam works. You get an email from someone who claims to be some sort of elite hacker who has taken control of your PC and they’ve got some sort of incriminating video of you. And to keep the video from getting out to the public, you have to pay them. Pretty simple and straightforward. In this case, the scam takes a bit of a different twist. Let me start with the scam email that I got:
***The driver installation was successful***
The system has been added to the tracking list.
Your device has been successfully attacked by our bot-virus, which, once on the device, spreads to all layers of the device.
These are drivers, cameras, microphone, operating system services.
Your entire device is under our control. We can delete any data on it, write anything on it.
We copied all the data from your device to our server clusters recording dialogs, video from the web camera, from the main camera of the device, as well as everything that happened on the screen.
There is some very interesting nude video.
All your movements with the phone were recorded by GPS data during the entire time.
You have 48 hours to transfer 1100$ US dollars to our Bitcoin wallet [BITCOIN Wallet Address Redacted]
If no money is received after that time, all the data will be on the Internet.
Your social networking friends and phone contacts will especially like it.
As soon as the funds are credited to our account, your data will be deleted from our servers and the virus will be automatically deleted from your device and won’t bother you anymore.
Don’t forget that your device is completely under our control and don’t try anything foolish things.
If any action is suspected of finding a virus, contacting law enforcement, all your friends will be familiar with the fine selection of materials involving you.
***The timer was automatically run after you’ve opened this email.
So let’s unpack this email.
The bottom line is that this guy has created a scam that isn’t all that good and is likely to convince few people to hand over their cash. And having a look at the Bitcoin wallet in the email, nobody has fallen for it yet. But since the number of people who could fall for this is not zero, I’m putting this out there so that the number gets as close to zero as possible.
Share this:
Like this:
Related
This entry was posted on June 9, 2023 at 1:18 pm and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.