Here’s a clever new twist on an old email scam that could serve to make the con far more believable. The message purports to have been sent from a hacker who’s compromised your computer and used your webcam to record a video of you while you were watching porn. The missive threatens to release the video to all your contacts unless you pay a Bitcoin ransom. The new twist? The email now references a real password previously tied to the recipient’s email address.
The basic elements of this sextortion scam email have been around for some time, and usually the only thing that changes with this particular message is the Bitcoin address that frightened targets can use to pay the amount demanded. But this one begins with an unusual opening salvo:
“I’m aware that <substitute password formerly used by recipient here> is your password,” reads the salutation.
The rest is formulaic:
You don’t know me and you’re thinking why you received this e mail, right?
Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.
What exactly did I do?
I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).
What should you do?
Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).
BTC Address: 1Dvd7Wb72JBTbAcfTrxSJCZZuf4tsT
8V72
(It is cAsE sensitive, so copy and paste it)Important:
You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.
KrebsOnSecurity heard from three different readers who received a similar email in the past 72 hours. In every case, the recipients said the password referenced in the email’s opening sentence was in fact a password they had previously used at an account online that was tied to their email address.
However, all three recipients said the password was close to ten years old, and that none of the passwords cited in the sextortion email they received had been used anytime on their current computers.
It is likely that this improved sextortion attempt is at least semi-automated: My guess is that the perpetrator has created some kind of script that draws directly from the usernames and passwords from a given data breach at a popular Web site that happened more than a decade ago, and that every victim who had their password compromised as part of that breach is getting this same email at the address used to sign up at that hacked Web site.
I suspect that as this scam gets refined even more, perpetrators will begin using more recent and relevant passwords — and perhaps other personal data that can be found online — to convince people that the hacking threat is real. That’s because there are a number of shady password lookup services online that index billions of usernames (i.e. email addresses) and passwords stolen in some of the biggest data breaches to date.
Alternatively, an industrious scammer could simply execute this scheme using a customer database from a freshly hacked Web site, emailing all users of that hacked site with a similar message and a current, working password. Tech support scammers also may begin latching onto this method as well.
Sextortion — even semi-automated scams like this one with no actual physical leverage to backstop the extortion demand — is a serious crime that can lead to devastating consequences for victims. Sextortion occurs when someone threatens to distribute your private and sensitive material if you don’t provide them with images of a sexual nature, sexual favors, or money.
According to the FBI, here are some things you can do to avoid becoming a victim:
-Never send compromising images of yourself to anyone, no matter who they are — or who they say they are.
-Don’t open attachments from people you don’t know, and in general be wary of opening attachments even from those you do know.
-Turn off [and/or cover] any web cameras when you are not using them.
The FBI says in many sextortion cases, the perpetrator is an adult pretending to be a teenager, and you are just one of the many victims being targeted by the same person. If you believe you’re a victim of sextortion, or know someone else who is, the FBI wants to hear from you: Contact your local FBI office (or toll-free at 1-800-CALL-FBI).
I received this email threat on July 12th from the sender below with a demand for $2,900.00. I forwarded the message to the fraud unit at Juno.com my mail server. Having read this article, I will try and send it to the FBI.
Stanislaus Voigt
” I will find you and I will kill you.”
I recieved the same email. They wanted $7,000 or would release a vid of me watching porn. It had an attached of me with a spilt screen. The vid wasn’t very good-not worth anywhere near $7,000. I offer them $5-I’m a bit over weight.
Are you serious? I sure hope not. People use this website to determine whether or not things are valid. Please confirm if you’re serious or joking.
Cyber Criminal only wanted $1000 from my workplace, I guess my video was worth a little more to “Olive Iwamura”. Neither of us have webcams.
How long before they get info from a more recent breach?
Just another reminder to change your passwords often!!
Amount to be paid: $2900
Bitcoin Address to Send to: 14vV5r269zMEEHZm3mBzy7tQ5cM7BTgbBk
I also got one of those emails, but it was so badly written I am convinced it was created, at least in my case, by a foreign person. There was terrible syntax, word usage, and grammar. I was asked for $3200 in bitcoin. The address is 1G4sFn5KFc27Czdh8ZgHahC2nzPZ9Rq7bR
Someone here asked if there is anything that can be done to stop or prevent this type of crime. The answer is no, it is too easy, and too profitable, because most people are self-indulgent, careless, and stupid and leave themselves vulnerable. I am easily able to ignore such extortion, as I am a straight-laced old lady who has never watched porn, don’t have a webcam, and if that was my password, it was so old I don’t even remember using it. All you people who aren’t so careful — get careful from now on. And teach your kids to be smarter online, too.
I am a grandma who doesn’t watch porn and got the same threat. I received a message saying I was pwned. Wonder if it could be that breach.Breach: Pemiblanc
Date of breach: 2 Apr 2018
Number of accounts: 110,964,206
Compromised data: Email addresses, Passwords
Description: In April 2018, a credential stuffing list containing 111 million email addresses and passwords known as Pemiblanc was discovered on a French server. The list contained email addresses and passwords collated from different data breaches and used to mount account takeover attacks against other services. Read more about the incident.
A colleague and I each received one of these last week. The sender only wanted $1,900 from me and $2,300 from my colleague. He’s still waiting for his money. Ha!
Yeah, I got one too for $1900 bitcoin (so I guess I’m not worth $7000) and I actually would like to see the porn video I supposedly am in especially since I had a post it note covering the webcam for about 5 years and tried to get it to work recently but couldn’t.
They wanted $7000 from me. I haven’t used the password they gave for several years but it still scared the crap out of me. I’m tightening up my computer security regardless.
Got a few of these in the last couple of days, quotes a password I don’t really use anymore. I was on LinkedIn with the email and password combo they referenced, maybe?
Yes mine was an old Linked account too, I think they made me change it a few years ago after a breach.
Just got one of these today. They had a very old password that I never use so I knew something was up. Here’s the bitcoin acct info they gave me for payment:
https://blog.barkly.com/new-sextortion-scam-real-passwords-fake-threat
Their email address which was used (fake, of course, but here it is) : Nathanial Pascal
Just got one a couple hours ago asking for $7000. Glad I found this site with multiple others posting the same bogus email. I can’t remember the last time I used the password it gave me, at least 5 years ago. I also ran a check on my gmail and it showed no pixel trackers. I see there are lots of posts here from the last few days so I’m assuming none of you have gotten your secret sextape leaked yet!
xfdeshawnlsk@hotmail.com
1K3hnr1J4zFrJRJ4TZDauP7XDJxw68BXU3
I know, XXXXX is your password now I won’t beat around the bush. You don’t know anything about me but I know you very well and you must be wondering why you are getting this mail, right?
I placed malware on adult videos (porn material) & there’s more, you visited this sex web site to experience fun (you know what I mean). And while you were busy watching those videos, your browser started out operating as a RDP (Remote Control Desktop) with a keylogger which gave me access to your display as well as your camera recordings. After that, my software program gathered every one of your contacts from messenger, fb, as well as e-mail.
What have I done?
It is simply your hard luck that I discovered your bad deeds. I then put in more time than I probably should’ve investigating into your life and prepared a split screen sextape. 1st half shows the video you were viewing and next part displays the view of your web cam (it is you doing naughty things). As a family man, I’m ready to destroy everything about you and let you get on with your life. And I will present you a way out that can accomplish your freedom. Those two options are to either disregard this letter (not recommended), or pay me $7000 to end this chapter forever.
Exactly what should you do?
Let us explore these 2 options in depth. Option One is to ignore this email. Let me tell you what is going to happen if you select this option. I definitely will send your sextape to all your contacts including relatives, colleagues, and so on. It does not protect you from the humiliation your self will face when friends discover your sordid sextape. Wise option is to make the payment of $7000. We’ll call this my “keep the secret charges”. Lets see what will happen if you go with this option. Your naughty secret remains your secret. I will keep my mouth shut. After you make the payment, You can freely go on with your lifetime and family as if none of this ever occurred. You will make the transfer through Bitcoin (if you do not know how all you need to do is type “how to buy bitcoins” in google)
BTC ADDRESS IS: 1K3hnr1J4zFrJRJ4TZDauP7XDJxw68BXU3
(It is CASE SENSITIVE, copy and paste it)
Note: You have one day to make the payment. (I have a specific pixel within this e-mail, and now I know that you have read through this e mail). DO NOT TELL anybody what you will be transferring the Bitcoins for or they might not provide it to you. The task to obtain bitcoins usually takes a day or two so do not procrastinate. If I don’t receive the BitCoin, I definitely will send out your sextape to all of your contacts including family members, colleagues, and so on. nonetheless, if I do get paid, I will destroy the sextape immediately. If you really want proof, reply with “yes!” and I will certainly send out your video recording to your 15 contacts. It is a non negotiable offer, so please don’t waste my time and yours by replying to this e mail.
Joshua Hornig
rqdaltonda@hotmail.com
I know that, xxxxx is one of your Password now I’m going to cut to the chase. You do not know me but I know you and you must be wondering why you’re getting this mail, right?
I actually setup malware on adult video clips (adult porn) and there’s more, you accessed this sex website to have pleasure (you get my drift). When you were watching video clips, your system initiated operating as a RDP (Remote Desktop) having a backdoor which allowed me access to your device and also your web camera controls. Immediately after that, the software program gathered your entire contacts from your messenger, fb, and e-mail.
Exactly what I want?
It’s simply your misfortune that I got to know about your misdemeanor. Next, I gave in more days than I should’ve investigating into your data and prepared a double screen sextape. First part displays the video you had been watching and next half shows the view from your webcam (its you doing dirty things). Wholeheartedly, I am ready to forget details about you and let you get on with your life. And I am going to give you two options that will make it happen. These two alternatives are either to disregard this email (bad for you), or pay me $7000 to finish this chapter forever.
What should you do?
Let us explore those two options in more depth. Alternative one is to turn a blind eye to this email. You should know what will happen if you opt this path. I will definitely send out your video to your entire contacts including friends and family, coworkers, and so forth. It won’t help you avoid the humiliation your family will have to face when friends and family find out your dirty sextape. Other Option is to send me $7000. We will call it my “privacy fee”. Now Lets discuss what will happen when you select this path. Your little secret remains your secret. I will destroy the recording. After you pay, You can freely go on with your routine life and family that nothing like this ever happened. You will make the transfer via Bitcoins (if you do not know this just type “how to buy bitcoins” in google search)
BTC ADDRESS: 1Ef5uN5DbEF2p7y6FPNfDbsE8PTjaT4pr9
(It is cASe sensitive, copy and paste it)
Important: You have one day in order to make the payment. (I have a unique pixel within this mail, and right now I know that you’ve read this message). DO NOT TELL anybody what you would be using the bitcoin for or they might not offer it to you. The process to acquire bitcoin may take a couple of days so do not delay. If I don’t get the BitCoin, I will send out your video recording to all of your contacts including family members, co-workers, and many others. nevertheless, if I do get paid, I will destroy the video immediately. If you want proof, reply with “yes!” and I will certainly send out your sextape to your 10 friends. It is a non-negotiable offer, thus kindly do not ruin my time and yours by replying to this e mail.
Sent by
Guadalupe Dargan
jxronnieqf@hotmail.com
What should I do?
On 25 Jul 2018, at 2:22 PM, Guadalupe Dargan wrote:
I know that, xxxxxx is one of your Password and now I won’t beat around the bush. You don’t know me however I know you and you’re most likely thinking why are you receiving this e-mail, correct?
I placed malware on sex vids (sexually graphic) and guess what, you accessed this adult web site to have pleasure (you know what I mean). And when you got busy watching those videos, your internet browser started operating as a RDP (Remote Desktop) with a key logger which provided me with accessibility to your display and your webcam recordings. After that, my malware collected your complete contacts from your messenger, social networks, as well as mailbox.
What did I do?
It’s simply your bad luck that I found your blunder. After that I gave in more days than I probably should’ve digging into your life and generated a double display sextape. First half displays the recording you were watching and other part shows the video from your cam (it is you doing naughty things). Actually, I want to destroy all about you and allow you to continue with your regular life. And my goal is to offer you two options that may make it happen. The two choices are either to ignore this letter (not recommended), or pay me $3200 to end this chapter forever.
Exactly what should you do?
Let’s explore those 2 options in more depth. Alternative one is to ignore this e-mail. You should know what will happen if you choose this option. I will definately send your video recording to your entire contacts including friends and family, coworkers, and so on. It will not protect you from the humiliation your household will ought to feel when family and friends find out your unpleasant sextape. Wise choise is to make the payment of $3200. We will name it my “keep the secret charges”. Lets discuss what will happen if you choose this path. Your little secret remains your secret. I will delete the sextape. Once you send the payment, You go on with your lifetime and family like nothing like this ever occurred. You will make the payment via Bitcoins (if you do not know how just search “how to purchase bitcoins” on search engine)
My BTC Address: 14EPn8iEzVDvpSy2sVmadkr8byThpr5j46
(It’s cASe sensitive, copy and paste it)
Important: You now have one day to make the payment. (I’ve a special pixel in this email message, and at this moment I know that you’ve read through this e-mail). DO NOT TELL anybody what you would be utilizing the Bitcoins for or they may not give it to you. The process to get bitcoins will take a couple of days so do not procrastinate. If I do not receive the Bitcoin, I will certainly send out your videotape to all of your contacts including relatives, colleagues, and so forth. nonetheless, if I do get paid, I’ll erase the video immediately. If you need evidence, reply with “yes!” and I will certainly send out your videotape to your 11 friends. It’s a non negotiable offer, thus please do not waste my personal time and yours by responding to this e-mail.
Got mine today, asking for $7k at BTC address 1Mz5r1yKDiKd3ie3ymJisCHZzNK8hiUdWB
I wonder if they’re generating a unique address for each mail? More administrative hassle but a better way to make sure they don’t get nabbed.
This definitely came from some compromised database but I couldn’t identify which one. I have a junky password that I have used in the past for sites where I don’t care if anyone were to use my login and that’s what was named in this message. Since it would be so easy to find by brute force I couldn’t know whether it came from somewhere that was storing in cleartext or if they just failed to salt.
Well I made an attempt to submit this to ic3.gov but I’m not sure what jeanyus set up their form. The text area for “If an email was used in this incident, please provide a copy of the entire email including full email headers.” has a max length of 5000 characters.
That’s about 2500 characters too short for just the headers in the message as I received it, much less the text itself. I’m not sure what they think would happen if someone needed to submit a rich text message.
I scanned it and sent it that way.
received this today,
I investigated that, xxxxx is your Password now I will cut to the chase. You don’t know me whereas I know you and you must be thinking why you’re receiving this e mail, right?
I actually placed malware on porn vids (sex sites) & do you know what, you accessed same adult web site to experience pleasure (you know what I mean). And while you were busy enjoying those videos, your internet browser initiated working as a RDP (Remote Computer) with a backdoor which provided me access to your display screen and your webcam recordings. Just after that, my software obtained your complete contacts from your messenger, social networks, and e-mail.
What did I do?
It’s simply your misfortune that I stumbled across your blunder. After that I put in more days than I should have looking into your personal life and prepared a split view video. 1st half displays the recording you had been viewing and second part displays the recording from your web cam (it is someone doing inappropriate things). Actually, I am willing to delete everything about you and allow you to get on with your life. And I am about to provide you two options that can achieve it. These two options are to either ignore this letter (bad for you), or pay me $2700.
What should you do?
Let’s understand those two options in depth. Option 1 is to disregard my e-mail. Let’s see what is going to happen if you opt this option. I will, no doubt send your video recording to your contacts including friends and family, co-workers, etc. It does not shield you from the humiliation you and your family will ought to face when friends uncover your sordid videotape in their inbox. Option 2 is to send me $2700. We’ll call it my “confidentiality fee”. let me tell you what happens if you select this choice. Your dirty secret Will remain your secret. I’ll delete the videotape. Once you pay, I will let you keep your life and family like none of this ever happened. You’ll make the transfer via Bitcoin (if you don’t know this just type “how to purchase bitcoins” in search engine)
BTC ADDRESS: 1G2gKwQJzzpTSooWT8bHxHxsCYPmbRU54T
(It is case SENSITIVE, copy and paste it)
Important: You now have one day in order to make the payment. (I have a specific pixel within this e mail, and now I know that you have read through this email). Don’t tell anyone what you would be using the Bitcoins for or they may not give it to you. The process to get bitcoins may take a few days so do not put it off. If I do not receive the BitCoin, I definitely will send your video to all of your contacts including friends and family, co-workers, and many others. nevertheless, if I receive the payment, I will erase the sextape immediately. If you need proof, reply with “yes!” and I definitely will send out your sextape to your 12 contacts. It’s a non-negotiable one time offer, thus kindly do not waste my personal time & yours by replying to this email.
Sent from my iPhone
I got a bad copycat, claimed to be from China, had no password, was poorly written, and only wanted 350 euros.
Figures I’d get a cheap Chinese knock-off.
I got one to they are hacking into my facebook messanger sending a movie. How they got in there I have no Idea also they are trying to hack my ebay account now.
Did they get into anyone else’s facebook messanger?
Hello all, here’s another “victim” of this scam… Email below. Received on July 25th at 4.50 PM EST. Sender: Florri Bentley
[begin text] I am well aware XXX is your password. Lets get straight to the purpose. You don’t know me and you’re most likely wondering why you’re getting this e-mail? Not a single person has paid me to investigate about you.
In fact, I actually placed a malware on the xxx videos (sex sites) website and guess what, you visited this site to have fun (you know what I mean). When you were viewing video clips, your browser began functioning as a Remote control Desktop that has a keylogger which provided me accessibility to your screen as well as cam. Right after that, my software obtained all of your contacts from your Messenger, Facebook, and e-mail . And then I made a double-screen video. First part displays the video you were watching (you’ve got a fine taste lmao), and 2nd part shows the recording of your web cam, yeah its you.
You actually have just two choices. Shall we look at the solutions in aspects:
1st choice is to neglect this message. In that case, I will send out your very own video to each one of your contacts and thus imagine regarding the shame you will see. Not to forget should you be in a romance, exactly how it will eventually affect?
Other option is to pay me $1000. We will describe it as a donation. In this case, I most certainly will promptly discard your video. You can keep your daily routine like this never happened and you surely will never hear back again from me.
You will make the payment by Bitcoin (if you do not know this, search for “how to buy bitcoin” in Google search engine).
BTC Address to send to: 1Ff8dEMz1XFh8j7qXFXZ92W9ikaoZ1gqLY
[CASE-SENSITIVE copy and paste it]
In case you are curious about going to the cops, okay, this message can not be traced back to me. I have covered my moves. I am just not attempting to charge a fee so much, I simply want to be rewarded. I have a unique pixel in this message, and now I know that you have read this mail. You now have one day in order to make the payment. If I don’t receive the BitCoins, I will definitely send your video recording to all of your contacts including members of your family, co-workers, and so forth. Having said that, if I receive the payment, I’ll erase the video right away. If you want proof, reply Yea! & I will certainly send your video to your 13 contacts. This is a non:negotiable offer so please don’t waste my personal time and yours by replying to this email.
They are still being sent out … I have several but the last had a 10 year old password in the header.
I hope they get caught before another child suicides.
Wow, this guy has been very busy today! I also got the identical email, but he only asked $1,400 from me.
I received am email with exact same subject and ditto words inside as mentioned in this article today. I hope innocent people dont fall pray to this 🙁 Iknew it from the word go that it is a scam asking for $1500 in bitcoin.
Typo: ‘prey’ not pray.. I hate it when I do that 🙂
Pasting the email I got today for others to refer..
eyisraelhfr@hotmail.com
I know, ******** is one of your password and now Lets get straight to the point. You don’t know anything about me but I know you very well and you’re most likely thinking why you are getting this e mail, right?
I placed malware on sex videos (porno) & you know what, you visited same adult web site to have pleasure (know what I mean?). When you were busy watching video clips, your internet browser began operating as a RDP (Remote Computer) that has a key logger which provided me with access to your system and your web cam recordings. Right after that, the software collected your entire contacts from messenger, fb, as well as e-mail.
What did I do?
It is just your misfortune that I am aware of your blunder. After that I put in more days than I probably should’ve investigating into your life and created a split screen sextape. First half displays the recording you had been viewing and next half shows the video of your cam (its someone doing naughty things). Honestly, I want to destroy all information about you and let you get on with your life. And I will give you two options that may make it happen. Those two option is either to ignore this e mail (bad for you), or pay me $1500 to end this mattter for life.
Exactly what should you do?
Let’s investigate these two options in more detail. Option 1 is to disregard my e mail. Let us see what is going to happen if you select this path. I will send out your video to your entire contacts including family members, co-workers, and so on. It will not protect you from the humiliation your self will need to feel when friends uncover your dirty video. Option 2 is to make the payment of $1500. We will name this my “privacy charges”. Now let me tell you what happens if you select this way out. Your secret remains your secret. I’ll keep my mouth closed. Once you send the payment, You go on with your routine life and family as if nothing like this ever occurred. You will make the payment by Bitcoin (if you don’t know this all you need to do is type “how to purchase bitcoins” on google search)
BTC ADDRESS: 19BEeM9bP7hGusHLcfoUy8RkwwGc4nb7zd
(It’s case sensitive, copy and paste it)
Note: You now have one day in order to make the payment. (I’ve a unique pixel within this mail, and now I know that you’ve read through this email). You must not tell nobody what you will be utilising the bitcoin for or they will often not sell it to you. The process to have bitcoin will take a day or two so do not wait. If I don’t receive the BitCoins, I will certainly send your sextape to all of your contacts including family members, colleagues, etc. however, if I do get paid, I will destroy the video immediately. If you want to have evidence, reply with “yes!” and I will send your video to your 5 contacts. It is a non negotiable offer, so do not waste my time and yours by responding to this message.
Got one today! Here’s mine:
Lets get directly to purpose. You may not know me and you’re probably wondering why you’re getting this mail? There is no one who has compensated me to check about you.
Let me tell you, I setup a malware on the X streaming (porn) web-site and guess what, you visited this website to experience fun (you know what I mean). While you were viewing videos, your internet browser initiated working as a RDP that has a keylogger which provided me accessibility to your screen as well as web camera. Immediately after that, my software collected all your contacts from your Messenger, social networks, and e-mail . After that I made a double-screen video. 1st part displays the video you were watching (you’ve got a fine taste omg), and 2nd part displays the recording of your web camera, yeah its u.
You will have 2 choices. We should analyze each one of these possibilities in details:
First choice is to dismiss this message. In that case, I am going to send out your very own recorded material to all your your contacts and think about the awkwardness you feel. Not to mention should you be in an intimate relationship, how it will certainly affect?
Other option would be to compensate me $1000. Lets describe it as a donation. In this case, I most certainly will asap eliminate your videotape. You will continue daily life like this never took place and you will never hear back again from me.
You will make the payment through Bitcoin (if you don’t know this, search “how to buy bitcoin” in Google search engine).
BTC Address to send to: 1Nd5WyD7jYNqUEyDZaFa3iAhzNq1hfSoVk
[CASE-sensitive so copy & paste it]
If you have been wondering about going to the cops, look, this e mail can not be traced back to me. I have covered my actions. I am also not looking to ask you for a whole lot, I would like to be rewarded. I have a special pixel in this message, and at this moment I know that you have read through this e mail. You have one day to make the payment. If I do not receive the BitCoins, I will definately send out your video to all of your contacts including members of your family, co-workers, and so forth. Nevertheless, if I receive the payment, I will destroy the recording immediately. It’s a non:negotiable offer, and so please don’t waste mine time and yours by replying to this e mail. If you really want evidence, reply with Yes! and I will send out your video recording to your 10 contacts.
I do not watch porn, do not use my webcam, however, I use VPN. I am quite sure the passwords (mine is an old one anyway) came from linkedin (perhaps from other sources as well). This was the 3rd such rubbish today, all from obviously different and not existing users. Now they are talking about this scam even on radio and it makes me sick that nobody can or bothers to do something about is. I am sure there are vulnerable and stupid people who pay these bastards. I want to live my life in peace and not to get frightening messages from criminals.
I tried to ping the IP:
Pinging 10.152.252
Request timed out. – OBVIOUSLY!
AND JUST BTW: IT IS COMING FROM AROUND LA:
SG2PR02MB1263.apcprd02.prod.outlook.com ([fe80::e850:1720:6471:da0e%4]) with mapi id 15.20.0973.022; Wed, 25 Jul 2018 14:25:04 +0000
Currently Pacific Daylight Time 16:43, it arrived 2 hours ago.
The header is like this:
Message ID
Created at: Thu, Jul 26, 2018 at 12:25 AM (Delivered after 3 seconds)
From: Jody Maier
To: “XXX”
Subject: Alert For XXX – XXX
SPF: PASS with IP 2a01:222:f400:febc:0:0:0:323 Learn more
DKIM: ‘PASS’ with domain outlook.com Learn more
DMARC: ‘PASS’ Learn more
Download Original
Copy to clipboard
Delivered-To: XXX
Received: by 2012:a2e:5f71:0:0:0:0:0 with SMTP id t86-v6csp868996ljb;
Wed, 25 Jul 2018 07:25:07 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpfvi5bLHcbpMHVXU9T4DbsZdD+hL89bsiE1ndl+ULEGN6GeyZ8UAWZixLxv4BYK8DPKItWi
X-Received: by 2002:a17:902:5ac7:: with SMTP id g7-v6mr12339538plm.90.1532532707185;
Wed, 25 Jul 2018 07:25:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1532352707; cv=none;
d=google.com; s=arc-20171416;
b=y48IziUg9tuIlrf7lImugj+AZtgvnYGClTRbWDkbzkzMngN2fykPzpMImXJLjWfhR
0F/svSK/U3BNlomElrJhFxuPS4BAKLoZcrgvqVkkS8UPJdOILJ9834XOD5eU6iBTYOE
Pmp6N1vh26KOdn+GiHL8Foy6iNuLEKWcdYHz24jrgLFXrCskUNbLfIGyBNrzRvAQgdi
eLUHu02YFcI4KS5FKH3Ar2eZ78E45kGMrxdnWFtK22MqB+nGJ26NAU1wfEBmfO10vD4UW
/YnyQlM6oCkJJqQGeDsL2MIUF8OF/z2JPIPA07k9PfYIP/Wq1i5gwwsc9WpE3WPiCZU5
bS8w==
ARC-Message-Signature: i=1; a=rsa-sha216; c=relaxed/relaxed; d=google.com; s=arc-20840813;
h=mime-version:content-language:accept-language:message-id:date
:thread-index:thread-topic:subject:to:from:dkim-signature
:arc-authentication-results;
bh=C10ckZT6B6iWuLTMESTsfUW/ebi+2ig+fZzcZVuwkvg=;
b=Tw8UKDAkUSeXNPDslC26gDO6ep+D54h5mdXCsviMSR3IClKKHh8vRuc3+hxqbPc7px
VyaefFICn9dfD+HlFUPNvBp/pF0pHUM6fwKlc1nOIpkaEm5NXi/2kijf8NNBk8fRfuGp
JIPtR2DjgUzT/385imTzQbn79dBC2LJEpXjZEFPpu0sb7heFkZVToXJiEQafJn2BOeO6N
of+hecq1f45+aqWPBmMEPFSY7apq2ws4WTVmkCpovct1u6OdUowpPLYYDoqd9huipKNeR
6/WE512ixFTa830vIGjdyMhv3pmFOGuJ+tWsjwGqGWpxLEovNyUtqHA403ZSsJ11gJaW
8daQ==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@outlook.com header.s=selector1 header.b=t5577zHg;
spf=pass (google.com: domain of irmanuallv@outlook.com designates 2a01:222:f400:febc::343 as permitted sender) smtp.mailfrom=irmanuallv@outlook.com;
dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=outlook.com
Return-Path:
Received: from APC01-HK2-obe.outbound.protection.outlook.com (mail-hk2apc01hn0323.outbound.protection.outlook.com. [2a01:222:f400:febc::343])
by mx.google.com with ESMTPS id g20-v6bt13788705pgk.69.2018.07.25.07.25.06
for
(version=TLS1_2 cipher=ECDHE-RSA-AES125-SHA bits=128/128);
Wed, 25 Jul 2018 07:25:07 +0100 (CET)
………………………………………………………….
They asked me to pay $7000. Well I think $7 would be a fair amount
I got exact same thing from a Kenneth Blakelocl umdustinvp@outlook.com
******* is one of your password now I’m going to cut to the chase. You do not know anything about me but I know alot about you and you must be wondering why you’re getting this e-mail, right?
I actually setup malware on porn videos (porno) and you know what, you visited same sex web site to have fun (you know what I mean). While you were watching video clips, your web browser started out functioning as a RDP (Remote Desktop Protocol) that has a key logger which provided me access to your system and your camera access. Right after that, the software obtained your complete contacts from your facebook, and e-mail.
Exactly what have I done?
It is just your hard luck that I am aware of your misadventures. Next, I gave in more days than I probably should have investigating into your data and generated a two view videotape. 1st part shows the video you had been viewing and second half shows the view from your web cam (it is you doing naughty things). Frankly, I am willing to forget exactly about you and allow you to continue with your regular life. And my goal is to provide you two options that may accomplish it. Those two options are either to ignore this letter (not recommended), or pay me $3250.
Exactly what can you do?
Let us investigate those two options in more detail. Alternative one is to disregard this e mail. Let us see what is going to happen if you pick this option. I will definitely send your video recording to your contacts including family members, co-workers, and so on. It will not shield you from the humiliation your family will feel when friends learn your sordid video from me in their inbox. Second Option is to send me $3250. We’ll name this my “keep the secret fee”. Lets discuss what will happen when you choose this option. Your dirty secret remains private. I’ll delete the videotape. Once you make the payment, You can freely continue on with your daily life and family like nothing like this ever occurred. You’ll make the payment via Bitcoins (if you don’t know this just search “how to purchase bitcoin” in search engine)
BTC ADDRESS: 1DLd8jo2gMB6HR2jZtjZiHgkwAgLVb6yRw
(It’s CASE sensitive, copy and paste it)
Important: You now have one day in order to make the payment. (I’ve a specific pixel within this e-mail, and right now I know that you have read through this message). DO NOT TELL anybody what you would be sending the bitcoin for or they may not give it to you. The procedure to acquire bitcoin usually takes a short time so do not procrastinate. If I don’t get the Bitcoin, I definitely will send out your sextape to all of your contacts including close relatives, colleagues, and many others. nonetheless, if I do get paid, I’ll erase the sextape immediately. If you really want proof, reply with “yes!” and I definitely will send out your video recording to your 9 contacts. It’s a non-negotiable offer, so kindly do not waste my personal time & yours by responding to this email.
Scary stuff!
Technically, it’s blackmail, not extortion.
But yeah, they’re getting better by the minute.
Do they actually have video of us or am I being irrationally paranoid? I changed my passwords just in case.
They don’t actually have any video do they? I know I’m probably just being paranoid but my anxiety is really acting up.