Today I got a new version of the “Send me Bitcoin” email scam that I haven’t gotten before. This one has a different spin…
It threatens violence against me, unless I pay up.
Again, it should be stated, (as I have said in the last two blog posts,) that these emails come from a spoofed email account, and the only thing that is “real” in these emails, are my email address, and the scammer’s BitCoin account number.
Here is the scammer’s latest offering:
I run a site in the darknet, I sell all kinds of services – basically it is destruction to property and injury. In the main, all but the shooting. Often main reasons are rejected love or competition at work. This month she talked to me and gave me the task of empty acid in your visage. Standard order – quickly, painfully, for life.
Without too much fuss. I get money only after completing the order. Therefore, now I offer you pay me to be inactive, I propose this to nearly all the victims. If I do not see money from you, then my person will fulfill the order. If you transfer me money, in addition to my inaction, I will give you the information that I have about the client. After completing the task, I always spend the performer, so I have a choice, to get $1800 from you for information about the customer and my inaction, or to get $ 5000 from the customer, but with a high probability of losing the performer.
I’m getting payments in BitCoin, here’s my Bitcoin address – REDACTED
The summary I told above.
24 hours to decide and pay, and keep in mind that clock is ticking.
Latest update… today I got two emails, from two different spammers.
Both made it appear that they had hacked my account, by spoofing my email. (My email isn’t hacked.)
They are getting lazy, though. Even though the instructions specify that their BitCoin accounts are case sensitive, and that I should copy and paste it, when I send them their ransom… they have pasted the document, as an image into the email, so nobody can copy and paste their BitCoin address anyway! #Geniuses
Here are the latest versions.
Click on the images below, to open ’em up, and read the (slightly) different versions.
These jerks have bought a list of emails, likely from back, years ago, when LinkedIn user information was compromised… and are spitting it out to as many folks as they can reach, hoping that some of them will be taken in by it.
I am posting the many versions, with the hope that, by posting them, I create awareness that these are spammers, and they suck… but that they should be ignored, along with the money from Nigerian Princes, and emails from the CIA.
So, it seems that the folks who have (at some point) hacked website databases, have data mined the breaches, and sold their email / password info to a group that is blasting the “I have nasty pictures of you” scam out to everyone.
I’ve gotten a second version of the email, threatening to release embarrassing photos/videos of me, unless I “donate” $1000 worth of bitcoins to their account.
This version was worded differently, and came to my email, with my four year old password in the subject line… so I’m guessing this was from the LinkedIn data breach.
Again, the email it came from will either be hacked, or (more likely) spoofed. The only REAL thing in the email is the Spammer’s BitCoin account.
I have no intent in paying it, and am only posting this again, because other folks might gain benefit from word of the scam getting out there, and hopefully fewer folks will be victimized.
The content of the newest version of the email, can be viewed here.
And another new version, 2 months later. It can be viewed, here.
I remember a few years back… my Father-In-Law was one of the first folks to get the “Canada Revenue Agency” call, saying that he owed money, he was in big trouble, and they were sending a police officer to arrest him. Now it seems like everyone is getting those calls… but at the time, we jumped in our car, and drove to his house, as fast as we could, to be there, just in case… and it left us, unsettled.
Today was my turn.
I got an email, saying that I had clicked on a link that gave someone access to my webcam, and my contacts, and unless I paid $300 USD (in Bitcoin) to them, they would send embarrassing video to everyone in my contact list… and, as the owner of a business, how this embarrassment would affect my company, and brand.
As I don’t have a webcam on any of my desktop or laptop computers, I deleted the email, and went about my day.
A short time later, I thought about it some more, and realized my ipad has a forward-facing camera, and theoretically could have been compromised.
Having said that:
I’m not paying.
I don’t like extortion, I don’t like bullies, and spammers and scammers suck.
I believe it is a scam…. and several days later, there have been no further developments.
I have posted a notice, letting my friends know, that if they get an email, saying there are compromising pictures of Bob, with a link… that they should “flush” it. Clicking on, or connecting to, a questionable link is ALWAYS a bad idea… and when you KNOW it is a bad link, an even worse idea.
I have contacted the RCMP… although there is nothing to give any leads in the email. The address is either spoofed or hacked. The only valid information in the email, would be the BitCoin account number, and that isn’t trackable.
I’ll say it again… Spammers and Scammers SUCK..
If you ever get anything similar, here are the prescribed steps, according to the Canadian Anti-Fraud Centre:
If you were the victim of fraud or extortion, please contact your local police.
Additionally, there are a number of other agencies that may be able to assist.
The following list is provided as a starting point: Financial institution, credit card company, insurance company, telephone company, Provincial Consumer Protection Agency, credit bureaus (Equifax Canada at http://www.consumer.equifax.ca/home/en_ca, TransUnion at http://www.transunion.ca/sites/ca/home_en), Canadian Radio-television and Telecommunications Commission at http://www.crtc.gc.ca/eng/home-accueil.htm, Canadian Cyber Incident Response Centre at http://www.publicsafety.gc.ca/cnt/ntnl-scrt/cbr-scrt/ccirc-ccric-eng.aspx and Service Canada at http://www.servicecanada.gc.ca/eng/sc/sin/index.shtml.
- Canadian Anti-Fraud Centre (http://www.antifraudcentre-centreantifraude.ca)
- RCMP Scams page (http://www.rcmp-grc.gc.ca/scams-fraudes/index-eng.htm)
- Competition Bureau (http://www.competitionbureau.gc.ca/eic/site/cb-bc.nsf/eng/h_00122.html)
- OPP fraud prevention (https://www.opp.ca/index.php?id=115&lng=en&entryid=573e164b8f94ac69670ca89a)
If you want to see the text of the email, click here.
Oh, and if you are disappointed that you DON’T get to see a picture of a naked Bob… here is as close as you will get!