Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Phunny Phishing
Old 12-05-2018, 08:15 AM   #1
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 22,680
Phunny Phishing

OK - this wasn’t really phishing, more like extortion/blackmail sent to a friend of mine with no attached images or files:

Quote:
Hello,

I am a spyware software developer. Your account has been hacked by me in the summer of 2018.

I understand that it is hard to believe, but here is my evidence (I sent you this email from your account).

The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296).

I went around the security system in the router, installed an exploit there. When you went online, my exploit downloaded my malicious code (rootkit) to your device. This is driver software, I constantly updated it, so your antivirus is silent all time.

Since then I have been following you (I can connect to your device via the VNC protocol). That is, I can see absolutely everything that you do, view and download your files and any data to yourself. I also have access to the camera on your device, and I periodically take photos and videos with you.

At the moment, I have harvested a solid dirt... on you... I saved all your email and chats from your messangers. I also saved the entire history of the sites you visit.

I note that it is useless to change the passwords. My malware update passwords from your accounts every times.

I know what you like hard funs (adult sites). Oh, yes .. I'm know your secret life, which you are hiding from everyone. Oh my God, what are your like... I saw THIS ... Oh, you dirty naughty person ...

I took photos and videos of your most passionate funs with adult content, and synchronized them in real time with the image of your camera. Believe it turned out very high quality!

So, to the business! I'm sure you don't want to show these files and visiting history to all your contacts.

Transfer $909 to my Bitcoin cryptocurrency wallet: [wallet number] Just copy and paste the wallet number when transferring. If you do not know how to do this - ask Google.

My system automatically recognizes the translation. As soon as the specified amount is received, all your data will be destroyed from my server, and the rootkit will be automatically removed from your system. Do not worry, I really will delete everything, since I am 'working' with many people who have fallen into your position. You will only have to inform your provider about the vulnerabilities in the router so that other hackers will not use it.

Since opening this letter you have 48 hours. If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted, and from my server will automatically send email and sms to all your contacts with compromising material.

I advise you to remain prudent and not engage in nonsense (all files on my server).

Good luck!
I guess some folks would really get worried though.

It was spoofed to their email address to make it look like their account is hacked, but spoofing email addresses is easy to do.
__________________

__________________
Retired since summer 1999.
audreyh1 is online now   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 12-05-2018, 08:17 AM   #2
Moderator Emeritus
braumeister's Avatar
 
Join Date: Feb 2010
Location: Flyover country
Posts: 13,245
I find those things in my junk mail folder all the time.
__________________

__________________
I thought growing old would take longer.
braumeister is offline   Reply With Quote
Old 12-05-2018, 08:36 AM   #3
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 22,680
Quote:
Originally Posted by braumeister View Post
I find those things in my junk mail folder all the time.
Yeah, we probably have had those blocked too. So I never read through one.
__________________
Retired since summer 1999.
audreyh1 is online now   Reply With Quote
Old 12-05-2018, 08:39 AM   #4
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Midpack's Avatar
 
Join Date: Jan 2008
Location: LKN
Posts: 13,955
I get those from time to time, most are easily identified as fakes, but they are getting more clever all the time. Usually just looking at the email address it's sent from gives the hacker away without even reading the content. The above is pretty elaborate, though the grammatical errors would surely make it seem suspicious.
__________________
No one agrees with other people's opinions; they merely agree with their own opinions -- expressed by somebody else. Sydney Tremayne
Retired Jun 2011 at age 57

Target AA: 45% equity funds / 30% bond funds / 25% cash - radically changed Nov 2018
Target WR: Approx 2.5% Approx 20% SI (secure income, SS only)
Midpack is offline   Reply With Quote
Old 12-05-2018, 09:43 AM   #5
Full time employment: Posting here.
folivier's Avatar
 
Join Date: Oct 2009
Posts: 770
Or copy them when you forward the email to the FBI.
__________________
You do not have a soul. You are a soul. You have a body.
folivier is offline   Reply With Quote
Old 12-05-2018, 09:46 AM   #6
Recycles dryer sheets
 
Join Date: Mar 2013
Posts: 196
The language syntax makes it seem obvious, but I remember getting one of those ransomware viruses a few years ago. I knew it was fake but it freaked me out because it captured a picture of my three year old daughter in it! Since then, I've always taped over the camera on my laptop.
hausfrau is offline   Reply With Quote
Old 12-05-2018, 10:45 AM   #7
Thinks s/he gets paid by the post
 
Join Date: Nov 2011
Posts: 3,151
Poor English suggests an overseas source, but what gives it away as fake are the so-called hacks that are incorrectly described.
GrayHare is online now   Reply With Quote
Old 12-05-2018, 10:49 AM   #8
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 22,680
Quote:
Originally Posted by hausfrau View Post
The language syntax makes it seem obvious, but I remember getting one of those ransomware viruses a few years ago. I knew it was fake but it freaked me out because it captured a picture of my three year old daughter in it! Since then, I've always taped over the camera on my laptop.
Seriously! There was a photo?
__________________
Retired since summer 1999.
audreyh1 is online now   Reply With Quote
Old 12-05-2018, 10:58 AM   #9
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 21,584
Quote:
Originally Posted by audreyh1 View Post
....

It was spoofed to their email address to make it look like their account is hacked, but spoofing email addresses is easy to do.
Can you tell me more? I am very careful to avoid clicking links in emails, but the fakes are usually obvious since the 'from' address is clearly not what a real sender would use.

So they can make it look like the email came from my account? Or is it just the display name, and hovering over it (what I do) would expose the 'real' address?

Quote:
Originally Posted by hausfrau View Post
The language syntax makes it seem obvious, but I remember getting one of those ransomware viruses a few years ago. I knew it was fake but it freaked me out because it captured a picture of my three year old daughter in it! Since then, I've always taped over the camera on my laptop.
Quote:
Originally Posted by audreyh1 View Post
Seriously! There was a photo?
Yikes? I don't understand how hausfrau can say it was fake if they actually captured a picture!!?? I'd be very, extremely concerned. Big time! And take immediate action! Seriously!

-ERD50
ERD50 is online now   Reply With Quote
Old 12-05-2018, 11:15 AM   #10
Recycles dryer sheets
 
Join Date: Mar 2013
Posts: 196
Quote:
Originally Posted by audreyh1 View Post
Seriously! There was a photo?

Yes! It was one of those viruses that takes over your camera on your laptop. My daughter was sitting at the computer desk and it took a picture of her!
hausfrau is offline   Reply With Quote
Old 12-05-2018, 11:17 AM   #11
Thinks s/he gets paid by the post
 
Join Date: Aug 2004
Location: Laurel, MD
Posts: 4,347
Quote:
Originally Posted by hausfrau View Post
The language syntax makes it seem obvious, but I remember getting one of those ransomware viruses a few years ago. I knew it was fake but it freaked me out because it captured a picture of my three year old daughter in it! Since then, I've always taped over the camera on my laptop.
Please explain. If it had a photo, how is it fake?
__________________
...with no reasonable expectation for ER, I'm just here auditing the AP class.Retired 8/1/15.
jazz4cash is offline   Reply With Quote
Old 12-05-2018, 11:22 AM   #12
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 22,680
Quote:
Originally Posted by ERD50 View Post
Can you tell me more? I am very careful to avoid clicking links in emails, but the fakes are usually obvious since the 'from' address is clearly not what a real sender would use.

So they can make it look like the email came from my account? Or is it just the display name, and hovering over it (what I do) would expose the 'real' address?
-ERD50
You have to show the full email header, then you can see where the email comes from. You have to have the original email to do this.

Hovering over things won't help. How to show the full header depends on the email program.

Quote:
To view email headers in Apple Mail:
Open the message for which you wish to view headers.
From the menu, select View –> Message –> Raw Source.
The full message is displayed with all headers. You can now select the message header for copying.
I think View->Message->All Headers also gives you this info.
__________________
Retired since summer 1999.
audreyh1 is online now   Reply With Quote
Old 12-05-2018, 11:31 AM   #13
Recycles dryer sheets
 
Join Date: Mar 2013
Posts: 196
Quote:
Originally Posted by jazz4cash View Post
Please explain. If it had a photo, how is it fake?

LOL- I knew it was a fake ransom note. The pic was definitely real because the virus took control of my laptop camera.
hausfrau is offline   Reply With Quote
Old 12-05-2018, 11:34 AM   #14
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 21,584
Quote:
Originally Posted by hausfrau View Post
LOL- I knew it was a fake ransom note. The pic was definitely real because the virus took control of my laptop camera.

You are being way too cavalier about this. They have control of your computer, they had access to everything!


What are you doing about it? Hopefully a heck of a lot more than tape over the camera?

-ERD50
ERD50 is online now   Reply With Quote
Old 12-05-2018, 11:42 AM   #15
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 22,680
Quote:
Originally Posted by hausfrau View Post
LOL- I knew it was a fake ransom note. The pic was definitely real because the virus took control of my laptop camera.
And had access to anything else as well as monitoring your computer activity. I hope you got your laptop cleaned up and changed all your internet passwords from a secure device.
__________________
Retired since summer 1999.
audreyh1 is online now   Reply With Quote
Old 12-05-2018, 11:46 AM   #16
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Sunset's Avatar
 
Join Date: Jul 2014
Location: Spending the Kids Inheritance and living in Chicago
Posts: 7,216
I always tape over the camera on the computer, due to the NSA.
Fellow at work used to laugh at me, it was a big joke, until the FBI director testified people should do it.
https://thehill.com/policy/national-...up-your-webcam
__________________
Fortune favors the prepared mind. ... Louis Pasteur
Sunset is offline   Reply With Quote
Old 12-05-2018, 12:10 PM   #17
Recycles dryer sheets
 
Join Date: Jan 2014
Posts: 157
Gaining access to webcams is easily accomplished. If you are interested, then visit this link Google Hacks which is the Google Hacking DataBase and then type "webcam" into the "Quick Search" box.

You would be amazed at what you can stumble across using nothing more than the Google Search Engine!!!??
DatumPoint5 is offline   Reply With Quote
Old 12-05-2018, 02:23 PM   #18
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
travelover's Avatar
 
Join Date: Mar 2007
Posts: 11,541
Is it too late to get back my $909?
__________________
Yes, I have achieved work / life balance.
travelover is offline   Reply With Quote
Old 12-05-2018, 04:19 PM   #19
Thinks s/he gets paid by the post
Scrapr's Avatar
 
Join Date: May 2005
Location: Bend
Posts: 1,018
Quote:
Originally Posted by travelover View Post
Is it too late to get back my $909?
Absolutely. Just send in $525 of i tunes gift cards and we will refund your $909 promptly.

*Subject to restocking & handling fee
Scrapr is offline   Reply With Quote
Old 12-05-2018, 04:47 PM   #20
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Nov 2009
Posts: 5,105
My ladyfriend got one of these. We were amused because she doesn't have a webcam so unless her ordinary monitor or ordinary keyboard or mouse is somehow able to take pictures of her, there is zero chance she has anything to fear.


I can't imagine anyone falling for this, but then again if the scammer sends out 10 million of these scams and gets 1 or 2 suckers to send money, then it's a pretty easy way to make some phunny money.
__________________

__________________
Retired in late 2008 at age 45. Cashed in company stock, bought a lot of shares in a big bond fund and am living nicely off its dividends. IRA, SS, and a pension await me at age 60 and later. No kids, no debts.

"I want my money working for me instead of me working for my money!"
scrabbler1 is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
USAA Member? Please read about Phishing mickeyd Other topics 0 07-10-2006 02:33 PM
excellent phishing attempt eridanus Other topics 6 03-21-2006 02:58 PM
Hacked bank server hosts phishing sites -Heads Up for Chase and Ebay poboy FIRE and Money 6 03-14-2006 05:22 PM
Cyber crime & Phishing WARNING $$$ acg FIRE and Money 16 11-12-2005 08:22 AM
I got nailed on e-bay on a Phishing Scam........... Cut-Throat FIRE and Money 20 11-10-2005 08:40 AM

» Quick Links

 
All times are GMT -6. The time now is 08:53 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2019, vBulletin Solutions, Inc.