Author: DaveMcDave

Image copyright

Hi,

This is Melainie and I am a certified illustrator.

I was discouraged, frankly speaking, when I found my images at your web-site. If you use a copyrighted image without an owner’s license, you must know that you could be sued by the copyright holder.

It’s unlawful to use stolen images and it’s so low!

Here is this document with the links to my images you used at brendinghat.com and my earlier publications to obtain the evidence of my ownership.

Download it now and check this out for yourself:

LINK TO A FILE ON “GOOGLE SITES”

If you don’t get rid of the images mentioned in the file above during the next couple of days, I’ll file a to your hosting provider informing them that my copyrights have been severely infringed and I am trying to protect my intellectual property.

And if it doesn’t help, for damn sure I am going to take it to court! And I will not bother myself to let you know of it in advance.

I just had a load of these left in our comments area. It is handy getting a few at a time as it makes it obvious they are scams. I have not looked at the link, but I can be sure it is not a good thing! Our advice – IGNORE

Scam phone call 01147001581

https://brendinghat.com/wp-content/uploads/2021/01/01147001851.mp3
Scam phone call

I just received this phone call from Officer Dennis Grey (Gray). It came to my smartphone that I only use for apps – I never give anyone the number, I don’t know what it is! Even though, there is always an element of doubt, even for me with my experience of reading 30,000 scams.

Plenty of clues confirms it is a scam. The very fact it was an automated voice, lack of personal details and just general bad grammar are some examples. There are others but this is not a training session for scammers.

07547 820550 Phishing attempt

Just received this message from 07547820550 to my personal mobile – I do not have a HSBC account so I knew immediately it was a phishing attempt. The odd looking domain gives it away anyway.

The domain was registered today, so it looks like a quick “mash and grab” attempt to steal as many passwords as possible before it gets shut down.

This is what the phishing attempt looked like, taken about a minute after my text message. Anyone fooled would have entered their banking login and password, which would now be in the hands of the scammer.

If anyone was fooled, immediately contact your bank. Change your passwords, and everywhere you use the same password.

On the plus side, they sent their phishing attempt to a Brendinghat administrator who immediately took action to report the site. Within five minutes of receiving the text message, the major browsers started to display a “dangerous site” warning.

Notice of Class Action Settlement re Google Plus – Your Rights May Be Affected

You are not being sued. This notice affects your rights. Please read it carefully.

This Email appeared in my personal Gmail account – It immediately raised suspicions so I did my usual checks. General searching revealed that the background story is true – Google are being sued regarding a data breach at GooglePlus. But there are no recent updates in the mainstream media, the only recent posts are people asking about the legitimacy of the Email

After my checks, my conclusion is

“Ummmm”!

Unfortunately, this came to a personal Gmail account, so I do not have all the necessary forensic data available. But what I can see of the Email header, it all looked genuine.

There are links to the claim pages. These take you to a Google domain, but to their appserve pages – THIS IS SUSPICIOUS – This is a known trick – It looks like an official Google link, but it is a public hosted area – anyone can put a page on appserve.

OUR ADVICE – DO NOT CLICK THE LINKS

This is purely based on our usual advice – NEVER click a link in an Email. Our investigations revealed that the links are not working anyway.

The back story is true – Google plus is being sued under the court reference mentioned in the Email. Of course, this means nothing – scammers will often use genuine information in order to gain legitimacy.

One aspect in its favour is that this has only been received by my Gmail account which was used for GooglePlus. My other Gmail accounts – nothing. None of our Brendinghat honeypots have received a copy.

The Email talks about a claim website which exists and visually looks genuine. Again, alarm bells are ringing – it is not hosted by Google and the owner of the domain is hidden. Could be genuine – very likely a legal company would organize this independently of Google.

Obviously a claim would ask for your personal details. but is it safe? First of all, remember that we are talking about $12 maximum.

OUR ADVICE – GIVE IT A FEW DAYS BEFORE DOING ANYTHING.

The big problem is that there is nothing about this in the main stream media. But you have until October. Personally I would wait until I saw reports in the papers (although I am not actually eligible being a UK citizen).

Conclusion

It is genuine. There are still no reports in the mainstream press, but some techy sites have had it confirmed by Google e,g, https://9to5google.com/2020/08/04/many-receiving-settlement-notices-for-google-class-action-lawsuit/

Your Site Has Been Hacked

From: Gisele Fairchild <hacker@wholemankind.se>
Subject: Your Site Has Been Hacked
Date: 1 Jul 2020, 18:02

Message Body:
PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!

We have hacked your website http://www.brendinghat.com and extracted your databases.

How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.brendinghat.com was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do I stop this?

We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is .33 BTC in bitcoins ($3000 USD).

Send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):

1HPTGdcnRDcQtfAeE8GPdMQT2NPczHZ6EW

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this notice or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you https://cex.io/ for buying bitcoins.

What if I don’t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there’s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, don’t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Please note that Bitcoin is anonymous and no one will find out that you have complied.


This e-mail was sent from a contact form on Brendinghat (https://brendinghat.com)


A spam entered via our contact form. A speculative attempt to extort. Not too sure what they are going to do with 25K scam Emails.

I created a double-screen video recording.

From: Maricela <expose>
Reply: expose@junecarroll.com
Date: Wed, 08 Aug 2018 18:13:38 +0200
Subject: nigel@brendinghat.com password abc123

It appears that, (*), ‘s your password. You may not know me and you are probably wondering why you’re getting this e-mail, right?

actually, I put in place a malware over the adult vids (adult porn) web site and you know what, you visited this website to have fun (you know what I mean). While you were watching videos, your internet browser started out operating as a RDP (Team Viewer) which provided accessibility of your screen and web camera. after that, my computer software obtained your complete contacts out of your Messenger, Outlook, FB, along with emails.

What did I actually do?

I created a double-screen video recording. Very first part shows the recording you’re seeing (you’ve got a good taste haha . . .), and 2nd part shows the recording of your web camera.

exactly what should you do?

Well, I think, $1000 is a reasonable price for our little secret. You’ll make the payment by Bitcoin (if you do not know this, search “how to purchase bitcoin” in Google).

Bitcoin Address: 19bdZEXGTC9CPFgCH7KiBtApLww4e9BiSd
(It is case sensitive, so copy and paste it)

Important:
You have one day in order to make the payment. (I’ve a special pixel in this e-mail, and at this moment I know that you have read this email message). If I don’t get the BitCoins, I will certainly send your video recording to all of your contacts including relatives, coworkers, and so on. Having said that, if I get the payment, I’ll destroy the video immidiately. If you’d like evidence, reply with “Yes!” and I will certainly mail out your video recording to your 6 contacts. It is a non-negotiable offer, that being said don’t waste my personal time and yours by responding to this message.

Technical Analysis


This came to one of my personal accounts.  I have seen similar, but this one shows a bit of ingenuity from the scammer.  The scary thing is that it mentions your password in the subject and the main message. I say “your password” because the scam relies on the majority of the public using a single password across applications. 

The scammer has utilised a user/password list from a hacked website in an attempt to make the Email more believable.  In my case, they have used details that I was using back in 2011. Looking further into the source of the mailing list using the Have I Been Pwned? website, I have five possible lists.

  1. Evony:
  2. Exploit.In (unverified):
  3. MySpace:
  4. Onliner Spambot (spam list):
  5. tumblr:

Today, I use a different Email address and a random 32 character password for any website that requires registration, handled with a password manager. 
Exit mobile version