Tag: Pwned

I created a double-screen video recording.

From: Maricela <expose>
Reply: expose@junecarroll.com
Date: Wed, 08 Aug 2018 18:13:38 +0200
Subject: nigel@brendinghat.com password abc123

It appears that, (*), ‘s your password. You may not know me and you are probably wondering why you’re getting this e-mail, right?

actually, I put in place a malware over the adult vids (adult porn) web site and you know what, you visited this website to have fun (you know what I mean). While you were watching videos, your internet browser started out operating as a RDP (Team Viewer) which provided accessibility of your screen and web camera. after that, my computer software obtained your complete contacts out of your Messenger, Outlook, FB, along with emails.

What did I actually do?

I created a double-screen video recording. Very first part shows the recording you’re seeing (you’ve got a good taste haha . . .), and 2nd part shows the recording of your web camera.

exactly what should you do?

Well, I think, $1000 is a reasonable price for our little secret. You’ll make the payment by Bitcoin (if you do not know this, search “how to purchase bitcoin” in Google).

Bitcoin Address: 19bdZEXGTC9CPFgCH7KiBtApLww4e9BiSd
(It is case sensitive, so copy and paste it)

Important:
You have one day in order to make the payment. (I’ve a special pixel in this e-mail, and at this moment I know that you have read this email message). If I don’t get the BitCoins, I will certainly send your video recording to all of your contacts including relatives, coworkers, and so on. Having said that, if I get the payment, I’ll destroy the video immidiately. If you’d like evidence, reply with “Yes!” and I will certainly mail out your video recording to your 6 contacts. It is a non-negotiable offer, that being said don’t waste my personal time and yours by responding to this message.

Technical Analysis


This came to one of my personal accounts.  I have seen similar, but this one shows a bit of ingenuity from the scammer.  The scary thing is that it mentions your password in the subject and the main message. I say “your password” because the scam relies on the majority of the public using a single password across applications. 

The scammer has utilised a user/password list from a hacked website in an attempt to make the Email more believable.  In my case, they have used details that I was using back in 2011. Looking further into the source of the mailing list using the Have I Been Pwned? website, I have five possible lists.

  1. Evony:
  2. Exploit.In (unverified):
  3. MySpace:
  4. Onliner Spambot (spam list):
  5. tumblr:

Today, I use a different Email address and a random 32 character password for any website that requires registration, handled with a password manager. 
Exit mobile version