Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: E-mail Trojan threat. I know it is fake.  (Read 3315 times)

0 Members and 1 Guest are viewing this topic.

Geek-9pm

    Topic Starter

    Mastermind
  • Geek After Dark
  • Thanked: 1026
    • Gekk9pm bnlog
  • Certifications: List
  • Computer: Specs
  • Experience: Expert
  • OS: Windows 10
E-mail Trojan threat. I know it is fake.
« on: December 23, 2018, 04:07:30 PM »
He is persistent. He keeps sending me an e-mail from a email  I have that is nt very secure. I already know that.
He claims he has full control of my computer. Really?
Quote
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.
I do not have my camera connected. I don't even know where is is. So how is he watching me? I think it is a bluff.
He wants bitcoins. I don't ave any.
Here is the info he uses for bitcoins:
Quote
(if you do not know how to do this, write to Google: “Buy Bitcoin”).
My bitcoin address (BTC Wallet) is: 18kXxMp9NuTMUFVAfXR4TFT4CrrHWVzwm4
Well, if he can see what is on my PC, he might read this, but if he does not respond, I know he is a fake.
I am going to mail this to myself.  :)

BC_Programmer


    Mastermind
  • Typing is no substitute for thinking.
  • Thanked: 1140
    • Yes
    • Yes
    • BC-Programming.com
  • Certifications: List
  • Computer: Specs
  • Experience: Beginner
  • OS: Windows 11
Re: E-mail Trojan threat. I know it is fake.
« Reply #1 on: December 23, 2018, 05:02:54 PM »
It's fake. He is not sending it from your E-mail, that is just what is being saved in the "from:" address.

I received the same E-mail frequently for a few weeks about a month ago, addressed to my VPS. (My notes in bold)

Quote
Hello,

I am a spyware software developer. Your account has been hacked by me in the
summer of 2018.

I understand that it is hard to believe, but here is my evidence (I sent you
this email from your account).

The hacking was carried out using a hardware vulnerability through which you
went online (Cisco router, vulnerability CVE-2018-0296).

I went around the security system in the router, installed an exploit there.
When you went online, my exploit downloaded my malicious code (rootkit) to your
device. This is driver software, I constantly updated it, so your antivirus is
silent all time.

Since then I have been following you (I can connect to your device via the VNC
protocol). That is, I can see absolutely everything that you do, view and
download your files and any data to yourself. I also have access to the camera
on your device, and I periodically take photos and videos with you.

At the moment, I have harvested a solid dirt... on you... I saved all your email
and chats from your messangers. I also saved the entire history of the sites you
visit.

I note that it is useless to change the passwords. My malware update passwords
from your accounts every times.

I know what you like hard funs (adult sites). Oh, yes .. I'm know your secret
life, which you are hiding from everyone. Oh my God, what are your like... I saw
THIS ... Oh, you dirty naughty person ...

I took photos and videos of your most passionate funs with adult content, and
synchronized them in real time with the image of your camera. Believe it turned
out very high quality!

So, to the business! I'm sure you don't want to show these files and visiting
history to all your contacts.

Transfer $912 to my Bitcoin cryptocurrency wallet:
1Lmk4eUXcmtVU6YQvaPJ4yihu4fEcKtkby Just copy and paste the wallet number when
transferring. If you do not know how to do this - ask Google.

My system automatically recognizes the translation. As soon as the specified
amount is received, all your data will be destroyed from my server, and the
rootkit will be automatically removed from your system. Do not worry, I really
will delete everything, since I am 'working' with many people who have fallen
into your position. You will only have to inform your provider about the
vulnerabilities in the router so that other hackers will not use it.

Since opening this letter you have 48 hours. If funds not will be received,
after the specified time has elapsed, the disk of your device will be formatted,
and from my server will automatically send email and sms to all your contacts
with compromising material.

I advise you to remain prudent and not engage in nonsense (all files on my server).

Good luck!

It's just phishing/scam garbage.
I was trying to dereference Null Pointers before it was cool.

camerongray



    Expert
  • Thanked: 306
    • Yes
    • Cameron Gray - The Random Rambings of a Computer Geek
  • Certifications: List
  • Computer: Specs
  • Experience: Expert
  • OS: Mac OS
Re: E-mail Trojan threat. I know it is fake.
« Reply #2 on: December 23, 2018, 06:22:13 PM »
I see these all the time, obviously a scam.  Seen various different versions including ones that have clearly found the email address and a password in a password dump somewhere, they then put the password from the dump in the email as "evidence" of the hack.  As you also found they often set the "from" address as your own email address as further evidence of the hack, of course they are just spoofing this and it isn't evidence that they have access to your email account. (Worth remembering how easy it is to spoof a from address, don't trust it).

The sad thing that being Bitcoin, you can actually see how much money they are making from it, from BC's email alone, there have already been two payments to that address alone totalling $1,208 based on current prices. The money was then moved into another wallet totalling $7,497 (presumably from other scams) - It's a shame to see that people are actually falling for these.