I am reasonably tech savvy. I worked in the I.T. industry for 35 years providing technical support in the banking and retailing sector, and although I retired from the industry almost 20 years ago, I have retained an interest in it, and in computing in general.
So when my Spam filter catches an email such as the one below, I sigh, knowing every claim made is absolutely false. I don’t need to fear that there might be a chance that what I view online will be disclosed to anyone I might (or might not) know.
While I prefer to keep my online browsing preferences private, there is nothing that would be terribly embarrassing or worse if others were to discover them. And to ensure that I don’t stumble across websites I’d rather not see, my home network makes use of DNS filtering through OpenDNS.
It’s not perfect. I stumbled upon copies of the Christchurch shooter’s live streaming of the event when it appeared on popular social media sites in the days after the incident, even here on WordPress. But for me personally, I appreciate the high level of selective filtering it provides, so the chances of any user on my home network being able to view an online pornographic video are remote.
Leaving aside the remote possibility of anyone watching porn from my home network, let alone my computer, and for the benefit of the scammer, here’s why the email can safely be ignored:
Hello,
Hello to you too. If you had access to my computer as claimed further below, I’d expect you to know my name, and to use it to prove the legitimacy of your claim. Using a salutation without my name is the first indication that you really know nothing about me
As you may have noticed, I sent this email from your email account (if you didn’t see, check the from email id). In other words, I have fullccess to your email account.
No you didn’t. Spoofing the from address is an extremely simple and trivial process. Every email client (even Outlook Express) provides an easy means of doing so. Besides, a quick check of the email header, provides all the information I need to know that the message originated somewhere other than my own email account. In this particular case you relayed your email via a Yahoo mail server located in the USA.
I infected you with a malware a few months back when you visited an adult site, and since then, I have been observing your actions.
Really? Even on the very remote chance that I accidentally came across an “adult” site and that the site contained malware you had inserted, the odds of it being code that could infect my computer are orders of magnitude smaller. I don’t use a popular Web browser and I don’t use a popular operating system. While no operating system is perfect, any vulnerabilities discovered in Linux are patched almost immediately. This is one of the advantages of using an open source operating system. So unless your code is targeted specially towards Linux, and is using some as yet unidentified vulnerability that you discovered more than a year ago, it’s simply not possible to install malware at the operating system level.
The malware gave me full access and control over your system, meaning, I can see everything on your screen, turn on your camera or microphon and you won’t even notice about it.
Even in the extremely remote chance that malware has been installed, and that it had managed to gain root access when my logon user ID hasn’t, nor do any of the applications, including web browsers, have root access, your claim that the malware was capable of manipulating my camera and microphone is laughable, You see, there needs to be a camera or microphone for you to manipulate. There isn’t. But ignoring that inconvenient truth, shall we continue?
I also have access to all your contacts.
Aside from having access to a nonexistent camera, your malware, you would need to have an intimate knowledge of my operating system, and the software installed. Your malware would have to know what software I use for my contacts and where on the system the information was stored. Give me that information and I might believe you.
Why your antivirus did not detect malware?
It’s simple. My malware updates its signature every 10 minutes, and there is nothing your antivirus can do about it.
As I run Linux on my computer, I have no need for antivirus software. You also clearly don’t understand what a signature is. It is not something within your malware. It’s something antivirus applications create from information gleaned from malware. It doesn’t matter how much your malware modifies bits of its code, the antivirus folk are clever enough to figure out how the modifications are made and build in a suitable method of identification. And as you have been sending me identical messages for more than a year, I have every confidence that if in fact there was any malware at all, every antivirus application would have long ago figured out how to identify it. So I have every confidence that even if I did run a version of Windows or MacOS, which I don’t, I would be well protected by any antivirus program I chose.
I made a video showing both you (through your webcam) and the video
you were watching (on the screen) while satisfying yourself.
With one click, I can send this video to all your contacts (email, social network, and messengers you use).
I’m rather fascinated by your claim. In fact I look forward to viewing said video. I’ve looked and looked, but for the life of me, I cannot find this web cam. Can you enlighten me?
You can prevent me from doing this.
To stop me, transfer $989 to my bitcoin address.
If you do not know how to do this, Google – “Buy Bitcoin”.
My bitcoin address (BTC Wallet) is 1Hmn2KAK2Z3VjkpMz26nmh9KVAV6KqYiYp
If you have access to my computer, could you not have simply accessed my bank account and my credit card details? The username and password for my online banking are stored in encrypted form within my web browser and surely it would be a trivial matter for you to obtain it, especially if you have access at the operating system level. You wouldn’t even need to decrypt the password. With your supposed knowledge it should be a trivial exercise to fool the browser into decoding it for you.
After receiving the payment, I will delete the video,
and you will never hear from me again.
You have 48 hours to pay. Since I already have access to your system
I now know that you have read this email, so your countdown has begun.
As it’s been close to 9000 hours since I received your first email, and I have received around to 200 subsequent messages, why should I believe this 48 hour deadline is any more final than all the others? It’s quite obvious that you have no idea whether or not I have read your message. The most common technique for knowing if an email has been read is by embedding web link to a transparent 1 x 1 gif. My email application does not display linked images by default. I have to explicitly enable it for each message. The other common technique is to include a flag requesting an acknowledgement when an email is read. My email application is configured to never send an acknowledgement. Besides, I read the contents of your email from within my online Spam filtering system control panel, which, not being an email client, can not open links nor send acknowledgements.
Filing a complaint will not do any good
because this email cannot be tracked.
I have not made any mistakes.
You fail to understand how emails are sent. I can tell exactly the last server and location that the message passed through before it arrived at my mail server (yes, I have my own mail server). Armed with that information and the cooperation of email server hosts, I can track the message to a vpn and beyond, or to a compromised computer. I’ll concede that I’m unlikely to find your identity, but that’s of little concern.
If I find that you have shared this message with someone else, I will immediately send the video to all of your contacts.
Well, as you can see I have shared it. Come on then, send the video. I dare you.
Take care
Of what?
Some further details for those still reading: Some of the messages contain a username and password that I possibly did use many years ago, but not in the last ten years. Over the three decades that I have had online access (does anyone remember NCSA Mosaic?), I have been notified a few times that a website I use has been hacked and and there’s a remote chance that user credentials might have been compromised. This is the most likely source of the user credentials included in some of the scam attempts. In most cases, they have been sites that I had stopped using, but even in the two cases where I am still an active user, I’m not particularly concerned.
You see, I never use the same username and password on more than one site. Yes folk, I’m one of those nerds that use a different user ID and password for every website, and for every computer login. Perhaps I’m fortunate in that I also own several domain names, and can create an unlimited number of email addresses. So even though a great many websites now require an email address as the user ID, I can still create a unique email address/user ID for each and every site.
What the scammer probably doesn’t realise is that every Spam filtering system worth its salt, now recognises such messages as Spam, and will have done so for many months. The intended recipient is unlikely to even see these blackmail attempts.
Another Spectrum 