Perhaps others should check their status:
Today’s email:
|from:|Charlene Buzard<lqbrigidrm@outlook.com>|
|to:|“fred@gmail.com ” <fred@gmail.com>|
|date:|Dec 21, 2018, 5:35 AM|
|subject:|fred - B4n8k0k|
|mailed-by:|outlook.com|
|signed-by:|outlook.com|
|security:||
Contents:
Charlene Buzard <lqbrigidrm@outlook.com>|5:35 AM (7 hours ago)||
I’m Charlene. B4n8k0k is your pass:) I have the recording of your cam showing your nasty sexual doings and video you streamed with the help of my backdoor which was there on the site you watched the adult video. In the tape you are actually looking exciting.
Your email and FB contacts were afterward sent to me by the malware.
I will send your recording to your contacts unless you send me $1107 via B I T C O I N S within the next 36 hours to the below address:
Bit coin Address: 1BKSfJkv8xNqgcNgdXrkBPXHnN7X2Rrxd1
Copy and Paste address because it is CasE SenSiTiVe.
Once money is received by me, I will delete your video and every bit of details I have about you.
If I do not receive the money, I will send your video to every contact of yours. Visualize concerning the shame you will see. and likewise if you happen to be in a relationship, exactly how it would affect?
If you want proof? Reply “Yes”, & I’ll email your video to 8 of your mail contactsinstantly.
Warmest regards - Charlene
Fortunately the password is currently valid but on sites which I no longer frequent.
Must go the cleaners have just arrived, back again after lunch
Fantastic. You’re going to pay, obviously?
3 Likes
Gandalf
December 21, 2018, 9:50am
3
The cleaners have arrived? Aren’t they supposed to take you to them?
3 Likes
I followed the instructions by copying and pasting the Bitcoin casesensitive string but Google could not find any relevant pages?
Three of the apartment’s cleaners come on demand rather than a regular basis and cost 500 Baht for a couple of hours. They always make a grand job. I have yet to be taken to the cleaners
1 Like
Well there’s your problem - Google was nowhere in the instructions
1 Like
Erik_J
December 21, 2018, 11:23am
8
It’s a scam/trap!!!
Be cool, just don’t act on the message!
I’ve read about that fishing strategy a few times but can’t recall any link atm, will post links later.
I think https://krebsonsecurity.com/ has an article and advice for this,
1 Like
Erik_J:
It’s a scam/trap!!!
I would hope that everyone here was fully aware of that from the start.
4 Likes
Erik_J
December 21, 2018, 11:28am
10
And I’m inclined to jump into conclusions.
3 Likes
Erik_J
December 21, 2018, 11:35am
11
Here’s a link to the article about the investigation “Krebs on Security” published in August:
3 Likes
Dang John, what did you do? You must have gotten someone beyond mad that they had recordings of your nasty.
I checked mine and none of mine were compromised.
2 Likes
Erik_J
December 21, 2018, 2:07pm
13
No offense; sure that site isn’t harvesting email addresses and their status?
We all know how to earn extra money:
Yes I’m a daily visitor at that site, and many others about security issues.
1 Like
Gandalf
December 21, 2018, 2:27pm
14
I think https://haveibeenpwned.com/ is legit. I had the same thought when I first heard about it.
2 Likes
Instead of checking your personal emails, try a friends’
I checked a couple of my very, very old jrutherford_uk Hotmail and Yahoo accounts and they were clear? Only the later Gmail accounts were compromised.
I just checked again and these were some of the surprising results where you may have accounts:
![Adobe logo]
Adobe: In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text. The password cryptography was poorly done and many were quickly resolved back to plain text . The unencrypted hints also disclosed much about the passwords adding further to the risk that hundreds of millions of Adobe customers already faced.
Compromised data: Email addresses, Password hints, Passwords, Usernames
DaniWeb: In late 2015, the technology and social site [DaniWeb](https://www.daniweb.com/) suffered a data breach. The attack resulted in the disclosure of 1.1 million accounts including email and IP addresses which were also accompanied by salted MD5 hashes of passwords. However, DaniWeb have advised that "the breached password hashes and salts are incorrect" and that they have since switched to new infrastructure and software.
Compromised data: Email addresses, IP addresses, Passwords
Dropbox: In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers. In August 2016, they forced password resets for customers they believed may be at risk . A large volume of data totalling over 68 million records was subsequently traded online and included email addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt).
Compromised data: Email addresses, Passwords
LinkedIn: In May 2016, LinkedIn had 164 million email addresses and passwords exposed . Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data.
Compromised data: Email addresses, Passwords
MySpace: In approximately 2008, MySpace suffered a data breach that exposed almost 360 million accounts . In May 2016 the data was offered up for sale on the “Real Deal” dark market website and included email addresses, usernames and SHA1 hashes of the first 10 characters of the password converted to lowercase and stored without a salt. The exact breach date is unknown, but analysis of the data suggests it was 8 years before being made public .
Compromised data: Email addresses, Passwords, Usernames
tumblr: In early 2013, tumblr suffered a data breach which resulted in the exposure of over 65 million accounts. The data was later put up for sale on a dark market website and included email addresses and passwords stored as salted SHA1 hashes.
Compromised data: Email addresses, Passwords
My feeble attempt at a personal solution is to restrict sensitive information because if hackers really and truly want your data there is no satisfactory solution:
According to expert Eugene Kaspersky , the worm also infected a nuclear power plant in Russia. Kaspersky noted, however, that since the power plant is not connected to the public Internet, the system should remain safe.[34]
Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing substantial damage to the nuclear program of Iran. Although neither country has openly admitted responsibility, the worm is widely understood to be a cyberweapon built jointly by the United States and Israel in a collaborative effort known as Operation Olym
1 Like
Erik_J
December 21, 2018, 3:49pm
16
Come to think of, as this thread doesn’t reveal any personal details other than your old email address (that I’m sure a mod could remove), this topic could be appropriate in the community category.
What do you think, @John_Betong and @Gandalf about moving this thread?
1 Like
No problem as long as my emails are removed.
Also Googling for the following reveals numerous interesting results,
I have the recording of your cam showing your nasty sexual doings and video you streamed with the help of my backdoor which was there on the site you watched the adult video. In the tape you are actually looking exciting.
1 Like
Perhaps you were more careful or just very lucky
I hope so. I try to practice standard security practices so I try to make my passwords as hard as I can. Plus, I usually remember my passwords as sequences so it isn’t really that hard for me to remember.
The problem is there still a lot of sites storing plain text passwords and there is no way for you to know that they are.
3 Likes