hacked email, threatening letter...

Discussion in 'Mac Basics and Help' started by fisherking, Dec 1, 2018.

  1. fisherking macrumors 604

    fisherking

    Joined:
    Jul 16, 2010
    Location:
    ny somewhere
    #1
    not sure which forum to post this on.

    i got an email yesterday, allegedly from "name@urbanpenguin.com", that showed my email address AND password. just warning ppl about this! and wondering if anyone has thoughts/suggestions about it (ie where to forward it. i WILL let my email host know about it.

    this is the letter (i've removed my email and password):

    Hello!

    I have very bad news for you.
    03/08/2018 - on this day I hacked your OS and got full access to your account EMAIL ADDRESS
    On this day your account EMAIL ADDRESS has password: PASSWORD

    So, you can change the password, yes.. But my malware intercepts it every time.

    How I made it:
    In the software of the router, through which you went online, was a vulnerability.
    I just hacked this router and placed my malicious code on it.
    When you went online, my trojan was installed on the OS of your device.

    After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

    A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
    But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
    I'm talk you about sites for adults.

    I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!

    And I got an idea....
    I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
    After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
    Turned out amazing! You are so spectacular!

    I'm know that you would not like to show these screenshots to your friends, relatives or colleagues.
    I think $727 is a very, very small amount for my silence.
    Besides, I have been spying on you for so long, having spent a lot of time!

    Pay ONLY in Bitcoins!
    My BTC wallet: 1FgfdebSqbXRciP2DXKJyqPSffX3Sx57RF

    You do not know how to use bitcoins?
    Enter a query in any search engine: "how to replenish btc wallet".
    It's extremely easy

    For this payment I give you two days (48 hours).
    As soon as this letter is opened, the timer will work.

    After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
    If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your "enjoys".

    I hope you understand your situation.
    - Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
    - Do not try to contact me (you yourself will see that this is impossible, the sender address is automatically generated)
    - Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.

    P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
    This is the word of honor hacker

    I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.

    Do not hold evil! I just do my job.
    Good luck.
     
  2. AlliFlowers Contributor

    AlliFlowers

    Joined:
    Jan 1, 2011
    Location:
    L.A. (Lower Alabama)
    #2
    I have gotten four of those. I've asked all my friends to let me know if they get these screen caps.

    Who the ell watches porn on a small screen. LOL!
     
  3. SandboxGeneral, Dec 1, 2018
    Last edited: Dec 1, 2018

    SandboxGeneral Moderator emeritus

    SandboxGeneral

    Joined:
    Sep 8, 2010
    Location:
    Detroit
    #3
  4. StellarVixen macrumors 68000

    StellarVixen

    Joined:
    Mar 1, 2018
    Location:
    Earth
    #4
    I find this very hard to believe. They may have your email password, but it is highly unlikely they did all they claim without root privilege.

    Do not tell me you have the root disabled?
     
  5. AlliFlowers Contributor

    AlliFlowers

    Joined:
    Jan 1, 2011
    Location:
    L.A. (Lower Alabama)
    #5
    Trust me. They didn't do what they say. Sixty year old women don't watch porn online.
     
  6. StellarVixen macrumors 68000

    StellarVixen

    Joined:
    Mar 1, 2018
    Location:
    Earth
    #6
    Oh, there it goes, i guess. :)
     
  7. AlliFlowers Contributor

    AlliFlowers

    Joined:
    Jan 1, 2011
    Location:
    L.A. (Lower Alabama)
    #7
    If I'm going to watch porn, they need to hack my inside cameras, cause I would only watch it on the 56" television. At this age, you can barely watch youtube on the small screen. ;)
     
  8. fisherking thread starter macrumors 604

    fisherking

    Joined:
    Jul 16, 2010
    Location:
    ny somewhere
    #8
    am pretty tech-savvy (i do freelance mac support, 15 years now); they had 95% of my password correct. am sure no one's gotten data off my mac, and there are lots of 'giveaways' in the email ('the OS of your device'); still, they did have the password, and i wanted discussion here.

    sandbox general: thanks for the info, will forward the email on...
     
  9. AlliFlowers Contributor

    AlliFlowers

    Joined:
    Jan 1, 2011
    Location:
    L.A. (Lower Alabama)
    #9
    Oh, they had my password correct. But it was a password I haven't used anywhere for anything in over ten years.
     
  10. BasicGreatGuy Contributor

    BasicGreatGuy

    Joined:
    Sep 21, 2012
    Location:
    In the middle of several books.
    #10
    I agree with the general. The email was a phishing attempt.
     
  11. fisherking thread starter macrumors 604

    fisherking

    Joined:
    Jul 16, 2010
    Location:
    ny somewhere
    #11
    my password was an old one, too (that i'd slightly modified in the last few years). and i know nothing's been accessed on my mac. also, am confident that my mac's camera isn't looking at my screen (!). just thought to share this; am hoping ppl don't fall for it (and am sure some will), and pay out...
     
  12. MacDawg macrumors Core

    MacDawg

    Joined:
    Mar 20, 2004
    Location:
    "Between the Hedges"
    #12
    This exact scam made the rounds at work over the past few months
     
  13. Phil A. Moderator

    Phil A.

    Staff Member

    Joined:
    Apr 2, 2006
    Location:
    Shropshire, UK
    #13
    This is a well know phishing scam - they get your password from other breaches (if you reuse your passwords you are more likely to fall for it) and then just send these emails out en masse.

    Here's a link explaining it in a bit more detail
     
  14. StellarVixen macrumors 68000

    StellarVixen

    Joined:
    Mar 1, 2018
    Location:
    Earth
    #14
    Your password is a result of some data breach that happened in the past, probably. Hence why your passwords are mostly those that you remember, but are not using anymore.

    It is a good practice to change your passwords often.
     
  15. BasicGreatGuy Contributor

    BasicGreatGuy

    Joined:
    Sep 21, 2012
    Location:
    In the middle of several books.
    #15
    By using a program like 1Password. :)
     
  16. StellarVixen macrumors 68000

    StellarVixen

    Joined:
    Mar 1, 2018
    Location:
    Earth
    #16
    Is this some kind of advertisement? :)
     
  17. MacDawg macrumors Core

    MacDawg

    Joined:
    Mar 20, 2004
    Location:
    "Between the Hedges"
    #17
    I use 1Password and it is great, and I use extremely long/complicated passwords
    However, if your account is part of a data breach, having strong passwords isn't a protection
    Using something like https://haveibeenpwned.com/ to check for breaches can be a call to change the password regardless of how good it is
     
  18. SandboxGeneral Moderator emeritus

    SandboxGeneral

    Joined:
    Sep 8, 2010
    Location:
    Detroit
    #18
    Or another option is LastPass. :)
     
  19. chrfr macrumors 604

    Joined:
    Jul 11, 2009
    #19
    Your password was compromised somewhere else. In my case, it was probably Adobe’s big breech several years ago. They have not compromised your computer.
     
  20. Fishrrman macrumors P6

    Fishrrman

    Joined:
    Feb 20, 2009
    #20
    A friend got one of these.

    He ignored it.

    Nothing happened.

    I suggest you do the same.
     
  21. BasicGreatGuy Contributor

    BasicGreatGuy

    Joined:
    Sep 21, 2012
    Location:
    In the middle of several books.
    #21
    Personal endorsement although I am available for corporate events and anywhere else with a captive audience. :eek:
     
  22. fisherking thread starter macrumors 604

    fisherking

    Joined:
    Jul 16, 2010
    Location:
    ny somewhere
    #22
    am gonna pay twice what i was asked for, so i will be twice as safe. :cool:

    am not paying anything, i know it's a phishing email. but good to know others have gotten it, and some useful links in this thread.

    thanks all!
     
  23. Panthera Tigris Altaica macrumors member

    Panthera Tigris Altaica

    Joined:
    Nov 29, 2018
    Location:
    In the Frozen North, of course.
    #23
    I got a similar email a few months ago, quoting a password I had used exactly once: for my Adobe account, which I _know_ was one of the accounts pwned in the breach in 2013. https://krebsonsecurity.com/2013/10/adobe-breach-impacted-at-least-38-million-users/

    I no longer even have the machine I used when I set up that account. At the time I standardised on using 10-character passwords. I have since gone to 15 character passwords. As the password they quoted was 10 characters, it was instantly identifiable as being obsolete. Identifying which account I used that password on was a matter of checking my password list, which took seconds.

    What we have here is a bunch of skiddies who bought a list of accounts from someone else and are just trying their luck.
     
  24. Lioness~ macrumors 65816

    Joined:
    Apr 26, 2017
    #24
    Exactly.
    Got a few of those too I saw in my spam.

    Guess they hope they can scare some teens.
    Which I’m not.
     
  25. adrianlondon macrumors 65816

    adrianlondon

    Joined:
    Nov 28, 2013
    Location:
    Switzerland
    #25
    I've received a few of those. I even read the first one right through, as I found it entertaining.

    However, it's just some old password you once used on a site that was likely hacked years ago, and then placed next to an email address they have for you. For example, the password they say they hacked for me is a very simple one I used to use on websites I assumed to be insecure. It's never been used for any of my email addresses.

    tldr; ignore and delete
     

Share This Page

24 December 1, 2018