Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

quickmac

macrumors 6502
Original poster
Feb 22, 2011
273
16
Hi all,

Just a heads up that I received a "scammer" email today trying to blackmail recipients by demanding bitcoin payment. It was great for a good laugh as the "scammer" claims they gained remote access to a device and recorded "fun adult" websites the recipient "visited" and that they were going to send the video to my "social media friends" if I didn't pay them $1,200 in bitcoin.

I was able to trace back the source of how they got my contact info because they listed my macrumors username and partial "now old" password for my account here . They didn't explicitly name MacRumors but since I only use this username here , it was pretty easy to figure out how they got my contact info.

Stay safe out there on the interwebs!
 
Hi all,

Just a heads up that I received a "scammer" email today trying to blackmail recipients by demanding bitcoin payment. It was great for a good laugh as the "scammer" claims they gained remote access to a device and recorded "fun adult" websites the recipient "visited" and that they were going to send the video to my "social media friends" if I didn't pay them $1,200 in bitcoin.

I was able to trace back the source of how they got my contact info because they listed my macrumors username and partial "now old" password for my account here . They didn't explicitly name MacRumors but since I only use this username here , it was pretty easy to figure out how they got my contact info.

Stay safe out there on the interwebs!
Some years back I got a call from someone I didn't recognize claiming to be a MacRumors moderator. Unless I know your number or you're in my contacts I do not answer calls.

So, this person left a voicemail going on and on about how I was in trouble for bringing up torrenting on the MacRumors forum and such and such. The number that was used was a Google Voice number so right away I knew it was some person trying to hide their real number.

A quick confirmation with MR mods revealed that they do not, under any circumstance, call members. Which I knew, but just wanted confirmation of.

So I blocked the number. Never heard from that person again.

But here's the thing. This was way before that whole Neighborhood SPAM call thing that's been happening and my number isn't listed.

Sure, a war dialer could have brought my number up for someone who was making spam calls but the caller was very specific about his tirade.

I can only think it was someone in a thread that was bent out of shape enough to seek out my number. Can't imagine what would have been said if I'd actually answered the call.
 
Hi all,

Just a heads up that I received a "scammer" email today trying to blackmail recipients by demanding bitcoin payment. It was great for a good laugh as the "scammer" claims they gained remote access to a device and recorded "fun adult" websites the recipient "visited" and that they were going to send the video to my "social media friends" if I didn't pay them $1,200 in bitcoin.

I was able to trace back the source of how they got my contact info because they listed my macrumors username and partial "now old" password for my account here . They didn't explicitly name MacRumors but since I only use this username here , it was pretty easy to figure out how they got my contact info.

Stay safe out there on the interwebs!
So how did they get password information? Username is one thing, given that it's just out in the open, but password is something completely different.
 
So how did they get password information? Username is one thing, given that it's just out in the open, but password is something completely different.

We did get hacked a while back (we emailed everyone when it happened) so it’s possible that db got circulated.

arn
 
Hi all,

Just a heads up that I received a "scammer" email today trying to blackmail recipients by demanding bitcoin payment. It was great for a good laugh as the "scammer" claims they gained remote access to a device and recorded "fun adult" websites the recipient "visited" and that they were going to send the video to my "social media friends" if I didn't pay them $1,200 in bitcoin.

I was able to trace back the source of how they got my contact info because they listed my macrumors username and partial "now old" password for my account here . They didn't explicitly name MacRumors but since I only use this username here , it was pretty easy to figure out how they got my contact info.

Stay safe out there on the interwebs!

I got the same thing a few days ago.
 
I got the same thing a few days ago.

Same here - albeit unrelated to MR's previous breach. Got a nice email with an old password I haven't used in 5 years appended to the subject line. Silly part is I use a different password on every site, and have done so since ~2009ish. Tracked it down to a vBulletin breach on an auto forum I used to regular.

Stuff like this is the reason why I like to:

  1. Use a different password on every site (lastpass, 1pass, etc)
  2. Try to use email aliases to mark what site the email is used on. For instance me+macrumors@gmail - it makes it trivial to track where breaches occur... you'd be surprised (maybe not?) of how many go unreported.
 
Read somewhere the other day that this is going around, and not just MR. If your email/password/PII was caught up in any breach, they will try to scam you with this blackmail scheme.

As mentioned earlier, big tell if scam is that you see a password that you have not used in ages. If still using the same password on all your sites, 1) shame on you 2) can see how people fall for this (omg! They do have my info!).

ADD: Krebs post on this. https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/
 
Last edited:
  • Like
Reactions: jeremysteele
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.