#  >  > Computers Can Be Fun >  >  > Computer News >  >  Nasty email. Advice, please!

## Shutree

I woke this morning to find a new email sitting in my In Box:

I know, XXXXXXXXX, is your password. You don't know me and you're thinking why you received this e mail, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you've got a fine taste haha), and next part recorded your webcam (Yep! It's you doing nasty things!).

What should you do?

Well, I believe, $1900 is a fair price for our little secret. You'll make the payment via Bitcoin to the below address (if you don't know this, search "how to buy bitcoin" in Google).

BTC Address:
bc1q9tr9r6upskz3alyaaytysw6tdj50pa3m65du36
(It is cAsE sensitive, so copy and paste it)

Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don't get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately. If you want evidence, reply with "Yes!" and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don't waste my time and yours by replying to this email.

Gustie


I know, XXXXXXXXX, is your password. You don't know me and you're thinking why you received this e mail, right?


Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access
 to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.


What exactly did I do? 

I made a split-screen video. First part recorded the video you were viewing (you've got a fine taste haha), and next part recorded your webcam (Yep! It's you doing nasty things!).


What should you do? 

Well, I believe, $1900 is a fair price for our little secret. You'll make the payment via Bitcoin to the below address (if you don't know this, search "how to buy bitcoin" in Google).


BTC Address: 
bc1q9tr9r6upskz3alyaaytysw6tdj50pa3m65du36 
(It is cAsE sensitive, so copy and paste it) 

Important: 

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don't get the payment, I will send your video to all of your contacts including relatives, coworkers,
 and so forth. Nonetheless, if I do get paid, I will erase the video immidiately. If you want evidence, reply with "Yes!" and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don't waste my time and yours by replying to
 this email. 

Gustie

----------


## tomcat

1. report the email to the appropriate authorities immediately...
2. set up a new email account for your current contact list and inform all the old email has been discontinued...
3. in the event the threat is real, grow a mustache, shave your head, wear dark sunglasses...and stay away from the gardener...

----------


## AntRobertson

It's a common spam / scam email, just ignore it.

----------


## baldrick

reply yes and ask if he can upload it to you pornhub channel so you can monetise the video

----------


## Shutree

1. The password quoted (redacted here) is/was one of my passwords, together with the Hotmail address which received the message. I used it for 2 sites: AirAsia and Facebook.
2. I updated these sites' passwords some time back. Probably the last time it was keyed on my computer would be a year or so back, at the time I upgraded to more secure passwords.
3. I run Firefox, set to never remember passwords.
4. I run AVG and Malwarebytes, only the free versions.
5. I am an infrequent visitor to porn sites, nothing in the past month or more.

So, what to do?

----------


## Shutree

> 1. report the email to the appropriate authorities immediately...


The message came from an Outlook.com address and was sent to my Hotmail account. So the appropriate authority here is Microsoft?

----------


## crackerjack101

I got the same. I just deleted it.

----------


## hallelujah

> 1. The password quoted (redacted here) is/was one of my passwords, together with the Hotmail address which received the message. I used it for 2 sites: AirAsia and Facebook.
> 2. I updated these sites' passwords some time back. Probably the last time it was keyed on my computer would be a year or so back, at the time I upgraded to more secure passwords.
> 3. I run Firefox, set to never remember passwords.
> 4. I run AVG and Malwarebytes, only the free versions.
> 5. I am an infrequent visitor to porn sites, nothing in the past month or more.
> 
> So, what to do?


As Ant said, it's a common spamming/scamming email.

Sextortion Scam Uses Recipient’s Hacked Passwords —  Krebs on Security

I got the same a while back in my spam folder.

----------


## PlanK

> 1. The password quoted (redacted here) is/was one of my passwords, together with the Hotmail address which received the message. I used it for 2 sites: AirAsia and Facebook.



Did you use the passwords on any machines other than your own?
Do you have a webcam?  Do you have it pointing at you all the time?

----------


## armstrong

It's a common scam. There is no video of you jerking off. The fact that you do is just a happy coincidence.

Ignore it.

----------


## Chittychangchang

Report as phishing scam.

I get these through my hotmail account and have parental settings on my web service provider.
That means no porn,no exam cheats and no bomb making recipes etc.

----------


## Shutree

Thanks to all. 
The password quoted is very old. Presumably it was grabbed through a hack on one of the websites.
I shall ignore. And hope.

----------


## russellsimpson

Hell, I would completely ignore this. I presume this was in your junk mail.

So just block and ignore.  These folks work on volume.  They will find enough suckers who  fall for this shit without persuing a fine upstanding gent like yours truly.

Fuck them.

Carry on and take care.

----------


## hallelujah

Next time you're "viewing" such websites, to be on the safe side, it might be wise to deposit the images in the wank bank (see Betty's thread from a couple of weeks ago) before making a withdrawal at a later time.  :smiley laughing:

----------


## Edmond

> Advice, please!


Cover your webcam when meeting Palmela Handerson and her 5 sisters.

----------


## VocalNeal

Why I have a piece of tape over my notebook camera. 

On the plus side the email is probably from your gardener?

----------


## kmart

> Next time you're "viewing" such websites, to be on the safe side, it might be wise to deposit the images in the wank bank (see Betty's thread from a couple of weeks ago) before making a withdrawal at a later time.


Very ahem, handy advice. Also, never masturbate in front of a "smart" tv. Or Alexa..

----------


## Edmond

Or grandparents.

----------


## lom

> I got the same. I just deleted it.


I got 2 during last year. I don't have a webcam  :rofl:

----------


## harrybarracuda

> 1. The password quoted (redacted here) is/was one of my passwords, together with the Hotmail address which received the message. I used it for 2 sites: AirAsia and Facebook.
> 2. I updated these sites' passwords some time back. Probably the last time it was keyed on my computer would be a year or so back, at the time I upgraded to more secure passwords.
> 3. I run Firefox, set to never remember passwords.
> 4. I run AVG and Malwarebytes, only the free versions.
> 5. I am an infrequent visitor to porn sites, nothing in the past month or more.
> 
> So, what to do?


Two things:

You say it was an old password, so it's obviously been involved in a breach at some stage. Go to this website and put in your email address, and it will tell you where.

haveibeenpwned.com

Obviously if there are any accounts you have forgotten about, you might want to go and delete the account or reset the password.

All of this data comes from dumps on the dark web or sites like PasteBin, which is where the hackers get it from and then chance their arm that you have knocked one out to a bit of goat porn.

I even had a mate ring me in a panic about one of these until I reminded him that his steam driven laptop didn't actually have a webcam.

The second part - the email - is a bit different. It's pointless doing anything with it because it's probably fake; all they are interested in is the Bitcoin payment, they don't give a fuck about whether you want to email them or not.

It's just not worth the effort.

Just delete the fucking thing.

And invest in something like this.

https://www.amazon.com/Computer-Smar...6498269&sr=8-3


Oh, and passwords:

Use a unique, complex password on important accounts, and two-factor authentication where you can (using a second factor like an SMS or an Authenticator app; Microsoft has one, so does Google).

Using the same password on every site is really fucking dumb unless you don't give a shit about them being compromised.

----------


## Shutree

> Go to this website and put in your email address, and it will tell you where.
> 
> haveibeenpwned.com


Interesting site, thanks. It indicated 3 problems on my hotmail account, only one of which mentioned password compromise, and that was LinkedIn, where I have a unique password, not the one that prompted this thread. So I will go and change that.

Meanwhile, I count that I have 108 passwords. I found a couple of duplicates. So that is my next job.

----------


## Shutree

> And invest in something like this.
> 
> https://www.amazon.com/Computer-Smar...6498269&sr=8-3


I invested in a piece of folded cardboard that was once part of the packaging around a tin of Ayams Sardines in Olive Oil. Crude but effective. So long as I remember after a few dry martinis where I put it.
 :Biggrin:

----------


## sabang

Ask for your money back.

----------


## klong toey

PM sent.

----------


## Bettyboo

> Cover your webcam when meeting Palmela Handerson and her 5 sisters.


There's 6 of them?




Change your passwords...

----------


## Shutree

> Change your passwords...


Indeed. This was one of those "I must get around to it one day" projects. Now, sitting at home all day, for the first time in a long while I actually have no excuse.

The compromised password that provoked this thread is not in current use anywhere. The others will be one by one, could take a while.

I already changed my TD pasword. A hundred more to go.

----------


## PlanK

> I already changed my TD pasword. A hundred more to go.



Password hint: Don't use 'ButtflySuck$Ladyb0yC0ck'.
There's already 27 members using that.

----------


## AntRobertson

> There's already 27 members using that.


26... Changed mine this morning.

----------


## Shutree

> PM sent.


Nothing appeared at my end. Would it usually take that long?

----------


## PlanK

^^

Hope you didn't change it to 'Moho1sAgorl3ssTwat' cause that's my password.

----------


## AntRobertson

> Hope you didn't change it to 'Moho1sAgorl3ssTwat' cause that's my password.


...













Gawdamnit!  :Sad:

----------


## Looper

> 5. I am an infrequent visitor to porn sites


Goats? Gerbils?

Animal stuff would be a tad embarrassing - although eels inside Japaneses ladies' vaginas are OK.

----------


## Shutree

> eels inside Japaneses ladies' vaginas are OK.


Eels? I have led a sheltered life, apparently.

----------


## crackerjack101

Can one charge the person demanding the money a charge for being able to watch me wank? It would only seem fair.
Incidentally, Mr scammer, there's no one who would give a tinkers fuck of watching me wanking. 
At my age, with the diseases I've got I'd pay to enjoy the evidence of my virility..

Good luck to you.

----------


## HuangLao

> 1. report the email to the appropriate authorities immediately...
> 2. set up a new email account for your current contact list and inform all the old email has been discontinued...
> 3. in the event the threat is real, grow a mustache, shave your head, wear dark sunglasses...and stay away from the gardener...



Appropriate authorities, indeed....

 :Roll Eyes (Sarcastic):

----------


## snakeeyes

*Is this Luigi *

----------


## Iceman123

> *Is this Luigi *


nah, it’s just a new wanker

----------


## Saint Willy

> 5. I am an infrequent visitor to porn sites, nothing in the past month or more.


eh?  a whole month? Clearly we have different ideas of what infrequent means....





> Password hint: Don't use 'ButtflySuck$Ladyb0yC0ck'.
> There's already 27 members using that.


bugger

----------


## Hugh Cow

I'm surprised that such an email would bother you. It's obvious you dont post often on TD otherwise you would be use to all kinds of lies, abuse etc on the internet. Maybe if you feel the need to satisfy your "proclivities", may I suggest Cujos' Puppies thread where you will encounter quite a few delightful hairy critters.

----------


## Saint Willy

> aybe if you feel the need to satisfy your "proclivities", may I suggest Cujos' Puppies thread where you will encounter quite a few delightful hairy critters.


And TeakDoor _promises_ not to capture your webcam and film your 'me' time....  ::doglol::

----------


## jabir

> The message came from an Outlook.com address and was sent to my Hotmail account. So the appropriate authority here is Microsoft?


Sorry mate but MS are hopeless in security matters, as I discovered when my system was hacked last year, hotmail accounts hijacked, passwords/phone/linked accounts changed, and quite a bit of money stolen. Their security team were most polite but useless, and even after months of communication after they verified me as the real account holder, the hacker's email address and phone number still pwn what were my main hotmail accounts.  

Now switched everything to gmail, hopefully but probably no safer.

----------


## Saint Willy

> what were my main hotmail accounts.





> last year,


You still had hotmail accounts in 2019?


 :rofl:

----------


## qwerty

I went to the pwned website and read the details there.  What strikes me is that passwords and usernames are being compromised through hacks of Yahoo, Gmail, etc., and yet the advice is to make a longer and more complicated password.

The hack is not of your individual password, it's at your email provider and having the most random, long and difficult password won't help you if someone has access to the database where your information is stored.  Instead, the best protection would be to change your password often, perhaps every 2 weeks or every month.

----------


## harrybarracuda

> The hack is not of your individual password


Er... yes it is. In the case of Yahoo they dumped the entire username/password database, and Yahoo sent an email to everyone affected (it happened twice) telling you to reset your password.

The best protection is to use two factor authentication, either via SMS or better still an authenticator app.

And if you have a newish PC with Windows 10, use a PIN - it is tied to the device so a hacker can't get in unless he is literally sat in front of your computer.

If you have a new laptop with fingerprint reader or IR camera then you can use biometrics instead.

For email on your mobile, Just google "two step authentication Google Authenticator", it will handle Gmail and Hotmail.

----------


## Saint Willy

Forget Nasty Email this is a Video Nasty!

----------


## jabir

> I went to the pwned website and read the details there.  What strikes me is that passwords and usernames are being compromised through hacks of Yahoo, Gmail, etc., and yet the advice is to make a longer and more complicated password.
> 
> The hack is not of your individual password, it's at your email provider and having the most random, long and difficult password won't help you if someone has access to the database where your information is stored.  Instead, the best protection would be to change your password often, perhaps every 2 weeks or every month.


Yes, just like bank or company frauds, most www frauds/hacks involve insiders or access to supposedly secure data. 

Can't speak for private email servers but none of the public email accounts are safe, even though the retard aka KW finds it amusing that people still use them. 

Just google email password hacks, take your pick, give them the address, they will send you a screenshot of the inbox, you send them the money or btc and a few minutes later receive the password. This has become a public service, and with little attempt by the main providers to close it down or beef up security seeing as they know those in the dark web are never more than a single step behind whatever they can throw at it.

----------


## jabir

> Er... yes it is. In the case of Yahoo they dumped the entire username/password database, and Yahoo sent an email to everyone affected (it happened twice) telling you to reset your password.
> 
> The best protection is to use two factor authentication, either via SMS or better still an authenticator app.
> 
> And if you have a newish PC with Windows 10, use a PIN - it is tied to the device so a hacker can't get in unless he is literally sat in front of your computer.
> 
> If you have a new laptop with fingerprint reader or IR camera then you can use biometrics instead.
> 
> For email on your mobile, Just google "two step authentication Google Authenticator", it will handle Gmail and Hotmail.


All of those and more are deterrents to make it more difficult for someone to get into your private areas. Problem here is it's left to users that don't wish to be inconvenienced by 2FA, OTP or sms several times a day.

----------


## Dillinger

> Just google email password hacks, take your pick, give them the address, they will send you a screenshot of the inbox, you send them the money or btc and a few minutes later receive the password. This has become a public service, and with little attempt by the main providers to close it down or beef up security


Do you have a link to that? Or are you on the dark web, cus I couldn't see any sites offering that

----------


## Dillinger

> The password quoted (redacted here) is/was one of my passwords, together with the Hotmail address which received the message. I used it for 2 sites: AirAsia and Facebook.


You've obviously opened a dodgy link possibly one looking like Hotmail.com or similar as they use outlook.com now.

----------


## Iceman123

8


> The password quoted (redacted here) is/was one of my passwords, together with the Hotmail address which received the message. I used it for 2 sites: AirAsia and Facebook.


and therein lies the culprit, - its Airasia - they hate wankers on their flights.

----------


## Saint Willy

> Just google email password hacks, take your pick, give them the address, they will send you a screenshot of the inbox, *you send them the money or btc* and a few minutes later receive the password.


You've done that have you?

----------


## jabir

> Do you have a link to that? Or are you on the dark web, cus I couldn't see any sites offering that


My bad, should've checked for the current situation before posting, seems those services have been filtered out at least on the front end; and no, I wouldn't fare well on the dark web.

About 8 years ago I used one from dozens of services offering as described, to access the account of a deceased person, cost was $100 (+$17 for western union).

At the time there was no btc option, last I looked about 3-4 years ago there was, so it must have been since that they were seen off.

----------


## harrybarracuda

> Yes, just like bank or company frauds, most www frauds/hacks involve insiders or access to supposedly secure data.


Well they don't. Most of them involve phishing: Persuading someone to type in their credentials, click on a link or open a file; often in tandem with them not patching their machines because they are too stupid to understand what it means.




> Can't speak for private email servers but none of the public email accounts are safe, even though the retard aka KW finds it amusing that people still use them.


With the exception of Yahoo, they generally are - PROVIDING you use a second factor.




> Just google email password hacks, take your pick, give them the address, they will send you a screenshot of the inbox, you send them the money or btc and a few minutes later receive the password. This has become a public service, and with little attempt by the main providers to close it down or beef up security seeing as they know those in the dark web are never more than a single step behind whatever they can throw at it.


That might have been the case 8 years ago, but it isn't now, unless the person in question is a fucking idiot and can be phished that quickly.

----------


## harrybarracuda

> Do you have a link to that? Or are you on the dark web, cus I couldn't see any sites offering that


People offer it on the dark web, but usually it involves spear phishing. 

They will offer to get you individual email addresses or even access to whole domains, but it's almost always spear phishing.

The second most popular avenue is insecure websites.

----------


## Fondles

I got that email too.

I made a vid of me rubbing one out and sent it back to them.

----------


## harrybarracuda

Seems they have added a new twist....

----------


## David48atTD

Yep ... I just got the same.

The slightly worrying this is that the password quoted is from a few years ago and has been changed twice since.

The only time I use this password is for my main banking account.




> Hello!
> 
> Î am a hacker who haș acceșș to your operatîng șyștem.
> Î alșo have full acceșș to your account.
> 
> Thîș meanș that î have full acceșș to your devîce: At the tîme of  hackîng your account (***********.com.**) had thîș pașșword: *******
> 
> You can șay: thîș îș my, but old pașșword!
> Or: î can change my pașșword at any tîme!
> ...


Oh course, I never do the things described  :Smile:  

No webcam on this desktop ... hence no video as he infers.

----------


## harrybarracuda

> Yep ... I just got the same.
> 
> The slightly worrying this is that the password quoted is from a few years ago and has been changed twice since.


Why is that worrying?

Once a breach is dumped on the interwebs, it's there for life, and muppets and script kiddies go searching for that shit, put it together and try and pretend they're the ones who did the hacking.

----------


## TTraveler

I'm not used to seeing email scams written in standard English with proper punctuation, grammar and such, so when I got one of those threat emails, it got me a bit more alarmed than usual. Definitely a step up from the Nigerian Prince who used to email me quite often.

----------


## harrybarracuda

Myst be that time of year, someone is obviously sending these out again.

I get lots of panicky phone calls and emails, but it occurs to me that they are all from men.

Don't women ever knock one out to a bit of porn then?

----------


## YourDaddy

Where can I send the payment?

----------


## Chittychangchang

> I'm not used to seeing email scams written in standard English with proper punctuation, grammar and such, so when I got one of those threat emails, it got me a bit more alarmed than usual. Definitely a step up from the Nigerian Prince who used to email me quite often.


There's an excellent thread on here by one of our members who wound them back up to perfection for days,  think it may have been PH.
Anyone got a link?

----------


## lom

> think it may have been PH.


I think it was Doug

----------


## Chittychangchang

> I think it was Doug


Yes possibly, quite a long thread if I recall correctly. 

Really had the Nigerian scammers hooked.

----------


## Saint Willy

Aka Cujo

----------


## PlanK

Was a popular thing to do on this forum's predecessor.
DD was a keen 419er.
TMB did it better.

The good old days when an entire forum would get together to collectively troll other forums.

----------


## Fondles

Ive had a few of them, my delete button sorts them.

----------


## harrybarracuda

> Yes possibly, quite a long thread if I recall correctly. 
> 
> Really had the Nigerian scammers hooked.


I think you'll find it was yours truly.

The Anus Computers Scambait.




theScamBaiter.com - Anus Laptops: The Martins Cole Saga "09/2004 - 03/2005"

----------


## Buckaroo Banzai

Reply  " Did you like what you saw? "

----------


## cisco999

> I got the same. I just deleted it.



I'd do likewise and include a big fuk U as a part of the message..

----------


## deeks

> I think you'll find it was yours truly.
> 
> The Anus Computers Scambait.
> 
> 
> 
> 
> theScamBaiter.com - Anus Laptops: The Martins Cole Saga "09/2004 - 03/2005"



Harry, that was the best read I've had in years. Where did get the patients from?

----------


## harrybarracuda

What?

----------


## harrybarracuda

> Reply  " Did you like what you saw? "


Clever idea. Now they know your email account is active and can be added to to their lists for spam and phishing messages.

 :bananaman:

----------


## Cujo

Mine was this one

Desperate phone vendor turns to blackmail

----------


## Backspin

Put a piece of eclectical tape over your webcam so that scammers can't blackmail you with footage of your compulsive masturbating sessions

----------


## David48atTD

^  I have a desktop, so no cam to tape over while I'm watch the Church Choir sing  :Smile: 

What worried me was that they had an older version of my Banking Password.

---

Agreeing with Harry, don't reply as it just confirms yours is an active legit email address.

----------


## harrybarracuda

> Put a piece of eclectical tape over your webcam so that scammers can't blackmail you with footage of your compulsive masturbating sessions


That's different.

----------


## Cujo

> ^  I have a desktop, so no cam to tape over while I'm watch the Church Choir sing 
> 
> What worried me was that they had an older version of my Banking Password.
> 
> ---
> 
> Agreeing with Harry, don't reply as it just confirms yours is an active legit email address.


Actually I think you should send them the money just to be safe.

----------


## Fondles

> Put a piece of eclectical tape over your webcam so that scammers can't blackmail you with footage of your compulsive masturbating sessions


I live stream my sessions on  xhamster... meh anyone want to blackmail.

----------


## Backspin

> I live stream my sessions on  xhamster... meh anyone want to blackmail.


 :rofl:

----------

