[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Sat, 13 Oct 2018, Neil wrote:
Is it all getting worse? I have several email accounts and I have just received some emails telling me that some of them have been hacked. It seems that, whoever, has made a note of all the addresses on my social network accounts and also has noted all the naughty photos that I have downloaded. Still, a payment of $500 dollars will sort it all out for me. Otherwise all the people on my, non-existant, social network accounts will hear all about me.
These have been doing the rounds for some time now. I've had many. From what I gather, the scammers have obtained things like the username & passwords that you use on various systems - e.g. LinkedIn who had a fairly famous breach a few years ago, so will email you with the password you used on those sites as their "proof" they have caught you.
I've also had some emails to the email address - with the password - I used for various online shops - e.g. scan.co.uk who I've not used for some 10 years now, so either they still have my details online and have had a new breach, or they scammers are finally sifting through the old data they have...
First of all, I have never subscribed to any social network. I do have plenty of photos on file, but they are my photos, not any that I have downloaded. Also, since I have several email accounts, he expects $500 dollars for each one. Yeah, right.
Only $500? They were nearer $1000 when they first started - must be hard times for the poor scammers... Pity them... (Not!)
I think some are even trying to decrypt some of the passwords they've stolen too - or are using rainbow tables as I've had some emails with the wrong password sent to site-unique email addresses. Whatever - ovbiously one rung up the ladder from the bottom feeders who just fish out and see what they catch.
However the wording of some of these emails is clever enough to make some people fall for their scams - I'm told it's possible to check the balance of the bitcoin IDs they email, but not looked myself.
As usual, view all emails in an email client that does not automatically fetch anything other than the text of the email
At least until you want it to - that 1x1 pixel embedded gif - you fetch that and the sender knows you've read the email - used a lot for semi-legit purpses too - e.g. my online accounting system uses it to let me know the recipient has read the email as does my bank. It works because 99.9% of people simply don't know any better.
As always follow best practices of using unique passwords for different sites/services - and unique email addresses, if possible.
Try this site: https://haveibeenpwned.com/ you can enter your email address and (old) passwords into it here https://haveibeenpwned.com/Passwords or check websites: https://haveibeenpwned.com/PwnedWebsites That's actually a very scary read...Anyway, just push the delete button rather than waste your time and energy over it.
Gordon -- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq