Online criminals don’t seem to stop coining email extortion scams, the latest one scaring recipients with the “I greet you! I have bad news for you” message.
Bitcoin extortion scams circulating via email are definitely on the rise. Computer users all around the world are being massively shelled with deceptive messages threatening to disclose their ostensibly perverted deeds and fantasies. To prevent this from happening, the users are instructed to send a ransom in Bitcoin to the crooks. Such a major new trend might be stemming from some credentials leak that the criminals were able to get hold of. It may explain how the black hats know the victims’ email account passwords, which is the case in all such frauds across the board. One of the recent waves has to do with emails whose subject is “ Change your password immediately. Your account has been hacked. ” The introductory phrase in the body of this message goes, “ I greet you! I have bad news for you ” something numerous confused users have been posting on security forums to get advice.
“I greet you! I have bad news for you” Bitcoin extortion scam
To get the recipient on the hook from the get-go, the scammers claim to have hacked their account, indicating the email account proper and the date it allegedly happened. To make these allegations true-to-life, the fraudsters also mention what the victim’s password was at the time of the compromise. It’s noteworthy that the credentials are reportedly partially accurate in many cases. This means that the criminals may have obtained an incomplete database of user data from a breach, or they are simply unheeding in their activity. One way or another, the fact that the swindlers know one’s account access credentials, even somewhat incorrect ones, plays into their hands as some people will fall for the social engineering attempt. Here’s the full lengthy text of this manipulative message:
I have bad news for you. 27/08/2018 on this day I hacked your operating system and got full access to your account ***** On that day your account (*****) password was: **** It is useless to change the password, my malware intercepts it every time. How it was: In the software of the router to which you were connected that day, there was a vulnerability. I first hacked this router and placed my malicious code on it. When you entered in the Internet, my trojan was installed on the operating system of your device. After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts). A month ago, I wanted to lock your device and ask for a small amount of money to unlock. But I looked at the sites that you regularly visit, and came to the big delight of your favorite resources. I’m talking about sites for adults. I want to say you are a big pervert. You have unbridled fantasy! After that, an idea came to my mind. I made a screenshot of the intimate website where you have fun (you know what it is about, right?). After that, I took off your joys (using the camera of your device). It turned out beautifully, do not hesitate. I am strongly belive that you would not like to show these pictures to your relatives, friends or colleagues. I think $920 is a very small amount for my silence. Besides, I spent a lot of time on you! I accept money only in Bitcoins. My BTC wallet: 1LwibmKAKu4kt4SvRLYdUP3aW7vL3Y78zL You do not know how to replenish a Bitcoin wallet? In any search engine write “how to send money to btc wallet”. It’s easier than send money to a credit card! For payment you have a little more than two days (exactly 50 hours). Do not worry, the timer will start at the moment when you open this letter. Yes, yes .. it has already started! After payment, my virus and dirty photos with you self-destruct automatically. Narrative, if I do not receive the specified amount from you, then your device will be blocked, and all your contacts will receive a photos with your “joys”. I want you to be prudent. Do not try to find and destroy my virus! (All your data is already uploaded to a remote server) Do not try to contact me (this is not feasible, I sent you an email from your account) Various security services will not help you; formatting a disk or destroying a device will not help either, since your data is already on a remote server. P.S. I guarantee you that I will not disturb you again after payment, as you are not my single victim. This is a hacker code of honor. From now on, I advise you to use good antiviruses and update them regularly (several times a day)! Don’t be mad at me, everyone has their own work. Farewell.The wannabe hacker’s story is prosaic and doesn’t differ much from the other frauds of this kind doing the rounds. The scoundrel says he had compromised a wireless router that the victim used on a specified date to go online. This sort of allows him to install a Trojan onto the user’s operating system and dump all data of their hard drive, including files, contacts, and Internet history. According to the rest of the message, the crook was up to locking the device completely a month ago to demand a ransom for unlocking it, but changed his mind after finding out what sites the user regularly visited, namely adult web pages. With that said, the self-proclaimed hacker states he has exploited the host’s built-in camera to make a photo of the user when he or she was visiting one of those sites, while also making a snapshot of the content being watched. To top it off, he threatens to send those photo compilations to all of the user’s contacts, emphasizing that it won’t happen if a ransom is paid. Its size is $984 worth of Bitcoin, or somewhere around that amount. The deadline to do so is 50 hours. So much for the hacker’s narrative.
Now, what’s really going on is an entirely different thing. Again, somebody took advantage of an online service breach to obtain email account credentials of a certain number of users. They use these details for a greater persuasiveness. The whole “novel” written by whoever is behind this scam is a fake. They don’t have any embarrassing photos of you, nor have they dumped your entire HDD. This particular part is a bluff, therefore under no circumstances should you pay the ransom to the villain’s Bitcoin wallet. Instead, just delete or ignore the “I greet you! I have bad news for you” email. For the sake of certainty, consider checking your computer for malware that may have allowed cybercriminals to retrieve some of your account information
Automated removal of malware related to the “I greet you! I have bad news for you” email scam
Owing to an up-to-date database of malware signatures and intelligent behavioral detection, the recommended software can quickly locate the infection, eradicate it and remediate all harmful changes. So go ahead and do the following:
1. Download and install the antimalware tool. Open the solution and have it check your PC for PUPs and other types of malicious software by clicking the Start Computer Scan button
2. Rest assured the scan report will list all items that may harm your operating system. Select the detected entries and click Fix Threats to get the troubleshooting completed.
