
Extortion emails back on the rise, says report (2019) - digital_nomad
https://www.cpacanada.ca/en/news/canada/2019-12-13-personal-email-scams
======
yoloClin
I had multiple friends pull me aside about similar email and asked to deal
with it confidentially, I've probably had other friends pay up in attempt to
avoid humiliation.

I think it's well worth talking to friends and family about these types of
scams and how to deal with them - they can cause an immense amount of stress,
humiliation and potentially financial stress. Nobody deserves to be put
through this kind of abuse.

------
dhosek
I have to admit I've not seen any evidence of this in any of my e-mail
accounts. I check the spam folder for false positives periodically and while
I've seen the periodic your password is XXX and we have webcam footage of you
(which I can trace to the Perl hackers website password leak), I haven't seen
any of the others or, for that matter a significant flow of spam in general.
It's certainly a lot better than things were in the '00s or the '90s when I
ended up abandoning e-mail addresses after they got flooded with spam.

~~~
jerzyt
First time I saw one of these, I started laughing. I don't have a webcam. It's
hard to believe but people have actually paid the ransom. I seem to remember a
post on HN matched some Bitcoin transactions by time and amount.

~~~
iamben
I don't think it's that hard to believe. I had a very smart lawyer friend call
me the other day to ask for help regarding one of these. He said something
like "I probably would have disregarded it, but they knew my password. I'd
never pay, but it's very disconcerting."

I'm guessing there are many people who've been doing stuff online they'd worry
about their friends knowing, who would pay.

Fwiw,I checked haveibeenpwned with him, and we found where they would have got
the password from. My spam filter had caught lots of emails with identical
wording, so it was reassuring for him to see the same emails, understand how
it happened, and learn some password management stuff.

------
petercooper
I get a lot of these, but got two concerning ones yesterday.

They were both to/from 'catch all' addresses at my domain (hosted on G Suite)
and had _passed_ SPF and DMARC. I looked at the headers, and they originally
came from an Ecuadorian consumer ISP and _failed_ SPF and DMARC, but then they
somehow got forwarded within/by Gmail making Gmail see them as legitimate.

I've never encountered this before but I'm guessing G Suite does something
funky with catch all addresses that causes them to be forwarded within Gmail
itself and then appear legit?

------
everdrive
I seen this all the time. Our colloquial term for these is "my malware uses
the driver." since most of them seem to make this claim.

"Why your antivirus did not detect malware? Answer: My malware uses the
driver, I update its signatures every 4 hours so that your antivirus is
silent."

A common example:

[https://www.myantispyware.com/2018/12/23/i-sent-you-an-
email...](https://www.myantispyware.com/2018/12/23/i-sent-you-an-email-from-
your-account-email-spam-bitcoin-blackmail-scam/)

------
lonelappde
I always wonder who is naive enough to fall for this scam, but clever enough
to figure out how to use Bitcoin. Teenagers?

------
amelius
Not surprising. Widespread availability of cryptocurrency tech is what makes
this possible for these hackers.

~~~
Krasnol
Before that it was Western Union.

Cash finds it's way.

~~~
amelius
Western Union is connected to real bank accounts, making it straightforward
for the authorities to trace compared to cryptocurrencies.

~~~
lonelappde
1\. The authorities don't care.

2\. The recipients use stolen credentials

~~~
amelius
1 is a huge assumption, and 2 is a lot of work.

~~~
Krasnol
It is a lot of work in 1st world countries. Just like it is to make real money
out of BTC.

------
GekkePrutser
Stupid question but why is your username green and all the others' are black?
:)

~~~
srl
I think because it's a new ("green") account.

~~~
all_blue_chucks
Why did you create a new account to post this?

~~~
saagarjha
Everyone's got to start somewhere.

