Avris

This is a lite version. See full website.


Recognising red flags in blackmail emails

unsplash.com/photos/HJENWbX4t-Q

Did anyone receive a message recently that contained a video of me watching porn? 😆

Because apparently I was being blackmailed that all my contacts would receive it, if I don’t pay 202€ in BTC. Alas, I didn’t check the spam folder, so I’d missed the deadline a week ago 🤷‍

Despite so many red flags people seem to be buying this bullshit, apparently. Those criminals have received 4,5 BTC already (~14k€). Within A WEEK!

Please, educate yourself about cybersecurity, people... And don’t panic! 🙂

Update

I just got a report of a scam attempt that did include a “proof”, so let's take a look at it:

Yes, the attacker knows your password. But they don't tell you to which service this password grants access to, which is pretty weird... If I were an asshole and had that information, I'd use it: at least to further prove to you that I know private shit about you, at worse to log in to that account, take it over and demand money for giving it back. And yet, they didn't. Suspicious.

But anyways... if you go to the ';--have i been pwned? website and enter your email, you'll see the list of data breaches over the years where your email was found.

This guy's email was in 18 of them. Some were connected to the same reused password. So here's how the attacker knew his password: he didn't hack his computer or gain access to his camera, he just found it (or bought it) on some shady website. The attacker probably doesn't even know what service was this password for or whether it's even still valid.

Good news about this attack: as of today, not a single cent was sent to that BTC address 🎉

So what's the takeaway?


Tags: