Blackmail phish from a hijacked account
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 25 May 2023 05:23:40 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from)
id 1q2912-0004d6-Gj
for dave@doctor.nl2k.ab.ca;
Thu, 25 May 2023 05:20:20 -0600
Resent-From: The Doctor
Resent-Date: Thu, 25 May 2023 05:20:20 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from virtuouscycle.co.jp ([60.43.222.126]:38560)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from)
id 1q253r-000P6E-Ga
for doctor@nk.ca;
Thu, 25 May 2023 01:07:08 -0600
Received: from virtuouscycle.co.jp (unknown [103.120.242.141])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client did not present a certificate)
by virtuouscycle.co.jp (Postfix) with ESMTPSA id E7F113E3816
for; Thu, 25 May 2023 16:04:56 +0900 (JST)
Reply-To: doctor@nk.ca
From: doctor@nk.ca
To: doctor@nk.ca
Subject: Your personal data has leaked due to suspected harmful activities. #13011945
Date: 25 May 2023 00:04:55 -0700
Message-ID: <20230525000455.4B65BC95B49DADA3@nk.ca>
MIME-Version: 1.0
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Spam_score: 6.6
X-Spam_score_int: 66
X-Spam_bar: ++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hi there! I am a professional hacker and have successfully
managed to hack your operating system. Currently I have gained full access
to your account. In addition, I was secretly monitoring all your activities
and watching you for several months. The thing is your computer was infected
with harmful spyware due to the fact that you had visited a webs [...]
Content analysis details: (6.6 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see]
-0.0 SPF_PASS SPF: sender matches SPF record
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail
domains are different
-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
domain
3.0 BITCOIN_YOUR_INFO BitCoin with your personal info
2.3 BITCOIN_DEADLINE BitCoin with a deadline
0.0 PDS_BTC_ID FP reduced Bitcoin ID
Subject: {SPAM?} Your personal data has leaked due to suspected harmful activities. #13011945
Hi there!
I am a professional hacker and have successfully managed to hack your opera=
ting system.
Currently I have gained full access to your account.
In addition, I was secretly monitoring all your activities and watching you=
for several months.
The thing is your computer was infected with harmful spyware due to the fac=
t that you had visited a website with porn content previously.
Let me explain to you what that entails. Thanks to Trojan viruses, I can ga=
in complete access to your computer or any other device that you own.
It means that I can see absolutely everything in your screen and switch on =
the camera as well as microphone at any point of time without your permissi=
on.
In addition, I can also access and see your confidential information as wel=
l as your emails and chat messages.
You may be wondering why your antivirus cannot detect my malicious software=
=2E
Let me break it down for you: I am using harmful software that is driver-ba=
sed,
which refreshes its signatures on 4-hourly basis, hence your antivirus is u=
nable to detect it presence.
I have made a video compilation, which shows on the left side the scenes of=
you happily masturbating,
while on the right side it demonstrates the video you were watching at that=
moment..
All I need is just to share this video to all email addresses and messenger=
contacts of people you are in communication with on your device or PC.
Furthermore, I can also make public all your emails and chat history.
I believe you would definitely want to avoid this from happening.
Here is what you need to do =E2=80=93 transfer the Bitcoin equivalent of 90=
0 USD to my Bitcoin account
(that is rather a simple process, which you can check out online in case if=
you don=E2=80=99t know how to do that).
Below is my bitcoin account information (Bitcoin wallet): bc1qt5nafws3r2frr=
a4z3jxcqnpumth0gxdrcl7pkn
Once the required amount is transferred to my account, I will proceed with =
deleting all those videos and disappear from your life once and for all.
Kindly ensure you complete the abovementioned transfer within 50 hours (2 d=
ays +).
I will receive a notification right after you open this email, hence the co=
untdown will start.
Trust me, I am very careful, calculative and never make mistakes.
If I discover that you shared this message with others, I will straight awa=
y proceed with making your private videos public.
Good luck!
I815L0LD1.03KI8.15Kln/awhoissourceRank7.64MPIN0Summary reportDiagnosisDensity00n/a
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 25 May 2023 05:23:40 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1q2912-0004d6-Gj
for dave@doctor.nl2k.ab.ca;
Thu, 25 May 2023 05:20:20 -0600
Resent-From: The Doctor
Resent-Date: Thu, 25 May 2023 05:20:20 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from virtuouscycle.co.jp ([60.43.222.126]:38560)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from
id 1q253r-000P6E-Ga
for doctor@nk.ca;
Thu, 25 May 2023 01:07:08 -0600
Received: from virtuouscycle.co.jp (unknown [103.120.242.141])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client did not present a certificate)
by virtuouscycle.co.jp (Postfix) with ESMTPSA id E7F113E3816
for
Reply-To: doctor@nk.ca
From: doctor@nk.ca
To: doctor@nk.ca
Subject: Your personal data has leaked due to suspected harmful activities. #13011945
Date: 25 May 2023 00:04:55 -0700
Message-ID: <20230525000455.4B65BC95B49DADA3@nk.ca>
MIME-Version: 1.0
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Spam_score: 6.6
X-Spam_score_int: 66
X-Spam_bar: ++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hi there! I am a professional hacker and have successfully
managed to hack your operating system. Currently I have gained full access
to your account. In addition, I was secretly monitoring all your activities
and watching you for several months. The thing is your computer was infected
with harmful spyware due to the fact that you had visited a webs [...]
Content analysis details: (6.6 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see
-0.0 SPF_PASS SPF: sender matches SPF record
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail
domains are different
-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
domain
3.0 BITCOIN_YOUR_INFO BitCoin with your personal info
2.3 BITCOIN_DEADLINE BitCoin with a deadline
0.0 PDS_BTC_ID FP reduced Bitcoin ID
Subject: {SPAM?} Your personal data has leaked due to suspected harmful activities. #13011945
Hi there!
I am a professional hacker and have successfully managed to hack your opera=
ting system.
Currently I have gained full access to your account.
In addition, I was secretly monitoring all your activities and watching you=
for several months.
The thing is your computer was infected with harmful spyware due to the fac=
t that you had visited a website with porn content previously.
Let me explain to you what that entails. Thanks to Trojan viruses, I can ga=
in complete access to your computer or any other device that you own.
It means that I can see absolutely everything in your screen and switch on =
the camera as well as microphone at any point of time without your permissi=
on.
In addition, I can also access and see your confidential information as wel=
l as your emails and chat messages.
You may be wondering why your antivirus cannot detect my malicious software=
=2E
Let me break it down for you: I am using harmful software that is driver-ba=
sed,
which refreshes its signatures on 4-hourly basis, hence your antivirus is u=
nable to detect it presence.
I have made a video compilation, which shows on the left side the scenes of=
you happily masturbating,
while on the right side it demonstrates the video you were watching at that=
moment..
All I need is just to share this video to all email addresses and messenger=
contacts of people you are in communication with on your device or PC.
Furthermore, I can also make public all your emails and chat history.
I believe you would definitely want to avoid this from happening.
Here is what you need to do =E2=80=93 transfer the Bitcoin equivalent of 90=
0 USD to my Bitcoin account
(that is rather a simple process, which you can check out online in case if=
you don=E2=80=99t know how to do that).
Below is my bitcoin account information (Bitcoin wallet): bc1qt5nafws3r2frr=
a4z3jxcqnpumth0gxdrcl7pkn
Once the required amount is transferred to my account, I will proceed with =
deleting all those videos and disappear from your life once and for all.
Kindly ensure you complete the abovementioned transfer within 50 hours (2 d=
ays +).
I will receive a notification right after you open this email, hence the co=
untdown will start.
Trust me, I am very careful, calculative and never make mistakes.
If I discover that you shared this message with others, I will straight awa=
y proceed with making your private videos public.
Good luck!
I815L0LD1.03KI8.15Kln/awhoissourceRank7.64MPIN0Summary reportDiagnosisDensity00n/a
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments