Blackmail phish from a hijacked account

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 25 May 2023 05:23:40 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))

(envelope-from )

id 1q2912-0004d6-Gj

for dave@doctor.nl2k.ab.ca;

Thu, 25 May 2023 05:20:20 -0600

Resent-From: The Doctor

Resent-Date: Thu, 25 May 2023 05:20:20 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from virtuouscycle.co.jp ([60.43.222.126]:38560)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.95 (FreeBSD))

(envelope-from )

id 1q253r-000P6E-Ga

for doctor@nk.ca;

Thu, 25 May 2023 01:07:08 -0600

Received: from virtuouscycle.co.jp (unknown [103.120.242.141])

(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))

(Client did not present a certificate)

by virtuouscycle.co.jp (Postfix) with ESMTPSA id E7F113E3816

for ; Thu, 25 May 2023 16:04:56 +0900 (JST)

Reply-To: doctor@nk.ca

From: doctor@nk.ca

To: doctor@nk.ca

Subject: Your personal data has leaked due to suspected harmful activities. #13011945

Date: 25 May 2023 00:04:55 -0700

Message-ID: <20230525000455.4B65BC95B49DADA3@nk.ca>

MIME-Version: 1.0

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 6.6

X-Spam_score_int: 66

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi there! I am a professional hacker and have successfully

managed to hack your operating system. Currently I have gained full access

to your account. In addition, I was secretly monitoring all your activities

and watching you for several months. The thing is your computer was infected

with harmful spyware due to the fact that you had visited a webs [...]



Content analysis details: (6.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net

[Blocked - see ]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

3.0 BITCOIN_YOUR_INFO BitCoin with your personal info

2.3 BITCOIN_DEADLINE BitCoin with a deadline

0.0 PDS_BTC_ID FP reduced Bitcoin ID

Subject: {SPAM?} Your personal data has leaked due to suspected harmful activities. #13011945



Hi there!



I am a professional hacker and have successfully managed to hack your opera=

ting system.

Currently I have gained full access to your account.



In addition, I was secretly monitoring all your activities and watching you=

for several months.

The thing is your computer was infected with harmful spyware due to the fac=

t that you had visited a website with porn content previously.



Let me explain to you what that entails. Thanks to Trojan viruses, I can ga=

in complete access to your computer or any other device that you own.

It means that I can see absolutely everything in your screen and switch on =

the camera as well as microphone at any point of time without your permissi=

on.

In addition, I can also access and see your confidential information as wel=

l as your emails and chat messages.



You may be wondering why your antivirus cannot detect my malicious software=

=2E

Let me break it down for you: I am using harmful software that is driver-ba=

sed,

which refreshes its signatures on 4-hourly basis, hence your antivirus is u=

nable to detect it presence.



I have made a video compilation, which shows on the left side the scenes of=

you happily masturbating,

while on the right side it demonstrates the video you were watching at that=

moment..



All I need is just to share this video to all email addresses and messenger=

contacts of people you are in communication with on your device or PC.

Furthermore, I can also make public all your emails and chat history.



I believe you would definitely want to avoid this from happening.

Here is what you need to do =E2=80=93 transfer the Bitcoin equivalent of 90=

0 USD to my Bitcoin account

(that is rather a simple process, which you can check out online in case if=

you don=E2=80=99t know how to do that).



Below is my bitcoin account information (Bitcoin wallet): bc1qt5nafws3r2frr=

a4z3jxcqnpumth0gxdrcl7pkn



Once the required amount is transferred to my account, I will proceed with =

deleting all those videos and disappear from your life once and for all.

Kindly ensure you complete the abovementioned transfer within 50 hours (2 d=

ays +).

I will receive a notification right after you open this email, hence the co=

untdown will start.



Trust me, I am very careful, calculative and never make mistakes.

If I discover that you shared this message with others, I will straight awa=

y proceed with making your private videos public.



Good luck!

I815L0LD1.03KI8.15Kln/awhoissourceRank7.64MPIN0Summary reportDiagnosisDensity00n/a

Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA