Scam Warning
Help protect others by sharing any scam experiences youโve faced.
Bitcoin Scam Using Leaked Password & Email Spoofing
Recently, I received a Bitcoin scam email that attempted to extort money by using my email address and an old leaked password. The scam email falsely claims that my device has been hacked and demands a Bitcoin ransom. ๐ Key Points of the Scam Email 1) Spoofed Sender Address: The email appears to come from my own email address, but this is a spoofing technique used to fake the sender information. 2) Leaked Password: The email includes an old password that was likely compromised in a past data breach. However, my actual email account has not been hacked. 3) Threats & Blackmail: Claims that spyware was installed on my devices and recorded my private activities (such as watching adult content). Threatens to leak these recordings to my friends, family, and colleagues. Demands a Bitcoin payment to prevent the release of this so-called evidence. 4) Bitcoin Payment Demand: The scammer requests $1450 in Bitcoin to be sent to a specific wallet address. 5) Additional Threats: Claims that if I contact the police or delete the email, the supposed videos will be automatically released. Warns against trying to delete or destroy evidence. ๐ How to Respond โ Change Your Password: If the leaked password is still in use, update it immediately. โ Enable Two-Factor Authentication (2FA): Strengthen your email security by enabling 2FA. โ Ignore & Delete: This is a common scam, and you should never send any money. โ Report the Email: Mark it as spam and report it to your email provider (Gmail, Outlook, etc.) or relevant authorities (such as the FTC or cybercrime units). โ Check for Data Breaches: Use Have I Been Pwned to check if your email was part of a past data breach and secure your accounts accordingly. ๐จ Final Thoughts This is a classic "sextortion" Bitcoin scam that relies on psychological pressure and fear tactics. While the threats may seem alarming, they are completely falseโthere is no actual spyware or recorded content. The scammer is simply using old leaked credentials to trick you into paying. Stay vigilant, follow online security best practices, and never fall for these scams! ๐
Phishing Emails Disguised as Coinbase
Iโd like to report a concerning phishing campaign that is actively targeting Coinbase users. Below are the details: 1) Issue Overview: Some users, including myself, are receiving phishing emails disguised as official Coinbase communications. These emails request users to log in through a fraudulent link. 2) Key Concern: Googleโs email verification system is incorrectly marking these scam emails as legitimate. As a result, these emails bypass spam filters, significantly increasing their credibility and making them highly dangerous for unsuspecting users. 3) Steps Taken So Far: Iโve contacted Coinbase regarding this issue, and they confirmed that the email address used is not theirs. However, the fact that these phishing attempts are verified as legitimate by Google raises a critical security concern for all affected users. 4) Potential Risk: Users who fall for these scams are at severe risk of losing their funds and personal data. 5) Recommendation: Spread awareness about this phishing campaign. Advise users to double-check email links before logging in and ensure they only use official channels. 6) Request to Coinbase: Please investigate and address this issue as a priority. Itโs vital to enhance the detection and prevention of such fraudulent emails.
PayPal Phishing Email Scam Report
Recently, I came across a phishing email scam impersonating PayPal. Below are the main details and characteristics of the email: 1. Sender Information Sender Name: Horrigan OT Instituto Sender Email Address: (Include the suspicious sender email address if available) 2. Email Subject Subscription Invoices_HN37190 3. Key Content The email pretends to be an invoice from PayPal, claiming that the recipient has already paid $380.82. It includes the statement: "Charge is already deducted. Please do not pay again." to reassure the recipient. The invoice lists a purchase for cryptocurrency (0.07973772 Coins) and related Chainblock receiving charges. 4. Suspicious Elements Fake Sender Information: The senderโs email address does not belong to PayPalโs official domain. Unrecognized Transaction: The recipient has no knowledge of this purchase, and it does not appear in their official PayPal account. Fraudulent Support Number: The number (877) 567-4770 provided does not match PayPalโs official customer support. Urgency Tactics: The email urges the recipient to check the attached file immediately, creating unnecessary urgency. 5. Potential Threats The attached file could contain malware or direct users to a phishing website. If recipients contact the provided number or open the file, they risk further financial information theft or monetary loss. 6. Recommended Actions Do not open the email or download any attached files. Verify the transaction by contacting PayPalโs official customer support directly. Report the email, including the full email header information, to PayPal and security organizations.
Analysis of a Crypto Phishing Email and Prevention Tips
Hello, Security Community, I recently came across a phishing email attempting to exploit cryptocurrency users. This case seems to specifically target beginners, and I wanted to share my analysis and prevention tips with you. #Key Characteristics of the Phishing Email 1) Sender (To/From): The email was sent using BCC (blind carbon copy), while the main recipient was a random Yahoo email address. This tactic prevents scam targets from connecting with each other and blocks knowledgeable users from warning potential victims. 2) Sender Details Check: The sender appears to be associated with Tencent QQ, a messaging service, but the address cannot be trusted. While the service itself is legitimate, scammers frequently spoof such addresses to appear credible. 3) Email Content: Vague wording and awkward English phrases: -> Example: "Please use today during the day." -> Such phrasing is likely written by someone unfamiliar with English or generated by an automated spam tool. Unrealistic offers: -> Example: Claims of rewards already in your wallet. Anyone familiar with how cryptocurrency works would immediately recognize this as implausible. 4) Scammer's Goal: To lure victims into clicking a malicious link, leading to ransomware or malware installation. Alternatively, they may try to trick victims into signing a smart contract or stealing their credentials. #Prevention Tips 1) Report and Delete Suspicious Emails Immediately: -> Report the email as phishing, and do not open the contents or click on any links. 2) Perform a Security Check: -> Check if your email address has been part of a data breach. -> If suspicious activity is detected, change your passwords immediately and enable MFA (multi-factor authentication). 3) Never Click on Links in Emails: -> Instead, visit the official website directly to verify any claims or updates. 4) Notify the Service Being Impersonated: -> Report the scam email to the company or service it is pretending to be from so they can take action to protect others. This case highlights a common phishing tactic that can be easily avoided by following basic security practices. Please share this information with others to raise awareness and help prevent further incidents. Thanks
OTHER
Beware of Fake Game Downloads: Scam Targeting Users with Virus Hoaxes
Hi everyone, I want to share my recent experience with a potential scam in hopes of helping others stay vigilant. About a week ago, I downloaded a free game onto my laptop out of curiosity (I know, not the smartest move). Shortly after, I received a creepy email claiming my laptop was infected with a virus. The email even included a screenshot of my laptopโs screen, showing the zip file I downloaded. However, the screenshot seemed suspiciously edited because the file access time didnโt match the actual time I downloaded it. Since then, Iโve been bombarded with emails about suspicious activity on my Facebook, Google, and Apple ID accounts. These emails also appeared on my phone, which made me even more concerned. After looking into it, I realized this was likely a scare tactic used by scammers to intimidate people into taking rash actions. However, I still have a few questions about fully securing my laptop and eliminating any potential malware: What are the best tools or steps to confirm whether my laptop is infected with a virus? Should I be concerned about any data they claim to have extracted? (I only use my laptop for university work.) Is there any chance my other accounts (Facebook, Google, Apple) could actually be compromised? To be safe, Iโve already changed all my passwords to random, secure ones. Iโm sharing this to warn others not to fall for similar scams. If you receive emails like this, donโt panic, and take time to investigate. Iโd also appreciate any advice from the community on what else I can do to protect myself. Stay safe, everyone!
EMAIL SCAM
Hello pervert, I've sent this message from your Microsoft account. I want to inform you about a very bad situation for you. However, you can benefit from it, if you will act wisะตly. Have you heard of Pegasus? This is a spyware program that installs on computers and smartphones and allows hackers to monitor the activity of device owners. It provides access to your webcam, messengers, emails, call records, etc. It works well on Android, iOS, macOS and Windows. I guess, you already figured out where Iโm getting at. Itโs been a few months since I installed it on all your dะตviัะตs because you were not quite choosy about what links to click on the intะตrnะตt. During this period, Iโve learned about all aspects of your private life, but ะพnะต is of special significance to me. Iโve recorded many videos of you jerking off to highly controversial ัะพrn videos. Given that the โquestionableโ genre is almost always the same, I can conclude that you have sick ัะตrvะตrsiะพn. I doubt youโd want your friends, family and co-workers to know about it. However, I can do it in a few clicks. Every number in your contact Iist will suddenly receive these vidะตะพs โ on WhatsApp, on Telegram, on Instagram, on Facebook, on email โ everywhere. It is going to be a tsunami that will sweep away everything in its path, and first of all, your fะพrmะตr life. Donโt think of yourself as an innocent victim. No one knows where your ัะตrvะตrsiะพn might lead in the future, so consider this a kind of deserved ัunishmะตnt to stop you. Iโm some kind of God who sees everything. However, donโt panic. As we know, God is merciful and forgiving, and so do I. But my mะตrัy is not free. Transfer 1400$ to my Litecoin (LTC) wallet: ltc1qsv3zptrkyzvve4cn02w827pjjzqjlaw0r4400d Once I receive confirmation of the transaction, I will ัะตrmanently delete all videos compromising you, uninstะฐll Pegasus from all of your devices, and disappear from your life. You can be sure โ my benefit is only money. Otherwise, I wouldnโt be writing to you, but destroy your life without a word in a second. Iโll be notified when you open my email, and from that moment you have exactly 48 hours to send the money. If cryptocurrencies are unchartered waters for you, donโt worry, itโs very simple. Just google โcrypto exchangeโ or "buy Litecoin" and then it will be no harder than buying some useless stuff on Amazon. I strongly warn you against the following: * Do not reply to this email. I've sent it from your Microsoft account. * Do not contact the police. I have access to all your dะตviัะตs, and as soon as I find out you ran to the cops, videos will be published. * Donโt try to reset or destroy your dะตviัะตs. As I mentioned above: Iโm monitoring all your activity, so you either agree to my terms or the vidะตะพs are ัublished. Also, donโt forget that cryptocurrencies are anonymous, so itโs impossible to identify me using the provided ะฐddrะตss. Good luck, my perverted friend. I hope this is the last time we hear from each other. And some friendly advice: from now on, donโt be so careless about your online security.
EMAIL SCAM
> Hi, > > I am a hacker, and I have successfully gained access to your operating system. > I also have full access to your account. > > I've been watching you for a few months now. > > The fact is that your computer has been infected with malware through an adult site that you visited. > If you are not familiar with this, I will explain. > Trojan Virus gives me full access and control over a computer or other device. > This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it. > I also have access to all your contacts and all your correspondence. > > Why did your antivirus not detect malware? > Answer: The malware I used is driver-based, I update its signatures every 4 hours. Hence your antivirus is unable to detect its presence. > I made a video showing how you satisfy yourself in the left half of the screen, and the right half shows the video you were watching at the time. > > With one mouse click, I can send this video to all your emails and contacts on your social networks. > I can also make public all your e-mail correspondence and chat history on the messengers that you use. > > If you don't want this to happen, transfer $1390 in Bitcoin equivalent to my Bitcoin address (if you do not know how to do this, just search "buy bitcoin" on Google). > > My Bitcoin address (BTC Wallet) is: 18bF61DzcK5ifmz5HpjQapDuGt1gdZMiq3 > > After confirming your payment, I will delete the video immediately, and that's it. You will never hear from me again. > I will give you 50 hours (more than 2 days) to pay. I will get a notice, when you open this email, and the timer will start. > Filing a complaint somewhere does not make sense because this email cannot be tracked like my Bitcoin address. > > I never make any mistakes. > If I find that you have shared this message with someone else, the video will be immediately distributed. > > Best regards!
