1. Welcome to Photography Forum. Our photography community!

    Photography-forum is dedicated to those who have passion, desire and love of photography and want to improve their photographic technique. It doesn't matter what you photograph, landscapes, weddings, portraits or your photographic experience, it's about learning and loving what we do. Photography!

    If you want learn and expand your photography skills then there is one place to do it Photography Forum !!!

    You are viewing photography-forum as a guest which gives you limited access to view most forums and enjoy other features. By joining our free community you will be able to post photographs for critique, join in the monthly photography competitions, respond to polls, upload content and enjoy many other special features. Registration is fast, simple and absolutely free so please join Photography Forum.

    If you have any problems please contact us.

    The Photography-Forum Team
    Dismiss Notice
  2. PLEASE SEE RULES BEFORE POSTING LINKS
    Click here to see Forum Rules

Silly hacking email

Discussion in 'The Computer Clinic Forum' started by Phill104, Oct 27, 2018.

  1. Phill104

    Phill104 Always on Premium Member

    Messages:
    1,333
    Edit my images ?:
    Yes (recommended)
    Got this email today. Not bothered as it is obviously just phishing. Do any of you lot know how they mask their email address in this way? DNS Exim etc is not my area of expertise. also is anyone stupid enough to have their email address and their password the same?

    Return-path: <phill@mydomain.me.uk>
    Envelope-to: phill@mydomain.me.uk
    Received: from [83.121.193.117] (helo=too.stupid.to.configure.reverse.dns)
    by myserver.default.myuser.uk0.bigv.io with esmtp (Exim 4.89)
    (envelope-from <phill@mydomain.me.uk>)
    id 1gGSS4-0006yR-ET
    for phill@mydomain.me.uk; Sat, 27 Oct 2018 18:32:44 +0100
    From: <phill@mydomain.me.uk>
    To: "phill" <phill@mydomain.me.uk>
    Date: 27 Oct 2018 02:17:37 -0800
    MIME-Version: 1.0
    Subject: phill@mydomain.me.uk has password phill. Password must be changed
    Message-ID: <5BD43EC5.9458.AD71C8@phill.mydomain.me.uk>
    Priority: normal
    X-mailer: Pegasus Mail for Windows (4.41)
    Content-type: text/plain; charset="ibm852"
    Content-transfer-encoding: 8BIT
    Content-description: Mail message body
    X-Spam-Score: 2.4
    X-Spam-Bar: ++
    X-Spam-Status: innocent

    Hello!

    I'm a programmer who cracked your email account and device about half year ago.
    You entered a password on one of the insecure site you visited, and I catched it.
    Your password from phill@mydomain.me.uk on moment of crack: phill

    Of course you can will change your password, or already made it.
    But it doesn't matter, my rat software update it every time.

    Please don't try to contact me or find me, it is impossible, since I sent you an email from your email account.

    Through your e-mail, I uploaded malicious code to your Operation System.
    I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
    Also I installed a rat software on your device and long tome spying for you.

    You are not my only victim, I usually lock devices and ask for a ransom.
    But I was struck by the sites of intimate content that you very often visit.

    I am in shock of your reach fantasies! Wow! I've never seen anything like this!
    I did not even know that SUCH content could be so exciting!

    So, when you had fun on intime sites (you know what I mean!)
    I made screenshot with using my program from your camera of yours device.
    After that, I jointed them to the content of the currently viewed site.

    Will be funny when I send these photos to your contacts! And if your relatives see it?
    BUT I'm sure you don't want it. I definitely would not want to ...

    I will not do this if you pay me a little amount.
    I think $844 is a nice price for it!

    I accept only Bitcoins.
    My BTC wallet: 1HQ7wGdA5G9qUtM8jyDt5obDv1x3vEvjCy

    If you have difficulty with this - Ask Google "how to make a payment on a bitcoin wallet". It's easy.
    After receiving the above amount, all your data will be immediately removed automatically.
    My virus will also will be destroy itself from your operating system.

    My Trojan have auto alert, after this email is looked, I will be know it!

    You have 2 days (48 hours) for make a payment.
    If this does not happen - all your contacts will get crazy shots with your dirty life!
    And so that you do not obstruct me, your device will be locked (also after 48 hours)

    Do not take this frivolously! This is the last warning!
    Various security services or antiviruses won't help you for sure (I have already collected all your data).

    Here are the recommendations of a professional:
    Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

    I hope you will be prudent.
    Bye.
     
  2. SeanNeedham

    SeanNeedham Ol' Sparky Honorary Life Member

    Messages:
    33,355
    Edit my images ?:
    Yes (recommended)
    It's really easy, it's just injecting the e-mail straight in to a system's send mail function, with just a modified header.

    For PHP this here is the "basic" e-mail function (assuming mail is installed and active within the server environment) and then it'd just be changing the $headers variable to whatever you need. https://www.w3schools.com/php/func_mail_mail.asp
     
  3. Phill104

    Phill104 Always on Premium Member

    Messages:
    1,333
    Edit my images ?:
    Yes (recommended)
    Thanks Sean, not something I’ve looked into before. Really quite interesting looking at it. I wonder how many actually pay up especially given the sort that might fall for it probably have no idea how to pay in bitcoin.
     
  4. Mike Singh

    Mike Singh Always on Premium Member

    Messages:
    7,785
    Edit my images ?:
    Yes (recommended)
    Hummmm this would have scared me!
     
  5. SeanNeedham

    SeanNeedham Ol' Sparky Honorary Life Member

    Messages:
    33,355
    Edit my images ?:
    Yes (recommended)
    Probably a lot more people than we'd both like to hazard a guess at! I probably get two or three of these a week saying multiple different things... One of them which is a bit more scary and would perhaps snare a lot more people is the one that says the Microsoft Remote Desktop Protocol has been compromised on your system (but if anyone is daft enough to be running RDP outside of a secure environment, then they deserve it!)
     
  6. rebel06

    rebel06 Without a cause Moderator

    Messages:
    16,665
    Edit my images ?:
    Yes (recommended)
    Should this be passed onto the police do you think .... could they track the person or do you think they couldn't be bothered??
    Paul
     
  7. Phill104

    Phill104 Always on Premium Member

    Messages:
    1,333
    Edit my images ?:
    Yes (recommended)
    Are you into visiting "dodgy" websites? ;)

    Hopefully one day the people who run all these scams will be nailed to the wall by their man globes and forced to watch Piers Morgan 24hrs a day.
     
    Mike Singh likes this.
  8. Phill104

    Phill104 Always on Premium Member

    Messages:
    1,333
    Edit my images ?:
    Yes (recommended)
    Action against fraud ( https://www.actionfraud.police.uk/ ) are where you should go. However chocolate teapot springs to mind where they are concerned. As it is overseas there is not a lot they can do.

    They do have an email address that this kind of email should be sent to - NFIBPhishing@city-of-london.pnn.police.uk
     
    Last edited: Oct 27, 2018
  9. SeanNeedham

    SeanNeedham Ol' Sparky Honorary Life Member

    Messages:
    33,355
    Edit my images ?:
    Yes (recommended)
    Not really, this here is a zombie computer (could even be an infected router or cell phone) somewhere in Iran... It's just a basic spam e-mail in a halloween mask.
     
  10. rebel06

    rebel06 Without a cause Moderator

    Messages:
    16,665
    Edit my images ?:
    Yes (recommended)
    Can they track him through his BTC Wallet
     
  11. Phill104

    Phill104 Always on Premium Member

    Messages:
    1,333
    Edit my images ?:
    Yes (recommended)
    Nope, that is the whole point of BTC. One day technology may be good enough to block all this sort of ****. It is amazing that spam has overtaken porn by quite some margin for the amount of traffic online.
     
  12. SeanNeedham

    SeanNeedham Ol' Sparky Honorary Life Member

    Messages:
    33,355
    Edit my images ?:
    Yes (recommended)
    It'd be difficult, as even if the bitcoin account exists, it'll either be anonymous or at the end of a chain of serious obfuscation.
     
  13. gaelldew

    gaelldew Always on Premium Member

    Messages:
    6,149
    Edit my images ?:
    Yes (recommended)
    Dont pay Phill, lets all see what your fantasies are. LOL.
     
    Pteranadon, Christopher and Phill104 like this.
  14. Phill104

    Phill104 Always on Premium Member

    Messages:
    1,333
    Edit my images ?:
    Yes (recommended)
    This week they have mainly been carbon tripods. Ohhh, nice and stiff, suits you sir.
     
  15. Ozzie_Traveller

    Ozzie_Traveller Here a lot Premium Member

    Messages:
    384
    Edit my images ?:
    Yes (recommended)
    G'day mate

    Surely the reference to your so-called password would show whether the supposed hack was genuine or not
    Also surely you would not be silly enough to use your login name as your password ....... surely not

    Phil
     
  16. Ogofmole

    Ogofmole Always on Moderator

    Messages:
    12,603
    Edit my images ?:
    Yes (recommended)
    I have had a few of these emails now all slightly different in content, and no I have not paid a penny :)
     
  17. hooferinsane

    hooferinsane EXIF Seeker Super Moderator

    Messages:
    12,664
    Edit my images ?:
    Yes (recommended)
    That is a long phishing email. At least thanks for the heads up on it. Some indeed may pay up. Never had a phishing email as long as that, my latest one this week was Virgin media was going to cut off my internet as my payment had failed. Please log in (to link) to update your credit card details.....
    Looked genuine email Virgin media logos, except when you actually check the sender
     
    Last edited: Oct 27, 2018
    Phill104 likes this.
  18. Ogofmole

    Ogofmole Always on Moderator

    Messages:
    12,603
    Edit my images ?:
    Yes (recommended)
    You must be watching the wrong type of videos ;)
     
    hooferinsane likes this.
  19. Skyshot

    Skyshot Member Premium Member

    Messages:
    32
    Edit my images ?:
    Yes (recommended)
    I had one almost identical about ten days ago.

    I did the precautionary changing of all passwords etc. - it was about the right time for me to do this anyway.

    I don't think it's any worse than any other kind of phishing scam, but the fact that they had my password correct was a little unsettling.
     
  20. Roger S

    Roger S Crazy Canuck Administrator

    Messages:
    61,519
    Edit my images ?:
    Yes (recommended)
    I just had one too, and the password related to that account had been changed more than a year ago. I just deleted the message and carry on with life. However, I am still curious how they could have related that password to that e-mail addy. It could be that it's the one I used to use for contest sites.
     
  21. Phill104

    Phill104 Always on Premium Member

    Messages:
    1,333
    Edit my images ?:
    Yes (recommended)
    My password was seemingly picked as a guess. I am not daft enough to use my name.
     
  22. DonS

    DonS Stuck in Toronto Moderator

    Messages:
    11,274
    Edit my images ?:
    Yes (recommended)
    I have had many of these in the past few months. Several per week at times.
     
  23. rebel06

    rebel06 Without a cause Moderator

    Messages:
    16,665
    Edit my images ?:
    Yes (recommended)
    Not had one .... must not be viewing the right "Dodgy" web sites ..... must pull my finger out ... hey that might be a good one to visit ... lol
     

Share This Page