I’ve been noticing a lot of “Mail Delivery System” emails that are “returning to sender”. Nothing new. I know that they’re just spam. But I got curious if they were all the same spam. And it turns out, they’re all different, but more alike than not.
First, just a quick note. These are all in my spam folder so all their links are disabled. They’re all randomly titled .eml (email) files. I’m downloading and opening each .eml in a notepad so all that I’m seeing is the text and formating of the email itself along with the headers and routing data.
So, who’s sending them?
They’re from everywhere. In no particular order, they came from Ohio, Arizona, Peru, Bolivia, Pakistan, Korea, Israel, Ethopia, Mexico, India, and the Dominican Republic.
What are they saying?
For starters, there’s the subject line. In my case, even though I had more than a dozen missives, there were only five different subject lines.
Your personal data has leaked due to suspected harmful activities.
You have outstanding debt.
You have an outstanding payment.
Waiting for the payment.
(and my favorite,)
Do You Do Any of These Embarrassing Things?
And they all say the same thing.
Hi, I’m a hacker. You went to a porn site and I infected your computer with an untracable and undetectable trojan virus that has been recording and monitoring you for months.
I know. Scary stalker stuff. Am I seriously expected to believe that any hacker can hijack a porn site to deliver their trojans?
I have made a video compilation…
Presumably showing both my non-existant camera and the website I’m visiting. Which in my case, means a lot of CNN and YouTube cat videos.
If you want me to remove my software and delete all the compilations of videos I’ve been making of your activities, pay me…
Here’s the first place it gets interesting (at least to me). My privacy is apparently worth somewhere between 790 USD and 1700 US Dollars skewing more heavily to $1450 USD but quite a few want $950 (USD)
All of them want to be payed in bitcoin and give me either 48 or 50 hours to do it. These threats have all expired but if it’s worth it for you to ensure my private compilations are deleted you can pay the following bitcoin accounts.
| 1Q3bj3y63wqXPGcsXhiC9N1YbYhF5euBBY | $1450 USD |
| 12nEVuGNtRFMVjeVmLtD4nt2sHX68S47yH | 850 USD |
| 15mSqySLsJ8MZqNQ7RfXiq54HGyt7uh3Cn | $950 USD |
| 16rGyggURQvJw6RMwigDVzEGjjoCC5fZFP | 990 USD |
| 1AsRkzQSorZAc66fdXof9NHTNJdU4T8nC8 | 950 USD |
| 1GdVKgGS8iXeSSrynTfHyDugrpchwVDmdZ | 790 USD |
| 1CRJGomhCirQGNUVwjCC8uNRwA5AWDZafd | 1450 USD |
| 1FmKjxWybWDuoD17pKvKaVH81gb5HGBpyP | 1250 USD |
| 1KXiY1reDCotVXpYdar6zoNknqGAsi1WeG | $1450 USD |
| 17kmbhxxMsrFhmQNim1jbjD6AeBUQ2SbYp | $1450 USD |
| 15QaVNGaQsQfgPH8mL3TM1S7YBESTVfwQC | 1700 US Dollars |
| 1CiqhHbPPNKHyX9AiMBFKp6ydxcM5WJyBW | $1350 USD |
| 1C2ek9b57xdVY9rPUaUnczxN5vGjVS8EhA | $1450 USD |
| 1P3eUgQzL12tDo2oh9csyo7HFxLer8vJsG | $1450 (USD) |
| 17wkbqoaUCUUxw3N1QocutFJTH47Zb8jPQ | $1450 (USD) |
| 15WXLWo8mH79dJiUiHJ7UMgrpXD33ky9XU | $950 (USD) |
Originally I thought about them not knowing who was paying them. But I realized that the blockchain from the bitcoin would tell them who paid. I’m still not certain how they would match up the blockchain account with the email account that recieved the extortion. There may be an assumption that everyone only uses one email account. Note to self: when needing to create a bitcoin account to pay email extortion ransom, verify which email address to use as registration.
If I discover that you shared this message with others, I will straight away proceed with making your private videos public.
Really. They’re expecting me to believe that they are sophisticated and professional hackers but the only way that they are able to threaten me is by being unable to write and send a successful email extortion letter. I mean, granted, it gets to me, but only as undeliverable spam which I’m only reading out of an over-abundance of curiousity. So why should I be worried about them emailing everyone in my contact list?
Good luck!
And that’s the valediction they all choose to sign-off with. And a good way to end this post.
