2023年06月01日

メールアカウントがHackされた?

Subject: Your account is hacked. Your data is stolen. Learn how to regain access.

Hi,

I am a hacker, and I have successfully gained access to your operating system.
I also have full access to your account.

I've been watching you for a few months now.

The fact is that your computer has been infected with malware through an adult site that you visited.
If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.
I also have access to all your contacts and all your correspondence.

Why did your antivirus not detect malware?
Answer: The malware I used is driver-based, I update its signatures every 4 hours. Hence your antivirus is unable to detect its presence.
I made a video showing how you satisfy yourself in the left half of the screen, and the right half shows the video you were watching at the time.

With one mouse click, I can send this video to all your emails and contacts on your social networks.
I can also make public all your e-mail correspondence and chat history on the messengers that you use.

If you don't want this to happen, transfer $890 in Bitcoin equivalent to my Bitcoin address (if you do not know how to do this, just search "buy bitcoin" on Google).

My Bitcoin address (BTC Wallet) is: 19eXNvqfdK7w8NVX1Db5o6GBYR1tcpWTKv

After confirming your payment, I will delete the video immediately, and that's it. You will never hear from me again.
I will give you 50 hours (more than 2 days) to pay. I will get a notice, when you open this email, and the timer will start.
Filing a complaint somewhere does not make sense because this email cannot be tracked like my Bitcoin address.

I never make any mistakes.
If I find that you have shared this message with someone else, the video will be immediately distributed.

Best regards!

というメールをもらってBitcoinを要求された

差出人は自分

ヘッダを見ると

X-Spam-Status: No, score=4.3 required=5.0 tests=BAYES_40,BITCOIN_EXTORT_01, BITCOIN_SPAM_02,INVALID_DATE,PDS_BTC_ID,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on x.sakura.ne.jp
X-Virus-Status: clean(F-Secure/fsigk_smtp/550/x.sakura.ne.jp)
Received: from [176.236.21.99] ([176.236.21.99]) by x.sakura.ne.jp (8.16.1/8.16.1) with ESMTP

なんで、「BITCOIN_SPAM_02」とSPAMとわかってるのにX-Virus-Status: cleanなんだ。
おかしいだろSpamAssassin

176.236.21.99を調べると

country: TR   → (トルコ)

珍しくCN(中国)ではなくトルコですな。
文面が英語でちょっといつもと違うと思ったら。

しかし、ほんとにさくらメールサービスのSPAMフィルタの弱いこと…

メールアドレスは仕事で使ってるアドレスなので簡単に変えられないし、よく知らない人ともやり取りしないわけにもいかないし。
あやしいメールは個別にヘッダ情報とか見て判断するしかなくちょっと手間だけど、この前みたいに寝ぼけてメール内のURLクリックしないように気をつけないと。
(前はテキスト形式で自動で画像読み込みをしない設定にしてたけど、AppleのWWDCの案内とか画像で来るので最近は面倒で設定を変更したままにしてることが多いからな…)
posted by one-hand-engineer at 10:46| Comment(0) | TrackBack(0) | 日記 | このブログの読者になる | 更新情報をチェックする
この記事へのコメント
コメントを書く
お名前:

メールアドレス:

ホームページアドレス:

コメント:


この記事へのトラックバック