The Blog of Zakspade

  July 2019 Archive Contact me
     
  Power
Monday 1 July, 2019

I accessed an old email address this morning. It has received a series of emails. All quote a password to an account and the threat to 'expose' me.

Said exposure was to let the world know that I look at and search for porn. Not only that but they had gained control of my computer and had used my webcam to film me during an indecent act.

At first I was puzzled. Yes, the password looked familiar, but I couldn't place it. Them after spending a bit of time searching, I found it.

Up until 2010 I worked for a large corporation in Internet security. My job was to identify Internet activity of employees that was in direct contravention of company policies. To that end I accessed many shady sites from behind a very serious firewalled proxy server. I also generated a multitude of accounts to allow me to log into various 'dubious' websites in my chasing down of the activities of those I had identified.

Said password is for one of those accounts!

So I had a dig around. There was no webcam on the PC I used at work, and I never used the account outside that office, so the claim that video footage (of any sort) had been collected from my PC was complete tosh!

As that password was only ever used for that old account to access a particular website and has not been used since 2010 it is clearly a scammer using data purchased from a data breach.

So, a basic data breach and a scammer issuing threats and attempting blackmail on the back of it. I suppose they are banking on the fact that if they issue a whole wedge of such emails with real passwords, someone will have engaged in one/some/all of the activities they claim. Then they will have found a victim who will be eager to pay them in Bitcoins as they demand.

Im quite well organised with things of an IT-related nature and I am easily able to pin down exact dates (and even times) of password usage, or accounts generation/termination, and so it is easy for me to identify the scammer for what they are.

Unfortunately, while I am able to track back to when said password was last used, it is most certainly not the norm for most Internet/computer users. The extortion emails all carried the same threat/offer: Pay me in Bitcoins (with details of how to do it) or I go public with the info I gathered a mixture of some very specific details married to vague allusions the sort of thing a fortune-teller at a fair might come out with.

Most worryingly for the unwary they were well written, in good English, and with a highly cogent plausibility about them. However, the power of knowing everything they claimed was bunkum was so nice!

Archives

June 2019

May 2019

April 2019

March 2019

February 2019

January 2019

December 2018

November 2018

August 2018

June 2018

May 2018

April 2018

March 2018

February 2018

January 2018

December 2017

November 2017

October 2017

September 2017

August 2017

July 2017

June 2017

May 2017

January 2017

December 2016

November 2016

October 2016

September 2016

August 2016

July 2016

June 2016

May 2016

April 2016

March 2016

February 2016