This content originally appeared on text/plain and was authored by ericlaw
Scammers often try to convince you that you’ve already been hacked and you must contact them or send them money to prevent something worse from happening. For example, a tech scammer might show a web page that says your PC has a virus and you need to call them or download their program to “fix” it.
Another common scam is to send the user an email telling them that their devices were hacked some time ago and the attacker has recorded videos of the victim engaged in embarrassing activities.
The attacker usually includes some “hook” to try to make their claims seem more credible. In some such scam emails, they’ll include a password previously associated with the email address, gleaned from a dump from an earlier data breach. For example, I got multiple scam emails citing my account’s password from the 2012 breach of LinkedIn:
In today’s attack, the bad guy simply forges the return address to my own email address, hoping I’ll believe this means that they already have access to my account:
Under the hood, Hotmail knows that this return address was forged:
Authentication-Results: spf=fail (sender IP is 195.225.99.200) smtp.mailfrom=hotmail.com; dkim=none (message not signed) header.d=none;dmarc=fail action=none header.from=hotmail.com; Received-SPF: Fail (protection.outlook.com: domain of hotmail.com does not designate 195.225.99.200 as permitted sender) receiver=protection.outlook.com; client-ip=195.225.99.200; helo=willishenryx.com; Received: from willishenryx.com (195.225.99.200) by BL6PEPF00022575.mail.protection.outlook.com (10.167.249.43)The attacker typically promises the victim that they’ll delete the incriminating videos if the victim pays a ransom in cryptocurrency:
There are various tools that can be used to look up traffic to crypto-currency addresses, and while the address in today’s scam is idle, I’ve previously encountered scams where the attackers had been sent thousands of dollars by several victims. :(
Tragically, it seems entirely plausible that this scheme has killed panicked teens (as a variant of a sextortion scheme that definitely has).
Stay safe out there, and make sure your loved ones know that everyone on the Internet is a liar.
-Eric
This content originally appeared on text/plain and was authored by ericlaw
ericlaw | Sciencx (2025-02-20T16:05:14+00:00) Attack Techniques: “I Already Hacked You” Scams. Retrieved from https://www.scien.cx/2025/02/20/attack-techniques-i-already-hacked-you-scams/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.