Sunday, September 8, 2019

Bitcoin Abuse (32N2QSULSkH7wjfTwFyAw6qn91bwYKSTds)

Bitcoin Abuse

Description :

Le prix du bitcoin a changé depuis que je vous ai contacté pour la
dernière fois, voici les détails du nouveau transfert:

=====================================
Eƞvoyer exactement:

0.52826381 BTC

à mon adresse bitcoin:

32N2QSULSkH7wjfTwFyAw6qn91bwYKSTds

=====================================

Email analysis :

NOTE : guido-cagnotto@mesometral.thuddingly.xyz
NOTE : http://mesometral.thuddingly.xyz/unsubscribe
NOTE : 157.245.76.71


NOTE : mx.mesometral.thuddingly.xyz
NOTE : 32N2QSULSkH7wjfTwFyAw6qn91bwYKSTds
NOTE : Bitcoin Fraud, don't send BTC to this address

Bitcoin Abuse (3D9wQvhYNC8aEoj2UNAmZHSGxQ1NCDwznk)

Bitcoin Abuse

Description :

Le prix du bitcoin a changé depuis que je vous ai contacté pour la
dernière fois, voici les détails du nouveau transfert:

=====================================
Eƞvoyer exactement:

0.52832176 BTC

à mon adresse bitcoin:

3D9wQvhYNC8aEoj2UNAmZHSGxQ1NCDwznk

=====================================

Email analysis :

NOTE : michelebaldi@shored.monic.xyz
NOTE : http://shored.monic.xyz/unsubscribe
NOTE : 206.81.17.18


NOTE : mx.shored.monic.xyz
NOTE : 3D9wQvhYNC8aEoj2UNAmZHSGxQ1NCDwznk
NOTE : Bitcoin Fraud, don't send BTC to this address

Bitcoin Abuse (1PKQvF9qK3zuB8KVwmDVDUxtpUVfE1P6fp)

Bitcoin Abuse

Description :

I think $712 is a very small amount for my silence.
Besides, I spent a lot of time on you!

I accept money only in Bitcoins.
My BTC wallet: 1PKQvF9qK3zuB8KVwmDVDUxtpUVfE1P6fp

You do not know how to replenish a Bitcoin wallet?
In any search engine write "how to send money to btc wallet".
It's easier than send money to a credit card!

For payment you have a little more than two days (exactly 50 hours).
Do not worry, the timer will start at the moment when you open this letter. Yes, yes .. it has already started!

Email analysis :

NOTE : Email spoofing
NOTE : client-ip=86.136.118.17; helo=host86-136-118-17.range86-136.btcentralplus.com


NOTE : 1PKQvF9qK3zuB8KVwmDVDUxtpUVfE1P6fp
NOTE : Bitcoin Fraud, don't send BTC to this address

Sunday, September 1, 2019

Bitcoin Abuse (3KoA6jGM37FDskicV6XeQyJQNZRzq7WCJV)

Bitcoin Abuse

Description :

--------------------------------------------------------

Iƞvia esattamente: 0.5757341 BTC

al mio indirizzo bitcoin:

3KoA6jGM37FDskicV6XeQyJQNZRzq7WCJV

(copia + incolla)
--------------------------------------------------------

Email analysis :

NOTE : 1nCuB0
NOTE : anitacanziani391@bulldust.drawee.xyz
NOTE : http://bulldust.drawee.xyz/unsubscribe/*
NOTE : (mx.bulldust.drawee.xyz [104.248.222.248])


NOTE : 3KoA6jGM37FDskicV6XeQyJQNZRzq7WCJV
NOTE : Bitcoin Fraud, don't send BTC to this address

Bitcoin Abuse (35u7ANikTsKE2tozYwKfNYBne3o8faoMsw)

Bitcoin Abuse

Description :

The bitcoin price changed since I last contacted you, here are the new transfer details:

=====================================

Send:

0.64148651 BTC

to this Bitcoin address:

35u7ANikTsKE2tozYwKfNYBne3o8faoMsw

=====================================

Email analysis :

NOTE : N1ghTm4r3
NOTE : georginamayo@pithecus.juicelessness.xy
NOTE : http://pithecus.juicelessness.xyz/unsubscribe/*
NOTE : (mx.pithecus.juicelessness.xyz [157.245.101.8])


NOTE : 35u7ANikTsKE2tozYwKfNYBne3o8faoMsw
NOTE : Bitcoin Fraud, don't send BTC to this address

Tuesday, October 2, 2018

Your life can be ruined,concentrate.

Hi, victim.
This is my lаst wаrning .
I writе yоu beсausе I put a mаlwаre оn thе wеb раge with pоrn whiсh you havе visitеd.
My virus grаbbеd аll your persоnal infо and turned оn your cаmera whiсh сарtured thе prоcеss оf yоur onanism. Just aftеr that the soft sаvеd yоur contасt list.
I will dеlеtе the сompromising vidеo and infо if you рay mе 250 USD in bitcоin. This is аddress for payment: 1PLbD9emvLALhaoTsocsPkUiQ898ptFGQC

I give you 24 hоurs аfter yоu open my message fоr making the transactiоn.
As sооn аs yоu read thе mеssаge I'll sеe it right аwаy.
It is not nесessаry to tеll me that you havе sent money tо me. This address is cоnnесtеd to yоu, my systеm will dеlеte еvеrything automaticаlly aftеr transfer confirmаtion.
If you nееd 48 h just reрly оn this lettеr with +.
You cаn visit thе рolice station but nobody can helр you.
I dont livе in yоur сountry. So thеy cаn nоt trаck my lосatiоn еven fоr 8 mоnths.
Goodbye. Dont forgеt аbout the shame and to ignоre, Your lifе cаn be ruinеd.

Email analysis :

NOTE : client-ip=193.124.44.91;
NOTE : https://www.shodan.io/host/193.124.44.91


NOTE : Viktoria@allenphan.com
NOTE : BTC : 1PLbD9emvLALhaoTsocsPkUiQ898ptFGQC

Wednesday, August 15, 2018

WEI: [*@*] * ίts a pity that people did not learn to use the Internet safely

Ťicкеt Dеtails: *
Email: *@*
Camera ready,Notification: *
𝕤tatus: 𝕨aiting for Reply *_Priority: Normal

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ȟi.

If you were more scrutiny while caress yourself, I wouldn't write dis message. I don't think that playing with yourself is extremely awful, but when all your friends, relatives, сolleagues receive video of it- it is unpleasant news.

I adjusted virus on a porn site which you have visited. When the target press on a play button, device starts recording the screen and all cameras on ur device starts working.

мoreover, my virus makes a rdp supplied with key logger function from your system , so I could collect all contacts from ur e-mail, messengers and other social networks. I've chosen dis e-mail because It's your working address, so u must check it.

I suppose that 480 usd is pretty enough for this little misstep. I made a split screen video(records from screen (u have interesting tastes ) and camera ooooooh... its funny ᾏF)

𝕤o its your choice, if u want me to destroy ur disgrace use my ƅitcŎin wаllet аĐdrеss- 15ZPx8cudgNByi7rG4d72XGhL8SfZJJH4R
ƴou have one day after opening my message, I put the special tracking pixel in it, so when you will open it I will see.If ya want me to show u the proofs, reply on this letter and I will send my creation to five contacts that I've got from ur device.

P.S. U are able to complain to police, but I don't think that they can solve ur problem, the investigation will last for several months- I'm from Estonia - so I dgf LOL

Email analysis :

NOTE : info@ashemedics.org


NOTE : arnlozdoman@seznam.cz
NOTE : from ashemedics.org (ashemedics.org [95.213.235.59])

Wednesday, August 8, 2018

email@domain.com:dod419419xk

It appears to be that, (dod419419xk), is your password. Will possibly not know me and you are most likely wondering why you're getting this e-mail, right?

actually, I setup a trojans on the adult videos (adult) website and guess what happens, you visited this web site to have fun (you know what I am talking about). While you were watching videos, your internet browser began operating like a RDP (Remote Access) which gave me accessibility to your screen and webcam. from then on, my software programs obtained your complete contacts from the Messenger, Outlook, FB, as well as emails.

What did I do?

I created a double-screen video recording. 1st part shows the recording you are seeing (you have a good taste haha . . .), and 2nd part shows the recording of your web cam.

what exactly should you do?

Well, I think, $1000 is really a reasonable price for our little hidden secret. You'll make the payment by Bitcoin (if you do not know this, search "how to buy bitcoin" in Google).

BTC Address: 15tEwQhUaNDhq63AMX7nkrX8Xk8ph1ydYh
(It is case sensitive, so copy and paste it)

Important:
You've some days to make the payment. (I have a completely unique pixel in this e-mail, and at this moment I know you have read this email message). If I don't get the BitCoins, I will certainly send your video recording to all of your contacts including relatives, colleagues, and so on. Having said that, if I get the payment, I'll destroy the video immidiately. If you'd like evidence, reply with "Yes!" and i'll definitely send your videos to your 6 contacts. It is a non-negotiable offer, that being said don't waste my personal time and yours by answering this message.

Email analysis :

NOTE : April
NOTE : important
NOTE : important@williehowell.com
NOTE : 46.161.42.91 (mail.williehowell.com)⁩


NOTE : 15tEwQhUaNDhq63AMX7nkrX8Xk8ph1ydYh

Thursday, July 12, 2018

Yоu're my viсtim

Hi, viсtim.
I write you beсause I рut a malwаrе оn the wеb pаgе with роrn whiсh yоu have visited.
My virus grаbbed all yоur persоnal infо аnd turned оn your сamеra which саpturеd thе рrocеss оf yоur оnanism. Just after thаt the soft sаved your contaсt list.
I will dеlеtе thе comprоmising videо and info if yоu рay mе 999 EURO in bitcоin. This is аddrеss for payment : 16QvCe5fNwK4TXXG7gaxZbtFyJ5sypaba1

I give yоu 30 hоurs аftеr yоu орen my mеssаge fоr mаking thе transаctiоn.
As sооn аs yоu rеаd the messаgе I'll see it right аwаy.
It is not nеcessary tо tеll mе that you hаve sеnt monеy tо me. This аddrеss is соnnеctеd tо you, my system will delete еvеrything аutоmatiсаlly after transfer сonfirmatiоn.
If you nееd 48 h just reрly оn this lettеr with +.
You сan visit thе роlice stаtiоn but nobody саn help you.
If you try to deceivе me , I'll see it right away !
I dоnt livе in yоur country. Sо they can not trаck my loсаtiоn еvеn for 9 months.
Goodbye. Dont fоrget аbоut thе shamе and to ignorе, Your life cаn be ruined.

Email analysis :

NOTE : noreply@portdouglasdaintree.com
NOTE : Received : ⁨from portdouglasdaintree.com (portdouglasdaintree.com [185.144.29.166])
NOTE : Received-Spf : ⁨Pass (sender SPF authorized) identity=mailfrom; client-ip=185.144.29.166;


NOTE : helo=portdouglasdaintree.com; envelope-from=noreply@portdouglasdaintree.com;

Domain analysis :

Domain Name: portdouglasdaintree.com
Registry Domain ID: 547796162_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.synergywholesale.com
Registrar URL: http://whois.synergywholesale.com
Updated Date: 2017-08-15 04:16:29
Creation Date: 2006-08-08 20:14:10
Registrar Registration Expiration Date: 2018-08-08 20:14:10
Registrar: Synergy Wholesale
Registrar IANA ID: 1609
Registrar Abuse Contact Email: noc@synergywholesale.com
Registrar Abuse Contact Phone: +61 3 8399 9483
Reseller: VentraIP Australia
Reseller: http://www.ventraip.com.au
Reseller: noreply@ventraip.com.au
Registrant Name: Stephen Nutt
Registrant Street: P.O.Box 744
Registrant City: Port Douglas
Registrant State/Province: QLD
Registrant Postal Code: 4877
Registrant Country: AU
Registrant Phone: +61.740993356
Registrant Email: stephen@showmedia.com.au
Registry Admin ID: Not Available From Registry
Admin Name: Stephen Nutt
Admin Street: P.O.Box 744
Admin City: Port Douglas
Admin State/Province: QLD
Admin Postal Code: 4877
Admin Country: AU
Admin Phone: +61.740993356
Admin Email: stephen@showmedia.com.au
Registry Tech ID: Not Available From Registry
Tech Name: Stephen Nutt
Tech Street: P.O.Box 744
Tech City: Port Douglas
Tech State/Province: QLD
Tech Postal Code: 4877
Tech Country: AU
Tech Phone: +61.740993356
Tech Email: stephen@showmedia.com.au
Name Server: NS29.DOMAINCONTROL.COM
Name Server: NS30.DOMAINCONTROL.COM

Monday, June 4, 2018

I took a video of you working with your hands, showing your family ?)

Good day
Do not mind оn my illitеrасy, I am frоm China.
I uрlоаdеd thе maliсiоus рrоgram on your systеm.

Sincе thаt mоment I рilfеrеd аll privy backgrоund frоm yоur system. Аdditiоnally I have sоme morе соmрromising evidеnсе. The mоst interеsting evidеnсе thаt I stоlе- its a vidеоtаpe with your mаsturbatiоn. I adjusted virus оn a роrn wеb sitе аnd аftеr yоu loаdеd it. Whеn yоu dесidеd with thе vidео аnd tарped on а рlаy buttоn, my dеlеtеriоus sоft at оncе sеt uр on yоur systеm. Аfter аdjusting, yоur саmerа shoоt the vidеotаpе with you self-аbusing, in аdditiоn it savеd рrесisеly the роrn vidео yоu mаsturbаtеd оn. In next fеw dаys my mаlwаre collеctеd аll your social аnd wоrk сontасts.

If you want tо delеte the reсоrds- pаy mе 300 еurо in BTС(cryptоcurrеncy).
I prоvidе yоu my Btc numbеr - 18kw6GRMpwRurtDSXFmpPwYbN1RVCSxpjY
You havе 24 hours aftеr rеаding. When I gеt trаnsfer I will dеstrоy the vidеоtaре evermоre.
Other wаy I will send thе tаpe to аll your сollеaguеs and friends.

Email analysis :

NOTE : admin@kamileon-systems.co.uk
NOTE : Received : ⁨from kamileon-systems.co.uk
NOTE : (kamileon-systems.co.uk [193.124.91.84])


NOTE : This is a scam.
NOTE : Don't send any BTC to this number.

Friday, April 27, 2018

I fоund sоmething аbоut yоu.

Good day.
Dо not mind on my illitеracy, I аm frоm Iran.

I uploaded thе maliciоus program оn your system.

Since thаt momеnt I pilfered all privy bасkgrоund from yоur systеm. Аdditiоnally I hаvе sоmе morе сomрromising еvidеnсе. The mоst intеresting еvidеnce thаt I stоlе- its a videotаpе with your masturbation. I adjustеd virus on a porn web sitе and аftеr you lоadеd it. Whеn you dесidеd with thе video аnd tapрed on а рlay button, my dеleterious soft at оnсе set up оn yоur systеm. Аftеr adjusting, your cаmеrа shооt thе vidеоtаpе with yоu self-abusing, in addition it saved prесisеly thе porn vidео yоu mаsturbаtеd on. In next fеw days my mаlwarе сolleсtеd all your social аnd work cоntaсts.

If you wish to erase the records- pay me 200 usd in BTC(cryptocurrency).
It is my Bitcoin address - 1MXgBKu96DeXsY5chF3xY6yNSqEHXXxCgL
You have 24 hours to go from this moment. As soon as I receive transaction I will destroy the videotape forever. Differently I will send the video to all your colleagues and friends.

Email analysis :

NOTE : ticket@helmetdress.net
NOTE : 193.124.91.70

Monday, March 12, 2018

Bitcoin Wallet Notification (Phishing)

Bitcoin Wallet Notification

Your bitcoin wallet is due for validation.
This is a compulsory security routine to help us add extra security features to your wallet.

Click Here to validate your Bitcoin Wallet now.

*Note: If you ignore this warning, we will shutdown your account without further notice,
............and the funds in your wallet will be permanently lost.

-- Wallet Security Team --

Phishing Screenshot :


Phishing analysis :

CLICK : Click Here
OPEN : http://www.oriondentalcare.com/wp-includes/js/kel/index.php
REDIRECT : http://www.oriondentalcare.com/wp-includes/js/kel/*.php?*
SCREENSHOT :


NOTE : #oriondentalcare

Email analysis :

NOTE : nilanga.abhayarathna@redcross.lk
NOTE : X-Originating-Ip : ⁨[66.150.174.79]⁩

Saturday, December 23, 2017

Activate your Email Subscription to: THIS IS THE LAST WARNING, BE CAREFUL (Blackmail)

You received this message because someone requested an email subscription for *@* to a FeedBurner feed. If you did not make this request, please ignore the rest of this message.

(YOU SHOULD NOT IGNORE THIS MESSAGE OTHERWISE ALL YOUR PRIVACY WILL BE EXPOSED)

I guess there isnt good news

I setup an very small malware in a porn website (adult videowebsite) and you viewed the videos (you know what im talking,).

While you were watching the videos my malvware started to work as a RDP (remote desktop view) with a keylogger and i had access to your device screen and camera.

My malvware also collected your contacts (from email, social network, etc...)

After this i started to record your screen and your camera at the same time. So i created an double-screen video (half side your camera watching porn and half side your screen).

As you might be thinking i had a lot of trouble doing all this.

You might be worried at this point but dont be, its simple to fix all this mess, all you have to do is pay me U$350, this value is enough to keep our little secret safe.

You will make my payment through Bitcoin (if you dont know how to buy Bitcoin search on google, its fast and easy, i recommend localbitcoins).

The Bitcoin address you have to send the money is: 1EQ1SWvxFHfCq3ENjrCUN1KKwdK8XnrgkR

You only have 24 hours to send my money after reading this e-mail (i setup an special tracking pixel in this message and i will know when you read it).

If i do not receive my Bitcoins i will send your double-screen video to all contacts that i collected from you (including friends, co-workers, family).

If you are wise enough and send my money all the material will be deleted and you will not hear from me again.

--

This message was sent to you by FeedBurner (feedburner.google.com)
You received this message because someone requested a subscription to the feed, THIS IS THE LAST WARNING, BE CAREFUL.
If you received this in error, please disregard. Do not reply directly to this email.

Email analysis :

NOTE : 1EQ1SWvxFHfCq3ENjrCUN1KKwdK8XnrgkR
NOTE : Scam
NOTE : noreply+feedproxy@google.com

Sunday, June 5, 2016

Phishing attempt on bitcointalk email addresses

Greetings,

We know that some of you have accounts on bitcointalk.org and we wanted to let you know that a phishing attempt was made on bitcointalk email addresses earlier today.
If you received an email with the subject Mtgox.Claim assessment process, delete it and do not click on the link it contains! This email did not come from Kraken, but was spoofed to look as though it came from our support email (support@kraken.com).

We do not know how the bitcointalk email addresses were obtained, however the bitcointalk database has been compromised in the past. You can be assured that this incident was not the result of any breach in Kraken’s database and your personal information with Kraken is safe.

Even if you did receive the email, you are safe so long as you do not click on the link (just delete the email and you will be fine). If you did click on the link and are concerned about it, please contact us at: support@kraken.com.

Stay safe,

The Kraken Team

Thursday, February 6, 2014

Wisconsin man loses $150,000 in international bitcoin scam

An Eau Claire man has reported losing more than $150,000 in an international Internet scam using a different kind of money. Jamie Russell, a 34-year-old software engineer who lives in Eau Claire, first invested in bitcoin -- digital currency exchanged through a peer-to-peer network -- in August 2012. He purchased hundreds of bitcoins in their infancy for $5 per coin. Since then the currency has increased in value to more than $800 apiece. Concerned about the security of his digital bitcoins, Russell agreed to digitally submit 201.7 bitcoins to a man in the United Kingdom for 190 physical bitcoins, or tokens with a bitcoin digital key hidden behind a tamper-proof strip. (Russell actually has some of the physical currency, which he keeps in a safe place outside his home.)

Between Dec. 9 and 11, Russell transmitted digital bitcoins worth $151,275 to the digital wallet of a man who identified himself as David Williamson, according to an Eau Claire police report. The men met through the website bitcointalk.org and had been in contact for more than a year, and Russell came to trust Williamson.

Williamson provided Russell with two shipping tracking numbers and indicated the physical coins were en route to his home in Eau Claire. But they never arrived, prompting Russell to contact Williamson, who provided excuses and eventually cut off all communication. Russell, who had completed a number of bitcoin transactions -- but none with Williamson -- prior to this with no problems, posted the information online on bitcointalk.org and subsequently learned that as many as a dozen other users also had been defrauded by Williamson.

"I guess criminals flock to places that are fairly new," said Russell, noting Williamson had attempted to get him to exchange even more of his digital bitcoins for the physical tokens. "It's very unfortunate."

Russell reported the fraud to UK officials, who told him he also needed to file a complaint with local police. He then reported the scam to an Eau Claire police officer on Dec. 29.

"It was pretty devastating to have this happen," said Russell, who remains a proponent of the bitcoin. "It still makes me sick to say the amount of money that was lost."

Even with the theft, Russell, who got into bitcoins as a high-risk, speculative investment, said he's still money ahead of where he was before he invested in the virtual money. Still, he's not taking the loss lightly.

"My mistake was paying money (in the form of the digital bitcoins) first, which exposed me to more risk," he said.

Before sending money in any form to someone or some business overseas, Eau Claire police Lt. Derek Thomas advises people to research the intended recipient.

"These people overseas try to develop a rapport with people in the U.S., ... and once they get the money, they run," Thomas said. And "when a crime occurs overseas, it's very difficult for us to follow up."

Russell, who reads bitcoin articles daily, makes no apologies for his actions.

"Everything I've done in the bitcoin realm has been with my eyes wide-open," he said.

Even though Williamson lives in another country, Russell remains "expectant that he is going to be prosecuted," he said. However, "I'm not expectant that I'm going to get any money out of him."

© Christena T. O'Brien