Hi:
I have sent an e-mail to lucia@2-spyware.com but it says
can not be delivered. Please see my questions below.
Thank you.
David
———————————–
RAT scam e-mail (lucia@2-spyware.com)
Nov. 5 at 2:25 p.m.
Shih-yu (David) Chao
To: lucia@2-spyware.com
Hi:
This is regarding to a RAT scam e-mail as shown below that
I received last week. Since the password seems to be correct
for some of my accounts, so does that mean they have access to
my accounts that have that password?
Can they really do things that they claim to be able to do
as they said in the e-mail? How do I check if my computer is
infected with their malware? Do you know anything about the
sender and its e-mail address? Please help, thank you.
David
—– Forwarded Message —–
From: I Know
To: “sydchao@yahoo.ca”
Sent: Thursday, October 31, 2019, 3:30:08 a.m. PDT
Subject: I recorded you –
Hey, I know your password is:
Your computer was infected with my malware, RAT (Remote Administration Tool), your browser wasn’t updated / patched, in such case it’s enough to just visit some website where my iframe is placed to get automatically infected, if you want to find out more – Google: “Drive-by exploit”.
My malware gave me full access and control over your computer, meaning, I got access to all your accounts (see password above) and I can see everything on your screen, turn on your camera or microphone and you won’t even notice about it.
I collected all your private data and I RECORDED YOU (through your webcam) SATISFYING YOURSELF!
After that I removed my malware to not leave any traces.
I can send the video to all your contacts, post it on social network, publish it on the whole web, including the darknet, where the sick people are, I can publish all I found on your computer everywhere!
Only you can prevent me from doing this and only I can help you out in this situation.
Transfer exactly 1400$ with the cryptocurrency DASH (DSH) to my DASH (DSH) address.
It’s a very good offer, compared to all that horrible shit that will happen if I publish everything!
You can buy DASH (DSH) here: www.cex.io , www.binance.com , www.bitpanda.com , or Google for other exchanger.
You can send the DASH (DSH) directly to my address, or create your online wallet first here: www.cryptonator.com , www.freewallet.org or download and install your hardware wallet EXODUS first from: www.exodus.io and then send to mine.
My DASH (DSH) address is: XnfypYUMso855erq8vmsdGcFPcnWeUh1G4
Copy and paste my address, it’s (cAsE-sEnSEtiVE).
I give you 2 days to transfer the DASH (DSH).
As I got access to this email account, I will know if this email has already been read.
If you get this email multiple times, it’s to make sure you read it, my mailer script has been configured like that and after payment you can ignore it!
After receiving the payment, I will remove everything and you can life your live in peace like before.
Next time update your browser before browsing the web!
Mail-Client-ID: 1090708275
This is a dangerous scam campaign because it involves extortion and blackmail. It is common for these scams like Drive by Exploit email campaign to misuse emails and passwords leaked in some data breach incidents or sensitive details that may get exposed in different ways.
This is why those passwords are matching some of those you use at the time. You need to rely on different and more complex passwords for your social media accounts and email to avoid these scammy emails.
It is possible that malware is not on your system and the only malicious thing is the purpose of this notification itself and people behind the campaign. But you can get an anti-malware tool and run a full system scan on the machine to check for malicious intruders and any possible malware.
You can find and remove serious malware, PUPs, or even corrupted applications, files with such tools, so scanning the device gives a good advantage for you.
Best regards,
2spyware team