22
Kaji
6y

So, got yet another one of those, "Ha! Sending this from your own e-mail address is proof I've infected your machine and recorded video of you synced to your browsing history! Send me bitcoin!" e-mails today. Just with a fun twist:

He claims to have infected my computer on November 8th, 2018 (for later readers: 4 days after the e-mail was sent).

Was about to give them points on creativity the other day; got a Japanese translation of it that was actually pretty spot-on all things considered, and then a Korean copy of it again the next day (just in case I couldn't read English or Japanese, I guess?).

But seriously, you're trying to pull this kind of scam, and can't even tell your bot to successfully pick a date *in the past*?

Comments
  • 4
    I got this one too. But, they said my password is my college name and they sent the email through my fallback server which is an open relay... So really manual work it seems
  • 2
    https://ted.com/talks/...
    Had to think of this while reading your rant :)
  • 0
    I like to think they put these inconsistencies in the scam emails so they know what to look for so they don't fall for their own tricks.

    Or maybe they wrote the scam software with certain bugs and released it online, and when they get an email created with their own software, they use a backdoor or whatever that they wrote into it to scam the scammer.

    But it's probably just stupidity.
  • 1
    They're getting more sophisticated. The latest version just says "Summer 2018", and tries to provide more specifics to scare someone who is uneducated enough to believe that the e-mail was actually sent from their address:

    "The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296)."

    Details on the vulnerability they cite, if you're curious: https://nvd.nist.gov/vuln/detail/...
Add Comment