Today I received a junk mail directly sent of a dynamic ip range from serbia. It connected directly to my domains MX server. The full email I received follows1:
Hello! I'm a member of an international hacker group. As you could probably have guessed, your account firstname.lastname@example.org was hacked, because I sent message you from it. Now I have access to you accounts! For example, your password for email@example.com is ********* Within a period from July 7, 2018 to September 23, 2018, you were infected by the virus we've created, through an adult website you've visited. So far, we have access to your messages, social media accounts, and messengers. Moreover, we've gotten full damps of these data. We are aware of your little and big secrets...yeah, you do have them. We saw and recorded your doings on porn websites. Your tastes are so weird, you know.. But the key thing is that sometimes we recorded you with your webcam, syncing the recordings with what you watched! I think you are not interested show this video to your friends, relatives, and your intimate one... Transfer $700 to our Bitcoin wallet: 1Lughwk11SAsz54wZJ3bpGbNqGfVanMWzk If you don't know about Bitcoin please input in Google "buy BTC". It's really easy. I guarantee that after that, we'll erase all your "data" :D A timer will start once you read this message. You have 48 hours to pay the above-mentioned amount. Your data will be erased once the money are transferred. If they are not, all your messages and videos recorded will be automatically sent to all your contacts found on your devices at the moment of infection. You should always think about your security. We hope this case will teach you to keep secrets. Take care of yourself.
First of all, your international hacker group may not be known very well. Or, you may just have forgotten its name.
Update: You might just fear an international hacker group if you claim to be a member of when you’re not, right? There is a widely used term for people like you.
From: line in an email doesn’t make an email account hacked.
You should come with evidence of that mentioned period (July 7 to Sept 23 2018). A password stolen years ago2 makes you not a hacker.
Keep strong young cyber-walker – may another force be with you…
Please note that the actual password was changed to asterisks. That was the only change made to the transcript. ↩
More precisely: you got this password obviosly because I typed that into a form when I thought it was a password field. I moved over that form quickly so I realised that seconds too late. That password and it’s references were changed immideately to be prepared for events like this right now. It just took longer than I thought… ↩