PhillipBlanton.com

"Save me, oh God, from people who have no sense of humor."
— Ludlow Porch

Don't Forget About the Disgrace!

I have received a couple of these emails lately. Two to be precise. I have obscured the bitcoin address, and the key the scammer put in the subject line, just in case any of you were to get any ill-advised ideas of actually sending an email to "tellthemaboutjesus.com".

Ironic email domain huh?

I did a cursory reconnaissance on it and it is a live domain but is serving nothing particularly interesting on port 80. In case you don't know, the scammer doesn't need to ever actually receive email at the email address he lists, as long as his bitcoin address is valid and he can receive payments, his scam can be lucrative.

         

If you are the kind of person who engages in things on the Internet that, ... could cause you concern if you were to receive such a message, fear not. This is a bullshit attempt to separate a random person (you) from your money. Most of the time, these scammers acquire your email address from a bundle of breach data on the dark web. Commonly when websites are breached, their data is posted on the dark web for just this type of nefarious activity. To be notified whenever your personal data is made available in this manner, sign up for a free account at "Have I Been Pwned" (https://haveibeenpwned.com/).

I was talking with a friend recently who got one that had one of his old passwords in it. This is NOT an indication that the sender is in any way more attached to your computer. most of these breach postings on the dark web contain your email address and password to whatever site got breached. This is another reason that you should use a password tool like 1Password, or LastPass and NEVER use the same password on more than one site. If you do get a message like this and it has your password (or a recent password that you recognize) that's no more reason to fret than the scammer having your email address is.

These messages prey on the very large percentage of people who engage in this type of behavior online and aren't particularly tech-savvy; but let's assume for a minute the scammer is telling the truth (he isn't), and you do pay him. What's to prevent him from sending the video of "your disgrace" to your email contact list?

The inherent trustworthiness of internet scammers?

The rule of thumb for these masturbation threat scams, is the same as it is for all of them. Delete the email and forget about it. NEVER engage an online scammer or you will identify yourself as a naive, mark and you'll never hear the end of it.

If the idea of this type of hack (which is possible by the way) scares you, then you can do at least some of these things to protect yourself online...

  1. Unplug or cover your webcam at all times unless you're using it.
  2. Use a good malware / virus software package like eset NOD32.
  3. Use something like Mac OSX, or Linux. ANYTHING other than Windows.
    Microsoft Windows has the largest installed user-base on the planet, making its users the most attractive targets of malware and hacking attempts. Avoid it.
  4. Install a Pi-Hole on your network and use it as your router's DNS resolver.
  5. Use OpenDNS for the Pi-Hole's DNS resolver and enable all of the OpenDNS filters that shut down malware, adware, and pornography.