Sponsored by..

Showing posts with label Bitcoin. Show all posts
Showing posts with label Bitcoin. Show all posts

Monday, 18 March 2019

"Central Intelligence Agency - Case #79238516" extortion spam

I've seen various extortion spams over the past 12 months or so, but this one has a particularly vicious twist.

If you haven't seen one of these before - it's just a spam, randomly sent to your email address. You can safely ignore it.

From:    Liza Guest [liza-guest@eosj.cia-gov-it.tk]
Reply-To:    liza-guest@eosj.cia-gov-it.tk
To:    [redacted]
Date:    18 Mar 2019, 06:33
Subject:    Central Intelligence Agency - Case #79238516

Case #79238516
Distribution and storage of pornographic electronic materials involving underage children.
   
   
My name is Liza Guest and I am a technical collection officer working for Central Intelligence Agency.
   
It has come to my attention that your personal details including your email address ([redacted]) are listed in case #79238516.
   
The following details are listed in the document's attachment:
   
  • Your personal details,
  • Home address,
  • Work address,
  • List of relatives and their contact information.
   
   
Case #79238516 is part of a large international operation set to arrest more than 2000 individuals suspected of paedophilia in 27 countries.
   
The data which could be used to acquire your personal information:
   
  • Your ISP web browsing history,
  • DNS queries history and connection logs,
  • Deep web .onion browsing and/or connection sharing,
  • Online chat-room logs,
  • Social media activity log.
   
The first arrests are scheduled for April 8, 2019.
   
Why am I contacting you ?
   
I read the documentation and I know you are a wealthy person who may be concerned about reputation.
   
I am one of several people who have access to those documents and I have enough security clearance to amend and remove your details from this case. Here is my proposition.
   
Transfer exactly $10,000 USD (ten thousand dollars - about 2.5 BTC) through Bitcoin network to this special bitcoin address:
   
3QTV16BBsaEBVuwZv8wCjEgWZTKVVQPJ3h
   
You can transfer funds with online bitcoin exchanges such as Coinbase, Bitstamp or Coinmama. The deadline is March 27, 2019 (I need few days to access and edit the files).
   
Upon confirming your transfer I will take care of all the files linked to you and you can rest assured no one will bother you.
   
Please do not contact me. I will contact you and confirm only when I see the valid transfer.
   
Regards,
Liza Guest
   
Technical Collection Officer
Directorate of Science and Technology
Central Intelligence Agency

Another version comes "from" tannerlynch@oiks.cia-gov-it.gq and solicits payments to 32ngJWq6YYGUfvCbj3Ji7MNSnqi3rdM5qa. There are probably others. At the time of writing, neither of these two Bitcoin wallets had received any payment.

Friday, 24 October 2014

Bitstamp.net "New bank details" spam

This fake email pretending to be from Bitstamp.net (a Bitcoin exchange) is meant to have a malicious payload (probably a Word document) but in the sample I have seen that payload is missing. However, if you receive a similar email then wth an attachment then it is probably malicious.

From:     Bitstamp.net [no_reply@bitstamp.net]
Date:     23 October 2014 14:48
Subject:     New bank details

New banking details

Dear Bitstamp clients,

We would like to inform you that Bitstamp now has new bank details, please check attached file.

We would like to assure those of you who sent deposits to our old details that our old IBAN is still active and your transfers, if otherwise sent with correct information, should arrive without a problem.

Please note that SEPA transfers usually take 1 to 3 business days to arrive and would kindly ask those waiting for your SEPA transfers longer than usually to please send us a transfer confirmation so that we can examine our bank account log and locate your transfers.

Also for those waiting on deposits we ask for your patience; we have accumulated a long list of transfers which lack information or contain wrong information which means we need to manually go through all of them instead of our system sorting them automatically.

Best regards
CEO, Nejc Kodrič
Bitstamp LIMITED
Despite the hype, very few people actually deal with Bitcoins and I suspect even fewer use this particular exchange, so I assume that the attackers in this case are very interested in targeting Bitcoin owners specifically.