Watch out for this stupid E-mail scam 😄

Yeah
I just wrote this because I never got this type of E-mail before.

I was like, “If they can hack my device, and take all my stuffs, why didn’t they empty my Paypal account? It can be done by just knowing the password.”

Obviously they only know how to access your email, messaging services, camera, and kinky porn websites, not your bank, credit card, or PayPal

Yup, I got this one twice in the past. I instantly knew it was BS because I don’t have a webcam.

You can check here if you were affected and why you get those emails since spammers use the big leaked list, ignore and block

Damn! This is so useful! I found out that I got pwned from nexus mods!

AYO I’m modding Elden Ring rn not my Nexus…

Don’t forget to use 2 factor authentication!

I did

Should copy the email and send it back to them. Or threaten to release the videos yourself first.

Yeah, pretty annoying but extremely obvious due to almost no specifics

If you use the internet in a normal capacity for today’s standards then there’s a very good chance your email has been compromised.

When I got this a couple years ago, I was like… OMG WTF!!! Seriously!! SHIT!!! I’m in too deep!!!

And then I remembered I watch 99.999999% of porn on my desktop and don’t even have a webcam.

Fuck those douche-mobsters. I’m sure they get super rich off mormons in Utah though…

Because they cant. Paypal has a quite strict tracking. So if you got hacked, they would make it easily tracable who obtained the money. Paypal would be a massive risk to use. Adding to that, some use 2fa, making transactions impossible without 2fa verification.

This is why paypal doesnt need a very strict system. They limited a lot already just to cover themselve.

And if someone made a fake paypal to use as middleman, either that account will become unavailable to send money, or there has been validation behind it that makes a person linked to it. And therefor become responsible.

Credit cards are an even bigger risk to reveal your identity. Since once you know someone stole the information, you can decide to block it. This means next transaction the hacker might not know its blocked yet and try to make a purchase. Either then facing the wall of ‘unable to proceed by random error’, or its accepted, but at the delivery instead of getting the object, you get cops at your door.

Its again a massive risk.

Thats why bitcoins are prefered, while being completely open in transactions, tracking its owner is very difficult. Its only difficult at the last step as the coin is going to be flagged.

But that its hard to turn in the bitcoins to obtain real cash doesnt matter to them. The costs there are still made from the money the victims paid. And since there are a lot of ‘darknet’ marketplaces who dont care about a coin being flagged (the more a coin is used, even if its flagged at some point that will be unreliable, so loses its risk).

But there are a lot of darknet places that can arrange this stuff for you. The easist trick is simply echanging it to a diffirent coin. Its just the volume of actions being low here (the more being converted, the higher the chance its still tracked - agencies have a lot of tools to identify these potential cases).

Most important for them is that there are many countries that simply dont care. Once the coin is in such country it becomes impossible to tell whether its still worth to track it as you dont know if the new owner was a legit purchase, or not.

lol yeah i got this email before, sadly though i bet this has worked on alot of people, these arseholes deserve whatever karma eventually finds them

This is a common scam, it’s sent out like spam and the recipients are often hidden. There has been no hacking. If a recipient feels guilty they might get someone on the hook, but for this particular BTC address, no one has sent any money into it. Yet.

These mails often use a variety of addresses. It barely costs time to make one. And it again reduces detection chances. Even more since they often use an algorithm to decide which mail adress is going to receive a certain address. gmail, live and other generic platforms are very likely to quickly scan all the used addresses in it, so they often get their own bucket of addresses assigned. Mails dedicated towards specific domains (more likely personal domains) do get other addresses in them.

And that is only done because once an address gets a coin in it, they can start using a new one (if its the only coin, there is a chance it doesnt get flagged, making it cheap/easy to cash in).

While mails often show amatueristic levels, the tools behind it often are not. There is a whole business around this stuff, and the tools evolved to be of high quality over time. The makers often provide these tools as a service. And this is mainly why its a pain to fight against it, while you need to make specific patterns, they just can dish in some randomizing factors, which even if they are weak are hard to figure out.

So dont say that no one paid (you cant tell), if they have 1000 adresses, sent 1m mails, and 100 people paid, its still 900 addresses empty, but its the 100 that paid that count (with low chance of overlap).

Yeah, I know how blockchain works. I also know that scammers are lazy bastards, so they use the same btc address for each email batch they send out, and it’s usually in the thousands before they create a new btc address, as you say - it’s easy, but they rarely do that. All transactions are stored in the public blockchain, it has to be for it to work. Using a normal blockchain explorer you can view any transactions taken. So any victim from this email batch has to land on the same transactional address, and so it’s reflected in the blockchain for all to see if they know the address, which we do. Don’t confuse btc wallet with btc address. Wallets are a different beast.

The worrying part on my end is that these emails show up over and over again, same as those stating my account at bank xy (I´m not even customer of) has been compromised. I know it´s not a lot of work to set this stuff up, but it´s still work, so there must be enough people getting tricked by all those scams that it´s worthwhile for the criminals, even taking into account that there´s still a slim chance they get caught…

What someone should do is use this as the basis for a video. Re-word it slightly where applicable, maybe add some sexual themes, have a computer voice that sounds like GLaDOS read it, and then… well… script it!

The thing is, those tools can make those addresses for them. It takes little effort to automate it, and at most relies on trust. And yes, its that same trust that will cause some of them to still use a single fixed address there.

They dont even need to worry about the addresses in them, since they can also make it instantly transfer to a desired address, so the mails use 1000 diffirent ones (which are potentialy spoiled), but the moment such address gets such coin, it can be sent to 1 of the 100 the ‘hacker’ created himself. The hacker only needs to ensure enough addresses are in the queue.

People that make a market of these tools are well aware of how you can create a trustworthy system where the last step is a bitcoin location that is deemed safe by the user.

Ofcourse, those that do not pay for those tools will use a fixed address (and there are still plenty of those). But you realy cannot tell that from a single mail, even even a small batch. Address overlap in mails happens because its simply more efficient.

And ofcourse, a passthrough bitcoin address does cost money as transfer costs are relevant. But again, security for those users is something that costs them money. But this is where those tools already often cover that for you by instead of having subscription fee’s. They instead just want a certain % of the profits.