A few days ago I wrote about an email scam that's making its way across the Internet and likely scaring people enough into paying stupid sums of money for no valid reason. I had thought these messages were just being sent to English-speaking people, but it seems there are a lot of people in Japan who are also getting demands for BitCoin. Below is a message that a colleague received to his work account.
There are a couple of notable differences between the English and Japanese versions of the message. First off, there is no password anywhere to be found. Instead the perpetrator uses an old spoofing technique to make it look like the email originated from the receiver's account. Only someone who has experience reading email headers would be able to work out that this is coming from a machine somewhere in South Africa1. Who knows if that's where the scammers also reside.
The second difference is that the amount being requested is about 1/10th of what was demanded from me. At $550 USD, there are likely more people who would be scared into buying and sending BitCoin.
Third is the lack of a contact count. In the dozen or so emails I've received from these dolts, the number of contacts they threatened to send my pr0n history to varied anywhere from four people to seventeen. Given how much time has passed since the first message hit my inbox, I've had exactly zero people get in touch with me to report receiving a digital package of embarrassments featuring my face and a list of URLs2.
While this is just wishful thinking, I truly hope that people see this as an opportunity to improve their own understanding of protecting themselves when using the web.
The source IP address was reported as
184.108.40.206. This, too, can be misleading.