Heavy.com reports that there have been a number of email bomb threats sent out demanding blackmail payments in bitcoin. An example of one message follows:
"Good day. My mercenary has carried the bomb (lead azide) into the building where your business is conducted. My mercenary built the explosive device under my direction. It can be hidden anywhere because of its small size, it is impossible to destroy the supporting building structure by this explosive device, but if it denotates there will be many wounded people.
My recruited person is watching the situation around the building. If he notices any suspicious activity, panic or cops the device will be blown up.
I can call off my man if you make a transfer 20,000 usd is the price for your safety and business. Transfer it to me in Bitcoin and I assure that I have to withdraw my mercenary and the bomb will not detonate. But do not try to deceive me – my guarantee will become valid only after 3 confirmations in blockchain."
So does this sound like somebody who speaks English natively? Can you predict where this is coming from? Can you predict what kind of person sent this? Can you predict what kind of mess this is going to create? Who are you betting is really behind this?
Also at The Register, threatpost, Krebs on Security, and Ars Technica.
(Score: 4, Funny) by MostCynical on Friday December 14 2018, @07:01AM (8 children)
is it an improvement on the "we have video of you looking at porn"?
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 3, Insightful) by crb3 on Friday December 14 2018, @07:53AM (4 children)
Those are great; I go through my spam bucket every so often looking for them. With a strict policy of a unique password per login, I can look at the quoted password and nail down just what site that I visited had the data leak. Hm, nope, not buying boots there ever again; good thing the card I used then expired some years back. Thanks for the warning, now go away.
Video? Good luck with that: I don't own a webcam or a smartphone.
(Score: 0) by Anonymous Coward on Friday December 14 2018, @11:36AM (2 children)
It's not as if a web cam usually would be located to show the contents of the screen anyway.
(Score: 1, Funny) by Anonymous Coward on Friday December 14 2018, @01:10PM
Yea, but a smartphone user would not know that.
(Score: 0) by Anonymous Coward on Friday December 14 2018, @07:40PM
Wait, what's that rectangular reflection in your eye?
(Score: 2) by epitaxial on Friday December 14 2018, @10:06PM
I look at the wallet addresses in those and some have bitcoins in them. Incredible.
(Score: 0) by Anonymous Coward on Friday December 14 2018, @10:30AM (2 children)
No, this isn't an improvement. In fact, it's a poor choice. Just ask yourself "how many employees are going to fork over $20k in ransom for their company?" And this $20k demand is much harder for a schmuck to come up with than the $300 for the "you watched porn!" scam.
I'd venture to guess this results in no bitcoins for the sender.
(Score: 2, Insightful) by khallow on Friday December 14 2018, @02:41PM
(Score: 2) by nobu_the_bard on Friday December 14 2018, @03:33PM
I've already had more than one client call in the last month asking how to delete their browsing history, and just as casually as possible, ask me if I know where they can get a lot of cheap giftcards, for reasons they assure me are totally unrelated.
Haven't seen a bitcoin version of this scam but I assume it's only a matter of time.
Been giving clients "how to recognize a scam" training which seems to help more than anything else.
(Score: 3, Insightful) by EventH0rizon on Friday December 14 2018, @07:03AM (5 children)
The English is better that in some scams but "the device will be blown up" is pretty mangled.
What worries me about these threats is the uncomfortable dilution of the crime caused by the mere existance of the Internet. If someone sent you that threat in a snail mail, or even in a phone call, they would most likely get a lot of attention from your police if you reported it, but once the same threat is delivered in an email, all bets are off.
I got this email below just today, not as violent as yours, but does mark an uptick in the implied threats that I see in scam emails.....
(Score: 2) by EventH0rizon on Friday December 14 2018, @07:05AM
Correction, it's "it is impossible to destroy the supporting building structure by this explosive device" that I meant to say was a bit mangled.
(Score: 4, Funny) by Anonymous Coward on Friday December 14 2018, @10:39AM
The reason this type of threat is not deliverd by phone is making sure the victim writes down the bitcoin wallet correctly.
Victim: Did you say the last eight were "ed33b2E4" or "ed33b2B4"?
Scammer: What, are you stupid? I didn't' say "33", it's "3D"!
Victim: You didn't say "33" ever? Can we start again, because I have a "33" right near the start.
Scammer: Are you serious?
Victim: When does the bomb go off? Can you call me back on my cell phone so I can do this outside?
(Score: 3, Interesting) by stretch611 on Friday December 14 2018, @12:48PM (2 children)
I have been getting the same... including the watching internet porn...
Oooohh!!! Scary... he hacked my router /s
According to the reverse DNS of the IP in the headers, it is coming from Singapore.
MobileOne Ltd. Mobile/Internet Service Provider Singapore
The only one I currently have in my (recently emptied) spam folder is this:
Now with 5 covid vaccine shots/boosters altering my DNA :P
(Score: 2) by stretch611 on Friday December 14 2018, @12:51PM
I forgot to mention...
He is right about one thing...
I am a BIG Pervert.
But heck, this is the internet... perverts are easy to find online.
Now with 5 covid vaccine shots/boosters altering my DNA :P
(Score: 2) by nobu_the_bard on Friday December 14 2018, @03:26PM
Most of these spam the source doesn't really matter.
It's almost always from a hacked website someone set up for their business venture that didn't work out 5 years ago that they completely forgot about because it autocharges $2 a month to their credit card thanks to its near zero traffic. At least until the host contacts them or they see the bill for $500 next month and investigate.
I'm only sort of joking. It's really really common. Downside of everyone and their dog having an unmaintained websites left over from the 1990s-2000s.
If you can afford to, try to accept less mail from abroad though, if your spam solution allows it. It won't solve the problem but it helps. Most spammers deliberately try to target people in other countries to make it harder for law enforcement, who both have to deal with jurisdiction problems and kind of not totally caring about jerk spammers on other continents or people that get duped from other countries.
(Score: 1, Disagree) by Anonymous Coward on Friday December 14 2018, @07:10AM (2 children)
It's time to make email illegal.
And compulsory "internet licensing"
(Score: 2) by stretch611 on Friday December 14 2018, @12:38PM (1 child)
Or just have California tax email... like text messages. :)
Now with 5 covid vaccine shots/boosters altering my DNA :P
(Score: 1) by anubi on Friday December 14 2018, @06:39PM
I wonder if an email "stamp" would solve this... So that sending costs money, where receiving is free.
I see the little sexpots get 99 cents per minute to talk on the phone. I would love to back bill robocallers and telemarketers likewise for the service of accepting their call.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 0) by Anonymous Coward on Friday December 14 2018, @07:57AM
I would dismiss this message instantly. I would probably tell the police about it, since it's a serious (if not credible) threat.
but the questions I like. I think they're quite deep (maybe I'm just being naive).
(Score: 1) by MrBoogers on Friday December 14 2018, @07:57AM (1 child)
My best guess would be an asian learner of American English. They use past tense instead of the perfect tense. Weak understanding of articles suggests a native tongue without plurals. There seems to be a bit of copy and pasting of sentences together "I can call off my man if you make a transfer 20,000 usd is the price for your safety and business." I imagine that it's a mass mailing by a young male that's into IT because of the understanding of confirmations and because it's so vague.
(Score: 2) by legont on Friday December 14 2018, @06:03PM
This is just a Pidgin English https://en.wikipedia.org/wiki/List_of_English-based_pidgins [wikipedia.org]
The wast majority of the world population uses it, including most international business dealing. Pure English is relatively rare.
Thai's famous example of perfectly grammatically correct one: "Me motorbike go home".)
"Wealth is the relentless enemy of understanding" - John Kenneth Galbraith.
(Score: 0) by Anonymous Coward on Friday December 14 2018, @09:03AM
A 400 pounder in his basement in New Jersey?
Chris Christie!
(Score: 1, Funny) by Anonymous Coward on Friday December 14 2018, @12:33PM (3 children)
Send me alll your monneys!
(Score: 1, Funny) by Anonymous Coward on Friday December 14 2018, @01:07PM
I assume you accept payment in large rainbow-colored LED lit computer case fans?
(Score: 2) by Freeman on Friday December 14 2018, @03:23PM (1 child)
No, no, they're more subtle than that nowadays. It goes more along these lines.
Hello Kind Sir,
I am a political refugee and have a hugely massive amount of cash I can't get out of the country on my own. Please send me your bank account information and you can keep 10% of the funds transferred.
Your Affectionate,
Con Artist err...., Prince of Nigeria
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 0) by Anonymous Coward on Friday December 14 2018, @07:20PM
Dear Prince of Nigeria,
Why don't you send me your bank account information? Once I have verified and transferred your assets out of your account to mine, I will send 90% of it to another account of your choosing, keeping the remaining 10% as my processing fee. Don't worry. You can trust me.
Love and smooches,
Your
Worst NightmareFriend(Score: 3, Interesting) by SomeGuy on Friday December 14 2018, @12:54PM
The other day the local TV news reported there were some bomb threats made at a bunch of local schools. Of course as a result the schools all automatically had to go on "lockdown". (remember then that word was only used with prisons? They could have at least come come up with some more euphemistic newspeak term). They didn't give any details about the threat except that it came from outside the US.
From glancing at TFAs, it sounds like this may have been the same person.
Of course, you know how news channels interview a number of random people and then air the "opinion" closest to what they want you to hear? The thing that really struck me as odd was that this news channel chose to air an an interview with a person that commented "how ridiculous" this was. This was in vast contrast to their usual "veryscarrystuffyoucantbetoosafethinkofthechildrenpollywannacracker" soundbites. Usually we are supposed to be scared of any tiny little threat as if it is fucking 9/11 all over again.
So it sounds like Rachel from CardHolder Services has taken it to the next level. :P Expect to see more of these new microthreats.
(Score: 2) by Nuke on Friday December 14 2018, @02:48PM
Unlike a scam that is supposed to be a message from your bank, doesn't that tend to make it sound more credible* in these circumstances? It could be a deliberate embelishment.
(Score: 0) by Anonymous Coward on Friday December 14 2018, @02:50PM
if people can't figure out what spam is, regardless of content, the cybers have failed.
even my mom knew to delete it.
(Score: 1, Interesting) by Anonymous Coward on Friday December 14 2018, @02:52PM
This was either done by a person who knows that this is going to torque the screws of law enforcement, or a person who doesn't. If it is just some numbskull kid, well then the fun ends there.
The fun starts when we ask: What if the responsibile party actually knows how dangerous of an idea this actually was? At that point motive becomes a consideration.
I can guess what the reaction of politicians and wall street will be already. They'll declare that anonymous payment systems are funding terrorism, (like they've done before) and declare war on private interpersonal commerce. (like they've done before) That would provide plenty of motive for a false flag operation, because let face it. Wall street scams are going to push more and more commerce towards digital currency. Some people are going to regard that as a bad thing.
The other option, is possibly a domestic state actor. Possibly the CIA or the Secret Service. They hire a Russian hacker through a local Russian mafia contact to create a faff. The newsies choke on it with enthusiasm. The above claims are touted far and wide, which creates a excuse to test out some new whiz bang gear. Maybe even start a foreign war. And there is never a day when the Secret Service isn't looking to raid a securities firm that has the gual to sell a private reserve currency.
Another option is that it is a false-false flag. The Russian government actually did do it, but can simply rely on the fact that the U.S. government is so lacking in credibility, that nobody believes it's claims anyway. The fed and the news flop around quacking like a wounded duck, and the rest of the world cringes at all the rediculous drama. Essentially their just keeping us falling back into the same well laid trap.
Personally I'm inclined to think it is/was part of a NYC banking scam of some sort. After all, when are those guys not involved?
(Score: 3, Funny) by chewbacon on Friday December 14 2018, @03:23PM (1 child)
“Hello, your password is xxxxxxx,” it started out to a friend of mine and it indeed was his password. It went on to say when he visited a malicious porn site, his webcam was turned on and filmed him masturbating and would send the video to everyone on his contact list unless he paid thousands in bitcoin. The correct password was worrying by itself, albeit he picks pretty stupid passwords. That piece of truth is what terrified him. So a quick google and I found everyone getting these. “But what about my password???” “So pay him. Or wait 24 hours and see he’s lying.” “But I don’t even look at those websites!” (Sure you don’t) “Then he’s got nothing on you. Would be funny if it’s one of your office employees!”
(Score: 0) by Anonymous Coward on Friday December 14 2018, @08:27PM
I got one of these without the password included. It was the first time I had ever seen that particular one. I thought it was funny as far as scams go. I almost replied saying don't bother sending the whole video. Here's a link to my YouPorn channel. It has all my best work.
(Score: 2) by sjames on Friday December 14 2018, @10:13PM
A couple of 20 somethings looking to party blog "we're going to set the town on fire" and they get arrested and investigated as terrorists. People send out mass extortion threats, some with actual stolen passwords, nothing. Mass bomb threats, nothing.