‘Email scam about leaked password gives criminals at least 8 bitcoins’

According to a researcher, a recent email scam, in which criminals try to pressure people using leaked passwords, has yielded about 8 bitcoins so far. He examined a total of 42 bitcoin addresses, which is probably only a part.

The e-mail, via Fraudhelpdesk

The researcher, SecGuru, shared an overview of the collected addresses with Bleeping Computer after he found a call had done to send bitcoin addresses from the emails. He collected a total of 42, to which 30 victims transferred bitcoin. In total, the amount amounts to approximately 51,000 euros. It is likely that this is only a small part of all payments, because it is unknown how many different bitcoin addresses are in the emails. While it is possible that the addresses are also used for other activities, in most cases these are recent transactions.

The Fraud Helpdesk, among others, recently warned about the e-mails. They start with the text that the sender knows the recipient’s password. In addition, the people behind the campaign are probably using leaked databases with logins from major services, such as LinkedIn. The email then claims that images were created on the recipient’s computer while visiting a porn site using malware. These images would have been taken from both the webcam and the screen and placed side by side.

The sender threatens to send these images to all contacts of the recipient, which he also allegedly captured. To prevent that, bitcoin has to be transferred to a certain address. In the email published by Fraudhelpdesk, an amount of 2900 dollars is requested. A transaction has indeed taken place to the aforementioned bitcoin address. The organization calls on people not to respond to the emails.