New and improved, or just repackaged?

More and more we’re seeing so called “experts” announce some “new” scam that are in fact nothing more than old scams with a slight twist.  The latest one is an email sent out with the person’s password and a claim that their computer has been compromised and footage of them visiting porn sites have been made.  The email starts with this sentence:

I’m aware that XXXXXX is your password.

That part’s new, but it’s the only part of it that is.  The rest is identical to emails we’ve been receiving for almost a year.  You can see the thread in question at https://scamsurvivors.com/forum/viewtopic.php?f=20&t=60846

It’s the same format, same threats, even the same method of payment.  This evolution comes about due to the scammers using hacked lists that feature email addresses and passwords.  Here’s samples, first of the ones we received way back in September of last year, then of one of these so called “new” emails.  See if you can spot the similarities:

All in all- if you want me to destroy all this compromising evidence, here is my BTC wallet address- 16NqZUQSH8VbJSzn8Hj1W7dU3geSQ7AehM (it must be without «spaces» or «=aquo;,check it). If you do not know how to use it, you can ask google or youtube for help- its very easy. I suggest, that 290 usd will finish our problem and will destroy our touchpoint in perpetuity. You have thirty hours after reading this message(I put tracking pixel in it, ill know when you read it). If you wont finish transaction, ill share the compromising with all contacts I’ve collected from you.

Now the second one:

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google) .

BTC Address: 1Dvd7Wb72JBTbAcfTrxSJCZZuf4tsT8V72

(It is cAsE sensitive, so copy and paste it)

Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email

The amounts change, the Bitcoin address changes, but the threats pretty much stay the same.  They even both mention the “tracking pixel”, though one calls it “an unique pixel”.  This “new” email suddenly doesn’t look so new, does it?  Let’s go even further back and look at the emails that were sent out after the Ashley Madison hack back in 2015.  This thread is at https://scamsurvivors.com/forum/viewtopic.php?f=20&t=38976 if you want to check it out.  How do they compare?  Let’s take a look at a snippet of one of those emails:

 If you would like to prevent me from sharing this dirt info with all of your friends, family members, spouse, then you need to send exactly 1 bitcoin (BTC) to the following BTC address:

Bitcoin Address:
19qbfGUPRTvZ9yAtRNusbLdyg5Pbe6DSK 4

We are providing a chance to solve this case. You make a payment to the above mentioned btc address. The time ends in the next 24 hours. We will not publish your data and we will not inform your contacts.

You can get bitcoins at an exchange like Expresscoin.com, Localbitcoins.com, Clevercoin.com, Coincorner.com, Coincafe.com, Coinbase.com, Circle.com or a Bitcoin ATM machine Coinatmradar.com.

If you pay within 24 hours of receipt then we will delete your record. No payment? Then you will see what happen after this period. Once this period has expired, we can’t do anything more for you. Our website is launching soon. We will surprise your family, friends and colleague with it. We will give you this one last chance.

You may be wondering why should you and what will prevent other people from doing the same, in short you now know to change your privacy settings in Facebook so no one can view your friends/family list. So go ahead and update that now (I have a copy if you dont pay).

Suspiciously familiar isn’t it?  Now tell me again about these new scam emails that are doing the rounds…