Skip to main content

Spam, Scam and Outright Blackmail: Inbox Thieves and How to Spot Them


As we know, there are ~235 billion emails sent per day, a number that keeps growing year-on-year. A staggering 48% of that traffic is spam of one description or another, a figure that has actually come down 21% in the past 4 years alone. Despite varying scams and spam being prevalent and well-known, still people fall for them and shell out hundreds of thousands of pounds to cyber criminals each year. Today, I’m going to take a look at an interesting blackmail spam email I received and break down how to identify this as something obviously a scam, and why it is also a phishing expedition as opposed to real blackmail. I’ve taken out my email details, but the rest is exactly how I got it:

A Fun Blackmail Scam attempt

The first to check, with every email you get not just the ones you suspect of being dodgy, is the sender name and email address. Now even a neo-luddite can spot that something is fishy here: 986@501.416 is clearly not a real email address. If you aren’t sure, copy and paste the address into your search engine of choice and see what comes up. This might not always work, as there is such a thing as address spoofing, but that tends to be on the rare side, usually kept for specific criminal campaigns. It is always good to make sure that email is legitimate, so if you are still unsure, ask someone who will know.

Normally at this point, I’ve binned the offending message and moved on, but for now, I’ll continue with the deconstruction.  Have you noticed the subject line? Even a wary person might glance twice at this email in a panic at seeing that. Now, the subject here is actually a big giveaway that this is pure rubbish: what law enforcement agency in the world would go and warn a suspect that they know the suspect has been watching child porn? Let’s be real here, if they suspected anything of the sort, they’d be through the door with a warrant and clamping you with hand-irons ready to throw you in clink and forget you exist. So clearly, this is a scam, and will almost certainly involve blackmail.

Moving on to the contents, and it’s the usual type of thing: Hey you, we caught you do X and have proof, so pay up. The first paragraph is almost enough to convince you that your computer at least, was used like it claims. The second paragraph that reveals the email’s intended audience: only in the USA would they be worried about the FBI, as they have no power or authority anywhere else. Then the illusion is truly broken with the mention of a “special tracking pixel”. I’ve been involved with computer technology my entire life and can quite clearly state that this is technobabble: it is nonsense created to scare and intimidate. This is the setup for the next part of the email: hand over your cash.

This last section of the email is actually rather interesting: it specifies some rather vague instructions on paying 0.1BTC (Bitcoins). Now, anyone who has gone to this much effort to go mass-mailing blackmailing usually wants to ensure that for the minority who will fall for this sort of scam will pay up and would provide clearer instructions on how to do so. Even ransomware designers give better instructions that “Google it”.  It seems very rushed and a more than a little slap-dash, as if this is a first effort, or this is as much English as they know. But as I have pointed out, this is a wide net cast to pickup what it can indiscriminately, so full detail and accuracy doesn’t really matter. What the scammers are really counting on is fear and panic, not accurate technological descriptions.

To recap:
1.       Check the name and email address
2.       Is the subject line too worrying?
3.       Lots of technobabble that is meaningless?
4.       Location-specific information that is irrelevant to you?
5.       Asks for money?

If any of these list-items sound familiar, delete the email safe in the knowledge you’ve avoided a scam.

Comments

Popular posts from this blog

This is not a New Year’s Resolution

I'm not a one for resolutions or anything, I prefer to at least try to be a bit more practical than that. Instead, now that I've had time to consider what I want to do this year, here my list of upcoming projects. Let me know what yours are: 1) Re-evaluate the website and blog, and actually keep to a posting schedule. Might help if I started using artwork/photos. 2) Social Media application for my desktop: I'm getting a bit sick of having and average of 20 browser tabs open at a time, so lets see if I can't design an app, even if it's just a fixed browser thing, I can use to track my SM activity in one place so it's not clogging up my precious browser memory. 3) Stop wasting time with my writing projects: My biggest issue here is that while I can write some flowery prose or engage in worldbuilding like I'm Slartibartfast, I don't actually have a tale to tell. I need to adjust my focus here, and maybe I'll get something out of it. 4) Top Secre...

The Cultural Value of Algorithms

I am aware that there are misgivings amongst the musical community about Spotify's business model, and from the bits I know, these are perfectly reasonable. Unfortunately, it is useful and productive consumer model, and it's this I want to briefly write at you about. Spotify's catalogue is huge, an ever-expanding horizon that seems to want to engulf the soundscape in totality. It's easy to use, and you can usually find the album or artist you want to listen to. But it's true genius is in its algorithms, specifically the ones it uses to create the playlist it constantly nudges you to listen to. Now, because of how pushy it seemed, I avoided my Discover Weekly and Release Radar playlist like the plague for ages. This was a mistake. Or maybe, because I hadn't listened and followed enough, they just weren't right for me yet. Now, however, I spend a good two days paying attention to them, and then expanding my aural sphere to at least 3 of the recommend...

You and who’s party?

“I don’t care to belong to any club that will have me as a member” Groucho Marx Much of the past 17 years has been dedicated to fighting fundamentalist extremism, largely of the religious persuasion. This is understandable, as the religious mindset, certainly in those areas of the globe where faith is a majority holding, affects and informs the cultural values of society, and certainly in the West we have found ourselves at odds with extremist Islamic groups. Fundies of the Muslim persuasion have been at the forefront f these combative efforts, although we have also seen the dangers of the looming Christian theocratic state. It is fair to say while this will be an ongoing struggle, it is one we are coming to understand very well and are able to combat. But what of other types of fundamentalist creeds? What of political fundamentalism? This is, I fear, something we are neglecting to talk about, instead preferring to remain steadfastly tribalised to the point where discuss...