Re: Trojan and other great texts

To: debian-user@lists.debian.org
Subject: Re: Trojan and other great texts
From: jeremy ardley <jeremy.ardley@gmail.com>
Date: Sun, 27 Aug 2023 16:27:14 +0800
Message-id: <[🔎] a10ec711-29b6-b114-60a5-e0449d469634@gmail.com>
In-reply-to: <ZOsAC2EM/CyDcwh1@gpm.stappers.nl>
References: <[🔎] CAGiORHdgeOM-G4guNyJCCqVrTpLo8xbAstfz4pOFu-zG2tHcgg@mail.gmail.com> <ZOsAC2EM/CyDcwh1@gpm.stappers.nl>


On 27/8/23 15:49, Geert Stappers wrote:

On Sun, Aug 27, 2023 at 01:02:29AM -0600, William Torrez Corea wrote:

I am being threatened for this account:

barbara@streis.nd

I received the following message:

I am a professional hacker and have successfully managed to hack your
operating system.
Currently I have gained full access to your account.

In addition, I was secretly monitoring all your activities and watching you
for several months.
The thing is your computer was infected with harmful spyware due to the
fact that you had visited a website.

I believe you would definitely want to avoid this from happening.
Here is what you need to do - transfer the Bitcoin equivalent of $760 to my
Bitcoin account
(that is rather a simple process, which you can check out online in case if
you don't know how to do that).

Below is my bitcoin account information (Bitcoin wallet):
bc1qk6zydkvexREDACTED6slunc5z6g4efq

*How can I verify this?*

Start with understanding if it is realy about you.

Reread the text and check where it is personal. (It isn't.)

The thing I like about the text is how generic it is.
It is even gender neutral.

Amusingly I didn't even see the original post. gmail automatically putit in the spam bin due to the content containing well known phrases.

This was on my gmail account for this list. I run my own mail server forgeneral mail and this class of spam is easily detected by myspamassassin setup - assuming it gets past the real time black hole filters

As a second line of defence, Thunderbird has some ability to recognisethis as spam.

On a less hopeful note I recently got an email from a well known legalfirm that had had correct SPF and DKIM signatures. However it was aphishing email from someone who had breached the legal firm's mail system.

To handle this, the general rule on every received email is to check ifyou were expecting it. If not, then treat it as suspicious till provedotherwise. In this thread, someone emailing out of the blue to say theyhave pwned you is incredibly suspicious and should be deleted immediately.

Reply to:

References:
- Trojan
  - From: William Torrez Corea <willitc9888@gmail.com>
- Re: Trojan and other great texts
  - From: Geert Stappers <stappers@debian.org>

Prev by Date: Re: Trojan
Next by Date: Re: Trojan
Previous by thread: Re: Trojan and other great texts
Next by thread: Re: Trojan
Index(es):
- Date
- Thread