You can check by typing your email addresses into the website, Have I Been Pwned? At the time of writing, this has 5.7 million pwned accounts from 339 pwned websites. There’s a good chance that one of your passwords was exposed in one or more of these breaches.
Other major breaches involved Marriott International (500 million customers), LinkedIn (164 million), Adobe (153 million), eBay (145 million), Sony’s PlayStation Network (77 million), Uber (57 million) and Ashley Madison (31 million). In 2017, Yahoo admitted that its data breaches compromised 3 billion accounts. These have usually been obtained from one of the security breaches that have exposed details of billions of users. Other versions of this phishing attack include one of the recipients’ passwords and/or part of a phone number. The UK’s Action Fraud office provides a tutorial to help businesses set up DMARC. Dmarcian has a website where you can check if a domain is compliant. It helps but it’s still not used widely enough. In 2012, a working group introduced a new system called DMARC (domain-based message authentication, reporting and conformance) to alleviate the problem. Your attacker simply made the From: address the same as the To: address, so it looked as though you had sent the email yourself. Most email services have no way of authenticating the From: and Reply to: fields in email messages, so spammers can fill these fields with anything they like. The most common ones are email spoofing, including a password, and including all or part of a phone number. Random spam emails probably don’t have much success, so the would-be blackmailers have been trying to personalise their attacks in various ways. Publishing all the variants of these scam emails makes them easier to find. In this case, phrases appear on two threads in the r/Scams conference on Reddit: The Blackmail Email Scam and The Blackmail Email Scam (part 2). You can almost always get this by searching the web for one or two sentences from the email. While it’s generally safe to ignore spam emails like this, some people will want reassurance. However, since the cost of sending millions of spam emails is basically zero, even a few payments are easy profits. Very few people ever make the requested payment. Millions – perhaps billions – of similar emails have been sent over the years, but there seems to have been a flood of them over the past few months. This is generally known either as “webcam blackmail” or “sextortion scam” and the email should have been diverted to your spam folder. It says “I hacked your device, because I sent you this message from your account.” It goes on to claim that it has filmed me watching pornography, and demands $698 in bitcoin.
0 kommentar(er)
