Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Malware oder Scam? (https://www.trojaner-board.de/186720-malware-scam.html)

martinmeyer 09.09.2017 20:39
Malware oder Scam?
 
Hallo,

ich habe gestern eine mysteriöse E-Mail erhalten, bei der es sich wahrscheinlich um ein Scam-Mail handelt. Die Nachricht stammt von einem Carter Baker (events@gamesadvert.com), der mir unter dem Betreff "MPN: [meine.email@liwest.at] 8 Sep 2017 07:20:15 This time it will not bе sо easy tо get off" Folgendes schrieb:

"Whats good.

I do not want to judge you, but eventually of several cases, we have point of contact from now. I do not think that caress oneself is very ill, but when all your acquaintances see it- its obviously bad.

So, what am I implying? You surfed the website with роrn, which I’ve seized with the virus. After you chose video, virus started working and your device became function as dedicated desktop immediately. Naturally, all cams and screen started recording immediately and then my virus collected all contacts from your device.

I text you on this e-mail address, because I’ve collected it with my soft, and I think you for sure check this work address.

The most interesting point that I created video, on one side it shows your screen record, on another your cams record. Its very amusingly. But it wasn’t so easy ,so I proud of it.

All in all- if you want me to erase all this compromising evidence, here is my BTC wallet address- 16NqZUQSH8VbJSzn8Hj1W7dU3geSQ7AehM (it should be without «spaces» or «aquo;,check it). If you do not know how to make btc transactions, you can ask google or youtube for advice- its very easy. I suggest, that 330 usd will solve your problem and will destroy our point of contact till kingdom come. You have thirty hours after reading this message(I put tracking pixel in it, ill know when you read it). If you wont finish transaction, ill share the evidence with all contacts I’ve collected from you.

I do not think that cops can find me for only one day(not even 10 days), so think twice, you can lose your honor. Sorry for misprints, I am foreign."


Der Header sieht wie folgt aus:

Return-Path: <return@gamesadvert.com>
Delivered-To: <mf233224@be03.liwestmail.local>
Received: from si02.liwestmail.local ([192.168.224.21])
by be03.liwestmail.local (Dovecot) with LMTP id eCFIJrHpslnEIgAAEbmc5A
for <mf233224@be03.liwestmail.local>; Fri, 08 Sep 2017 21:13:04 +0200
Received: from sem4.gamesadvert.com ([188.225.82.127])
by si02.liwestmail.local with esmtp (Exim 4.82_1-5b7a7c0-XX)
(envelope-from <return@gamesadvert.com>)
id 1dqOi7-0004rJ-8S
for meine.email@liwest.at; Fri, 08 Sep 2017 21:13:04 +0200
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=default; d=gamesadvert.com;
h=To:Subject:Date:From:Reply-To:MIME-Version:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; i=events@gamesadvert.com;
bh=h5aF5IBYPt4xb1RkvXh2UbHoEi0=;
b=PhlFdvR9eCb3qQNCaYNI4nb96rMW7mIODBdRU88tRq13Jw3qfjrOP3WKK3xdAYH6XMcOl/Iflzcm
RNyPdgvvA8Sh3Wg7d3mDHnG/QrcBsb3u2S51KpAs/WGkwkZvzNa/tQzhF3gIgzCiu85A8uhpqnt2
e75vjzo5a6nP8/aCiUI=
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=default; d=gamesadvert.com;
b=nnoPv293uqUa0K1bvblbvrFMLbdYEhj/bsXCqKVgxzUgEDP7nL2UywV/RUZhZTXmA2wo3gb28uQM
8fBkR+bmQvLMOwnXiRxtyEJnkjDraSbjhbs8AdDuxmL/aPOZzGNu0RgBe7ssJzi4Xp85IRcBCQK/
/nEIeHlgrssnpVzpw+w=;
To: meine.email@liwest.at
Subject: =?UTF-8?B?TVBOOiBbbWFya3VzLnBlcm5kbEBsaXdlc3QuYXRdIDggU2VwIDIwMTcgMDc6MjA6MTUgVGhpcyB0aW1lIGl0IHdpbGwgbm90IGLQtSBz0L4gZWFzeSB00L4gZ2V0IG9mZg==?=
Date: Fri, 08 Sep 2017 14:13:02 -0500
From: "Carter Baker" <events@gamesadvert.com>
Reply-To: events@gamesadvert.com
MIME-Version: 1.0
X-Mailer-LID: 1
X-Mailer-SID: 6
List-Unsubscribe: <hxxp://www.beppegrillo.it/en/unsubscribe.php>
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable\n\n
X-Spam-Score: -0.3 (/)


Anstatt "meine.email" stand natürlich meine tatsächliche E-Mail-Adresse.

Ist das wirklich nur ein Scam-Versuch oder könnte da auch mehr dahinterstecken? Laut Google gab es solche E-Mails bislang nur in Australien (https://www.reddit.com/r/Scams/comments/6v2ji9/a_little_blackmail_email_in_my_inbox_this_morning/), aber es scheint nicht bekannt zu sein, ob das nur ein Bluff ist.

Hat jemand von euch auch so eine E-Mail erhalten oder eine Meinung dazu?

LG,

Martin

cosinus 09.09.2017 21:01
Löschen und abhaken das Thema.


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:19 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131