Page 1 of 1

spoofing is crazy wild these days

PostPosted: Tue Jan 01, 2019 7:45 pm
by josh
no doubt you have receive one or more spoofed messages demanding that you make a bitcoin transfer to keep from being harmed/exposed/somethingbadded somehow. Stuff like this:

Hello!

As you may have noticed, I sent you an email from your account.
This means that I have full access to your account.

I've been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.

If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.

I also have access to all your contacts and all your correspondence.

Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.
... [ blah blah blah ... bitcoin demand ] ...


Probably don't need to re-assure you, but there's no indication that SG has been hacked - rather, these messages are going out like crazy to address lists which include SG addresses that we have used over the years.

We can really only speculate about how these addresses wounded up on the lists (probably in many different ways, of course), and I don't think it's worth stressing out on. A key reason we used the addresses in the first place was *because* they could end up on lists like these, of course.

I checked the system to see how often this was happening - wow - *very* often. And even in alphabetical order, resembling a move through a huge list. And clearly using spoofed source IP addresses (different each time, even though it's obvious that a single list is being processed).

I built in some protection that should reduce the amount that can get through - hopefully this will make things a little less distracting.

Josh

Re: spoofing is crazy wild these days

PostPosted: Thu Apr 04, 2019 3:08 am
by Jim27106
Thank you for blocking those. I hadn't noticed then, but upon reflection, realize they stopped fairly quickly.