Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
- by sloti27t08 (Cyrus 3.1.5-895-g0d23ba6-fmstable-20190213v1) with LMTPA;
- Wed, 20 Feb 2019 02:36:36 -0500
- X-Cyrus-Session-Id: sloti27t08-1550648196-3468951-2-18130523575569834231
- X-Sieve: CMU Sieve 3.0
- X-Spam: high
- X-Spam-score: 29.8
- X-Spam-source: IP='178.221.171.139', Host='178-221-171-139.dynamic.isp.telekom.rs',
- Country='RS', FromHeader='com', MailFrom='com'
- X-Spam-charsets: plain='ibm852'
- X-Delivered-to: riley@fastmail.com
- Received: from mx5 ([10.202.2.204])
- by compute3.internal (LMTPProxy); Wed, 20 Feb 2019 02:36:36 -0500
- Received: from mx5.messagingengine.com (localhost [127.0.0.1])
- by mailmx.nyi.internal (Postfix) with ESMTP id D0B8CC695B
- for <riley@fastmail.com>; Wed, 20 Feb 2019 02:36:34 -0500 (EST)
- Received: from mx5.messagingengine.com (localhost [127.0.0.1])
- by mx5.messagingengine.com (Authentication Milter) with ESMTP
- id A03BE6D21C0;
- Wed, 20 Feb 2019 02:36:34 -0500
- ARC-Seal: i=1; a=rsa-sha256; cv=none; d=messagingengine.com; s=fm2; t=
- 1550648194; b=rhytQB+Ik3UX2TEriuUlf5JbckeXhOLs9Uof5wg0YI/YoTnNg/
- GIIBa5BzPjNCABWvkpObY6cKQBnZPcofaQHGnIfCOv5erXCQ0L4BokLetsdDyr6M
- 8QzgcTKwa23wvzApoAbXbdPAE7MKtLI4VXraQc9ap41/oNeA8oEVMpOdT4FWAZQj
- 2ezFx4enRAzCPtyZI7OcOJ/Znk36CutDuEeR7jV2Oac52ibld/QcL2tz0b8nXXG5
- w4jIPz6+gK21ArsdjNDNMKfUXMyDgr0mDSnblczfQJMheMzwM+E+yCspwanQHV2i
- eerbXvwOMgUeHGd0tYBBJfveAS9O0PK1fW8Q==
- ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=
- messagingengine.com; h=message-id:from:to:subject:date
- :mime-version:content-type:content-transfer-encoding; s=fm2; t=
- 1550648194; bh=xsSR5C1E22LCrbRny10tqUm8Sm+eFjPk9hm0oRYHfu8=; b=N
- OHlBsJ2gNDhTLRLn7TbvSN2rq5c/3LZ1j7fbSWeTDew4bI5gb5i+dVFOHFZVAOk8
- BVBI8B2ze5ESk/I3MG4SybaBuOeTHoGf6Z0Qb+n6wVvpJzQRWccFFXCnf2ItC+kk
- pKikW/JTxJNHLxc1S9WKixUJdbHpzgqG5sz32w/zfIp9rCCFWhdun1i08j8/JAGl
- kEfNHdGQPlONYLAiIO9GzRwPsXwNFmCfRHqVp4s5gAl0t5n+Qui8VlZMDvcxH4vT
- xA8LV9NiwbH1qtQoe73Bs6UH9PvmHS5XfrwAbsB8p+aRKoLzYUAo2D858cEphTJ/
- K7Vr7IDoMyedhAMqvwkHA==
- ARC-Authentication-Results: i=1; mx5.messagingengine.com; arc=none (no signatures found);
- dkim=none (no signatures found);
- dmarc=fail policy.published-domain-policy=none
- policy.applied-disposition=none policy.evaluated-disposition=none
- policy.arc-aware-result=fail
- (p=none,d=none,d.eval=none,arc_aware_result=fail) policy.policy-from=p
- header.from=fastmail.com;
- iprev=pass smtp.remote-ip=178.221.171.139
- (178-221-171-139.dynamic.isp.telekom.rs);
- spf=neutral smtp.mailfrom=riley@fastmail.com
- smtp.helo=178-221-171-139.dynamic.isp.telekom.rs;
- x-aligned-from=pass (Address match);
- x-ptr=pass smtp.helo=178-221-171-139.dynamic.isp.telekom.rs
- policy.ptr=178-221-171-139.dynamic.isp.telekom.rs;
- x-return-mx=pass header.domain=fastmail.com policy.is_org=yes
- (MX Record found);
- x-return-mx=pass smtp.domain=fastmail.com policy.is_org=yes
- (MX Record found);
- x-vs=spam score=500 state=1;
- x-zs=dynamic
- Authentication-Results: mx5.messagingengine.com;
- arc=none (no signatures found);
- dkim=none (no signatures found);
- dmarc=fail policy.published-domain-policy=none
- policy.applied-disposition=none policy.evaluated-disposition=none
- policy.arc-aware-result=fail
- (p=none,d=none,d.eval=none,arc_aware_result=fail) policy.policy-from=p
- header.from=fastmail.com;
- iprev=pass smtp.remote-ip=178.221.171.139
- (178-221-171-139.dynamic.isp.telekom.rs);
- spf=neutral smtp.mailfrom=riley@fastmail.com
- smtp.helo=178-221-171-139.dynamic.isp.telekom.rs;
- x-aligned-from=pass (Address match);
- x-ptr=pass smtp.helo=178-221-171-139.dynamic.isp.telekom.rs
- policy.ptr=178-221-171-139.dynamic.isp.telekom.rs;
- x-return-mx=pass header.domain=fastmail.com policy.is_org=yes
- (MX Record found);
- x-return-mx=pass smtp.domain=fastmail.com policy.is_org=yes
- (MX Record found);
- x-vs=spam score=500 state=1;
- x-zs=dynamic
- X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgedutddrtdehgdduudefucetufdoteggodetrfdotf
- fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu
- rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucgohfhorhgsihguuggvnh
- fjughrucdlhedttddmnecujfgurhepkffhvffuffggtgfgofesthekredtredtreenucfh
- rhhomhepoehrihhlvgihsehfrghsthhmrghilhdrtghomheqnecukfhppedujeekrddvvd
- durddujedurddufeelnecurfgrrhgrmhepihhnvghtpedujeekrddvvddurddujedurddu
- feelpdhhvghlohepudejkedqvddvuddqudejuddqudefledrugihnhgrmhhitgdrihhsph
- drthgvlhgvkhhomhdrrhhspdhmrghilhhfrhhomhepoehrihhlvgihsehfrghsthhmrghi
- lhdrtghomheqnecuvehluhhsthgvrhfuihiivgeptd
- X-ME-VSScore: 500
- X-ME-VSCategory: spam
- X-ME-ZSResult: dynamic
- Received-SPF: neutral
- (fastmail.com: Domain does not state whether sender is authorized to use 'riley@fastmail.com' in 'mfrom' identity (mechanism '?all' matched))
- receiver=mx5.messagingengine.com;
- identity=mailfrom;
- envelope-from="riley@fastmail.com";
- helo=178-221-171-139.dynamic.isp.telekom.rs;
- client-ip=178.221.171.139
- Received: from 178-221-171-139.dynamic.isp.telekom.rs (178-221-171-139.dynamic.isp.telekom.rs [178.221.171.139])
- by mx5.messagingengine.com (Postfix) with ESMTP
- for <riley@fastmail.com>; Wed, 20 Feb 2019 02:36:33 -0500 (EST)
- Message-ID: <908883906599113240277845@fastmail.com>
- From: <riley@fastmail.com>
- To: "indya123" <riley@fastmail.com>
- Subject: Hackers know password from your account. Password must be changed now.
- Date: 20 Feb 2019 08:25:34 +0000
- MIME-Version: 1.0
- Content-type: text/plain;
- charset="ibm852"
- Content-transfer-encoding: 8bit
- X-Mailer: Lfjepi iitfgfj
- I'll begin with the most important.
- I hacked your device and then got access to all your accounts... Including riley@fastmail.com.
- It is easy to check - I wrote you this email from your account.
- And at the moment of hacking your account (riley@fastmail.com) had this password: indya123
- Moreover, I know your intim secret, and I have proof of this.
- You do not know me personally, and no one paid me to check you.
- It is just a coincidence that I discovered your mistake.
- In fact, I posted a malicious code (exploit) to an adult site, and you visited this site...
- While watching a video Trojan virus has been installed on your device through an exploit.
- This darknet software working as RDP (remote-controlled desktop), which has a keylogger,
- which gave me access to your microphone and webcam.
- Soon after, my software received all your contacts from your messenger, social network and email.
- At that moment I spent much more time than I should have.
- I studied your love life and created a good video series.
- The first part shows the video that you watched,
- and the second part shows the video clip taken from your webcam (you are doing inappropriate things).
- Honestly, I want to forget all the information about you and allow you to continue your daily life.
- And I will give you two suitable options. Both are easy to do.
- First option: you ignore this email.
- The second option: you pay me $750(USD).
- Let's look at 2 options in detail.
- The first option is to ignore this email.
- Let me tell you what happens if you choose this path.
- I will send your video to your contacts, including family members, colleagues, etc.
- This does not protect you from the humiliation that you and
- your family need to know when friends and family members know about your unpleasant details.
- The second option is to pay me. We will call this "privacy advice."
- Now let me tell you what happens if you choose this path.
- Your secret is your secret. I immediately destroy the video.
- You continue your life as if none of this has happened.
- Now you might think: "I'll call to police!"
- Undoubtedly, I have taken steps to ensure that this letter cannot be traced to me,
- and it will not remain aloof from the evidence of the destruction of your daily life.
- I don't want to steal all your savings.
- I just want to get compensation for my efforts that I put in to investigate you.
- Let us hope that you decide to create all this in full and pay me a fee for confidentiality.
- You make a Bitcoin payment (if you don't know how to do it, just enter "how to buy bitcoins" in Google search)
- Shipping amount: $750(USD).
- Getting Bitcoin Addresses: 18pKQ88ZpatLYmyeKpuCFwvRFcjHjwVB2u
- (This is sensitive, so copy and paste it carefully)
- Don't tell anyone what to use bitcoins for. The procedure for obtaining bitcoins can take several days, so do not wait.
- I have a spetial code in Trojan, and now I know that you have read this letter.
- You have 48 hours to pay.
- If I don't get BitCoins, I'll send your video to your contacts, including close relatives, co-workers, and so on.
- Start looking for the best excuse for friends and family before they all know.
- But if I get paid, I immediately delete the video.
- This is a one-time offer that is non-negotiable, so do not waste my and your time.
- Time is running out.
- Bye!
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement