You have an outstanding payment.
Sep 28th, 21
You have an outstanding payment
Sep 28th, 21
Usual Sextortion / Blackmail
Sep 28th, 21
A slight variation on the game.
This guy is obviously a frustrated author or writer because this is one of the longest scam messages we have seen.
Reason is he spends 2/3 of the email expounding his technical expertise, superiority and software in order to convince you of his invincibility and your hopelessness.
DO NOT BELIEVE HIM!
.
We take this as a sign of desperation and that people are now waking up to this bull shit. Because that is what it is.
Don'r pay , report it. This page gives you more info;
https://aim2dchinabusinessnews.wordpress.com/2021/07/14/email-bitcoin-extortion-a-new-game/
You have an outstanding payemnt
Sep 29th, 21
Usual rubbish this time masquerading as a payment request.
Full of tech details re how clever he is. Seems to be a cut and paste though as he also says he has spoofed our email address. In fact he has used anothers.
So far we have had 3 in a row, tomorrow we expect more. They usually come in runs as the idiot has no idea who he has and hasn't sent them to!
You have an outstanding payment.
Sep 29th, 21
Very happy to report this one, given the specific threats! What a dumbass.
Extortion Attempt
Sep 29th, 21
----[ NOTES ]-------------------------------------------------------------------
user name changed to 'xxxx'
user site changed to 'yyyy'
used https://www.iplocation.net/trace-email to trace origination
used https://bitcoinwhoswho.com/ to report it
----[ REPORT ]------------------------------------------------------------------
Type: Extortion Attempt
Date: 20210929
Bitcoin Account: 1B5ic9iQpyafTEfWxHM4Xq6PkzbickrL8g
The email source IP address is: 188.152.206.126
IP Location Info:
IP Address: 188.152.206.126
Country: Italy
Region: Lazio
City: Rome
ISP: Vodafone Italia DSL
Organization: Vodafone Italia DSL
Latitude: 41.8904
Longitude: 12.5126
Email Header:
X-MUNQ: f7c612613045e00e61c1962303906ab8
X-MSKTag: [SPAM]
X-MSK: HYD=0.988016000
Return-Path:
Delivered-To: xxxx@yyyy.com
Received: (qmail 1447 invoked from network); 29 Sep 2021 15:51:24 -0000
Received: from unknown (HELO xsmtp21.mail2web.com) ([10.100.68.60])
(envelope-sender )
by xmail04.myhosting.com (qmail-ldap-1.03) with AES256-SHA encrypted SMTP
for ; 29 Sep 2021 15:51:18 -0000
Received: from net-188-152-206-126.cust.vodafonedsl.it ([188.152.206.126] helo=net-188-152-206-126.cust.dsl.teletu.it)
by xsmtp21.mail2web.com with esmtp (Exim 4.92)
(envelope-from )
id 1mVbra-0005ue-3d
for xxxx@yyyy.com; Wed, 29 Sep 2021 08:51:18 -0700
Message-ID:
From:
To:
Subject: [SPAM]You have an outstanding payment.
Date: 29 Sep 2021 18:37:16 +0100
MIME-Version: 1.0
Content-Type: text/plain;
charset="windows-1250"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Mailer: Microsoft Windows Live Mail 16.4.3505.912
X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3505.912
X-SA-Exim-Connect-IP: 188.152.206.126
X-SA-Exim-Mail-From: nakashima@kamiyaprinting.com
X-SA-Exim-Scanned: No (on xsmtp21.mail2web.com); SAEximRunCond expanded to false
Message Text:
Hello there!
Unfortunately, there are some bad news for you.
Around several months ago I have obtained access to your devices that you were using to browse internet.
Subsequently, I have proceeded with tracking down internet activities of yours.
Below, is the sequence of past events:
In the past, I have bought access from hackers to numerous email accounts (today, that is a very straightforward task that can be done online).
Clearly, I have effortlessly logged in to email account of yours (xxxx@yyyy.com).
A week after that, I have managed to install Trojan virus to Operating Systems of all your devices that are used for email access.
Actually, that was quite simple (because you were clicking the links in inbox emails).
All smart things are quite straightforward. (>_ Do not attempt to search for me - there is completely no point in that. All cryptocurrency transactions remain anonymous at all times.
> Do not attempt reinstalling the OS on devices of yours or get rid of them. It is meaningless too, because all your videos are already available at remote servers.
Below is the list of things you don't need to be concerned about:
> That I will not receive the money you transferred.
- Don't you worry, I can still track it, after the transaction is successfully completed, because I still monitor all your activities (trojan virus of mine includes a remote-control option, just like TeamViewer).
> That I still will make your videos available to public after your money transfer is complete.
- Believe me, it is meaningless for me to keep on making your life complicated. If I indeed wanted to make it happen, it would happen long time ago!
Everything will be carried out based on fairness!
Before I forget...moving forward try not to get involved in this kind of situations anymore!
An advice from me - regularly change all the passwords to your accounts.
Extortion Attempt
Sep 29th, 21
----[ NOTES ]-------------------------------------------------------------------
user name changed to 'xxxx'
user site changed to 'yyyy'
used https://www.iplocation.net/trace-email to trace origination
used https://bitcoinwhoswho.com/ to report it
----[ REPORT ]------------------------------------------------------------------
Type: Extortion Attempt
Date: 20210928
Bitcoin Account: 1B5ic9iQpyafTEfWxHM4Xq6PkzbickrL8g
The email source IP address is: 177.222.114.165
IP Location Info:
IP Address: 177.222.114.165
Country: Bolivia
Region: La Paz
City: La Paz
ISP: Telefonica Celular de Bolivia S.A.
Organization: Telefonica Celular de Bolivia S.A.
Latitude: -16.5002
Longitude: -68.1493
Email Header:
X-MUNQ: 7abe302e6442dbee96249b7886f18f61
X-MSKTag: [SPAM]
X-MSK: HYD=0.980016000
Return-Path:
Delivered-To: xxxx@yyyy.com
Received: (qmail 32506 invoked by uid 200); 29 Sep 2021 00:51:34 -0000
Delivered-To: admin@yyyy.com
Received: (qmail 32491 invoked from network); 29 Sep 2021 00:51:33 -0000
Received: from unknown (HELO xsmtp21.mail2web.com) ([10.100.68.60])
(envelope-sender )
by xmail05.myhosting.com (qmail-ldap-1.03) with AES256-SHA encrypted SMTP
for ; 29 Sep 2021 00:51:27 -0000
Received: from [177.222.114.165]
by xsmtp21.mail2web.com with esmtp (Exim 4.92)
(envelope-from )
id 1mVNok-0001sr-PP
for admin@yyyy.com; Tue, 28 Sep 2021 17:51:27 -0700
Message-ID:
Date: Tue, 28 Sep 2021 15:51:25 -0500
From:
User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:14.0) Gecko/20120713 Thunderbird/14.0
MIME-Version: 1.0
To:
Subject: [SPAM]You have an outstanding payment.
Content-Type: text/plain; charset=WINDOWS-1250; format=flowed
Content-Transfer-Encoding: 8bit
X-Host-Lookup-Failed: Reverse DNS lookup failed for 177.222.114.165 (failed)
X-SA-Exim-Connect-IP: 177.222.114.165
X-SA-Exim-Mail-From: francesca.bucci@ingpec.eu
X-SA-Exim-Scanned: No (on xsmtp21.mail2web.com); SAEximRunCond expanded to false
Message Text:
Hello there!
Unfortunately, there are some bad news for you.
Around several months ago I have obtained access to your devices that you were using to browse internet.
Subsequently, I have proceeded with tracking down internet activities of yours.
Below, is the sequence of past events:
In the past, I have bought access from hackers to numerous email accounts (today, that is a very straightforward task that can be done online).
Clearly, I have effortlessly logged in to email account of yours (admin@yyyy.com).
A week after that, I have managed to install Trojan virus to Operating Systems of all your devices that are used for email access.
Actually, that was quite simple (because you were clicking the links in inbox emails).
All smart things are quite straightforward. (>_ Do not attempt to search for me - there is completely no point in that. All cryptocurrency transactions remain anonymous at all times.
> Do not attempt reinstalling the OS on devices of yours or get rid of them. It is meaningless too, because all your videos are already available at remote servers.
Below is the list of things you don't need to be concerned about:
> That I will not receive the money you transferred.
- Don't you worry, I can still track it, after the transaction is successfully completed, because I still monitor all your activities (trojan virus of mine includes a remote-control option, just like TeamViewer).
> That I still will make your videos available to public after your money transfer is complete.
- Believe me, it is meaningless for me to keep on making your life complicated. If I indeed wanted to make it happen, it would happen long time ago!
Everything will be carried out based on fairness!
Before I forget...moving forward try not to get involved in this kind of situations anymore!
An advice from me - regularly change all the passwords to your accounts.
angelfk4 Fax scam
Sep 29th, 21
no return fax number, Fax states it is by angelfk4 and requests a bitcoin payment to this wallet totalling $1350 USD. User claims they caught incriminating video via a fax machine. Claims to have installed Trojan horse that includes remote-viewer via fax machine's email address.
I will be keeping a copy of this idiot's message just in case I need a laugh
Typical Bitcoin sextortion scam from ffwkxaxxx@mailcatch.com
You have an outstanding payment.
Sep 30th, 21
Sender: jcjuly90@easley.net
Blackmail hacked email scam
Sep 30th, 21
email came from: timblain@76hotmail.com
You have an outstanding payment.
Sep 30th, 21
Hello there!
Unfortunately, there are some bad news for you.
Around several months ago I have obtained access to your devices that you were using to browse internet.
Subsequently, I have proceeded with tracking down internet activities of yours.
Below, is the sequence of past events:
In the past, I have bought access from hackers to numerous email accounts (today, that is a very straightforward task that can be done online).
Clearly, I have effortlessly logged in to email account of yours (*REDACTED*).
A week after that, I have managed to install Trojan virus to Operating Systems of all your devices that are used for email access.
Actually, that was quite simple (because you were clicking the links in inbox emails).
All smart things are quite straightforward. (>_ Do not attempt to search for me - there is completely no point in that. All cryptocurrency transactions remain anonymous at all times.
> Do not attempt reinstalling the OS on devices of yours or get rid of them. It is meaningless too, because all your videos are already available at remote servers.
Below is the list of things you don't need to be concerned about:
> That I will not receive the money you transferred.
- Don't you worry, I can still track it, after the transaction is successfully completed, because I still monitor all your activities (trojan virus of mine includes a remote-control option, just like TeamViewer).
> That I still will make your videos available to public after your money transfer is complete.
- Believe me, it is meaningless for me to keep on making your life complicated. If I indeed wanted to make it happen, it would happen long time ago!
Everything will be carried out based on fairness!
Before I forget...moving forward try not to get involved in this kind of situations anymore!
An advice from me - regularly change all the passwords to your accounts.
Marcosvinicioslima17@gmail.fo
Hello there!
Unfortunately, there are some bad news for you.
Around several months ago I have obtained access to your devices that you were using to browse internet.
Subsequently, I have proceeded with tracking down internet activities of yours.
Below, is the sequence of past events:
In the past, I have bought access from hackers to numerous email accounts (today, that is a very straightforward task that can be done online).
Clearly, I have effortlessly logged in to email account of yours (*REDACTED*).
A week after that, I have managed to install Trojan virus to Operating Systems of all your devices that are used for email access.
Actually, that was quite simple (because you were clicking the links in inbox emails).
All smart things are quite straightforward. (>_ Do not attempt to search for me - there is completely no point in that. All cryptocurrency transactions remain anonymous at all times.
> Do not attempt reinstalling the OS on devices of yours or get rid of them. It is meaningless too, because all your videos are already available at remote servers.
Below is the list of things you don't need to be concerned about:
> That I will not receive the money you transferred.
- Don't you worry, I can still track it, after the transaction is successfully completed, because I still monitor all your activities (trojan virus of mine includes a remote-control option, just like TeamViewer).
> That I still will make your videos available to public after your money transfer is complete.
- Believe me, it is meaningless for me to keep on making your life complicated. If I indeed wanted to make it happen, it would happen long time ago!
Everything will be carried out based on fairness!
Before I forget...moving forward try not to get involved in this kind of situations anymore!
An advice from me - regularly change all the passwords to your accounts.
You have an outstanding payment.
Oct 1st, 21
Hello there!
Unfortunately, there are some bad news for you.
Around several months ago I have obtained access to your devices that you were using to browse internet.
Subsequently, I have proceeded with tracking down internet activities of yours.
Below, is the sequence of past events:
In the past, I have bought access from hackers to numerous email accounts (today, that is a very straightforward task that can be done online).
Clearly, I have effortlessly logged in to email account of yours (xxx@yyy.net).
A week after that, I have managed to install Trojan virus to Operating Systems of all your devices that are used for email access.
Actually, that was quite simple (because you were clicking the links in inbox emails).
All smart things are quite straightforward. (>_ Do not attempt to search for me - there is completely no point in that. All cryptocurrency transactions remain anonymous at all times.
> Do not attempt reinstalling the OS on devices of yours or get rid of them. It is meaningless too, because all your videos are already available at remote servers.
Below is the list of things you don't need to be concerned about:
> That I will not receive the money you transferred.
- Don't you worry, I can still track it, after the transaction is successfully completed, because I still monitor all your activities (trojan virus of mine includes a remote-control option, just like TeamViewer).
> That I still will make your videos available to public after your money transfer is complete.
- Believe me, it is meaningless for me to keep on making your life complicated. If I indeed wanted to make it happen, it would happen long time ago!
Everything will be carried out based on fairness!
Before I forget...moving forward try not to get involved in this kind of situations anymore!
An advice from me - regularly change all the passwords to your accounts.
You have an outstanding payment.
Oct 1st, 21
Typical "I caught you doing porn stuff and I will take control of all your devices unless you pay me" kind of scam
Outstanding Payment
Oct 5th, 21
You have an outstanding payment.
Oct 12th, 21
Scam email address: xian.wu@canwell.com.cn
You have an outstanding payment
Oct 14th, 21
Email sent from a " dominique@sophrologie-formations.com "
Long winded sextortion phishing scam, claiming you have been 'hacked' and must send $1350 worth in BTC to 1B5ic9iQpyafTEfWxHM4Xq6PkzbickrL8g
crazycatlady
Oct 18th, 21
