I'm sure the blackmailers only have simian heath concerns at the heart of everything they do. They want to save all those monkeys from being spanked.
Sorry friends, I'm afraid I just can't quite afford the Bitcoin to stop that vid from leaking everywhere
First, an apology. Allow me to express my sincere regret for any offence caused by the videotape you will soon be receiving of your faithful servant buffing the old banana, courtesy of some mysterious stranger. Well, perhaps not so much offence as surprise. After all, it is jolly unusual to receive a videotape in the post …
COMMENTS
-
Friday 26th October 2018 09:56 GMT TonyJ
I've seen a definite uptick in these
Had a few land in my spam folder this week.
They all use the same throwaway password I only use on websites that insist on registration but hold no other information beyond an email address, password and login name.
Honestly though, I guess I fall into the lucky-enough-not-to-care bracket, although I do understand there are poor souls for whom such a threat must be awful.
It's clever though, when you think about it - pull an email address and password out of one of the large files of them out there and spam away. The addition of the password adds a certain level of believe-ability that would otherwise be missing and I can see how it would fool a lot of people.
-
Friday 26th October 2018 10:02 GMT Joe W
Re: I've seen a definite uptick in these
... and to boot, it was not even one of the throwaway $(servicename)_$(qualifier)@$(mydomain) ones I expected.
(and now if they could give me pointers on how to get the front cam running reliably on my laptop I'd be chuffed, might even send them money for a coffee...)
-
Friday 26th October 2018 10:54 GMT Danny 14
Re: I've seen a definite uptick in these
10 minutemail for those websites. my main personal email address was somehow harvested with a throwaway password i use. no idea how those two were connected as i only use my main email for proper logons (which i use password mangagers).
muat have missed a random site in the early days.
-
Friday 26th October 2018 12:04 GMT K
Re: I've seen a definite uptick in these
Little tip if you use Gmail... you can add indicators to your email address by using a "+", such as if you address is JimBob@gmail.com -
JimBob+Pr0nhub@gmail.com
JimBob+H0tBears@gmail.com
JimBob+NaughtyMLFs@gmail.com
Google will effectively ignore the +<word>, so emails still arrive. But it will show in email details. So not only can you filter (make rules etc) on it, but by setting the <word> to the site name you entered it into, you know exactly where they sourced your email from (Little trick I learnt from the GApps team at work).
-
-
-
Wednesday 7th November 2018 17:19 GMT pyroweasel
Re: I've seen a definite uptick in these
Yahoo does have a similar feature, although you have to create a myprefix-<throwaway>@yahoo.com mailbox before you can use it, rather than Gmail's instant madeup-on-the-spot address.
Yahoo's advantage (Yes, there is one...) is that if you get spam to that mailbox, delete it and you get no more.
Other mailboxes are available
P~
-
-
Friday 26th October 2018 13:16 GMT Teiwaz
Re: I've seen a definite uptick in these
The username+something@domain is called plus-addressing and has been available in sendmail (among others) since before gmail was a thing.
Don't try claiming that it's a unique gmail feature.
I don't think poster was, specifically, although the wording could be interpreted as though it's a Google mail only feature.
It's a good tip, that I'm sure there are more than a few that pass by here don't know about.
I recall reading about it (sendmail docs) years ago, I didn't know Gmail included it.
-
Friday 26th October 2018 14:10 GMT fattybacon
Re: I've seen a definite uptick in these
It's a shame a lot of regular sites view any email address containing the '+' as invalid. Despite it being whatever RFC for the last 400 years. Trying to get my free BT Sport was a joy, they accepted it but the BTID system didn't, so I was registered with one arm of the behemoth but unable to verify my id so couldn't ever use it.
-
Friday 26th October 2018 15:11 GMT Stoneshop
Re: I've seen a definite uptick in these
It's a shame a lot of regular sites view any email address containing the '+' as invalid.
$name.$service@$domain should be accepted, and I haven't found any site that doesn't. Currently I simply have a catch-all on my domain, and some local processing using procmail. Works a treat.
-
Friday 26th October 2018 15:17 GMT dcluley
Re: I've seen a definite uptick in these
Yes - I have had a number of these claiming they have my webcam pictures. Minor problem is that I do not have a webcam.
On a separate point of invalid email addresses I remember when I was still working as a lecturer in a FE college trying to get on a news list from a website which needed my email address to complete the form. It complained that my email address was invalid. My email address was david.cluley@<college>.ac.uk - a perfectly valid address which had no trouble receiving emails. The web site in question? IBM. You would think that they might have got some idea about how the email system works.
-
-
-
Friday 26th October 2018 16:48 GMT Anonymous Coward
Re: I've seen a definite uptick in these
"IBM. You would think that they might have got some idea about how the email system works."
You've clearly never used lotus notes then... <shudder>
That kinda proves his point :).
That said, once you mastered the setup it was quite robust (and very safe), but boy was it a swine to use. cc:Mail was similar, but a tad easier to coax into work.
-
-
-
Saturday 27th October 2018 02:30 GMT onefang
Re: I've seen a definite uptick in these
"Minor problem is that I do not have a webcam."
I don't either, and if I did, all it would see if trying to record from it while I was surfing porn sites is me searching for more porn to download. I never watch it direct from the site. I'd likely even have all my clothes on, and not touching him who rules with his little head from downstairs.
-
-
Saturday 27th October 2018 02:26 GMT onefang
Re: I've seen a definite uptick in these
"It's a shame a lot of regular sites view any email address containing the '+' as invalid."
I've recently tried to get Tinder to send a verification email, so it will notify my via email when things happen, instead of failing to notify me on my phone. It entirely failed to even attempt to send any emails to my own email server, which are not on any spam blacklist that I check regularly. Everyone else can send to that server fine. I tend to use individual addresses for individual sites / services, so this was to tinder@... They didn't say why it failed, just that it did. No attempts spotted in my logs. Perhaps I'll try this + trick, see what happens. Or create yet another throw away gmail account.
-
Tuesday 30th October 2018 13:53 GMT gnarlymarley
Re: I've seen a definite uptick in these
These emails say all the same thing, even though both my phone and computer have no camera on them.
That malware make your front-facing camera capturing video
The other thing I find interesting is that they are sending it to an alias account for automation that has never had a password. Oh well, I guess they will keep sending it directly to my spamcop forwarding script.
-
Tuesday 30th October 2018 14:01 GMT onefang
Re: I've seen a definite uptick in these
"That malware make your front-facing camera capturing video"
Hmm, the front-facing camera might only capture your face, not what your hand that's not holding the phone is doing. Maybe they need to capture video from both cameras? Or, if you are like me, and the only porn you watch on your phone is VR porn, both cameras have a very close up view of the inside of the VR headset, and nothing more.
-
-
-
-
-
Friday 26th October 2018 15:37 GMT Doctor Syntax
Re: I've seen a definite uptick in these
"That is excellent for folks who don't own their own domain and mail server."
It only costs a few quid a year to own your own domain and you don't need a mail server. Either get a mail service from your domain hoster (again not expensive - even I do it) or simply get it all sent to your free gmail or whatever mail service.
-
Saturday 27th October 2018 02:35 GMT onefang
Re: I've seen a definite uptick in these
"It only costs a few quid a year to own your own domain"
You can get freebies to, from places like freedns.afraid.org.
As for your own mail server, if you have a typical Linux or BSD installed, chances are you already have a local only email server. If you have a static IP, open it up to the world, done. Oh, and turn off relaying, or find yourself on spam blacklists fairly quickly.
-
-
-
Friday 26th October 2018 15:37 GMT Nick Kew
Re: I've seen a definite uptick in these
Don't try claiming that it's a unique gmail feature.
It was a feature back in the days when email addresses cost money, some people wanted more than one address, and neither security nor spam were issues.
It was a minor feature of my mail-by-web software from 1997. Back when webmail and other web-based office facilities like docs and calendars looked like a cool new thing people would find useful.
-
Sunday 28th October 2018 00:02 GMT ibmalone
Re: I've seen a definite uptick in these
The username+something@domain is called plus-addressing and has been available in sendmail (among others) since before gmail was a thing.
Don't try claiming that it's a unique gmail feature.
I always wonder that spammers must surely catch on and work out it would be a good idea to strip the sub-address. You could always blacklist anything not containing one I suppose, but would need to be pretty disciplined about it. The other stumbling block are websites with home-made field verification that rejects emails with subaddresses as invalid.
-
-
Monday 29th October 2018 17:36 GMT ibmalone
Re: I've seen a definite uptick in these
"You could always blacklist anything not containing one I suppose, but would need to be pretty disciplined about it."
That's what things like mailfilter are for.
To clarify, I was thinking about discipline in only handing out sub-addressed addresses and refusing to accept mails not including them. Becomes more difficult when giving your email in person or dealing with sites with broken mail validators. As soon as you start accepting some without the sub-address you are back to having to look at them at least some of the time to figure out if you need to update your whitelist.
-
-
-
-
Friday 26th October 2018 16:27 GMT MrBanana
Re: I've seen a definite uptick in these
"Little tip if you use Gmail... you can add indicators to your email address by using a '+'"
It's a good tip, which I try to use as often as possible. However, many websites have email address checkers built into the web submission form that reject the '+' character as invalid. I've tried emailing site owners with a link to the RFC that defines valid characters for email addresses, but haven't had much response. By not much response, I mean absolutely nothing, not a single reply.
-
Friday 26th October 2018 17:32 GMT Ken Hagan
Re: I've seen a definite uptick in these
"I've tried emailing site owners with a link to the RFC that defines valid characters for email addresses"
To be honest it might be more productive to search Stack Overflow for "email address validation" and reply with corrections to the (presumably several hundred) crap answers that don't permit a plus sign, coz that's where all those crap websites got their code from.
Even more productive still would be to post an answer saying "Please don't even try to validate an email address. You *will* get it wrong.", because not allowing plus signs is just one of the common mistakes. (Ask anyone with an apostrophe in their name, for example.)
-
Friday 26th October 2018 23:25 GMT Anonymous Coward
Re: I've seen a definite uptick in these
"However, many websites have email address checkers built into the web submission form that reject the '+' character as invalid."
Microsoft Office 365 email service rejects incoming traffic which uses a plus modifier on an otherwise valid alias address for my account. Pity - it looked like a way to make identified addresses without setting it up as one of the maximum 100 aliases.
-
Monday 29th October 2018 14:39 GMT Andy A
Re: I've seen a definite uptick in these
"Microsoft Office 365 email service rejects incoming traffic which uses a plus modifier on an otherwise valid alias address for my account."
Weirdly, Hotmail, which presumably shares code with Office 365, seems to process plus signs properly, even passing things down to an Outlook 2010 client.
-
-
Saturday 27th October 2018 02:36 GMT onefang
Re: I've seen a definite uptick in these
"I've tried emailing site owners with a link to the RFC that defines valid characters for email addresses, but haven't had much response. By not much response, I mean absolutely nothing, not a single reply."
Probably coz they thought the email address you used to send that email was considered bogus, and it went straight to their spam folders?
-
-
-
Saturday 27th October 2018 10:59 GMT Anonymous Coward
Re: "muat have missed a random site in the early days."
This and/or BT/Yahoo just lost it all themselves. That's what happened to me.
I still need to do more than a private/public email split. As lots of companies want a more private one. I need a public, private, personal, and then company independent and/or throw away ones. Looks like there is a hole in the market for a product there!
[edit] Ah, on I've been pwned it shows Adobe being hacked. I guess that was where I lost one of my accounts, password must have been the same in error.
-
Saturday 27th October 2018 15:27 GMT Doctor Syntax
Re: "muat have missed a random site in the early days."
"As lots of companies want a more private one. I need a public, private, personal, and then company independent and/or throw away ones. Looks like there is a hole in the market for a product there!"
It's a market niche but not a hole as there are several mail service providers who will provide domain and email hosting facilities. Just set up a series of addresses all forwarding to one inbox. Make some long term use case specific (bank, family and friends etc.) and a throw away one that runs for a few weeks and then gets torn down.
-
-
-
Friday 26th October 2018 14:18 GMT Stoneshop
Re: I've seen a definite uptick in these
... and to boot, it was not even one of the throwaway $(servicename)_$(qualifier)@$(mydomain) ones I expected.
In my case, $servicename == monsterboard. Nothing else.
Hmm, do they still exist? Apparently, yes. So I try logging in: nope. Password reminder? "No account associated with that mail address" or something like that.
And harvesting my contacts from there (insofar as they can actually do so, given a non-existent account) would yield a dozen or so spammy recruiters I haven't had any contact with for the past fifteen years, so I doubt they still work where they did back then.
-
Saturday 27th October 2018 13:38 GMT Unicornpiss
Re: I've seen a definite uptick in these
I've gotten a few of these. I suspect if there was any plausibility to this, most people would have a blackmail recording showing whatever porn side by side with a chin-up view of various facial contortions as the rocket clears the tower. (also known as your "Oh! Face") :-)
For me, I generally don't look at anything too interesting, but since I usually use a desktop at home with no microphone or camera, the show would be extra boring. Maybe porn with an anthology attached.
-
-
-
-
Saturday 27th October 2018 02:52 GMT onefang
Re: I've seen a definite uptick in these
"You're going to have to explain this one to me, I'm afraid."
Youngsters, and those that want to avoid seeing "interesting" descriptions of genitalia should stop reading now.
"Had a few land in my spam folder this week."
"We've moved on to euphemisms for the women now, have we?.."
One euphemism for labia is "beef flaps / roast beef flaps / meat flaps", particularly those with, shall we say, a lot of external structure and definition. One of those "opened up" for the activity that is the subject of this article may look like an open folder. Spam is also a sort of meat, allegedly. "a few land in" could be rather descriptive of what happens with the various objects that women might use for said activity. Do I need to go deeper? Er, in my explanation I meant.
Paris, coz she might know all about these things.
-
-
Friday 26th October 2018 13:23 GMT Muscleguy
Re: I've seen a definite uptick in these
Hmm, I have just Autumn cleaned my spam folder and I have absolutely NOTHING of this sort. I think it's a generational thing. I'm a crusty 52 and can remember the web being invented and what went before like Fetch.
My eldest was always complaining her email accounts kept being unusable because of spam but she was the only family member so afflicted. We all had addresses on the same ISP, all dependent on my main account but only her's was so afflicted.
I take perverse pleasure in going elsewhere if you require me to create login just to browse and get uppity on there not being a guest login feature.
Also I use a different password for each site, they are all phrase initials and I use a variety of them. Except my banking logins are different again, they are quite abstruse.
It's like sex and disk sanitation back when we were always putting discs into machines. I remember when AIDS developed as well as nVir (so date me).
As a matter of interest my login here is really ancient, from way back before I got all initialised. Knowing that one will only allow you to impersonate me on here. Others of that vintage are probably associated with work email addresses long defunct so no use to man, beast or cybercrook.
I remember when, having JANET accounts (Big Fat Pipe) we used to threaten spammers with humungous email files unless they desisted. How the world changes.
-