我沒有轉帳,沒被騙。
我找到版上有人問過一樣的問題,大意是相同的,
https://www.mobile01.com/topicdetail.php?f=508&t=5436021&p=2
而且我的PC並沒有鏡頭,我也不會在手機和NB上看迷站。
一般這種信我也不會被騙,但讓我不得不半信半疑的、而且也促使我點信進去看的原因是,
信件的標題竟然是我的帳號和密碼。
這使得我不得不想再上來求教大家,這要如何看待處理?
謝謝。
附上剛剛google到的文章:
https://buzzorange.com/techorange/2018/07/19/hacker-fake-ransom-for-sex-camera-shot/
以下是信件:
I am aware (密碼) one of your passphrase. Lets get right to the point. You may not know me and you are most likely wondering why you are getting this e mail? No one has compensated me to check about you.
Let me tell you, I actually installed a malware on the adult videos (pornographic material) website and you know what, you visited this site to have fun (you know what I mean). While you were viewing video clips, your web browser began functioning as a Remote control Desktop with a key logger which provided me with accessibility to your display and cam. Just after that, my software gathered your entire contacts from your Messenger, FB, and email . After that I made a double-screen video. First part shows the video you were viewing (you've got a good taste haha . . .), and 2nd part shows the recording of your web camera, & its you.
There are two alternatives. We will explore these possibilities in particulars:
1st solution is to disregard this e-mail. In such a case, I most certainly will send out your video to every one of your personal contacts and also just think about the embarrassment you experience. Keep in mind if you happen to be in a committed relationship, exactly how it is going to affect?
Latter option will be to compensate me $1000. We are going to refer to it as a donation. In this scenario, I most certainly will straight away eliminate your video recording. You can keep going on daily life like this never occurred and you are never going to hear back again from me.
You'll make the payment by Bitcoin (if you don't know this, search "how to buy bitcoin" in Google).
BTC Address to send to: 1DBwPX8Qm6XpEEb6K1HuAZcpYfRRhCifgK
[CASE-SENSITIVE so copy & paste it]
If you are curious about going to the police, very well, this email cannot be traced back to me. I have taken care of my moves. I am also not trying to ask you for money much, I simply prefer to be rewarded. You now have one day in order to make the payment. I've a unique pixel in this e-mail, and right now I know that you have read through this e-mail. If I don't receive the BitCoins, I will definately send out your video to all of your contacts including friends and family, colleagues, and so on. However, if I receive the payment, I will erase the recording right away. If you need evidence, reply with Yeah then I will send your video to your 7 contacts. It is a non:negotiable offer, and so don't waste my personal time & yours by responding to this mail.
jakert wrote:
信件的標題竟然是我的帳號和密碼。
這使得我不得不想再上來求教大家,這要如何看待處理?...(恕刪)
你在 哪個站 註冊的 ID&password ?
去換掉...
病毒掃一掃...
其它的到這邊..
https://www.165.gov.tw/
jakert wrote:
使我點信進去看的原因是,
信件的標題竟然是我的帳號和密碼。
你的什麼服務的帳號密碼 ?
信箱 ? 論壇 ? 銀行帳戶 ?
這事情可大可小,但基本上是詐騙跟亂槍打鳥。
如果只是一般的網路論壇、遊戲帳號,那就算了,
牽扯到銀行帳密、或者信用卡交易密碼等等,那就不是兒戲了。
帳號密碼外流的原因很多,
除了自己系統有被感染木馬或惡意軟體之外,
網站自己是否有被駭或者資料庫資料遭盜用都有可能造成使用者帳號密碼外洩。
就像 Yahoo、Flickr 等服務都有傳出過數百萬筆的帳號密碼遭到駭客盜走,
若有心人取得這些資料,他會嘗試亂槍打鳥,試圖用這些外流的資訊去欺騙你,
讓被害者以為自己帳號密碼真的被非法分子取得。
總之,若對方得知的帳號密碼確實為真,
建議你火速修改密碼,任何使用與該外流的帳號相同的服務都是,
密碼全數換過,若可以,啟用兩步驟登入驗證等等方式,
都是自保的好方法。
對方基本上應該是在嘴砲而已,
雖然真的被植入惡意程式的可能性非常非常非常低,
但若真擔心,找一兩款掃毒軟體替自己系統掃瞄,
確保安全即可。
jakert wrote:
謝謝各位,其實我也不知道是哪個網站,雖然逛過,但我都是過水,
印象中幾乎沒有註冊過才對,很難找對網站去修改帳號。
Malwarebytes(掃描惡意軟體程式)有發現幾個登錄和smss.exe,都已經刪除,
防毒Symantec Endpoint 除了把程式的破解檔判定為病毒之外也沒其他發現,
希望只是虛驚一場..
所以對方只是把你帳號名稱列出來,密碼沒有 ?
那就更符合我說的,只是帳號名稱外流,對方在亂槍打鳥而已。
不過在有 Symantec Endpoint 的狀況下
Malwarebytes 還是有抓到 smss.exe,
建議你還是另外抓一套掃瞄用的,替系統全面掃瞄一次比較安心。
我會推薦你試試 Emsisoft Emergency Kit
完全免費、支援中文,但這是緊急用的掃毒軟體,請別拿來當作防毒軟體使用。
Emsisoft Emergency Kit 官方下載位置
下載好之後,按照指示更新並且執行【智慧掃瞄】。
EEK 他算是掃瞄器而已,所以不會跟系統已經安裝的防毒軟體有任何衝突,
使用完畢若不需要也可以隨時移除(留著也無妨)。
關閉廣告