Computers / Internet · January 17, 2022

OMG I’ve Been HACKED!! (Or Not)

I had to laugh when I got this email posted to the “postmaster@” address of this domain. For those unfamiliar, the “postmaster@<domain>” address is required by an Internet standards for SMTP mail domains.

Every domain that supports the SMTP protocol for electronic mail is required by RFC 5321 and, as early as 1982, by RFC 822, to have the postmaster address.

So the “postmaster@<domain>” is the email for the administrator of the domain.

Note that the Postmaster (computing) Wikipedia entry also adds, “Since most domains have a postmaster address, it is commonly targeted by spamming operations.” As this is the case I wonder if any administrator pays much attention to emails sent to this address.

So it’s no surprise that I got this spam blackmail email sent to that address:

Hello there!

Unfortunately, there are some bad news for you.
Around several months ago I have obtained access to your devices that you were using to browse internet.
Subsequently, I have proceeded with tracking down internet activities of yours.

Below, is the sequence of past events:
In the past, I have bought access from hackers to numerous email accounts (today, that is a very straightforward task that can be done online).
Clearly, I have effortlessly logged in to email account of yours (

A week after that, I have managed to install Trojan virus to Operating Systems of all your devices that are used for email access.
Actually, that was quite simple (because you were clicking the links in inbox emails).
All smart things are quite straightforward. (>_<)

The software of mine allows me to access to all controllers in your devices, such as video camera, microphone and keyboard.
I have managed to download all your personal data, as well as web browsing history and photos to my servers.
I can access all messengers of yours, as well as emails, social networks, contacts list and even chat history.
My virus unceasingly refreshes its signatures (since it is driver-based), and hereby stays invisible for your antivirus.

So, by now you should already understand the reason why I remained unnoticed until this very moment…

While collecting your information, I have found out that you are also a huge fan of websites for adults.
You truly enjoy checking out porn websites and watching dirty videos, while having a lot of kinky fun.
I have recorded several kinky scenes of yours and montaged some videos, where you reach orgasms while passionately masturbating.

If you still doubt my serious intentions, it only takes couple mouse clicks to share your videos with your friends, relatives and even colleagues.
It is also not a problem for me to allow those vids for access of public as well.
I truly believe, you would not want this to occur, understanding how special are the videos you love watching, (you are clearly aware of that) all that stuff can result in a real disaster for you.

Let’s resolve it like this:
All you need is $1750 USD transfer to my account (bitcoin equivalent based on exchange rate during your transfer), and after the transaction is successful, I will proceed to delete all that kinky stuff without delay.
Afterwards, we can pretend that we have never met before. In addition, I assure you that all the harmful software will be deleted from all your devices. Be sure, I keep my promises.

That is quite a fair deal with a low price, bearing in mind that I have spent a lot of effort to go through your profile and traffic for a long period.
If you are unaware how to buy and send bitcoins – it can be easily fixed by searching all related information online.

Below is bitcoin wallet of mine: 1MBfGEss64UsqkWKA5ygs3Rbb5vnLgbtba

You are given not more than 48 hours after you have opened this email (2 days to be precise).

Below is the list of actions that you should not attempt doing:
> Do not attempt to reply my email (the email in your inbox was created by me together with return address).
> Do not attempt to call police or any other security services. Moreover, don’t even think to share this with friends of yours. Once I find that out (make no doubt about it, I can do that effortlessly, bearing in mind that I have full control over all your systems) – the video of yours will become available to public immediately.
> Do not attempt to search for me – there is completely no point in that. All cryptocurrency transactions remain anonymous at all times.
> Do not attempt reinstalling the OS on devices of yours or get rid of them. It is meaningless too, because all your videos are already available at remote servers.

Below is the list of things you don’t need to be concerned about:
> That I will not receive the money you transferred.
– Don’t you worry, I can still track it, after the transaction is successfully completed, because I still monitor all your activities (trojan virus of mine includes a remote-control option, just like TeamViewer).
> That I still will make your videos available to public after your money transfer is complete.
– Believe me, it is meaningless for me to keep on making your life complicated. If I indeed wanted to make it happen, it would happen long time ago!

Everything will be carried out based on fairness!

Before I forget…moving forward try not to get involved in this kind of situations anymore!
An advice from me – regularly change all the passwords to your accounts.

Wow, this guy is like a James Bond villain – a hacker and criminal mastermind! So I’d better get that $1750 off to his bitcoin wallet tout de suite, huh?…

I’m going to risk it and post the email in its entirety despite the warning:

“…don’t even think to share this with friends of yours. Once I find that out (make no doubt about it, I can do that effortlessly, bearing in mind that I have full control over all your systems) – the video of yours will become available to public immediately.”

I wonder if that video shows me in my furry costume?..

Note that if you were to pay him he promises, “Everything will be carried out based on fairness!”. This coming from the blackmailer who allegedly hacked your computer to get information on you that would force you to pay him $1750 to not disclose. Trust him – he promises to delete all the dirt he claims to have on you; after all it’s all about fairness!

It kind of misses the point to spam out these messages indiscriminately, and even more so to send them to an administrative email account that is generally ignored. While I realize that it costs them nothing to spam out these messages, using the postmaster@ email addresses can’t possibly result in any suckers, can it?

And that all begs the question of whether or not these schemes ever net any money whatsoever. Granted the cost to spam out messages is minimal. But there must be a formula for possible success in there somewhere that factors in a lot of things resulting in what appears to be a pretty low chance of netting any payouts.

First, how many suckers who would fall for a scheme like this? The number of suckers in the world is probably pretty large, but is reduced rapidly by the numerous and varied claims of the would-be blackmailer. That’s of course assuming the mark actually reads and comprehends the allegations in the email, none of which are specific by the way.

This is hardly a targeted email – there is a very wide net cast here. He alleges online video pornography viewing as well as presumably other nefarious online activity. Not doing either, then strike one,

He says he has access to emails but inexplicably sends the email to “postmaster@” email addresses.  Strike two.

Eliminate computer savvy folks who’ve taken precautions to secure their devices and otherwise know the claims are a bit unlikely. Strike three.

He’s allegedly made “montage” videos of your activity. Really?! He’s editing together video clips to make montages?! How does he find the time?!…

Finally he’s asking for $1750. That’s not a small sum and would be out of reach for many. And there would be some who wouldn’t be willing to pay regardless. (Does anyone really care about naked photos of their coworker, Bob, the online porn addict?)

Plus he’s asking for payment in bitcoin. Can’t or won’t pay $1750? Not computer savvy enough to know how to make a bitcoin payment? Strike four and five.

So the viable target audience for this scheme seems like it’d be pretty minuscule. But I suppose even one sucker paying $1750 is something…

Needless to say I won’t be sending any money. And I’ll be waiting to see that montage of me on YouTube. I wonder if he’s set it to music?…