Possible Data Breach here?

M

MickE2020

Newbie
Mar 17, 2020
50
20
I got an Email from a scammer who knew my password from this site. This is the only place that I use that particular password. And it was sent to the account that I have linked to this site. I am not really worried about it. But I was wondering if the site reset had anything to due with a data breach. I got the EMail a couple of days afterword. Has anyone else recieved this EMail?

" know, xxxxxxxxxxxxxxxx, is your pass word.

I require your 100% attention for the upcoming Twenty-four hrs, or I may make sure you that you live out of shame for the rest of your lifetime.

Hello there, you don't know me. Yet I know every thing about you. Your current facebook contact list, mobile phone contacts as well as all the digital activity on your computer from previous 152 days.

And this includes, your masturbation video footage, which brings me to the main reason why I 'm composing this e-mail to you.

Well the last time you went to see the sexually graphic webpages, my malware was triggered inside your personal computer which ended up shooting a beautiful video footage of your masturbation play by triggering your cam.
(you got a really weird taste btw lmfao)

I have got the whole recording. If, perhaps you feel I 'm playing around, just reply proof and I will be forwarding the particular recording randomly to 7 people you recognize.

It may end up being your friend, co workers, boss, parents (I'm not sure! My software program will randomly choose the contact details).

Will you be able to gaze into anyone's eyes again after it? I doubt that...

Nonetheless, doesn't necessarily need to be that path.

I want to make you a one time, non negotiable offer.

Buy $ 2000 in bitcoin and send it to the below address:

1MZ7yT2Se*3u7VJ4PWcWHJo8K2nnxztXwcP
[case SENSITIVE copy and paste it, and remove * from it]

(If you do not know how, google how to purchase bitcoin. Do not waste my important time)

If you send out this particular 'donation' (let's call this that?). After that, I will go away and under no circumstances contact you again. I will eliminate everything I have got in relation to you. You may very well keep on living your current regular day to day life with absolutely no stress.

You've 24 hours in order to do so. Your time begins as quickly you read through this e mail. I have an special code that will inform me as soon as you read this mail so don't try to act smart. "
 
S

Sphere42

Active Member
Sep 9, 2018
966
1,027
Nowhere in that scam mail does it actually name this site, does it? Any chance the scammer caught you with a keylogger, javascript injection or read out saved passwords from your browser?

How many of the remaining claims are accurate? Does the machine you access this site on have any connection to your mobile contacts? Do you have a webcam connected, or any additional measures in place to prevent webcam spying (tape over lens etc.)? Heck, is referring to the device you use as a "personal computer" an adequate phrasing at all?

Basically, which part(s) of your identity has the scammer gained access to? Did they get anything wrong which they should have been able to learn from your profile on this site?
 
A

anaclan012

New Member
May 16, 2020
2
0
That's a known scam. The scammer most likely didn't hack OP directly, he just grabbed the data from a leak posted somewhere to send that email automatically to OP and everyone else in that leak.
The same has happened to me with a leak from a site I haven't used in almost a decade, and I still get emails claiming to have an "intimate" video of me, with that old password as "proof" of the hack; so nothing in the message that OP received is really important, except the password itself, because they must have gotten it from somewhere.
So, if OP is 100% completely sure that he hasn't used that password anywhere else, it can be assumed that there was a leak.
 
S

Sphere42

Active Member
Sep 9, 2018
966
1,027
anaclan012 said:
That's a known scam. The scammer most likely didn't hack OP directly, he just grabbed the data from a leak posted somewhere to send that email automatically to OP and everyone else in that leak.
The same has happened to me with a leak from a site I haven't used in almost a decade, and I still get emails claiming to have an "intimate" video of me, with that old password as "proof" of the hack; so nothing in the message that OP received is really important, except the password itself, because they must have gotten it from somewhere.
So, if OP is 100% completely sure that he hasn't used that password anywhere else, it can be assumed that there was a leak.
Click to expand...
Except local spyware could also grab said password. But yes I was mainly aiming at a proof by negative, if the scammers got things blatantly wrong which they by all means should be aware of if they had even a primitive browser readout they definitely just grabbed a list of leaked passwords somewhere.
 
anne O'nymous

anne O'nymous

I'm not grumpy, I'm just coded that way.
Modder
Donor
Respected User
Jun 10, 2017
10,964
16,207
MickE2020 said:
I got an Email from a scammer who knew my password from this site.
Click to expand...
Do you always use f95zone.to to connect here ? There's a thread from few days ago showing that some people don't hesitate to create a proxy-site to here, surely in order to log your login/password.

TCMS , I bring this thread your attention.
 
Holy Bacchus

Holy Bacchus

Conversation Conqueror
Dec 13, 2018
7,748
19,526
MickE2020 said:
I got an Email from a scammer who knew my password from this site. This is the only place that I use that particular password. And it was sent to the account that I have linked to this site. I am not really worried about it. But I was wondering if the site reset had anything to due with a data breach. I got the EMail a couple of days afterword. Has anyone else recieved this EMail?

" know, xxxxxxxxxxxxxxxx, is your pass word.

I require your 100% attention for the upcoming Twenty-four hrs, or I may make sure you that you live out of shame for the rest of your lifetime.

Hello there, you don't know me. Yet I know every thing about you. Your current facebook contact list, mobile phone contacts as well as all the digital activity on your computer from previous 152 days.

And this includes, your masturbation video footage, which brings me to the main reason why I 'm composing this e-mail to you.

Well the last time you went to see the sexually graphic webpages, my malware was triggered inside your personal computer which ended up shooting a beautiful video footage of your masturbation play by triggering your cam.
(you got a really weird taste btw lmfao)

I have got the whole recording. If, perhaps you feel I 'm playing around, just reply proof and I will be forwarding the particular recording randomly to 7 people you recognize.

It may end up being your friend, co workers, boss, parents (I'm not sure! My software program will randomly choose the contact details).

Will you be able to gaze into anyone's eyes again after it? I doubt that...

Nonetheless, doesn't necessarily need to be that path.

I want to make you a one time, non negotiable offer.

Buy $ 2000 in bitcoin and send it to the below address:

1MZ7yT2Se*3u7VJ4PWcWHJo8K2nnxztXwcP
[case SENSITIVE copy and paste it, and remove * from it]

(If you do not know how, google how to purchase bitcoin. Do not waste my important time)

If you send out this particular 'donation' (let's call this that?). After that, I will go away and under no circumstances contact you again. I will eliminate everything I have got in relation to you. You may very well keep on living your current regular day to day life with absolutely no stress.

You've 24 hours in order to do so. Your time begins as quickly you read through this e mail. I have an special code that will inform me as soon as you read this mail so don't try to act smart. "
Click to expand...
This just looks like either a scamming bluff or a personal case of your computer being infected by malware.

In any case, it doesn't look like it has anything to do with the recent server switch.
 
A

anaclan012

New Member
May 16, 2020
2
0
Holy Bacchus said:
This just looks like either a scamming bluff or a personal case of your computer being infected by malware.

In any case, it doesn't look like it has anything to do with the recent server switch.
Click to expand...
What would seem strange in the case of a malware attack directed at OP specifically, is that the hacker would use such a cookie cutter message to try and scare OP, in which the only bit of verifiable information is the password itself; instead of something like the name of OP's user account in his PC, or a listing of the files in his Documents folder, or even the subnet of his IP address.

anne O'nymous said:
Do you always use f95zone.to to connect here ? There's a thread from few days ago showing that some people don't hesitate to create a proxy-site to here, surely in order to log your login/password.

TCMS , I bring this thread your attention.
Click to expand...
This seems more likely, as the scammer would have a bigger list of "targets" where the only information is the username/email and password for the cookie cutter automatic message.
 
Sam

Sam

Sysadmin
Staff member
Administrator
Dec 22, 2016
2,717
18,852
There hasn't been any known data breach, and the announcement lists the reasoning behind the migration. If there was a breach, we would do the responsible thing and immediately notify everyone and force a password reset as soon as we became aware of it.

As others have said, the email you received is a common scam attempt. Are you sure you didn't use that password anywhere else?
 
  • Like
Reactions: Droid Productions, Domiek, Back and 3 others
S

Sphere42

Active Member
Sep 9, 2018
966
1,027
anaclan012 said:
What would seem strange in the case of a malware attack directed at OP specifically, is that the hacker would use such a cookie cutter message to try and scare OP, in which the only bit of verifiable information is the password itself; instead of something like the name of OP's user account in his PC, or a listing of the files in his Documents folder, or even the subnet of his IP address.
Click to expand...
Malicious javascript in infected ads or the already mentioned scam mirror of this site would not necessarily have access to all that though. These things never are "targeted" at individuals but rather cast out a wide net and then may or may not prompt individual follow-ups depending on the individual scam. The old ransomware infections came with a "send moneyz to thiz adresss" prompt within the malware itself meaning they were basically automated, meanwhile the "Microsoft customer support" hoax needs an actual person on their end as the
You must be registered to see the links
demonstrate.
 
You must log in or register to reply here.
Top Bottom