cancel
Showing results for 
Search instead for 
Did you mean: 
Heatherwood01
Aspiring Contributor
530 Views
Message 1 of 9

New variation on "sextortion" scam

This morning I've received a new type of variation of the  nasty "sextortion" scam message that has been circulating for a while now, purporting to be sent from my own e-mail address, with a copy to a different address,  but  on this occasion with a subject line that includes the last four digits of my BT landline. 

I've previously received a number of this type of scam message and  just deleted and black listed the sender's e-mail and domain,  but this is the first one I've had that appears to have picked up the last digits of my phone number from somewhere - and I am ex-directory. 

Has anyone else  experienced this - and can anyone advise me where I should report it officially?  I took a print out of the source information of the message before deleting  and it appears to originate from an address in '.ru', so presumably Russia? 

8 REPLIES 8
Distinguished Guru
499 Views
Message 2 of 9

Re: New variation on "sextortion" scam


@Heatherwood01wrote:

This morning I've received a new type of variation of the  nasty "sextortion" scam message that has been circulating for a while now, purporting to be sent from my own e-mail address, with a copy to a different address,  but  on this occasion with a subject line that includes the last four digits of my BT landline. 

I've previously received a number of this type of scam message and  just deleted and black listed the sender's e-mail and domain,  but this is the first one I've had that appears to have picked up the last digits of my phone number from somewhere - and I am ex-directory. 

Has anyone else  experienced this - and can anyone advise me where I should report it officially?  I took a print out of the source information of the message before deleting  and it appears to originate from an address in '.ru', so presumably Russia? 


Hi.

I've not seen the issue you have highlighted,

When you say you printed the source information, did you get the email headers? (It will include many lines of what looks like gobblydigook, internal systems hand offs etc).

The "From" email address is irrelevant of course, as spammers don't use their own addresses.

With regard the phone number (exD isn't secret of course, just not in the phone book/online), that is a strange one. There's effectively 1 in 10000 chance of it being correct.

Distinguished Sage
Distinguished Sage
484 Views
Message 3 of 9

Re: New variation on "sextortion" scam

It could be that the scammers have got your email address and phone number from any one of a number of website that have been hacked over the years.

If you use your email address as a user name in order to log on to websites you can check your email address on the "haveibeenpwned.com" web site it will show if any accounts using that email address have been compromised.

Heatherwood01
Aspiring Contributor
462 Views
Message 4 of 9

Re: New variation on "sextortion" scam


@Andy_Nwrote:

@Heatherwood01wrote:

This morning I've received a new type of variation of the  nasty "sextortion" scam message that has been circulating for a while now, purporting to be sent from my own e-mail address, with a copy to a different address,  but  on this occasion with a subject line that includes the last four digits of my BT landline. 

I've previously received a number of this type of scam message and  just deleted and black listed the sender's e-mail and domain,  but this is the first one I've had that appears to have picked up the last digits of my phone number from somewhere - and I am ex-directory. 

Has anyone else  experienced this - and can anyone advise me where I should report it officially?  I took a print out of the source information of the message before deleting  and it appears to originate from an address in '.ru', so presumably Russia? 


Hi.

I've not seen the issue you have highlighted,

When you say you printed the source information, did you get the email headers? (It will include many lines of what looks like gobblydigook, internal systems hand offs etc).

H. says: Yes, I printed out the e-mail headers -  they are included  in the 'source code' info available under the 'view mail source' header available when you right click on the message (just below 'view mail header'- and have kept that, in case of need.

The "From" email address is irrelevant of course, as spammers don't use their own addresses.

H says:  Yes, I realise that 

With regard the phone number (exD isn't secret of course, just not in the phone book/online), that is a strange one. There's effectively 1 in 10000 chance of it being correct.

H says:  Agreed!  That's what I found worrying - I can only think they can either have picked it up from a hacked  database somewhere - some shopping databases ask for a phone number as a required field. 


 

Heatherwood01
Aspiring Contributor
460 Views
Message 5 of 9

Re: New variation on "sextortion" scam


@gg30340wrote:

It could be that the scammers have got your email address and phone number from any one of a number of website that have been hacked over the years.

If you use your email address as a user name in order to log on to websites you can check your email address on the "haveibeenpwned.com" web site it will show if any accounts using that email address have been compromised.

H. says: Thanks for the tip - I'll try that look up, a facility I didn't know about...


 

Heatherwood01
Aspiring Contributor
434 Views
Message 6 of 9

Re: New variation on "sextortion" scam

Oh dear, I've checked out the "haveibeenpwned" site and it found 5 instances - the 2 most recent  - and most likely, since I do regularly update my passwords - in  January and February 2019, the first apparently in a hacking forum on the dark web;  the second in what is described as an 'e-mail validation service'.  I can and will change my password again of course, but I'd like to be able to report this to an authority to investigate further, so if you have any suggestions/advice on where to do that, I'd be very grateful.   This is very worrying!  

405 Views
Message 7 of 9

Re: New variation on "sextortion" scam


@Heatherwood01wrote:

Oh dear, I've checked out the "haveibeenpwned" site and it found 5 instances - the 2 most recent  - and most likely, since I do regularly update my passwords - in  January and February 2019, the first apparently in a hacking forum on the dark web;  the second in what is described as an 'e-mail validation service'.  I can and will change my password again of course, but I'd like to be able to report this to an authority to investigate further, so if you have any suggestions/advice on where to do that, I'd be very grateful.   This is very worrying!  


Hi @Heatherwood01   The government website with links to Action Fraud etc.

https://www.gov.uk/report-suspicious-emails-websites-phishing

Distinguished Sage
Distinguished Sage
392 Views
Message 8 of 9

Re: New variation on "sextortion" scam

As regards the "email validation service". Just in case at some point in the past or in the future you receive an email to click a link to validate your BT email address/password  this will almost certainly be a phishing email not a genuine BT email.

I am unaware of any time that BT will ask you to validate your email address via an email but if they were to ask you to validate or change your password it would probably be done when you went to log on at the genuine BT email log on page and not by asking you to click on a link in an email.

Heatherwood01
Aspiring Contributor
381 Views
Message 9 of 9

Re: New variation on "sextortion" scam

Many thanks for the link, I'll follow this up with them... I've already deleted the message, but as I mentioned, I have a print out of the source info., so hopefully there will be a way to send them a copy of that