Email received from supposed darknet hacker?

Janga

New Member
Nov 2, 2018
3
I received one and after I changed my password, I got another one. I checked my sent file, and the emails were there. It seems to me like he is actually using my email, and has been able to override my pw changes. I don’t have a webcam or anything but am concerned about the possiblity of ratware or malware. One mentioned a rat.
 

ChemicalB

Level 8
Verified
Sep 14, 2018
360
I received one and after I changed my password, I got another one. I checked my sent file, and the emails were there. It seems to me like he is actually using my email, and has been able to override my pw changes. I don’t have a webcam or anything but am concerned about the possiblity of ratware or malware. One mentioned a rat.
If the hoax mail comes (apparently) from your same email address, it doesn't mean that the criminal has violated your mail box. It is simply a trick, indeed it is very easy to spoof the sender's address of a mail, as already mentioned.
If you are concerned about a Rat/malware infection, try to scan your system with your AV plus some antimalware as Zemana, Malwarebytes or Emsisoft EK.
 

Janga

New Member
Nov 2, 2018
3
If the hoax mail comes (apparently) from your same email address, it doesn't mean that the criminal has violated your mail box. It is simply a trick, indeed it is very easy to spoof the sender's address of a mail, as already mentioned.
If you are concerned about a Rat/malware infection, try to scan your system with your AV plus some antimalware as Zemana, Malwarebytes or Emsisoft EK.
Does the fact that it showed up in my sent mailbox mean that it was indeed sent from my account? I have had the spoofs before, but those never came from me or showed up in my sent box. As for a scan, does anyone have a suggestion for iPads? We always had norton or mcafee on our laptops.
 

ste86

Level 1
Oct 21, 2018
5
Its been a fortnight since I got mine, well over the 48 hours, they must have decided that the resolution on my none existant cam was not clear enough to make it worth while following through on their blackmail attempt. Its a shame as I love seeing myself in videos.
 

Janga

New Member
Nov 2, 2018
3
Some people have said that you know it’s a hoax because the email is not showing up in your sent file. Mine is in the sent file, and I have gotten more even after changing my pw. I am not worried about any of that stuff about webcam etc, but am concerned that there might be malware on my OS now, since they got in even after I changed pw. Can anyone reassure me by telling me how they can get it to show up in my email sent file? I don’t want to worry for nothing, but don’t want a virus or whatever. Thanks.
 

Lord Skudley

New Member
Nov 8, 2018
2
Got one a couple of hours ago. I know its a spam, it wasn't in my sent file.

Buy what I want to know is: How can I find their email?

Header Info:
Return-Path: <euromsg@euro-msg.info>
Received: from server2.watchesmap.com ([185.24.233.105]) by mx.perfora.net
(mxeueus002 [74.208.5.3]) with ESMTPS (Nemesis) id 0LgWdn-1fhxNi1e4b-00noKh
for <MyEmail>; Wed, 07 Nov 2018 09:04:07 +0100
Received: from server2.watchesmap.com ([185.24.233.105]) by mx.perfora.net
(mxeueus002 [74.208.5.3]) with ESMTPS (Nemesis) id 0LgWdn-1fhxNi1e4b-00noKh
for <MyEmail>; Wed, 07 Nov 2018 09:04:07 +0100
Received: by server2.watchesmap.com (Postfix, from userid 10001)
id DCC418793D; Tue, 6 Nov 2018 11:50:24 -0500 (EST)
To: MyEmail
Subject: MyEmail was hacked.
X-PHP-Originating-Script: 10001:c.php
MIME-Version: 1.0
Content-type:text/html;charset=UTF-8
From: <MyEmail>
Message-Id: <20181106165024.DCC418793D@server2.watchesmap.com>
Date: Tue, 6 Nov 2018 11:50:24 -0500 (EST)
Envelope-To: <MyEmail>
X-Spam-Flag: YES
X-UI-Filterresults: junk:10;V01:K0:Vn5TyDSUsx0=:8az0pCO9UNoHrTki3jeP59fRKoPg

I've tried various forms of the .com,.net, .info but keep getting a bounce back.

BTW, I'm also a 419Baiter...

I
just
want
to
play
.....
 

Lord Skudley

New Member
Nov 8, 2018
2
Got one a couple of hours ago. I know its a spam, it wasn't in my sent file.

Buy what I want to know is: How can I find their email?

Header Info:
Return-Path: <euromsg@euro-msg.info>
Received: from server2.watchesmap.com ([185.24.233.105]) by mx.perfora.net
(mxeueus002 [74.208.5.3]) with ESMTPS (Nemesis) id 0LgWdn-1fhxNi1e4b-00noKh
for <MyEmail>; Wed, 07 Nov 2018 09:04:07 +0100
Received: from server2.watchesmap.com ([185.24.233.105]) by mx.perfora.net
(mxeueus002 [74.208.5.3]) with ESMTPS (Nemesis) id 0LgWdn-1fhxNi1e4b-00noKh
for <MyEmail>; Wed, 07 Nov 2018 09:04:07 +0100
Received: by server2.watchesmap.com (Postfix, from userid 10001)
id DCC418793D; Tue, 6 Nov 2018 11:50:24 -0500 (EST)
To: MyEmail
Subject: MyEmail was hacked.
X-PHP-Originating-Script: 10001:c.php
MIME-Version: 1.0
Content-type:text/html;charset=UTF-8
From: <MyEmail>
Message-Id: <20181106165024.DCC418793D@server2.watchesmap.com>
Date: Tue, 6 Nov 2018 11:50:24 -0500 (EST)
Envelope-To: <MyEmail>
X-Spam-Flag: YES
X-UI-Filterresults: junk:10;V01:K0:Vn5TyDSUsx0=:8az0pCO9UNoHrTki3jeP59fRKoPg

I've tried various forms of the .com,.net, .info but keep getting a bounce back.

BTW, I'm also a 419Baiter...

I
just
want
to
play
.....

NOTE: I own the domain that thee email is attached to, and checked all my server connections and activity, nothing (going to contact my provider next).
 

Freki123

Level 15
Verified
Top Poster
Aug 10, 2013
737
Now i can say i also got this email. I own no webcam so how would he have gotten his claimed video :D ?
Read mail, laughed, deleted it
If you want to support strangers with money give it to charity
 

alakazam

Level 9
Verified
Mar 25, 2014
398
I got this today from my own email address. The Sent folder doesn't contain this email, so unless they deleted it after sending it, it's fake, right?

He‌llo‌

I'm a‌ ha‌cke‌r who‌ cra‌cke‌d yo‌u‌r e‌-ma‌i‌l a‌s we‌ll a‌s de‌vi‌ce‌ a‌ fe‌w we‌e‌ks ba‌ck.

Yo‌u‌ type‌d i‌n yo‌u‌r pa‌sswo‌rd o‌n o‌ne‌ o‌f the‌ we‌b-si‌te‌s yo‌u‌ vi‌si‌te‌d, a‌nd I i‌nte‌rce‌pte‌d thi‌s.

He‌re‌ i‌s yo‌u‌r pa‌sswo‌rd fro‌m (my email address) o‌n mo‌me‌nt o‌f co‌mpro‌mi‌se‌: (the password I had used a few years ago for various email addresses and internet forums).

No‌ do‌u‌bt yo‌u‌ ca‌n ca‌n cha‌nge‌ i‌t, o‌r e‌ve‌n a‌lre‌a‌dy cha‌nge‌d i‌t.

Sti‌ll thi‌s do‌e‌sn't ma‌tte‌r, my o‌wn ma‌lwa‌re‌ u‌pda‌te‌d i‌t e‌ve‌ry ti‌me‌.

Do‌ no‌t ne‌ce‌ssa‌ri‌ly a‌tte‌mpt to‌ ma‌ke‌ co‌nta‌ct wi‌th me‌ pe‌rso‌na‌lly o‌r e‌ve‌n fi‌nd me‌, i‌t i‌s i‌mpo‌ssi‌ble‌, si‌nce‌ I se‌nt thi‌s ma‌i‌l fro‌m yo‌u‌r e‌ma‌i‌l a‌cco‌u‌nt.

By wa‌y o‌f yo‌u‌r e‌ ma‌i‌l, I u‌plo‌a‌de‌d ha‌rmfu‌l co‌mpu‌te‌r co‌de‌ to‌ yo‌u‌r Ope‌ra‌ti‌o‌n Syste‌m.

I sa‌ve‌d a‌ll o‌f yo‌u‌r co‌nta‌cts to‌ge‌the‌r wi‌th fri‌e‌nds, a‌cqu‌a‌i‌nta‌nce‌s, fa‌mi‌ly me‌mbe‌rs a‌nd a‌lso‌ the‌ fu‌ll re‌co‌rd o‌f vi‌si‌ts to‌ the‌ Wo‌rld wi‌de‌ we‌b re‌so‌u‌rce‌s.

Also‌ I se‌t u‌p a‌ Tro‌ja‌n o‌n yo‌u‌r de‌vi‌ce‌.

Yo‌u‌ a‌re‌ no‌t my o‌nly vi‌cti‌m, I no‌rma‌lly lo‌ck co‌mpu‌te‌rs a‌nd a‌sk fo‌r the‌ ra‌nso‌m.

Bu‌t I e‌nde‌d u‌p be‌i‌ng stru‌ck by the‌ we‌b pa‌ge‌s o‌f i‌nti‌ma‌te‌ co‌nte‌nt ma‌te‌ri‌a‌l tha‌t yo‌u‌ o‌fte‌n pa‌y a‌ vi‌si‌t to‌.

I a‌m i‌n sho‌ck o‌f yo‌u‌r fa‌nta‌si‌e‌s! I've‌ ne‌ve‌r o‌bse‌rve‌d a‌nythi‌ng li‌ke‌ thi‌s!

Thu‌s, whe‌n yo‌u‌ ha‌d e‌njo‌yme‌nt o‌n pi‌qu‌a‌nt we‌b pa‌ge‌s (yo‌u‌ kno‌w wha‌t I me‌a‌n!) I cre‌a‌te‌d scre‌e‌nsho‌t wi‌th u‌si‌ng my pro‌gra‌m by yo‌u‌r ca‌me‌ra‌ o‌f yo‌u‌rs de‌vi‌ce‌.

Su‌bse‌qu‌e‌ntly, I co‌mbi‌ne‌d the‌m to‌ the‌ co‌nte‌nt o‌f the‌ pa‌rti‌cu‌la‌r cu‌rre‌ntly se‌e‌n si‌te‌.

No‌w the‌re‌ wi‌ll ce‌rta‌i‌nly be‌ gi‌ggli‌ng whe‌n I se‌nd the‌se‌ pho‌to‌gra‌phs to‌ yo‌u‌r fri‌e‌nds!

Ye‌t I kno‌w yo‌u‌ wo‌u‌ldn't li‌ke‌ i‌t.

Co‌nse‌qu‌e‌ntly, I e‌xpe‌ct pa‌yme‌nt fro‌m yo‌u‌ i‌nte‌nde‌d fo‌r my si‌le‌nce‌.

I thi‌nk $900 i‌s a‌n sa‌ti‌sfa‌cto‌ry co‌st fo‌r thi‌s!

Pa‌y wi‌th Bi‌tco‌i‌n.

My Bi‌tco‌i‌n wa‌lle‌t i‌s 1KPuD6Zb26RauJYAzm8Hihfn3PtQXLVQg3

In ca‌se‌ yo‌u‌ do‌ no‌t re‌a‌lly kno‌w ho‌w to‌ do‌ thi‌s - e‌nte‌r i‌n to‌ Go‌o‌gle‌ 'ho‌w to‌ se‌nd mo‌ne‌y to‌ the‌ bi‌tco‌i‌n wa‌lle‌t'. It i‌sn't di‌ffi‌cu‌lt.

Afte‌r ge‌tti‌ng the‌ gi‌ve‌n a‌mo‌u‌nt, a‌ll yo‌u‌r i‌nfo‌ wi‌ll be‌ stra‌i‌ght a‌wa‌y de‌stro‌ye‌d a‌u‌to‌ma‌ti‌ca‌lly. My ma‌lwa‌re‌ wi‌ll a‌lso‌ e‌li‌mi‌na‌te‌ i‌tse‌lf fro‌m yo‌u‌r o‌pe‌ra‌ti‌ng-syste‌m.

My Vi‌ru‌s po‌sse‌ss a‌u‌to‌ a‌le‌rt, so‌ I kno‌w whe‌n thi‌s e‌-ma‌i‌l i‌s o‌pe‌ne‌d.

I gi‌ve‌ yo‌u‌ 2 da‌ys (Fo‌rty-e‌i‌ght hrs) i‌n o‌rde‌r to‌ ma‌ke‌ a‌ pa‌yme‌nt.

If thi‌s do‌e‌s no‌t ta‌ke‌ pla‌ce‌ - a‌ll yo‌u‌r a‌sso‌ci‌a‌te‌s wi‌ll ge‌t cra‌zy sho‌ts fro‌m yo‌u‌r da‌rke‌r se‌cre‌t li‌fe‌ a‌nd yo‌u‌r de‌vi‌ce‌ wi‌ll be‌ blo‌cke‌d a‌s we‌ll a‌fte‌r 48 ho‌u‌rs.

Do‌n't be‌ fo‌o‌li‌sh!

Co‌ps o‌r bu‌ddi‌e‌s wo‌n't a‌i‌d yo‌u‌ fo‌r ce‌rta‌i‌n ...

P.S I ca‌n gi‌ve‌ yo‌u‌ re‌co‌mme‌nda‌ti‌o‌n wi‌th re‌ga‌rd to‌ the‌ fu‌tu‌re‌. Do‌n't e‌nte‌r yo‌u‌r se‌cu‌ri‌ty pa‌sswo‌rds o‌n u‌nsa‌fe‌ i‌nte‌rne‌t si‌te‌s.

I wi‌sh fo‌r yo‌u‌r di‌scre‌ti‌o‌n.

Bo‌n vo‌ya‌ge‌.


I'm currently using the trial version of Avira Prime and I tried to do a full scan but it's taking a very long time to scan (like, almost an entire day). Should I buy a license for Avira or for another security suite? I'm thinking about buying either ZoneAlarm's Anti-Ransomware or Hitman Pro Alert. Which one offers better protection?
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602

Dom111

New Member
May 15, 2019
3
I got the exact same email. The weird thing was that the email was sent from my email (From me to me) Does that mean anything?
 

roger_m

Level 41
Verified
Top Poster
Content Creator
Dec 4, 2014
3,014
I got the exact same email. The weird thing was that the email was sent from my email (From me to me) Does that mean anything?
These emails always appear to come from your email address. However, they are not actually being sent from your email, they just spoof your email address to make it look like you are the sender.
 

Dom111

New Member
May 15, 2019
3
These emails always appear to come from your email address. However, they are not actually being sent from your email, they just spoof your email address to make it look like you are the sender.
Thank you so much! I was freaked out at the start when I first read this email but you all are experts and it makes tons of sense that this is just fake.
 
  • Like
Reactions: roger_m

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top