EmailDiscussions.com  

Go Back   EmailDiscussions.com > Email Service Provider-specific Forums > FastMail Forum
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc.

Reply
 
Thread Tools
Old 1 Nov 2018, 02:52 PM   #1
noclue
Essential Contributor
 
Join Date: Dec 2007
Location: San Antonio, Texas USA
Posts: 498
Long hostage email

"XXXX@fastmail.us has password i4l1o8h. Password must be changed"

That's the subject of an email I have received twice now. No, I did not open it. The "author" requests over $800 to unhack me. He tells me he's hacked my account and has explored all of my searches. Tries to make it sound personal.

I won't reply, of course. But what I want to know is how he got my email address?
noclue is offline   Reply With Quote

Old 1 Nov 2018, 05:32 PM   #2
BritTim
The "e" in e-mail
 
Join Date: May 2003
Location: mostly in Thailand
Posts: 2,673
There are various ways your email address might be guessed. For instance, especially if your username is short, this may be a "dictionary attack" where the scammer just tries likely possibilities in the hope that some resolve to real email addresses.

You might want to forward this email (as attachment) to abuse@fastmail.com to make them aware that this phishing attack is in progress.
BritTim is offline   Reply With Quote
Old 1 Nov 2018, 05:56 PM   #3
JeremyNicoll
Junior Member
 
Join Date: Dec 2017
Location: Scotland
Posts: 26
I've seen a report of this sort of spam recently, where people are sent emails claiming that their password is some particular value. It's possible that you did use that password some years ago even if you don't now. And the email address itself, is after all known to all the people and companies you've used it to send emails to. Lots of companies either have employees who sell email addresses to spammers, or have data leaks where hackers manage to steal addresses etc

.
JeremyNicoll is offline   Reply With Quote
Old 1 Nov 2018, 06:39 PM   #4
noclue
Essential Contributor
 
Join Date: Dec 2007
Location: San Antonio, Texas USA
Posts: 498
I am pretty much a shut in, so I conduct a lot of business online out of necessity. I guess one of my vendors uses sloppy encryption, but how will I know which one it is? I donít like the idea of someone who wants a lot of money from me playing around in my accounts. I have three different addresses, and the one that got hacked is from my commercial account. Is it a password problem?

I will forward this to the FM abuse trackers. I still have the email. It is creepy,

Thank you both for your replies.
noclue is offline   Reply With Quote
Old 1 Nov 2018, 07:53 PM   #5
somdcomputerguy
Cornerstone of the Community
 
Join Date: Jun 2004
Location: Rupert, WV
Posts: 566
This may be somewhat related.

Code:
Reasonably Clever Extortion E-mail Based on Password Theft
https://www.schneier.com/blog/archiv...ably_clev.html

- Bruce
somdcomputerguy is offline   Reply With Quote
Old 1 Nov 2018, 07:55 PM   #6
GeraldR
Essential Contributor
 
Join Date: Apr 2007
Location: Canada
Posts: 225
I've received them too

About once a day for the past two weeks I get a similar email for an address I used a few years ago. My opinion someone got the password file from a web site and sold it to someone else. They are running a script which sends out the emails. They ask for varying amounts, from US$800 to US$3000. The email claims I used it on an porn site and they have pictures of me watching porn. (One of the ways I know this is false.) I have 48 to 50 hours from when I read the email to respond or they will destroy my files and send all my contacts pictures of me.

Lots of reports of people getting these. Even a few reports of payments being made to the bitcoin accounts. Annoying, but harmless if you didn't use that password anyplace else. If you did, then you need to change it.

Perhaps you used the same password on multiple systems. In which case you are taking something very valuable, e.g. the password to your bank, and giving it to a lot of people. And you are trusting them and their security.
GeraldR is offline   Reply With Quote
Old 1 Nov 2018, 10:22 PM   #7
Adrian Bell
Cornerstone of the Community
 
Join Date: Apr 2001
Location: Darlington, UK
Posts: 928
Quote:
Originally Posted by somdcomputerguy View Post
This may be somewhat related.

Code:
Reasonably Clever Extortion E-mail Based on Password Theft
https://www.schneier.com/blog/archiv...ably_clev.html

- Bruce
I got a couple of these (worded almost exactly as in that article) about a month ago. Not with Fastmail though. It is scary that they had my password, however it was an old password. I couldn't figure out which site it was from so I changed all of my passwords so that I could tell in future. I've not signed up to any porn sites either.

Last edited by Adrian Bell : 1 Nov 2018 at 10:31 PM.
Adrian Bell is offline   Reply With Quote
Old 1 Nov 2018, 10:32 PM   #8
somdcomputerguy
Cornerstone of the Community
 
Join Date: Jun 2004
Location: Rupert, WV
Posts: 566
I use a password manager and it generates a different password for every entry I create in it. The only password that I have to remember is the one for that manager. I can do a search in it on a password or partial password and it will bring up the entry for it, which also contains the URL for whatever site it's for.

- Bruce
somdcomputerguy is offline   Reply With Quote
Old 2 Nov 2018, 01:00 AM   #9
Folio
Junior Member
 
Join Date: Jul 2014
Posts: 20
I've received a few of these lately. It is always the same password, and one I did in fact use.

Quote:
Originally Posted by somdcomputerguy View Post
I use a password manager and ... I can do a search ...
- Bruce
This was how I tracked down the account the password was associated with: 000webhost. I keep a record of all old passwords that I've used in my password manager. (The story of that breach can be found here.) Fortunately, I had only used that password on one site. I'm a big fan of letting my password manager generate a unique -- and very unmemorable -- password for each account.

Last edited by Folio : 2 Nov 2018 at 01:03 AM. Reason: Clarification
Folio is offline   Reply With Quote
Old 2 Nov 2018, 01:24 AM   #10
Adrian Bell
Cornerstone of the Community
 
Join Date: Apr 2001
Location: Darlington, UK
Posts: 928
I've never used them so there must also have been more sites hacked.
Adrian Bell is offline   Reply With Quote
Old 2 Nov 2018, 06:48 AM   #11
noclue
Essential Contributor
 
Join Date: Dec 2007
Location: San Antonio, Texas USA
Posts: 498
So I've been trying to figure out Lastpass, which is not getting a lot of love on the Internet. (It has apparently been breached?) Anyway, I try to download it, and no icon ever appears so that I can proceed. I have an iMac desktop (Sierra). I can't find much help on the Lastpass forum; they mostly just tell me to download it again, so I have downloaded the thing three times and still no icon.
noclue is offline   Reply With Quote
Old 2 Nov 2018, 08:31 AM   #12
TenFour
Essential Contributor
 
Join Date: Feb 2017
Posts: 364
Just use the web version of LastPass by getting one of the browser extensions. Not sure what advantage the desktop app has over the browser extension. LastPass works well, though I find the interface rather clunky and I don't like the unreliable automatic login for websites. Bitwarden is my current favorite password manager. It also has a web extension and you can set it to ask if you want to login to a site, so it doesn't automatically go ahead and do it--which seems like a security vulnerability to me. I like the interface better. The Android app works well and can be unlocked with your fingerprint. The one problem with every password manager is they make it difficult to switch to another brand. Yes, you can download your data and reupload to the new manager, but there always seem to be fields that don't match up, etc. I have switched a few times and it is good to budget at least a few hours to get everything sorted out, and don't delete the old manager and files for at least a few weeks or months. If something doesn't migrate properly you may lose a login.
TenFour is offline   Reply With Quote
Old 2 Nov 2018, 09:17 AM   #13
noclue
Essential Contributor
 
Join Date: Dec 2007
Location: San Antonio, Texas USA
Posts: 498
What about just using Tor? Is it just for nefarious purposes?
noclue is offline   Reply With Quote
Old 2 Nov 2018, 03:44 PM   #14
Terry
The "e" in e-mail
 
Join Date: Jul 2002
Location: VK4
Posts: 2,592
Quote:
Originally Posted by noclue View Post
What about just using Tor? Is it just for nefarious purposes?
Was the password an old Fastmail one.

My wife had one of those emails and it was showing her old fastmail log in password.
Terry is offline   Reply With Quote
Old 2 Nov 2018, 03:56 PM   #15
noclue
Essential Contributor
 
Join Date: Dec 2007
Location: San Antonio, Texas USA
Posts: 498
The password in that scam email was NOT my password. The only thing that was correct was my email address.
noclue is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 01:57 PM.

 

Copyright EmailDiscussions.com 1998-2013. All Rights Reserved. Privacy Policy