The spam filters on my email account snagged a message with an impressive subject:
Be sure to read this message! Your personal data is threatened!
The sender used my very own email address, sending the message from a server with a Mumbai IP address:
As you may have noticed, I sent you an email from your account.
This means that I have full access to your device.
I’ve been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.
If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.
I also have access to all your contacts and all your correspondence.
Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.
I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks.
I can also post access to all your e-mail correspondence and messengers that you use.
If you want to prevent this, transfer the amount of $796 to my bitcoin address (if you do not know how to do this, write to Google: “Buy Bitcoin”).
My bitcoin address (BTC Wallet) is: 14tfS3 << redacted >> WH6Y
After receiving the payment, I will delete the video and you will never hear me again.
I give you 50 hours (more than 2 days) to pay.
I have a notice reading this letter, and the timer will work when you see this letter.
Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.
I do not make any mistakes.
If I find that you have shared this message with someone else, the video will be immediately distributed.
The threat uses Nigerian-scam grade English, evidently targeted at folks with both a guilty conscience and a tenuous grasp on how email works. I thought those same folks would have enormous difficulty converting dollars into Bitcoin.
However, feeding the wallet ID into a Block Explorer shows three transactions over the last two days, with the account now standing at 0.43069539 BTC = US$2269.44. I have no way of knowing how many emails went out, but obviously three people had sufficiently guilty consciences to (figure out how to) make a Bitcoin transaction.
Update: The ransom payments tapered off after five days.
I don’t know how many different scams came from the same source, but $6700 (at today’s market rate) says this campaign paid better than most legal occupations outside the fintech sector.