Share:

LISTSERV phishing scam reported: Data for ransom

Please be aware that a new phishing email message that appears to come from various LISTSERVs has been reported. The message states that the sender has infected the recipient’s operating system with a trojan virus and has collected all the data on the affected computer, including access to accounts, social networks, email, and browsing history.

The message attempts to extort the recipient by asking for $500 in order to delete the supposedly collected data, or else the information would be released to the recipient’s contact list. It provides a link to the scammer’s bitcoin wallet.

The email message appears to come from Miami LISTSERVs such as hdrbsdining@listserv.miamioh.edu or biogradstudent@listserv.miamioh.edu.

This is clearly a scam: Do not click on the bitcoin wallet link and do not send any money. This is similar to a scam reported earlier this summer wherein the hacker would reveal that they knew the user’s password and then ask for money to prevent the release of data collected from the user’s computer.

Here is an example of the email:

Hello hdrbsdining@

My nickname in darknet is fred26.

I'll begin by saying that I hacked this mailbox (please look on 'from' in your header) more than six months ago, through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

Even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history. Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit. You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching. Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right? If you are of the same opinion, then I think that $500 is quite a fair price to destroy the dirt I created.

Send the above amount on my bitcoin wallet: [redacted].

As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device. Also, I'll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 48 hours! After your reading this message, I'll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson. Do not be so nonchalant, please visit only to proven resources, and don't enter your passwords anywhere!

Good luck!

The Information Security Office recommends that students, faculty, and staff treat unsolicited email and spam with a high degree of skepticism. If you receive a similar email, simply delete the message and do not reply, and do not open the message, or click any links provided. If you have already responded to this message or clicked a link, please contact IT Help immediately.

If you receive a message that is questionable please forward it to InfoSec@MiamiOH.edu, or you may contact IT Help at 513-529-7900 and MiamiOH.edu/ITChat.