New to the forums? Click here to read the "How To" Guide.

Developer? Click here to go to the Developer Forums.

Ever had a FileFront account? Getting "blackmail" emails now?

JD-UKJD-UK Posts: 2,364 Valuable Player
I've been getting some interesting email recently. They are the new standard bin jobs, not phishing (although I'm sure once they have your email confirmed, that will soon come) but from various senders puporting to have hacked my PC "6 months ago" and followed me to "intimate" sites and having supposedly taken over my webcam (you know - the one I don't have) and taken revealing photo's and if I don't pay them $xxx in bitcoin within 48 hours, they will send the photo's to everyone in my contacts list.

Of course, it's bullshit, and the normal attempt at making gullible suckers pay up. I've had three of these, all supposedly from different people, but all with the exact same wording - just the amount to pay is different.

What spiked my interest was the password they claimed I used. It may just be coincidence, but the password they claim they have 'hacked' is always the same - and it's one that I recognised, but from a long time ago.

This email address I am receiving the messages on has been on spammers lists for a very long time - I know that anyway, it's what it's there for (a webmail account I only use for joining forums and for etailers I don't yet know or trust) and it's been on the haveibeenpwned list for a long time. I get all manner of crap on it that just goes straight to the junk bin, most of in unread.

Having now looked back through my old passwords, I find that the one they keep quoting is one I used for filefront. Of course, they are hoping that the recipients are one of the silly people who use the same password on different sites, I guess (if it isn't in fact just a coincidence).

I'm wondering if anyone here has received similar messages, and if you can, see if the password they say they know is one you have actually used somewhere, and if it is from filefront.

Pure curiosity, and maybe just to help others, as there is nothing to be done about it now - but it would be interesting to find out.




Comments

  • LZoltowskiLZoltowski Posts: 6,774 Volunteer Moderator
    edited October 2018
    You can check your email address against a large list of leaked databases here:

    https://haveibeenpwned.com/
    Core i7-7700k @ 4.9 Ghz | 32 GB DDR4 Corsair Vengeance @ 3000Mhz | 2x 1TB Samsung Evo | 2x 4GB WD Black
    ASUS MAXIMUS IX HERO | MSI AERO GTX 1080 OC @ 2000Mhz | Corsair Carbide Series 400C White (RGB FTW!) 

    Be kind to one another :)
  • RattyUKRattyUK Posts: 1,111
    Wintermute
    edited October 2018
    I had one of those recently, giving my password (one I was using for a couple of fora only - sadly not Filefront) and threatening to send said video to my 11 friends...

    I really must not visit those naughty sites with my webcam not taped over... (I have the same model as yours @Brixmis )

    Apparently it is a threatening email that has been doing the rounds for ages and best ignored unless you have something to hide :D
    PC info: AMD Ryzen 7 2700X, MSI MPG X570 Edge, 16GB Tforce Pro Dark DDR4 3200, KFA2 RTX 2080 Super, Samsung 870 Pro M.2, 2x 240GB SSD, 3TB WD Green HDD & 4 TB Seagate Barracuda HDD, Antec Modular 750w PSU, custom watercooling loop. (Win 10 Pro & Opensuse Leap 15.1 Linux) 32" AOC 4K Monitor.
    Rift S
    Laptop: Aorus X5 V6-CF1 (I7-6820HK, GTX 1070, 2* 256GB M.2 NVME, 1TB 7200 HDD)
  • snowdogsnowdog Posts: 7,390 Valuable Player
    Well @vannagirl need not worry about this sort of thing. Ever since I hacked her laptop ANYONE with a credit card can see her nekked by visiting https://www.seevannagirlnekked.com and subscribing for £100 per month.
    "This you have to understand. There's only one way to hurt a man who's lost everything. Give him back something broken."

    Thomas Covenant, Unbeliever
  • JD-UKJD-UK Posts: 2,364 Valuable Player
    Yup - I just bin them - this one just raised my curiosity about the password they had got hold of. Filefront closed 9 years ago - I've been using this anti-spam webmail address since about 2005.

    I found a couple of posts on other forums from 2009 by people who suspected Filefront had been hacked - but nothing definite.

    I always use different passwords, anyway and since a few months, I've been using KeePassXC to generate them. According to haveibeenpwned, that email address has been on about 9 different spammer lists for some time. Like I said - that's actually what i have it for, and I recommend everyone has one for this purpose.

    I signed up to channel 4's catch up service about two weeks ago and have had huge amounts of spam since - all on that webmail address. I'm not concerned - none of the info I gave on the registration form (which includes all your personal details, including date of birth etc) is true, so wtf :smiley:

    Used to use a redirecting service (still do for amateur radio contacts, but rarely use that these days) but I got fed up of having to keep resigning up every time I reinstalled windows.




  • nalex66nalex66 Posts: 5,279 Volunteer Moderator
    edited October 2018
    I've been getting those emails constantly at work for the past week or two. The first one freaked me out a little, because I recognized the password that they claimed I had used. It wasn't one I'd ever used for my email address, though.

    I've been trying to figure out where they might have gotten that password from. I don't think I ever used FileFront with my work email address, but it may have been another cloud file service. (YouSendIt?)

    Edit: Looks like the breach might have been from an old Adobe account, according to HaveIbeenpwned.
    i7 5820K @ 4.25GHz | EVGA GTX 1080 SC | Gigabyte GA-X99-UD4 | Corsair DDR4 3000 32GB | Corsair HX 750W
    SSDs: Intel 660p M.2 2TB, Samsung 860 Evo 1TB, 850 Evo 1TB, 840 Evo 1TB | Startech 4 controller PCIe USB 3.0
  • DaftnDirectDaftnDirect Posts: 5,575 Volunteer Moderator
    edited October 2018
    Yep had the same type email threatening to tell my wife about my secrets, I'm not married. Password was one I haven't used for years and I use unique passwords for every site so I could check which site it was but can't be bothered.

    I guess it only takes 1 in a thousand or less to succumb to this crap to make it worth their while, which means we'll be seeing these things for some time to come.

    Intel 5820K [email protected], Titan X (Maxwell), 16GB Corsair Vengeance DDR4, ASRock X99 Taichi, Samsung 500Gb 960 Evo M.2, Corsair H100i v2 Cooler, Inateck KTU3FR-4P USB 3 card, Windows 10 Pro v1903 (18363.720)
Sign In or Register to comment.