You’ve probably heard of this one where you get an email stating that “someone” knows your login credentials to an old site or current site and that they’ve installed malware, RATs, etc. on your machine to extort you for amount of cash in BTC. Well, I finally got one. What I want to know is, this moron left his email address in the metadata as well as IP information, so is it possible by using that metadata to figure out where this guy really is so I can screw with him? From what I’ve been able to find using WHOIS and other online resources is where the email supposedly came from, but as you know, IP addresses can be spoofed with VPNs. So, suggestions?
Yeah, I got one of these a couple months ago. I actually did not even know it until I was looking through my spam folder. The email listed a password I used for an old Disqus login I had. Come to find out Disqus security was breached and burped a lot of stored passwords and other data.
As far as locating this person/s I would say that the juice might not be worth the squeeze. Of course you can analyze email headers and perhaps try to contact the person via another email address, with a few hyper-links, where if clicked upon could reveal this persons IP and/or geolocation, but it's still a long shot. I would just make sure your important passwords are strong and would recommend a password manager. I will say it is a bit scary to see an old password pop up followed by a bunch of threats- but it's basically a smoke screen.
Be well my friend.
Yeah, we’ve run into these a few times at my work and know that they’re put on blast from old accounts that got leaked and since this came to my personal address (also in the spam folder) I wanted to have a little fun just messing with them, but oh well.
@phillych3zst3ak#81964 A lot of these scammers get your password and email from data breaches. Here is a website where you can check to see if your email (and possibly your password). Have been breached. The website is https://haveibeenpwned.com