Community Forum

extortion emails

lkpolovchik
Regular Contributor

extortion emails

I've received three in the last three days. The first two were copied to abuse@comcast.net.   They were from outlook.com. I received the same form email from Comcast security. Are these emails investigated?  The third email went to my junk folder. Is anybody else getting them? Also I noticed the phishing emails for various things have been occurring over the last three days. 

Linda
CCAndrew
Diamond Problem Solver

Re: extortion emails

Just delete
https://forums.xfinity.com/t5/Anti-Virus-Software-Internet-Security/Blackmail/td-p/3329624


I am a Retired Official Comcast Employee
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark a post as the Best Answer!
antonio12123
New Poster

Re: extortion emails

I am receiving this kind of email also, but they are also in possession of my email password, I have no idea how and I am in a scramble to change my passwords. Is there a possibility that they were able to hack into my camera and take a video?  

lkpolovchik
Regular Contributor

Re: extortion emails

Best practice is to cover your webcam when not using it. Do not reuse passwords. Use a password manager even if it cost money. Use 2 factor authentication and an Authenticator app. They’re free. Change your password and good luck.

Linda
antonio12123
New Poster

Re: extortion emails

Can you tell me what email address your email was from? Im trying to figure out if it was the same person that sent you the same email.

lkpolovchik
Regular Contributor

Re: extortion emails

The beginning is always different. The ending said outlook.com. Also get a good antivirus anti male ware program. I use malewarebytes on my laptop and iOS devices. Comcast does offer free antivirus software for Windows. I do not use Windows OS. Good luck.

Linda
antonio12123
New Poster

Re: extortion emails

Thank you I have the Norton Antivirus on my computers but did not know about one for IOS, thank you for the help.

43Five
New Poster

Re: extortion emails

I'm getting these as well.  How can we be sure we've not been hacked?

yarntrails
Contributor

Re: extortion emails

You can never be 100% sure but this scam has been happening for a long time now and they are just sending it to long lists of emails and passwords they bought off the dark web.  The probability is extremely low that you were actually hacked.

 


@43Five wrote:

I'm getting these as well.  How can we be sure we've not been hacked?


 

Again
Expert

Re: extortion emails

This kind of thing has been going on for quite a while - think a # of years.  This article might help explain about the bitcoin exploitation fraud.  It's always a good idea to change your email password from time to time; and passwords in general, including your bank, any logins, etc. and never share ANY personal identifying information with anyone online, including here.

 

Also, if you're going to forward an email to abuse, you need to make sure you send the headers - that stuff you don't see when you open an email.  Just because an email may say it's from outlook.com [for example] doesn't necessarily mean that it came from there, especially if the email mentions that the email it came from has been encrypted and the sender used software to make sure their email address and routing and ISP cannot be detected.

 

In order to see - and copy - the headers, in webmail, open the email and under where it says TO: you should see three lines.  Click on the lines and scroll down and click on View Source.  A window will popup that shows the headers of the email.  In order to copy the info in that window, right click and choose Select all, then right click again and choose Copy.  Then, in the email you are fowarding, paste that information.  If you don't do this, the abuse team most likely won't do anything about the threatening email.


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
weavergene
Contributor

Re: extortion emails

I'm getting them, too.  I reported them to the police and the state Department of Justice.

weavergene
Contributor

Re: extortion emails

Every state has a Department of Justice.  They are supposed to go after these people. 

lkpolovchik
Regular Contributor

Re: extortion emails

The iOS malewarebytes is a subscription for $1.49 a month or $12 a year. It’s good. U can block calls and texts, add safe numbers and report scam calls. It protects u on the web as well. It has caught stuff for me. It has marked and blocked calls as know scammers.

Linda
lkpolovchik
Regular Contributor

Re: extortion emails

A few months back  I received a call from a fake computer tech. That laptop died years ago but that was the password for the computer company website used in my email. That fake tech was trying to get control of my laptop. I understand most of the time these logins and passwords are sold on the dark web but that information was hacked or leaked from somewhere. 

Linda
abbiet
New Poster

Re: extortion emails

Yes, I have the same. I have "blocked" this email about 2 years ago, but did not shut it down. I will now. And yes, they go an old password that is no longer linked to comcast. So that part is scary. 

And, no, I have not gone on bad sites. This one found me. 

I would appreciate support. Can't get through to any customer service or anything else. 

yarntrails
Contributor

Re: extortion emails


@abbiet wrote:

Yes, I have the same. I have "blocked" this email about 2 years ago, but did not shut it down. I will now. And yes, they go an old password that is no longer linked to comcast. So that part is scary. 

And, no, I have not gone on bad sites. This one found me. 

I would appreciate support. Can't get through to any customer service or anything else. 


There really isn't anything they can do to support you.  You likely used the same password for a hotel login (there was a big breach a while back where passwords and emails were compromised) or maybe Target or one of the many other breaches.  You can report the email to the abuse team (you have to forward the email as an attachment, or include the headers) so that they can use it to update their filters, but these scammers are good at cirvumventing filters.  This is the case with any email provider, corporation, etc.  Unfortunately you just have to ignore and delete them and they will die down eventually.  Your only other option is to delete your email and start a new one but that is a pain and it will eventually get compromised too.

andyross
Silver Problem Solver

Re: extortion emails

I've gotten a few of these lately, typically with hotmail or outlook addresses. There are lists of passwords and users that have come from hacked sites. The password used in these mails is a 'junk' password that I never use on anything important. Even funnier, this is a desktop computer with NO camera, so it's obviously just a scare tactic.

kdiver
Frequent Visitor

Security breach at comcast.net ??

 My wife and I both received emails with old Comcast.net email passwords listed in them. We have changed them long ago. But we were wondering how much other information did they get? 

   In the emails it asked us to buy bitcoin ($3000 worth) and send it to an account. 

kdiver
Frequent Visitor

Re: extortion emails

Yes both my wife and I received them ..

What I found ODD was they have OLD passwords in the emails.

That being the case .. I'm guessing there was a breach somwhere.

yarntrails
Contributor

Re: Security breach at comcast.net ??

There are many threads on this "sextortion" scam.  The password was likely compromised in one of the many breaches at various companies where you used the same password.  There haven't been documented breaches of comcast (though it is possible).  There was a large hotel chain, Target, equifax, yahoo, and many others that had user data compromised.

 

Obviously change your password at any sites that still use that password, if any, otherwise just delete the email

Again
Expert

Re: Security breach at comcast.net ??


@kdiver wrote:

 My wife and I both received emails with old Comcast.net email passwords listed in them. We have changed them long ago. But we were wondering how much other information did they get? 

   In the emails it asked us to buy bitcoin ($3000 worth) and send it to an account. 


No security breach at Comcast.  Please read this article from Malwarebytes.


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Again
Expert

Re: extortion emails


@kdiver wrote:

Yes both my wife and I received them ..

What I found ODD was they have OLD passwords in the emails.

That being the case .. I'm guessing there was a breach somwhere.


Read my post upthread, as well as my reply to your other post.


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
malvaalcea
Contributor

Re: extortion emails

I also received about 4 of these emails last week.  I was really PO'd and decided to contact someone....like FBI as I was furious that they were sent and that they were trying to extort money.  I received a phone call from Mr. Charles <Edited> who is the Chief of National Security and Cyber Section of Western District of Western Pennsylvania.  Yes I was shocked.  He explained some things that I already knew.....like it is almost impossible to find these people and bring them to prosecution as they are out of the USA and there needs to be reciprocal agreement for prosecution either by the country of location or the USA.  He said the Secret Service had just sent a bulletin to the Pittsburgh office of the FBI alerting them that these emails were making the rounds again.  Anyway, I was really pleased to hear that he and some of his staff have successfully prosecuted some of these worthless but savy people.  The US is seeking to collaborate with some foreign countries to have the guilty parties prosecuted in their country or returned to the US as was most recent case.  His office prosecuted some cyber criminals recently and won the cases.  He told me that alot of the problems originate out of Western Africa as well as countries surrounding Russia and Romania.  <Edited> explained that the passwords can be easily obtained on websites like Linkin when there are security breaches.  They the criminals sell the lists on the "Dark Web".  They are the ones who ultimately send out the perverted emails.  I have to say that after talking with <Edited> for about 20 minutes, I thanked him and his team of prosecutors for trying and in some cases, succeeding.  He admitted that these cases are very challenging at best.  Nice to know though that they are trying and having some successes.  He said the worst cases are those where bank records have been accessed and emptied.  I might also mention that private individuals aren't the only targets.  Big corporations and banks have also been targets.  

southendjohn
Contributor

Re: Security breach at comcast.net ??

Well, a 2015 old and known breach at Comcast...

lkpolovchik
Regular Contributor

Re: Security breach at comcast.net ??

The password in my email was not from Comcast although there was a report last year that a Comcast server leaked many years ago. You need to change passwords frequently and don’t reuse them plus use 2FA and an Authenticator app. My password was from an insignificant reading site. Don’t obsess over it. This is the new normal. People in other countries go to work every day and sit in front of a computer and try to hack you, me, our hospitals, universities etc.
Linda
weavergene
Contributor

Re: extortion emails

That doesn't help.  It was an old password, but it was mine.  I've already changed my passwords beginning a few years ago.  

weavergene
Contributor

Re: extortion emails

These posts are all recent!

lkpolovchik
Regular Contributor

Re: extortion emails

Yes, I just started getting the emails. The password in my email was from years ago. I haven’t used it in years but the dark web had it.

Linda
rbater1
New Poster

Re: extortion emails

Received: from dovdir2-asc-03o.email.comcast.net ([96.114.154.159])

by dovback2-asc-13o.email.comcast.net with LMTP

id cOiLJZamsV54JgAAhRLzRA

(envelope-from <Edited>)

 

Received: from dovpxy-asc-05o.email.comcast.net ([96.114.154.159])

by dovdir2-asc-03o.email.comcast.net with LMTP

id YPpDJZamsV4BcgAAJnjj+g

(envelope-from <Edited>)

 

Received: from resimta-po-39v.sys.comcast.net ([96.114.154.159])

(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))

by dovpxy-asc-05o.email.comcast.net with LMTP id EKimAJGmsV52cQAAbkwxFQ

; Tue, 05 May 2020 17:47:02 +0000

Received: from APC01-SG2-obe.outbound.protection.outlook.com ([40.92.253.76])

by resimta-po-39v.sys.comcast.net with ESMTP

id W1efjIxMjhzW9W1eij0f7O; Tue, 05 May 2020 17:47:01 +0000

Chicagorex
New Poster

Re: extortion emails

This is exactly right.  I got the email twice and my wife got it once.  Both passwords were very old, but we made sure that none of passwords used today come close.  The common denominator is Comcast.  You don't even have to be that technical to do a phishing / ransomware campaign.  You can buy a kit and buy the password list from the dark web.  They send the campaign out to a high number of people hoping to get a couple of hits.  The funny part is that if someone falls for it, what's the chances of them knowing how to use crypto currency (bitcoin)?  LOL

EBK18
Frequent Visitor

Re: extortion emails



When I "View Source," a very long list of gibberish (to me, that is) comes up. I don't have a "Select all" feature on the right click. Since this is so very long, still recommend copying and sending along with threatening email? I have two with same body content, but different made up names. They somehow got a password from a utility company (this has since been changed along with all other passwords). I notified the utility company and was told to check out the FBI web site. I did, but there is a long form one is asked to fill out. I did not want to do this. I'll await your response, thank you

 

EBK18
Frequent Visitor

Re: extortion emails

First I have read about "cover your webcam." Please tell me why, thank you. 

EBK18
Frequent Visitor

Re: extortion emails

I was advised to report to FBI! Does state DOJ have an address to which one can forward the disturbing emails? FBI asks one to fill out a long form with all sorts of information; I declinded that method. Also, thought Xfinity was supposed to track these emails and place them in Spam folder

lkpolovchik
Regular Contributor

Re: extortion emails

Hackers can hack into webcams without the light showing it’s on. You won’t even know it. They sell them at Best Buy but u can just tape heavy paper over it if u need to remove it.

Linda
EBK18
Frequent Visitor

Re: extortion emails

Do I just forward these two emails to abuse@comcast.net?