Skip to main content

Posts

Showing posts from January, 2019

Sextortion Spam.

If you received such a mail means bad guys already harvest your email. Don't worry this is only a bait. Below is the sample of mail.  Email is received with spoof email address. This email also bypass office 365 ATP as well. Detection status on VT score is none when this email was received. X-BESS-REASON: bbl X-BESS-REASON-EXTRA: 175.117.27.170 Received: from [175.117.27.170] (unknown [175.117.27.170]) by mx4.eu-west-2a.ess.aws.cudaops.com; Wed, 09 Jan 2019 18:31:24 +0000 Message-ID: <003e> From: <cust> To: <cust> Subject: Your account has been hacked! You need to unlock. Date: 10 Jan 2019 11:03:17 +0800 MIME-Version: 1.0 Content-Type: text/plain; charset="ibm852" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-BESS-ID: 1547058684-889006-11704-54424-1 X-BESS-VER: 2018.16_20190108.1920 X-BESS-Apparent-Source-IP: 175.117.27.170 Hi, stranger! I hacked your device, because I sent you this message from your account. If you