cctalk Digest, Vol 52, Issue 9

[Fred]

On Wed, 9 Jan 2019 cctalk-request at classiccmp.org wrote:

> Message: 7
> Date: Tue, 08 Jan 2019 20:03:24 +0000 (WET)
> From: Peter Coghlan <cctalk at beyondthepale.ie>
> Subject: Bogus "account hacked" message
>
> About two hours ago, I received an email to the address I only use for
> cctech/cctalk.
>
> It claimed my email account had been hacked and threatened all sorts of
> dire consequences if I didn't deposit $1000 in bitcoins in some place within
> 48 hours.
[chop]

I enjoyed reading the discussion regarding these bogus emails.

I get a one or two per week.  Some with no password, and some with a
password only used for one particular site with an email address only
created for that site.   (and the site is no longer around more than
likely due to being hacked ... essentially the account I had there was a
throwaway).

Some of the phishers are getting "smarter" and dropping the "-suffix" I
used for the email (which also ends up getting to me ...)

Obviously the system(s) they send it to don't have a camera, don't have
any web browsing software installed, are text based (Linux and OpenVMS)
and I just laugh.

However, I do enjoy totally confusing the scammers.  I have the extra
password configured for the SYSTEM account on my main VMS box.  The script
kiddies have no idea what to do with a second password prompt (since you
don't get a User Authorization Failure until you enter both passwords,
good, bad, or indifferent).

34630 failures since last successful login

No intrusion records either, as they try once and move on.   Long
passwords are looooong so I challenge them to guess.  If they get in,
login DCL does checks and if you don't have the secret sauce ... *plonk*

I probably don't have to have extra password set, but I'm paranoid and do
it anyway.

I've also noticed folks at $work are starting to get these "give me
bitcoins because I saw your pr0n" messages as well.   Those were some fun
discussions.

Fred