The standard sextortion scam. Used a picture for the message. Some of the header info. is below.
Return-Path: <[email protected]>
Delivered-To:
Received: from mailroom4.hostrocket.com
by mailroom4.hostrocket.com with LMTP id sKjBMLZsmFyATgAAGJjDkA
for <>; Mon, 25 Mar 2019 01:52:54 -0400
Return-path: <[email protected]>
Received: from s62.xrea.com ([150.95.8.162]:55295)
by mailroom4.hostrocket.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128)
(Exim 4.91)
(envelope-from <[email protected]>)
Received: (qmail 173438 invoked by uid 89); 25 Mar 2019 14:52:34 +0900
Received: from unknown (HELO ?host-85-237-51-73.dsl.sura.ru?) ([email protected]@85.237.51.73)
by s62.xrea.com with SMTP; 25 Mar 2019 14:52:34 +0900
X-Complaints-To: <[email protected]>
Date: Mon, 25 Mar 2019 06:52:32 +0100
X-aid: 0943775795
X-CSA-Complaints: [email protected]
List-Subscribe: <https://groups.google.com/a/dw-dev.com/group/azmlwm/subscribe>
X-Sender-Info: [email protected]
Claims to have hacked email to send email with demand for $1000 or will release videos recorded via webcam and hacked porn sites. Message body is an image not actual text.
From (Header) spamgw.ksu.edu.tr, 193.255.96.99
source
bitcoinabuse
网站地址
日期
20 March 2019 Wednesday. 20:45:59 UTC
家伙
blackmail scam
虐待者
unknown
国家
United States
文本
Blackmail attempt
source
bitcoinabuse
网站地址
日期
20 March 2019 Wednesday. 14:01:54 UTC
家伙
ransomware
虐待者
bitcoin email scam
国家
United States
文本
The usual 'I hacked your computer' ransomware demanding bitcoin. The following was the trace of the email:
119.2.48.178
Yogyakarta 55251 (Indonesia)
source
bitcoinabuse
网站地址
日期
19 March 2019 Tuesday. 00:37:09 UTC
家伙
blackmail scam
虐待者
From: IP: 84.241.12.155 (Iran) and IP: 120.31.134.216 (China)
国家
Sweden
文本
Same blackmail as: https://www.bitcoinabuse.com/reports/158KQRGUeRjhP1Sofe3Wnai8k8F9JfU4hM
(but now: 1552953643814.jpg)