This center got a report from the internet manager. A user has received a blackmail email that threatens that his account has been invaded and asks for a 800USD bitcoin payment. After investigation, it is found similar with the published case from TWCERT/CC (as reference link). The email sender did not invade the user’s computer. Do not transfer recklessly!
Email feature:
- Subject title is password (xxxxx) is compromised, Your password is xxxxx, your password xxxxx, or password (xxxxx) for @mail.xxx.ntu.edu.tw is compromised
- Email will state that they’ve taken hold of your email password, internet search history, contact information, hard disk information and images, and has planted malware.
- Asks for a 800USD bitcoin payment to a certain account
TWCERT/ reference link:
https://m.facebook.com/story.php?story_fbid=2253444848218581&id=1670471206515951
Email Example
>