メールチェックしていると、自分のメールアドレスから(差出人が自分)、末尾に載せた内容の英語のメールが届いていました。件名は「Important Updates」です。
内容を要約すると、「あなたのコンピューターをハッキングしてプライバシーにかかわる履歴を入手したので、知り合いに公開されたくなかったら2日以内に1650ビットコインを払え」というものです。読み手に信じ込ませようと、意外と紳士的に書かれています。
もちろん内容はウソで、セクストーション(性的脅迫)詐欺メールと呼ばれるものです。漏れているのはおそらくメールアドレスだけなので、削除すれば何も起きません。
なお、メールアドレスやパスワードが漏洩しているのではと心配な方は、以下のサイトでチェックすることをお勧めします。
私も一部のアカウント情報が流出していたことがあったので、その組み合わせは使わないようにしています。
引っかかりそうになったり、セキュリティ知識に不安のある方は、次のような本を読んで基本を理解しておくことをおすすめします。
詐欺メールの事例
問題のメールは以下のとおりです。内容が気になる方はDeepLなどで自動翻訳してみてください。
I am sorry to inform you that your device was compromised.
I’ll explain what led to all of this. I have used a Zero Day vulnerability with a special code to infect your device through a website.
This is a complicated software that requires precise skills that I have. It works as a chain with specially crafted and unique code and that’s why this type of an attack can go undetected.
You only need one not patched vulnerability to be infected, and unfortunately for you – it works that simple.You were not targeted specifically, but just became one of the quite a few unlucky people who got hacked that day.
All of this happened a few month ago. So I’ve had time to collect information on you.I think you already know what is going to happen next.
During that time, my software was quietly collecting information about your habits, websites that you visit, searches you do, texts you send.
There is more to it, but I have listed a few reasons for you to understand how serious this is.For you to clearly understand, my software controlled your camera and microphone as well and it was impossible for you to know about it.
It was just about right timing for me to get you privacy violated.I’ve been waiting enough and have decided that it’s time to put an end to this.
So here is my offer. I need a consulting fee to delete the media content I have been collecting.
Your privacy stays untouched, if I get paid.
Otherwise, I will leak the most damaging content to your contacts and post it to a public tube for perverts to explore.I understand how damaging this will be for you, and amount is not that big for you to keep your privacy.
Please dont blame me – we all have different ways of making a living.I have no intention of destroying your reputation or life, but only if I get paid.
I don’t care about you personally, that’s why you can be sure that all files I have and software on your device will be deleted immediately after I receive the transfer.
I only care about getting paid.My modest consulting fee is 1650 US Dollars transferred in Bitcoin. Exchange rate at the time of the transfer.
You need to send that amount to this wallet: j29n77uiaAfu7093uAFdsaiohg8aweFG(※適当な文字列に変換しました)The fee is non negotiable, to be transferred within 2 business days.
We use Bitcoin to protect my identity.Obviously do not try to ask for any help from anybody unless you want your privacy to be violated.
I will monitor your every move until I get paid. If you keep your end of the agreement, you wont hear from me ever again.Take care.
私のパソコンにはマイクもカメラもないので、嘘は明らかです。
追記:同様の手口の日本語版メールも来ました。こんな内容だという参考になるので、掲載しておきます。
どうも、こんにちは。
まずは自己紹介をさせていただきますね。私はプロのプログラマーで、自由時間ではハッキングを専門にしております。
今回残念なことに、貴方は私の次の被害者となり、貴方のオペレーティングシステムとデバイスに私はハッキングいたしました。数ヶ月間、貴方を観察してきました。
端的に申し上げますと、貴方がお気に入りのアダルトサイトに訪問している間に、貴方のデバイスが私のウイルスに感染したのです。このような状況に疎い方もいらっしゃいますので、より細かく現状を説明いたします。
トロイの木馬により、貴方のデバイスへのフルアクセスとコントロールを私は獲得しています。
よって、貴方の画面にあるもの全てを閲覧、アクセスすることができ、カメラやマイクのON/OFFや、他の様々なことを貴方が知らない間に行うことが可能です。その上、貴方のソーシャルネットワークやデバイス内の連絡先全てにもアクセスを行いました。
なぜ今までウイルス対策ソフトが全く悪質なソフトウェアを検出しなかったんだろうとお考えではないかと思います。
実は、私のスパイウェアは特別なドライバを利用しており、頻繁に署名が書き換えられるため、貴方のウイルス対策ソフトでは捕らえられなかったのです。
画面の左側では貴方がご自分を楽しませている様子、そして右側ではその時に視聴されていたポルノ動画を表示するようなビデオクリップを作成いたしました。
マウスを数回クリックするだけで、あなたの連絡先やソーシャルメディアのお友達全員に転送することができます。
この動画を公開アクセスのオンラインプラットフォームにアップロードしたら貴方は驚くかもしれませんね。朗報は、まだ抑止することができることです。
ただ 19万円 相当のビットコインを私のBTCウォレットに送金いただくだけで止められます(方法がわからない方は、オンライン検索すれば、段階ごとに方法を説明した記事が沢山見つけられるはずです)。私のビットコインウォレット(BTC Wallet): **********************
貴方の入金が確認できるとすぐに、卑猥な動画はすぐに削除し今後私から2度と連絡がないことを約束します。
この支払いを完了させるために48時間(きっちり2日間)の猶予がございます。
このメールを開くと既読通知は自動的に私に送られるため、その時点でタイマーは自動的にカウントを開始します。送金できない場合はメールにてお問い合わせください。
このメールを誰かに転送しようとしていることが分かると、すぐに貴方の卑猥な動画を公開させます。
合理的に考えて、バカな真似はこれ以上しないでください。わかりやすい説明を段階を踏んでお伝えをしたつもりです。今貴方がすべきことは私の指示に従って、この不快な状況を取り除くことです。
ありがとうございます。幸運を祈ります。
安心してください。詐欺ですから。
類似の事例集
同様のメールが何度も来るので、以下に掲載しておきます。
その他のセクトーション詐欺の事例1
件名は、「Waiting for the payment.」です。
Hello!
Have you recently noticed that I have e-mailed you from your account?
Yes, this simply means that I have total access to your device.For the last couple of months, I have been watching you.
Still wondering how is that possible? Well, you have been infected with malware originating from an adult website that you visited. You may not be familiar with this, but I will try explaining it to you.With help of the Trojan Virus, I have complete access to a PC or any other device.
This simply means I can see you at any time I wish to on your screen by simply turning on your camera and microphone, without you even noticing it. In addition, I have also got access to your contacts list and all your correspondence.You may be asking yourself, “But my PC has an active antivirus, how is this even possible? Why didn’t I receive any notification?” Well, the answer is simple: my malware uses drivers, where I update the signatures every four hours, making it undetectable, and hence keeping your antivirus silent.
I have a video of you wanking on the left screen, and on the right screen – the video you were watching while masturbating.
Wondering how bad could this get? With just a single click of my mouse, this video can be sent to all your social networks, and e-mail contacts.
I can also share access to all your e-mail correspondence and messengers that you use.All you have to do to prevent this from happening is – transfer bitcoins worth $1450 (USD) to my Bitcoin address (if you have no idea how to do this, you can open your browser and simply search: “Buy Bitcoin”).
My bitcoin address (BTC Wallet) is: j29n77uiaAfu7093uAFdsaiohg8aweFG(※適当な文字列に変換しました)
After receiving a confirmation of your payment, I will delete the video right away, and that’s it, you will never hear from me again.
You have 2 days (48 hours) to complete this transaction.
Once you open this e-mail, I will receive a notification, and my timer will start ticking.Any attempt to file a complaint will not result in anything, since this e-mail cannot be traced back, same as my bitcoin id.
I have been working on this for a very long time by now; I do not give any chance for a mistake.If, by any chance I find out that you have shared this message with anybody else, I will broadcast your video as mentioned above.
私の PC はデスクトップでカメラは付けていないのですが…
その他のセクトーション詐欺の事例2
件名は、「Do You Do Any of These Embarrassing Things?」でした。
I am sorry to inform you but your device was hacked.
That’s what happened. I have used a Zero Click vulnerability with a special code to hack your device through a website.
A complicated software that requires precise skills that I posess.
This exploit works in a chain with a specially crafted unique code and such type of an attack goes undetected.
You only had to visit a website to be infected, and unfortunately for you it’s that simple for me.You were not targeted, but just became one of the many unlucky people who got hacked through that webpage.
All of this happened in August. So I’ve had enough time to collect the information.I think you already know what is going to happen next.
For a couple of month my software was quietly collecting information about your habits, websites you visit, websearches, texts you send.
There is more to it, but I have listed just a few reasons for you to understand how serious this is.To be clear, my software controlled your camera and microphone as well.
It was just about right timing to get you privacy violated. I have made a few pornhub worthy videos with you as a lead actor.I’ve been waiting enough and have decided that it’s time to put an end to this.
Here is my offer. Let’s name this a “consulting fee” I need to get, so I can delete the media content I have been collecting.
Your privacy stays untouched, if I get the payment.
Otherwise, I will leak the most damaging content to your contacts and post it to a public website for perverts to view.You and I understand how damaging this will be to you, it’s not that much money to keep your privacy.
I don’t care about you personally, that’s why you can be sure that all files I have and software on your device will be deleted immediately after I receive the transfer.
I only care about getting paid.My modest consulting fee is 1700 US Dollars to be transferred in Bitcoin. Exchange rate at the time of the transfer.
You need to send that amount to this wallet: xklahjfdjkashglkahslk;lsdajfx(※適当な文字列に変換しました)The fee is non negotiable, to be transferred within 2 business days.
Obviously do not try to ask for help from the law enforcement unless you want your privacy to be violated.
I will monitor your every move until I get paid. If you keep your end of the agreement, you wont hear from me ever again.Take care and have a good day.
私のパソコンにはマイクもカメラもないので、これも嘘八百です。
引っかかりそうになった方や、セキュリティ知識に不安のある方は、次のような本を読んで基本を理解し、対策しておくことをおすすめします。
