Anew ransom-based email scam received by two Hingham residents is demanding recipients to pay 0.5 Bitcoins, which is currently worth approximately $7,500, or else they would be killed.
According to the Hingham police, the victims of the scam are two old senior ladies.
The two ladies received similar a message addressing them by their full names via email, but from different email addresses, with the subject title, “Please read this it can be the most important information in your life.”
From the content of the email, the message seems to come from a hired assassin whose assignment is to kill them for reasons not disclosed in the email.
However, the “hitman” didn’t seem to want to carry out the assignment and was offering the victims a chance to save themselves if they sent the said amount of bitcoins to the sender’s bitcoin wallet.
The sender even promised to disclose to the two residents evidence of who hired him and for what reasons if they pay on time.The said email reads:
I advise you to take this message seriously, if you value your life, since this is not a joke or a scam. I’ve been thinking for a long time whether it’s worth sending this message to you and decided that after all you still have the right to know. I’ll try to be short. I received an order to kill you, because your activity causes trouble to a particular person. I studied you for quite a time and made a decision to give you a chance, despite the specifics of my job, the business rules of which do not allow me to do this, as this will kill my reputation (more 12 years of perfect order executions) in certain circles. But i decided to break a rule since this is my last order (at least I do hope so).
In general, let’s break it down. I want you to pay the amount of 0.5 Btc. I accept btc. Information how to forward you can find in Google. Here are my payment details:
When I will receive funds I’ll send you the name of the man order came from, as well as all the evidence I have. You will be able to use them with the police. I would not suggest you to call the police, because you have a little time (2 days) and the police simply will not have time to investigate.
Answering to this letter does not make sense, I use one-time mailbox, because i really do care about my anonymity. I’ll contact you as soon as I’ll get funds.
I really regret that you became my prey.
Hingham police advised the residents to be especially keen of email-based scams by not opening emails from strange and unfamiliar email addresses. “Don’t bother opening in spite of how engaging and enticing the subject title might look.
All they need is you to open and read the message and the next minute you will be hacked. They have the skills and they know what they are doing. Don’t and you will save yourself the agony,” a detective added.
The Only Way Out
There has not been a recorded case where victims of email scams have given into such demands, but there is fear as cases of cybercrime are on the rise.
Mark Stockley, a cyber security expert, says that many victims of such scam laugh at them but finally find themselves fulfilling the demands after complications from engaging and replying to such emails.
Spiceworks user Bweber, who read Lass’s post, pinned out a contradiction where the sender promises to give evidence to the recipient so as to contact the police, but in the next sentence recommends not alerting the authorities as part of the deal.
It is practically impossible to prevent these scams.
However, these attacks can be minimized through some core information security practices such as performing ongoing security assessments to look for — and resolve — denial of service-related vulnerabilities and using network security controls, including services from cloud-based vendors specializing in responding to scam attacks.
Individuals and organizations can also install email filtering mechanisms to block these kinds of messages, monitor their accounts for unauthorized logins from getting through and to minimize the risk of someone hacking into their email servers and sending them these types of scams.
Organizations can further protect their domain name by acquainting themselves with phishing and DDoS Attacks, among other attack vectors, and how they are launched.