How do all these scam emails work?

Topic created · 9 Posts · 477 Views
  • Seems like almost every source has someone making a similar email handle on protonmail and Tutanota in hopes of getting someone who isnt looking too closely to send them their bitcoin.

    But how do they find you if I order from, say, hunter. how in the world would some guy with a fake hunter pharm email address know you had bought gear from hunter before and that you want some now? That you’re in contact with him? That you use steroids? How would they even find your email adddess. How would they find anyone anywhere?

    The warnings on source pages are always “if you get an email from an address other than the ones listed here, it’s not me.” How the fuck does that work?

  • You click on some email saying to confirm your account. They get your email. From there they see everything and when something with money comes up they intercept and change

  • [quote=“propionate” pid=‘60858’ dateline=‘1563163751’]
    You click on some email saying to confirm your account. They get your email. From there they see everything and when something with money comes up they intercept and change
    [/quote]

    So in other words open a new email account every time you place an order.

    And have multiple wallets available.

  • [quote=“huckleberry” pid=‘60862’ dateline=‘1563167698’]
    [quote=“propionate” pid=‘60858’ dateline=‘1563163751’]
    You click on some email saying to confirm your account. They get your email. From there they see everything and when something with money comes up they intercept and change
    [/quote]

    So in other words open a new email account every time you place an order.

    And have multiple wallets available.
    [/quote]

    Or just…don’t click anything that asks you to verify your email address…

  • [quote=“Benchpressyourfeels” pid=‘60857’ dateline=‘1563162341’]
    Seems like almost every source has someone making a similar email handle on protonmail and Tutanota in hopes of getting someone who isnt looking too closely to send them their bitcoin.

    But how do they find you if I order from, say, hunter. how in the world would some guy with a fake hunter pharm email address know you had bought gear from hunter before and that you want some now? That you’re in contact with him? That you use steroids? How would they even find your email adddess. How would they find anyone anywhere?

    The warnings on source pages are always “if you get an email from an address other than the ones listed here, it’s not me.” How the fuck does that work?
    [/quote]

    Not 100% sure of your question… how do they get you email? You give it to them. Willingly or unwillingly. It is similar to “how do I get so much spam mail?”. It is because you gave them your information.

    The more interesting question is how they get a sources information and use it to request orders from people. What is likely is that they are intercepting emails from other users, and then use that to create a template which they mass email. That or the source is compromised (which is very very rare).

  • [quote=“propionate” pid=‘60858’ dateline=‘1563163751’]
    You click on some email saying to confirm your account. They get your email. From there they see everything and when something with money comes up they intercept and change
    [/quote]

    Soooo you get an email that says verify your account, and you’re dumb enough to go ahead and log in your credentials. So now someone out there can get into your inbox.

    You’re telling me they’re sending these phishing emails to 1000s and 1000s of email addresses, probably randomly generated. Then when one of those emails they’ve sent their message to has a real person using it, and they’re dumb enough to hand over their credentials, there’s someone who’s gonna go log into all of these accounts and read through all their emails? And in the 1 in a million chance that they’ve reached out to one of us, and that person is dumb enough to hand over their info, and ALSO just so happens to be in the middle of a purchase exchange with a source, this mischievous guy goes and creates a bunch of emails that are very similar to the source and strategically uses one of them to email the unsuspecting customer at just the right moment when the source would be requesting the bitcoin? And they only pick one similar email because if you received 2-3 emails from oddly similar addresses all asking for money you’d know something was up. That this could even work once is statistically insane and would require an unbelievable number of man hours.

    You’re telling me this is how it works?

  • [quote=“Benchpressyourfeels” pid=‘60897’ dateline=‘1563211490’]
    [quote=“propionate” pid=‘60858’ dateline=‘1563163751’]
    You click on some email saying to confirm your account. They get your email. From there they see everything and when something with money comes up they intercept and change
    [/quote]

    Soooo you get an email that says verify your account, and you’re dumb enough to go ahead and log in your credentials. So now someone out there can get into your inbox.

    You’re telling me they’re sending these phishing emails to 1000s and 1000s of email addresses, probably randomly generated. Then when one of those emails they’ve sent their message to has a real person using it, and they’re dumb enough to hand over their credentials, there’s someone who’s gonna go log into all of these accounts and read through all their emails? And in the 1 in a million chance that they’ve reached out to one of us, and that person is dumb enough to hand over their info, and ALSO just so happens to be in the middle of a purchase exchange with a source, this mischievous guy goes and creates a bunch of emails that are very similar to the source and strategically uses one of them to email the unsuspecting customer at just the right moment when the source would be requesting the bitcoin? And they only pick one similar email because if you received 2-3 emails from oddly similar addresses all asking for money you’d know something was up. That this could even work once is statistically insane and would require an unbelievable number of man hours.

    You’re telling me this is how it works?
    [/quote]

    Nope, that isn’t how it works. I admire your confidence on a matter you don’t understand tho

    The people who are phishing buy email lists from companies that mine your data as you browse the web. They also have algorithms that search the web for usernames and such that contain email addresses.

    From this point they send out mass emails, again using computer programs, to all the emails they just acquired. Once in your inbox, you click it and provide your login credentials, now they have permanent access to your account until the password is changed.

    From here they have a separate sorting algorithm that sees the types of emails you send and receive. It picks up on key words and flags those emails to be sent to either another algorithm for more analysis or to be read by the team of people who at phishing

    From here, they decide what emails they want to try to capitalize on. They intercept your email, and spoof the email address of who should be receiving it then reply. A computer program can even do this part as well

    Tutanota isn’t the only email service that gets phished, it happens on all services (Gmail, yahoo, outlook, etc), we just happen to hear about the tuta ones more often b/c that is the sphere we operate in. I would never underestimate human stupidity, plenty of people give credit card, social security info, and more to phishing emails

  • [quote=“propionate” pid=‘60916’ dateline=‘1563216533’]
    [quote=“Benchpressyourfeels” pid=‘60897’ dateline=‘1563211490’]
    [quote=“propionate” pid=‘60858’ dateline=‘1563163751’]
    You click on some email saying to confirm your account. They get your email. From there they see everything and when something with money comes up they intercept and change
    [/quote]

    Soooo you get an email that says verify your account, and you’re dumb enough to go ahead and log in your credentials. So now someone out there can get into your inbox.

    You’re telling me they’re sending these phishing emails to 1000s and 1000s of email addresses, probably randomly generated. Then when one of those emails they’ve sent their message to has a real person using it, and they’re dumb enough to hand over their credentials, there’s someone who’s gonna go log into all of these accounts and read through all their emails? And in the 1 in a million chance that they’ve reached out to one of us, and that person is dumb enough to hand over their info, and ALSO just so happens to be in the middle of a purchase exchange with a source, this mischievous guy goes and creates a bunch of emails that are very similar to the source and strategically uses one of them to email the unsuspecting customer at just the right moment when the source would be requesting the bitcoin? And they only pick one similar email because if you received 2-3 emails from oddly similar addresses all asking for money you’d know something was up. That this could even work once is statistically insane and would require an unbelievable number of man hours.

    You’re telling me this is how it works?
    [/quote]

    Nope, that isn’t how it works. I admire your confidence on a matter you don’t understand tho

    The people who are phishing buy email lists from companies that mine your data as you browse the web. They also have algorithms that search the web for usernames and such that contain email addresses.

    From this point they send out mass emails, again using computer programs, to all the emails they just acquired. Once in your inbox, you click it and provide your login credentials, now they have permanent access to your account until the password is changed.

    From here they have a separate sorting algorithm that sees the types of emails you send and receive. It picks up on key words and flags those emails to be sent to either another algorithm for more analysis or to be read by the team of people who at phishing

    From here, they decide what emails they want to try to capitalize on. They intercept your email, and spoof the email address of who should be receiving it then reply. A computer program can even do this part as well

    Tutanota isn’t the only email service that gets phished, it happens on all services (Gmail, yahoo, outlook, etc), we just happen to hear about the tuta ones more often b/c that is the sphere we operate in. I would never underestimate human stupidity, plenty of people give credit card, social security info, and more to phishing emails
    [/quote]

    What confidence? I literally asked the question because I didn’t get it, and then I reiterated what the vague explanation sounded like to me and asked again, is that how it is…but ok

    Wouldn’t a more simple explanation be that a source email was compromised and gave someone a window into ongoing transactions so they could dive in and try to intercept them at just the right moment with a similar email?

    It’s really really rare from what I’ve seen and I’ve only heard of actual cases from one source, everyone else just puts a disclaimer up

  • No, because Source emails are rarely compromised, usually they are smart enough to not click and verify. The phishing algorithm takes your email right as you click send and changes the email address so the source doesn’t receive it. They then reply imitating the source.

    Sources have lists of possible fake emails b/c there are only so many ways to spoof an email address and make it believable. Using an L instead of an i, tutanAta vs Tutanota, .corn vs .com, etc

Log in to reply