아침에 다음과 같은 이메일을 받았다. 새로운 유형의 스팸메일인것같다. 피해를 볼 사람이 많을것 같아서 글을 적는다.
본인의 이메일로 보낸사람이 되어 있는데, 네이버에는 다행스럽게도 메일 상단에 "naver.com에서 보낸 이메일이 아닙니다"라고 뜬다.
이메일 계정과 예전에 유출된 비번이적혀있는걸로 봐서는 내용을 무시해도 될것 같다.
아래와 같은 이메일이 오면 당황하지 말고, 유출된 계정의 비번을 바꾸고 PC에 문제가 없는지 검사나 한번 해보면 될것 같다.
그리고 네이버 등의 메일서비스 웹페이지에서는 보안설정에서 로그인 기록도 확인할 수 있으니 확인해보도록 하자.
검색해보니 오늘 날짜로 "https://www.clien.net/service/board/cm_vcoin/12676867" 이런글도 올라와 있었다. 아무래도 단체로 보낸듯하다.
아래는 스팸 이메일 전문이다.
(민감할 수 있는 단어들은 * 표시를 하였다.)
----
Hi, dear user of naver.com We have installed one RAT software into you device. For this moment your email account is hacked (see on "from address", I messaged you from your account). Your password for 본인의 네이버 이메일주소 및 비밀번호(예전의 비밀번호)
I have downloaded all confidential information from your system and I got some more evidence. The most interesting moment that I have discovered are videos records where you mast********.
I posted my virus on po** site, and then you installed it on your operation system. When you clicked the button Play on po** video, at that moment my troja* was downloaded to your device. After
installation, your front camera shoots video every time you mast******,
in addition, the software is synchronized with the video you choose.
For the moment, the software has collected all your contact information from social networks and email addresses. If you need to erase all of your collected data, send me $800 in *** (crypto currency). This is my ***coin wallet: ************************************ You have 48 hours after reading this letter.
After your transaction I will erase all your data. Otherwise, I will send video with your pranks to all your colleagues and friends!!!
And henceforth be more careful! Please visit only secure sites! Bye
----
2018-11-03
다시 이메일이 왔다. 그것도 3개나!
Hello!
I'm a programmer who cracked your email account and device about half year ago. You entered a password on one of the insecure site you visited, and I catched it. Your password from [이메일@주소] on moment of crack: [예전 비밀번호]
Of course you can will change your password, or already made it. But it doesn't matter, my rat software update it every time.
Please don't try to contact me or find me, it is impossible, since I sent you an email from your email account.
Through your e-mail, I uploaded malicious code to your Operation System. I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources. Also I installed a rat software on your device and long tome spying for you.
You are not my only victim, I usually lock devices and ask for a ransom. But I was struck by the sites of intimate content that you very often visit.
I am in shock of your reach fantasies! Wow! I've never seen anything like this! I did not even know that SUCH content could be so exciting!
So, when you had fun on intime sites (you know what I mean!) I made screenshot with using my program from your camera of yours device. After that, I jointed them to the content of the currently viewed site.
Will be funny when I send these photos to your contacts! And if your relatives see it? BUT I'm sure you don't want it. I definitely would not want to ...
I will not do this if you pay me a little amount. I think $839 is a nice price for it!
I accept only Bitcoins. My BTC wallet: [비트코인 번호]
If you have difficulty with this - Ask Google "how to make a payment on a bitcoin wallet". It's easy. After receiving the above amount, all your data will be immediately removed automatically. My virus will also will be destroy itself from your operating system.
My Trojan have auto alert, after this email is looked, I will be know it!
You have 2 days (48 hours) for make a payment. If this does not happen - all your contacts will get crazy shots with your dirty life! And so that you do not obstruct me, your device will be locked (also after 48 hours)
Do not take this frivolously! This is the last warning! Various security services or antiviruses won't help you for sure (I have already collected all your data).
Here are the recommendations of a professional: Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!
