Fun with examples

08 Sep 2024 - AJ

I got my first examples post up - though not as much as I hoped, and not covering two scams, because I had so many examples of the Pegasus scam to sort through. I’ll try to get the debt collection scam variations done this week.

This is the first time I’ve used graphics - an AI generated house I had a friend ‘create’ in one of those AI image generators, for the ‘picture of your house’ version of the Pegasus extortion scam.

The new scam variant was covered by Krebs on Security in an article (Sexstortion scams now include pictures of your home). I verified the link worked as of September 8, 2024; you can also visit the archive.org archived version.

I have to admit that I’ve been reluctant to make links because a good site one day might, years later, become a malware-filled site a few years down the road. From now on, if I have a site where I can also get an archive.org link I will link it and the archive copy so that my visitors can safely peruse linked sites, as well as provide the same kind of “retrieved-on” date that you see in academic cites.

Going back to the ones with an image of the victim’s home are kind of interesting because while the scammers are using Google Maps and the like, the actual image may be hit or miss. The source (usually Google Street View) may have the wrong image attached to the address, or the address may be old, or somehow the wrong address has attached to the leak.

For example, the National Public Data breach has 3 of my old addresses and AJ Jr’s current and former address when I went to go look the information up. (AJ Jr and I have had different addresses for quite some time.) A scammer pulling the data from that breach might use Jr’s old address or current address, but would fail trying to send me a picture of my current home.