View Single Post
Old 2 Nov 2018, 11:37 PM   #22
jhollington
Essential Contributor
 
Join Date: Apr 2008
Posts: 371
Quote:
Originally Posted by xyzzy View Post
I try to answer questions on the att internet support forums. In the last two days there have been three posts of a similar scam. Oddly, I just answered one just before I came here and saw this thread. The poster said they were being asked for $871. Wonder where they came up with that number. The other two were, if I recall, around $900. This latest poster didn't go in to any details but I did reply to ask for the details.
Yeah, I've been seeing these e-mails in my spam folder for a few months now, so it's not even a new scam. The amounts and other details change slightly, but the premise is pretty much identical for every one of them.

That said, the inclusion of passwords does seem to be more recent. My father got caught up with one of those a few weeks ago — although it was an older password in his case —*and I've recently gotten one or two with a password in them as well, which I've been able to trace back to obscure sites that I haven't even logged into in almost ten years.

In short, as others have pointed out, these come from security breaches where hackers have gotten their hands on lists of users and passwords from various sites, from the huge ones at places like LinkedIn, Dropbox, and Adobe, to scores of much smaller sites.

You can visit https://haveibeenpwned.com to look up your e-mail address and see a list of any places where your password may have been compromised in a hack, and if you use a password manager like 1Password, it actually ties into this database directly and flags any passwords that you should change.
jhollington is offline   Reply With Quote