Not sure if I'm TMI'ing here, but... In the last couple of weeks, I've gotten dozens of scam spams, all virtually identical, threatening to reveal my "browsing habits" if I don't send them 900 bitcoin bucks. They all claim to have my password - and some of them do - at least very old ones. This is one of the things that makes me wonder if there's some risk here. They have provided me with passwords that I know are mine - though they're as much as years old. Nothing recent. And certainly nothing since I replaced my laptop after a catastrophic crash and lost all my data. I'm used to the usual scams, but they're usually sporadic. These ones are several a day. Is this just a wave that's sweeping the internet? Or is it actually possible that they really do have my data?
More info here, it's been going on for a while. https://isc.sans.edu/forums/diary/Sextortion Spam and the Infinite Monkey Theorem/24136/
One of the complaints I have about password protocols (see xkcd #936↱) is that the only times in the last twenty-plus years I have needed to change a password is when someone else somehow obtained it; it's not like the longer passwords with a capital letter, number, and special character actually do anything to help us. Sciforums was apparently breached years ago; we changed our passwords. Aside from that, Hotmail got hacked, Ubuntu forums got hacked, and Gmail flat gave away a bunch of user access information. Meanwhile, the bots I'm allowed to see snared in my blog's spam filters are getting better all the time, but the reason I mention them here is it looks like they've been learning by reading other people's communications, either widely available or stolen. Spoiler Please Register or Log in to view the hidden image! In August, this bot logged a Russian IP. Some of the simpler ones slice and dice stuff spidered from other sites. Well, that or they're recycling their own earlier autogenerated messages. Today's crop is nearly funny: Discussion boards, comment sections, Q&A pages ("was this answer helpful?"). And apparently my name is Lynda: This feels such a positive and hopeful post about making and art, especially in dark times. Such an intriguing short film – will certainly follow up. Thank you, Reasonable Lynda. That was attached to a post about terrorism in Israel↱; never mind the click, as you can perceive the incongruity such as it is. But, yeah, all that stuff they're sending has to come from somewhere. Probably some overlap with how they got your old passwords.
Today's bots, as noted above: Spoiler Please Register or Log in to view the hidden image! Still at it; a Russian bot spams WordPress, 19 October 2018. Gooey deliciousness and Dinesh D'Souza should never go together. I guess that was yesterday. Still, though, you're welcome.
