Godaddy privacy breach fallout - Foo forum at WebmasterWorld - WebmasterWorld

Forum Moderators: open

Message Too Old, No Replies

Godaddy privacy breach fallout

JS_Harris

4:42 am on Jul 21, 2019 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

Some time ago when Godaddy announced a need to change passwords a scammer got busy trying to take advantage.

I still regularly get emails telling me that all of my online files were compromised and that a split screen of my cam and what I was watching online was recorded. I know godaddy is the source as I do not reuse email addresses with different services and these came in on the godaddy email address.

They threaten to show my friends, incl everyone on my contact list, this split screen capture of me looking at stuff online. They even tell me in the email they are the ones who hacked my account back then openly. They want me to make a bitcoin donation or else.

- I don't have a cam for this reason, ever since Google published a browser update that could turn them on remotely in secrecy(was probably unintentional within Chromium but happened)
- I don't have anything questionable on my servers
- I don't pay ransoms
- Godaddy is essentially a test host for me, my main site is elsewhere but this guy doesn't know that

If you're getting these too know that the email is bogus. The breach was real though, change passes and restore backups if you didn't.

topr8

4:25 pm on Jul 22, 2019 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

i've received these emails, many of them.

however i've never had a godaddy account - so doubtless other hacked databases or lists of emails are being used too.

engine

4:47 pm on Jul 22, 2019 (gmt 0)

WebmasterWorld Administrator

10+ Year Member

Top Contributors Of The Month

Yes, it's a scam that's being doing the rounds for a while now. The obvious thing is if you don't have a web cam they won't have "that particular" web cam footage.

Apparently, some are paying up.

In any case, if someone did pay a scammer with real footage, could you believe they'd delete the footage. I think not.

Dimitri

4:58 pm on Jul 22, 2019 (gmt 0)

WebmasterWorld Senior Member

Top Contributors Of The Month

Get the same form time to time , i never used Godaddy either.

I am not paying because :

1- I am too old, and I have no idea how to send Bitcoins to someone else,

2- If they have a video of me "in great shape", as they say, I consider they are already lucky and rewarded by the enjoyment I gave to them.

In any case, if someone did pay a scammer with real footage, could you believe they'd delete the footage.

They promise they 'll delete it, why doubt of it ?

[edited by: Dimitri at 5:34 pm (utc) on Jul 22, 2019]

brotherhood of LAN

5:12 pm on Jul 22, 2019 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

Using youremail+sitesignedupto@yourdomain.com only provides some amusement of where the hackers got their email data from. Fact is it's quite likely your email address has been leaked from a number of places.

Hackers can use the registration/forgot-password features on a number of sites to see if you have an account somewhere too. Depends on the error/messages a site gives when you try to sign up or retrieve a forgotten password.

It is easy to see why non-techs can fall into this trap of believing their story. It really is a rabbit hole of technical facts, ultimately most people's email addresses and favoured passwords are essentially public data.

tangor

6:24 am on Jul 23, 2019 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

It is all about the numbers ... Most will not fall for it, but for every 1000 1 will bite ... and even if that number is 1 in 10000 it's still in their favor.

Can't tell you how many "banks" or "retail stores" have warned me my account is ... (whatever) and (do this)...

My email address has been posted to the web for 25 years and because of that I get 25000000 spams a year. Whew!

Love message filtering and commonsense, so this is a cost of doing business. Some for me and none for them.

Birthdates, physical street addresses, and real names, on the other hand, is very very different!