I KNOW WHAT YOU DID

This is a sample of what users are receiving in email 

Click on the above picture to enlarge so you can read it.  It's harmless or we wouldn't have posted it here. 

If you are not accustomed to seeing an email like this, it is possible that you got one but it went to your SPAM folder.  Emails like this will go to your regular inbox if your email provider recognizes something that you have in common with the sender. 

The content is almost always a screenshot, a tip-off that it's not legit and a good email provider will disable the images so your device isn't compromised. The sender uses screenshots because it is easier for him to do mass mailings and to make you give up after the first attempt to copy paste it into a search engine to authenticate it.   

There are two kinds of readers: The first reader recognizes the letter as a scam and is confident in deleting it because they don't use (or have) a webcam, don't use Facebook/Messenger, and don't watch videos on their computer.  

The second reader is the one who reads it with a guilty conscience and falls for it hook, line and sinker - making themselves a perfect target.

This email is a "sextortion" attempt.



For those who can't read the text on the above picture, here's the short version.  


The email states:

"that malware was placed on a porn website that "you" visited (to have fun) and while you were watching the video, your web browser acted as a Remote Desktop and a keylogger, which allowed (the sender) to see your display screen and webcam. (The sender's) software gathered your contacts from Messenger, Facebook, and email.  (The sender claims to have) made a split screen video of the porn video and of you while you were watching it doing a nasty act.  (The sender says) that $1400 is a fair price to keep your secret and payment is to be made by 24 hours in Bitcoin to the BTC case sensitive address provided.  (The sender claims to be able) to see when you have read the email. If you send payment, (the sender) says the video will be erased "immidieately" But if you want evidence, you can REPLY with "Yes!" which will make (the sender) proceed to send your video to 5 of  your friends.  The offer is non negotiable so don't waste my time and yours by replying to this email."

Your first instinct after seeing your password at the top might be to quickly change your password - which never hurts, especially if you are still using the same password on one or more accounts.  We have always strongly discouraged our readers against using one password on multiple sites because if you are ever hacked or if a massive security breach happens where mainly passwords were stolen, you can be attacked on all of your accounts at the same time and there's nothing you can do about it.  Even if you slightly change the same password by adding some numbers or symbols after it, you are still using a similar password. Please don't do that.  Always use completely different passwords on different sites.


Whether the claims in the email are true or not, no matter how pissed off you are - DO NOT REPLY.  The first time you reply to the email, one of two things will happen: the message will either bounce back as "not deliverable" OR you will become a bigger victim (target) than you are now. 




Replying to an email like this is foolish because you most likely are doing battle against a computer-generated program which sent the same message to thousands of people at one time. Each one will be customized to the target with a different password that could be a current password (or part of a password) or one that was used in the past.  


This email was sent to Geek Admin Maggie King which, because of her security settings, was automatically sent to her SPAM folder where it belongs.  Maggie said she found it because she routinely goes through her SPAM folder before emptying it to make sure important stuff wasn't sent to SPAM in error which her email provider has done in the past with legitimate emails.  



So, why did you get the email in the first place?

We seriously don't believe every recipient was watching a porn video. The mention of a porn video was used as a vehicle to perpetrate extortion. The real reason you got the sextortion email with the outdated password at the top is most likely because the sender is working off old information that was acquired during a breach from some time ago.  


But how did they get your password? It is possible that your credit cards, medical records, or banking records could have been hacked.  

But it is a better bet that your Facebook or your email provider (Yahoo, Outlook, AOL, Gmail, Apple, etc) was hacked. 

Admin Maggie King uses Yahoo for her email provider and Yahoo was hacked in August 2013 which they did not report to the public for three years, until 2016.  The stolen data included names, dates of birth, email addresses and physical addresses, telephone numbers, passwords, security questions and answers, and contents of some emails where users emailed their newly changed password to themselves for safekeeping. 

In 2016 when Yahoo first alerted the public of the August 2013 hack, they said, "only 500 million users were hacked" which was not true.  In December 2016, Yahoo confirmed that the accounts of over one billion users had been hacked. 

In 2017, Verizon became Yahoo's new owner/parent company and shortly after they also verified that Yahoo's August 2013 hack affected every user who had a Yahoo account at the time which, Verizon said, was nearly one billion users.  This number also was not exactly true.

Even more unsuspecting users were affected because Yahoo also owns Tumblr, Fantasy and Flickr. In 2017 Yahoo revealed that 2 billion users of those websites were also hacked bringing the total number to 3 billion accounts whose personal information is in the wind, up for sale on the Dark Web.  


Hacked information is best used while it is "fresh" when no one knows they've been hacked. Because Yahoo didn't report it in 2013, and because users were not aware their details were hacked, the information remained fresh for a very long time.  


Yahoo said they didn't report it because they didn't want to lose the trust and confidence of its users.  

They lost more by not reporting it.  


Who knows? Maybe the hackers were holding something else over Yahoo's head to keep them from reporting the hack.   


 In August 2016, Yahoo said they were aware that hackers were advertising the sale of stolen passwords of 200 million Yahoo accounts on the Dark Web.  They told users to change their passwords, use different passwords on different platforms and to consider using an Account Key  


To add insult to injury, Yahoo was hacked again in 2014 - which they did not disclose until 2016 after they told the public about the August 2013 hack. The new 2014 hack affected another 500 million users, mainly users of newly made Yahoo accounts.  Yahoo believes that the same hackers were behind both attacks.  

To notify users, Yahoo placed a small obscure post on Tumblr saying Yahoo was taking steps to secure the affected accounts and was working closely with law enforcement to get to the bottom of the hack.


People trust Apple and think Apple can't be hacked.  But they can.  In August 2018, Apple reported that they were hacked by an Australian teen who hacked into Apple's private servers over a long period of time and stole 90GB of private information.


The password at the top of Maggie's email was part of one she had been using back in 2013 when Yahoo was hacked. This means the hacker sat on the stolen information for so long after he got it in 2013 (or he sold it on the Dark Web and the new owners also didn't use it in a timely manner)  that this rendered her password information useless.  

So that all will not be lost, when you are talking about the potential profit to be made off the private information of 3 billion users, the new owner of the hacked information is not about to give up. Judging by this email, he is still trying to make a buck off it. 

Here's our take on the "sextortionist."

The sender is most likely a desperate semi-literate second rate wannabe hacker who thinks the information is far valuable than it is, who hopes to make a few bucks by sending sextortion letters in bulk by using an old app that obviously didn't come with a proofreader, waiting for a reply from some guilty, unsuspecting, totally uninformed email recipient who will do anything to keep his secret from being revealed,  and will make the sender rich beyond his wildest dreams by sending $1400 in Bitcoin!


It's been five years and according to the latest reports, Yahoo still doesn't know how 3 billion accounts were hacked nor exactly who the hackers were. 

Good hackers have been notoriously successful at not getting caught.  It is our opinion that Yahoo will never know the identity of the hackers.

As long as there is information available to be sold, and as long as some unsuspecting user believes the sextortion emails, the hackers are going to win in more ways than one.


UPDATE: April 17, 2019
In March 2018, Yahoo was ordered to pay out a total of $117.5 million by a federal judge to reimburse $55 million to victims for out of pocket expenses, $24 million for two years of credit monitoring, up to $30 million for legal fees and up to $8.5 million for miscellaneous expenses. 


On April 17, 2019, more names were added to the Customer Data Security Breach Litigation list for reimbursement and out-of-pocket expenses which you can read here. 


In March 2019, US Prosecutors charged two Russian intelligence agents and two hackers with one of Yahoo's two breaches. No trial date has been scheduled.   


To check if your email address was included in a data breach, go to this site  https://haveibeenpwned.com 
Enter your email address to get a list of data breaches where your email address was acquired by hackers


If you live in the USA, you can file an internet crime complaint at https://www.ic3.gov/default.aspx


Share our posts with your friends so they can be up to date too. Thank you.

an>

THE DISLIKE BUTTON SCAM

Buried deep within every scam, there is a small speck of truth.  Very, very small.



Misinformation about the Facebook Dislike Button got a lot of circulation back in 2014, and again in 2016 and it seems now in 2019, it's stirring up the scammers again.  



The scammers call it a Dislike Button. 


Facebook's CEO, Mark Zuckerberg, is calling it a Downvote Button because he says he doesn't think it is socially valuable and he doesn't want to create a negative environment. 


Downvote vs Dislike - same animal, different genders.




Some people say (and we agree) that he needs to take off the rose colored glasses and read the feedback from Facebook users who faithfully report the gazillion pedophiles and the porn kings and queens who get to stay on Facebook to do their dirty deeds....  That's a topic for another day.



Evidently something was being tested around April 2014 because it prompted a Facebook spokesperson to make this statement:

Click to enlarge for easier reading

So he used the word "downrank" but it still tells the posting party "I don't like it."  

That probably put a pin in Mark Zuckerberg's balloon because in December 2014, Zuckerberg said:

Click to enlarge

Fast forward to January 2019 - 
Judging from the number of messages we are receiving this week in our Messenger Inbox, the Dislike Button Scam is making the rounds again.  



Although experienced Facebook users should be well aware that it is a scam, that's not the case for those users who have been on Facebook for two years or less, because they are falling for this scam -  hook, line and sinker.  



You'll know which one of your friends will fall for it because they have already sent you at least one scammy scheme since you friended them, instructing you to forward it to all your friends.





TO BE CLEAR: As of today, January 22, 2019, there's NO Dislike button that can be added or downloaded to your Facebook account.  It is a Scam.


Please share this post with your Facebook friends so they will get the message that this is a scam and stop spreading the posts on their timeline and by messenger. Thanks!


Click this button to share to Facebook

HOAX ALERT

We are giving you three links to check out our claims that this is a hoax, then hopefully you will come back to our site to finish reading.  


https://www.abcactionnews.com/news/facebook-messaging-hoax


https://www.foxnews.com/tech/facebook-friend-request-hoax-goes-viral-dont-fall-for-these-messages


https://www.snopes.com/fact-check/got-another-friend-request-facebook-warning/


You can stop sending these messages now.  


Just quit it.


They aren't true. 


They never were. 


You were snookered into sending them to all your friends. And now hopefully you feel really dumb for sending them. 

ANYTHING that says to send to all your friends, don't do it. If the message says something you believe to be true about YOURSELF, then send it in your own words to a FEW friends, but not ALL.

You wasted so much time sending this to friends, and the risk is you will get marked as a scammer and possibly  lose your Facebook account.


YOU DIDN'T EVEN READ THE WHOLE MESSAGE  BEFORE YOU SENT IT!

If you did, maybe you wouldn't have sent it.



Your message is never going to make anyone pay attention because YOU LIED IN THE FIRST SENTENCE.



YOU know you didn't get a friend request.



The person you sent it to knows they never sent you a friend request.


And if you lie right off the bat, you will lose your audience.



You lost all three of us admins - Maggie King, Cally Russell and John George.  


Maggie and Cally have received more than 50 of these in the last 2 to 3 days.  John received 127 so far.  



We have decided -  as a team - to unfriend and block anyone who sends this to us because it is clear that we were wasting our time with our tutorials, trying to teach you how to be safe, and here you are spreading scammy hoaxes which should have stayed unsent.



Do you know? 

You are keeping it circulating every time you send it to even 5 people, and those 5 send it to 25 more, and those 25 send it to another 100 people and so on.  


You get the idea. It never ends.



And the man who created this in the first place?? Well, he is having a good laugh at your expense as he watches each one of you sending it to "all the people you want to forward it to" because that's how he gets his kicks.  


And yes, you are responsible for that.


Where you say "I had to do the people individually"  This does not make us care about you one way or the other.  

Because we don't.


And we sincerely mean that.  


You are the one who made a conscious decision to send this to all your friends.



You are the one who will have to deal with the fallout that each one decides to do with you.



Some may write you a terse message.  
In which case you got off easy.

Some may put you on ignore.
In which case you got off easy.

Some may unfriend you.
In which case you got off easy.

Some may unfriend and block you.
Good for them, you deserved it.






Although cloning accounts is a serious business on Facebook, your pathetic message isn't doing anything to slow it down or stop it.  





By now, you know all three of us admins have unfriended and blocked you for sending it.


Maybe you will think twice before you send any more of these.


MK

HOW TO RECOGNIZE A SCAM PAGE

We know a lot of you have Pages on your LIKES list that are not for the official game or celebrity. The Pages for games may have been made by friends who wanted to organize their friends list better and thought making a Facebook Page was the answer.  The Pages for celebrities may have been made by anyone who wanted to use that celebrity's name to cash in on an offer they are making on the Page or some other illegal activity.

Tyler Perry didn't even know this Page existed until he was alerted by Facebook
that his name was being used in a Scam.

You might have LIKES on your list that you never personally LIKED but they ended up on there anyway. 

Do you know how they got there?  Usually it is because the Page's creator is someone on your friends list and when they made the Page, they were given the option to add all of their friends as LIKES to boost the Page popularity on Facebook.  

Many novice Page makers don't know that there is an option to uncheck a box so all their friends don't show as LIKES. However, if they uncheck the box, then the popularity, visitors, and LIKES they expected to see just won't happen. 

It is to the benefit of every new Page owner to leave that box unchecked so they can get high numbers of LIKES on their new Page.  Everyone likes to see a large number of followers and LIKES on their posts, and Page owners are no different.

SO WHAT IS A SCAM PAGE? 

Scam Pages are websites (both on and off Facebook) that have not been verified as belonging to the company they are trying to imitate.  

On Facebook, they have to pass an identity check to prove they are who they say they are and that they have some affiliation with the developer of the game or celebrity or cause that is the subject of their Page.

These Pages will not have Facebook's official blue check mark next to their Page name.   To get the blue check mark, the Page owner/creator must submit documents saying they work for or actually are the game developer.  When Facebook is satisfied they are telling the truth, they verify their Page as the real deal and place a little blue check mark next to the Page's name as you see in the following picture.

.
Now that you know how to recognize legitimate game apps that are verified with the blue check mark, what does that mean for all those other game and fan Pages?


Good Rule of Thumb:

If the Page is offering something to you for free, or if they copy paste their posts directly from an App Page, they are Scams.  



There is only ONE Page for the developer and they don't take too kindly, nor are they flattered when other Pages imitate them, steal their traffic and promise large amounts of game currency to their Like-rs and Followers.





Take a minute right now and go through your LIKES list.  All those Facebook Pages that you LIKED for games, household products, food products, charities, etc, if they have no Blue check mark, go UNLIKE them. They are not the real deal and you are supporting a Scammer by giving them your LIKE. You are fueling more traffic to the Page by leaving your LIKE in place.


Most Pages for household products, charities, causes and food products are not made by the real company or a developer acting on the company's behalf.  They are made by people who want to take a high profile product or item and draw attention to a Page they made so they can garner a little bit of glory. Many use the Page as a introduction to another Page or website.  In this case, there is a website behind a website. You start by watching a video or reading testimonials on one webpage and when you click to read more, another webpage appears - usually selling something or asking for your personal information to put you on a mailing list or to verify your identity.

Examples of non-verified Pages that were added to your LIKES because you were on the Page owner's friends list. Some of these are also Pages you may have LIKED, thinking they were the Official Page for that topic. Often Page creators will make a Page using a famous person's name or picture and try to pass their Page (or themselves) off as the celebrity. 

SAGE WISDOM:

Scam Pages are a HUGE deterrent against your friend requests being accepted and against your being approved to join legitimate game groups.  


The only way to fix this is to go to your LIKES list and click to UNLIKE anything you didn't personally Like on your own. 



While you are there, if your LIKES list is long or if you find things you don't care about any more, either hide some of them to ONLY ME or UNLIKE the ones that are no longer of interest to you which will remove them from your list. 



Thanks for reading.

FAKE GAME PAGES

https://www.facebook.com/Ceasars-casino-465798923452298/

You would think that this Caesars Page that has 5985 LIKES might be the real deal.   It even has 25 of my Caesars friends as LIKES, some of whom are pretty smart players.  So it must be the real deal if they LIKED the Page, right?



Nope 



This is NOT the official Caesars Casino Fan Page and it is NOT verified by Facebook. 



It is a Page that was made by a Caesars player who added all of his friends when he made the Page. There is an option to check a box to NOT add all your friends, but hey, the object is to get a lot of LIKES so why bother checking that box?  It defeats the purpose of creating a Page. 



When you, as a player, make a Page, you are trying to get a certain name on it that will attract alot of attention, in this case Caesars players. But if you can't get the exact name you want, then you have type the name over and over to monkey around with the spelling, the spacing, and the capitalization until Facebook approves one of them. This Page owner was probably surprised himself when he saw the Page name he picked was available for the taking. 




The reason the name was still available for his Page is because he spelled the game name differently  - Ceasers -  and he is probably hoping you won't notice his error.




This Page is of no consequence because it is inactive. There are no posts on it and the owner probably lost his Facebook account short after creating it. Or he made it and abandoned it.




We are only using that Page as an example.



Our main point is to tell you that anyone can make a Facebook Page and name it anything they want to, as long as the title doesn't sound like it is a hacker name, does not impersonate the real game, isn't sexually suggestive and isn't a name of an organization that can harm the country of origin.





 The Page owner who uses Caesars as his venue has to get creative with the spelling because Playtika Caesars will report it to Facebook to  shut down any Page they deem to be a threat or is masquerading as them.  That's not to say that there aren't Caesars Facebook Pages still in business, because there are.




Now that Playtika has essentially left the building - removing Facebook from their TOS, but keeping a presence with their own Facebook Fan Page and presence in Stompers for monthly coin parties, Playtika has chosen to pick their battles and only picks the ones that can hurt their business. Because that is their bottom line. 



Anything that hits them in their wallet is of concern. What someone names their Facebook Page with their 5,000 friends as LIKES, and has no further activity - they are of little or no consequence to Playtika. 



You will see Page names for Caesars Casino spelled like:




Caesar's Casino
Ceasers Casino
Caesars Casino
Caesars-Casino
Caesarz Cazino
Cesars-Casino
Caezars Casino



If your LIKE is attached to a Page that is not a verified Facebook Page for Caesars, then it is in your best interests to get your LIKE off that Page so you don't jeopardize your future prospects of getting friends and  being approved to join groups.  




When group admins vet a player asking to join their group and when players get a friend request for their games, they both look for the same thing.  




They look for Scam Pages and Scam Groups and if they do see them on someone's LIKES list, they are more inclined to pass them over and not accept them.  It only takes one Scam Page or one Scam Group to attract high profile players to get their LIKE on a Page or their name on the group's member list.  This in turn will attract more players who will assume that the Page or the Group is on the up and up just because that player name is present.




There are only two ways to figure out if a game Page is the real Facebook Page for Caesars and that is:


1) by the little BLUE check mark next to Caesars title on the Page and 


2) by the 6+ million LIKES on it. 




If there's no BLUE check mark on ANY of the Facebook Pages that are on your LIKES list,  then that Page is not the Official Page owned or supported by the game developer. 




It also has no standing when you want to join legitimate groups. As stated, it can work against you when the admins of game groups see it and remove your request to join.  



The reason why is: If someone has too many Scam Pages or Groups on their Facebook account,  then they are a threat to the safety of group's membership. They need to be kept out of the groups at all cost so the rest of the membership doesn't get coerced into LIKING Scam Pages or joining Scam Groups.




Likewise, if someone's account is pristine when they joined a game group, and when several months go by  - maybe they've picked up some Scam Pages or Scam Groups.



Then this player needs to be shown the error of his ways and if he is not willing to remove them from his LIKES, he needs to be removed from the group.



The safety of the membership is paramount.



Group admins - no matter how experienced - are entrusted with keep the group and the members SAFE.  They can't do that if members are going to LIKE Scam Pages and join Scam Groups - usually the ones that promise free coins -- because they will invite the existing group members and then your pristine group is now full of members whose accounts are full of Scams.





What gamers forget to do is ---- UNLIKE the Page or LEAVE the Group.



This post is a reminder to go look at your LIKES LIST and your GROUPS list. 


UNLIKE the Pages that are for your game that are Player Made Pages and LEAVE the Groups that you joined or were added to that promised you 10M free coins for commenting and sharing their posts.



If you are responsible for any of your friends being invited or added to the Scam Groups or who have LIKED the Scam Pages, go remedy that and tell them to do what you are doing.



The only way to clean up player accounts of Scams is for it to start with YOU.  


Pass the advice on 


OR


 share this post to your timeline and tag some of the friends you want to give a gentle nudge to.



This is the OFFICIAL CAESARS PAGE with the blue check mark next to its title, which means Facebook did their end by checking the credentials to make sure they were the real deal.



And then they gave them their blue check mark.

One more thing about having LIKES for game Pages or game oriented LIKES that are not Facebook verified --- We want you to remember that you are giving free advertising to Scam Pages that are on your LIKES list.

 There are some people who have nothing better to do, than troll the LIKES lists of their friends to see what is new that they can take a look at or LIKE. 




They do it because they are bored, they are coin poor, and because they want to see what kind of stuff other people have on their LIKES lists.  




When someone is going through your LIKES, don't be the reason why Scam Pages get more LIKES.



Please go look at your Game Groups and leave the ones that have had no activity for a month or longer. Your groups should be a place to chat and read the group wall. If there's nothing on it, go find a better group.



Go look at your LIKES list.  Any game Page you have LIKED that does not have the BLUE checkmark, please Unlike it. 



There's no need to physically visit the Page to UN-like it. You can do it right from your LIKES list by clicking on the word LIKE and select UNLIKE. 



When the L IKE button is under their name again, you have unliked the Page. Refresh your screen and their name will be gone from your list.


Thank you.