On 3/22/19 5:54 PM, Kevin A. McGrail wrote:
On 3/22/2019 7:55 PM, Viktor Dukhovni wrote:
No. The scareware alerts are generally completely fake. They
are spammed indiscriminately to users the scammer knows nothing
about.
Viktor, that does not agree with my significant experience studying this
particular spam threat. Yes, they are "fake" alerts in that they
haven't hacked your PC but they do in fact have some information that
they are extrapolating to scare people.
When they have information they sometimes use it, otherwise they often
just pretend they have information when they don't.
I have gotten then where they displayed throwaway passwords I used only
once for one site (and thus I know that site doesn't hash passwords and
never use it again) and I have also gotten them when they didn't share
what password of mine they supposedly compromised.
I've also gotten then with e-mail accounts that never were used for a
login on any site.
