New Email Extortion Scam Bomb Threat Demands Bitcoin

 Stu Sjouwerman (

A new email extortion scam is making the rounds, threatening that someone has planted bombs within the recipient’s building that will be detonated unless a hefty bitcoin ransom is paid by the end of the business day.

The email was reported to KnowBe4 via a number of sources, including the (free) Phish Alert Button. It appears that the Bitcoin address was different in each message, indicating a higher level of automation than normal. This is essentially a variant of the recent sextortion strains that are doing the rounds. Here is a screenshot

This campaign was carried out by the same group of spammers responsible for the recent wave of sextortion scams, two cyber-security firms said on Friday. “Multiple IPs involved in sending these bomb threats also sent various types of sextortion email that we saw in the previous campaign,” said Jaeson Schultz of Cisco Talos.

This campaign is likely to be very disruptive, some organizations receiving will have no choice but to treat this as a credible threat and go into lockdown like banks and school districts. This is a developing story, more will undoubtedly follow.  Here is the text of one version of the extortion email:

My man carried a bomb (Hexogen) into the building where your company is located. It is constructed under my direction. It can be hidden anywhere because of its small size, it is not able to damage the supporting building structure, but in the case of its detonation you will get many victims.

My mercenary keeps the building under the control. If he notices any unusual behavior or emergency he will blow up the bomb.

I can withdraw my mercenary if you pay. You pay me 20.000 $ in Bitcoin and the bomb will not explode, but don’t try to cheat -I warrant you that I will withdraw my mercenary only after 3 confirmations in blockchain network.

Here is my Bitcoin address : 1GHKDgQX7hqTM7mMmiiUvgihGMHtvNJqTv

You have to solve problems with the transfer by the end of the workday. If you are late with the money explosive will explode.

This is just a business, if you don’t send me the money and the explosive device detonates, other commercial enterprises will transfer me more money, because this isnt a one-time action.

I wont visit this email. I check my Bitcoin wallet every 35 min and after seeing the money I will order my recruited person to get away.

If the explosive device explodes and the authorities notice this letter: We are not terrorists and dont assume any responsibility for explosions in other buildings.

I suggest you send the following to your employees. You’re welcome to copy, paste, and/or edit:

The bad guys are getting very threatening with extortion scams. They now send you an email that looks like a bomb threat and they claim there is an explosive device in the building which will detonate unless you pay bitcoin. This threat is being sent to literally millions of people, so the likelihood that it real is very small. However, we cannot take any risks and please treat this threat as follow our organization’s security policy, and do not answer or forward this email. Think Before You Click!  [OPTIONAL]  Click on the Phish Alert Button to delete it from your inbox and at the same time alert IT about this scam.

The spammers behind this campaign stopped sending bomb threats on Friday, most likely realizing that this campaign won’t yield any results, especially after the FBI, the police, and the media told everyone to ignore the threats and not pay the ransom demand.

And according to Cisco Talos, no one did. Schultz said that Talos discovered 17 Bitcoin addresses inside the bomb threat extortion emails, but none held any money. “Only two of the addresses have a positive balance, both from transactions received Dec. 13, the day the attacks were distributed,” Schultz said. “However, the amounts of each transaction were under $1, so it is evident the victims in this case declined to pay the $20,000 extortion payment price demanded by the attackers.”

Now It’s Throwing Acid…

But the spammers have not given up. Talos said that as soon as theirbomb threat campaign appeared to hit a dead end, the group switched to anotherone. “The attackers have returned to their empty threats of harming theindividual recipient,” Schultz said. “This time, they threaten tothrow acid on the victim.” A copy of an email carrying this latest threat is available below.

Warning about Spam/Phishing Activities

Received this email from my domain name provider today ( ) worth being aware of :

Dear Customer,

Our Registrar has informed us that forged emails are being sent with an email that contains a download link. This download link points to the location of a trojan/virus.

The subject of these emails is ‘Domain Suspension Notice’

Faked sender is shown as ‘‘.

– This looks to be a massive attack so it is possible that you may receive one of these emails. If you do receive one of these emails please do not click the link instead delete them.

7 Things you didn’t know about the new iOS 8.3

The latest release of Apple’s IOS operating system for iPhones & iPads, comes with the usual bug and security fixes, but there are a few hidden gems in there too. This is the seven most obviosu new additions to ios 8.3

1. New emoji icons

iOS 8.3 comes with a shed-load of new emoji symbols for you to play around with. As well as a more ethnically diverse set of characters you also get new additions such as an Apple Watch and more flags. To find the extra faces, open up the emoji panel on the keyboard (via the smiley) then press and hold on an icon.

2. Make calls over Wi-Fi

Update your iPhone to iOS 8.3 and you gain the superpower of being able to switch seamlessly between Wi-Fi and cellular networks for your calls—provided you’re on a compatible network. The trick only works with EE in the UK at the moment, and you can activate it by heading to the Wi-Fi Calls entry in the Phone section of Settings.

3. Use Google’s two-factor authentication easily

Apps and platforms that don’t support Google’s two-factor authentication require an app-specific password, which means another step to navigate. In iOS 8.3, when you add a Google account through Mail, Contacts, Calendars in Settings, you’ll be prompted for a standard verification code instead of a password, making the process more straightforward.

4. Connect to CarPlay wirelessly

If you’re the earliest of early adopters then you’ll be pleased to know that iOS 8.3 supports CarPlay wirelessly—in other words, there’s no need to connect your phone or tablet up to a head unit with a Lightning cable. To set it up you need to start from the car side by pressing and holding the voice control button on your dashboard.

5. Filter out iMessage spam

As anyone with your Apple ID email address can hit you up with an iMessage, you might occasionally get communications from people you don’t know, but iOS 8.3 helps you filter these out more easily. Go to Settings, Messages and then tap Filter Unknown Senders to create a new section in Messages that makes it easier to see and report spam.

6. Make speakerphone calls with Siri

Launching speakerphone calls with Siri was previously impossible—but now it most certainly is an option. If you ask Apple’s (un)helpful digital assistant to call someone “on speaker” then the speakerphone is used, and it can come in handy on the move, in meetings, in your car, and various other places where hands-free is preferable.

7. Download free apps without entering your password

Having to enter your password every time you install an app is great from a security standpoint but a bit of a hassle when you’re working on an apps round-up or something similar. You can now set the App Store to never ask you for a password for free downloads: from Settings choose iTunes & App Store then Password Settings. If you have restrictions enabled (via General, Restrictions) then it appears on that screen instead. The option isn’t available if you use Touch ID.

25 hidden features in iOS 8

1. Emergency Health ID

Powered by Apple’s new HealthKit, Emergency Health ID allows anyone to access basic and potentially life-saving health information from your iPhone’s lock screen. To set it up, open the Health app, tap Medical ID on the bottom right and add as much or as little information as you feel comfortable with. Now when you tap the Emergency button on the bottom left of your lock screen you’ll also find the option to view your medical details and emergency contact numbers.

2. Auto delete messages

If you’ve been using your iPhone for a long time, you’ll have built up quite an archive of text messages. This can take up a lot of unnecessary space (do you really need those texts and pictures from two years ago?). iOS 8 now allows you to automatically delete these old messages after either 30 days or one year, potentially freeing up gigabytes of storage. Tap Settings > Messages and scroll down to Message History before selecting how long you’d like to keep your old messages.

3. Snapchat-Like photos and videos
You can now send instant self-destructing videos, audio clips and pictures to your contacts via iMessage, not unlike Snapchat. To send a picture, go to your message window and tap and hold the camera icon on the left hand side. A small circular window will emerge, allowing you take a quick snap. A word of warning: once the picture or video has been shot, it will send immediately, there is no confirmation or edit screen, so make sure you don’t test this one while sitting on the toilet.

4. Swipe notifications individually

Swiping down at the top of your screen will display your phone’s Notification Centre. In here you’ll be informed of various alerts and app-related information. If you have a lot of apps and receive a lot of messages, this section can get cluttered and messy. In the past you could only clear these notifications all at once or not at all. However, by swiping left, you can now clear each notification individually.

5. Exposure control

It’s no secret that Apple’s iSight camera has always been lacking in terms of advanced features, especially when compared with the likes of Nokia or Samsung. Fortunately, Apple seems to be keen to change this with the introduction of exposure control. When taking a picture, tap where you wish to focus the screen (or tap and hold to lock the focus) and you’ll see a small sun icon appear. Drag it up or down to manually control the exposure levels on the fly.

6. Hide images from Photostream

If you have some unsightly or embarrassing photos in your Photostream that you wish to keep but would rather other people didn’t see, you’re in luck. Locate the offending image, tap, hold and select Hide from the menu that pops up. The image will now be quarantined in an album called Hidden, which you can access by opening your Photos app and selecting Albums in the bottom right corner. To put the image back where you found it, go to the Hidden album, tap and hold your image and select Unhide.

7. Swipe Quick Type away

iOS 8 saw the introduction of Quick Type, which is supposed to intelligently suggest words you’d like to use before you use them for speedy typing. It does however take up a lot of space and some people don’t find it particularly useful. Removing it is a breeze: tap anywhere on the suggest words and swipe downwards. A small grey bar is all that will remain; swipe the bar upwards if you want to bring the suggestions back.

8. Battery hogging apps

If you find that your battery seems to be running out of juice all the time but you don’t know why, this tip could be a godsend. Go to Settings > General > Usage > Battery Usage. You’ll see a breakdown of all the apps you’ve been using and how much battery power they’ve been eating up, which will give you a better idea of what apps you might want to regularly close down or uninstall.

9. Quick reply to messages by swiping down on notification banners

Any time you receive a text or iMessage you can swipe downwards on the notification banner, which will open small message window. Type your reply and hit send. This feature is particularly useful for those who dislike the faff of exiting an app in order to send a reply before re-entering the app they were in prior to receiving a message.

10. Recover recently deleted photos

By default, iOS 8 will now save all your deleted photos in an album called Recently Deleted. They will stay in this album for 30 days before they’re ultimately deleted forever. To find the folder, head to Photos > Albums. You might be surprised how many old photos are in there. If you don’t like the 30-day buffer zone, I’m afraid you cannot currently disable this feature. Your best bet is to open the album, tap Select in the top right corner and then tap Delete All in the bottom right corner.

11. Request desktop/mobile sites

When using your phone to browse a website, a bit of code will often recognise this and send you to the mobile version of the site by default. This is not always preferable, particularly if you have the large iPhone 6 Plus or if the mobile version isn’t very good. Safari now has a new feature that lets you quickly choose between the mobile or desktop version of a website. To use it, tap the address bar and drag just below it to reveal the Mobile or Desktop options. Be warned: if you don’t have any favourites, the Mobile/Desktop options can be hard to see.

12. Mute individual people

If you don’t want to mute your entire phone but there’s someone constantly texting you, you can now mute individual people from your contact list. Open their message window, select details in the top right corner and then swipe the Do Not Disturb button. You will no longer be notified of their messages until you turn Do Not Disturb off.

13. Turn your iPhone grey

You can now remove all the colour from your iOS device, making it entirely greyscale. This is a great option for some visually impaired people, or for those who don’t like colour. To activate this go to Settings > General > Accessibility and swipe Greyscale.

14. Automatically send last location of phone before it dies

If you misplace your iPhone, Find My iPhone will use your device’s GPS to pinpoint its exact location. However, your phone will need some power for this feature to work. A good way to combat the power issue is to tell your phone to broadcast its last location right before the battery dies. Turn this on by going to Settings > iCloud > Find My iPhone.

15. Format words and insert pictures

A much-needed update for Apple’s pleasantly minimalist note-taking app sees the introduction of some useful formatting options such as the ability to use italics, bold and underline. You can now also import photos. For maximum convenience, be sure the notes app is interacting with iCloud (Settings > iCloud > Notes) so you can access your updates from any other iOS device. You will need a free iCloud email address for this.

16. “Hey Siri” talk to Siri when plugged in

It’s 4am. You’ve just woken from a disturbing dream. Something about the owls not being as they seem. You feel compelled to Google owls, in search of answers. But wait, you’re comfortable in bed, this is no time for typing. Don’t worry, Apple thought of this situation. Settings > General > Siri has an Allow “Hey Siri” option. Enable it and you can control Siri by bellowing “Hey Siri” at your iOS device whenever it is plugged in.

17. Siri Shazam

Siri’s power continues to grow in iOS 8 thanks to its recent marriage with Shazam, a music identification service. Hold down your home button to activate Siri and say “Siri, what song is this?” wait for it to say “Let me listen” then hold your device up to the song that you’re trying to identify. This service is surprisingly accurate.

18. Share your location
If you’ve arranged to meet a friend somewhere, don’t bother trying to explain where you are, show them. iOS 8 comes with the ability to share your exact location. Tap Details in the top right of your message window and select Send My Current Location. The recipient will get a snapshot of your current whereabouts. If you’d like to share your location that updates as you move, select Share My Location instead.

19. Delete specific pages from your history in Safari. Clear various days.

If you’ve been up to no good online but don’t want to clear your entire history, you can now delete specific web pages rather than nuking the lot. In Safari tap the open book icon in the bottom right corner, then select History from your Bookmarks. Now swipe left and select Delete on any of the web pages you would like to remove.

20. Lock screen now has location-based shortcuts

This one’s more of a heads-up. Did you know that your lock screen can now house location- based shortcuts? If you have the Starbucks app and you enter one of their chains, a small Starbucks icon will appear in the bottom left of your screen before you’ve even unlocked your phone. Expect to see these features arriving in other apps soon.

21. Mail swipe options

The Mail app now comes with more swipe options. Swipe to the right and you can Mark as Read. To the left and you can Archive, Flag or tap More for a long list of other options. You can change how this behaves by going to Settings > Mail, Contacts, Calendars > Swipe Options. Another new Mail feature let’s you swipe a draft to the bottom of the screen, allowing you to multi-task in the app instead of having to delete the draft entirely.

22. Widgets

iOS 8 finally allows widgets, a sort of app extension that provides basic functionality within the Notification Centre. To view your widgets, open the Notification Centre by swiping down from the top of your iOS device’s screen. From here you can also remove, add or edit your widgets by scrolling to the bottom of the Notification Centre and tapping on Edit.

23. New editing options for photos

Apple has added a substantial amount of additional photo editing options to iOS 8. Once you have taken your photo, select Edit in the top right hand corner and at the bottom of the screen tap the third icon from the left, which looks like a small control knob. From here you can edit light and colour settings, such as exposure, highlights, shadows, brightness, contrast, black point, saturation, grain and tone – to name just a few.

24. DuckDuckGo search engine option

DuckDuckGo is an internet search engine that attempts to provide a less intrusive and more private search alternative than the likes of Google or Bing. This is achieved – according to the company – by avoiding personalised search results. This search engine is now available in Safari on iOS 8. If you would like to activate it, head to Settings > Safari > Search Engine.

25. Scan credit card option in Safari

Some websites, such as Amazon, which require payment information now allow iOS 8 users to scan their credit or debit card details with their camera phone instead of typing it all out. When the time comes to add your card details, an option will appear at the bottom of the screen asking if you would like to use the scan option. Simply click it and snap a picture.

A beginner’s guide to scams

This is a great article I found on the Money Advice Service website ( worth a read!

Knowing about the common scams that fraudsters are trying to use to steal your money can stop you being conned. Read these handy pointers to help you spot a scam.

How to spot a scam

There are some general signs that should set alarm bells ringing wherever you see them. Be very suspicious if:

  • something sounds too good to be true – like free stuff or quick, easy money
  • you’re asked to give out personal or bank account information
  • you aren’t given long to make a decision or you feel pressured into making one immediately
  • you’re contacted unexpectedly by a company or person you have never heard of – this can be by post, email, phone, text or on the doorstep
  • you’re asked to pay anything up-front
  • the only contact details are a mobile phone number and a PO box address

Common scams and what to watch out for


Phishing is where someone tries to con you into revealing personal information like your bank account details. A common trick is to send you a fake email pretending to be from your bank or another organisation or company you trust like HM Revenue & Customs or PayPal, asking you to visit a website and log in with your account details. The site looks just like your bank’s website, but is really a fake site set up by criminals to get your details.

Email is the most common way of doing this, but you might be targeted by text message or by phone. If you’re suspicious, ask to call them back and see if the number matches your bank’s real phone number. Make sure you get a dial tone before you call, in case the scammer has stayed on the line.

More information about phishing on the Action Fraud website


This is when hackers re-direct the traffic from a genuine website to another, such as a fake e-commerce or banking site. This is a very sneaky kind of attack as although you’ve entered the correct information to the right site, you’re still sent to a fake one to try to get your personal information.

Find out about pharming from Norton Security

Advance-fee fraud

This is also known as the ‘419 fraud’ or ‘Nigerian bank scam’. You’ll receive emails from people claiming to be ex-ministers or royalty from other nations, often in Africa, asking if they can use your bank account to deposit a large sum of money in order to get it out of the country. They will normally offer to pay you a fee.

They’ll ask for your bank details and may also ask you to send money to cover legal fees and so on. But there is no money and you’ll be out of pocket. There is also a similar scam coming from China that’s related to wills.

More information about 419 emails and letters on the Action Fraud website

Chinese Letter Scam fraud alert from the Metropolitan Police website

Dating fraud

Some fraudsters will connect with you on a dating website. They’ll be up-front about living overseas and will email you, getting to know you over time and becoming affectionate and romantic.

Then once you’ve become involved they will start asking for money for a sick relative or for a plane ticket to come and visit – and will happily take your money but never appear.

More about dating fraud on the Action Fraud website

Money Mules

Here you could unknowingly end up breaking the law and helping criminals by using your bank account to take delivery of, and then forward, stolen money and be paid a commission for helping. You would be breaking the law by money laundering.

More about money mules on the Action Fraud website

Boiler rooms

Also called ‘pump and dump’, this is a scam where fake stock market traders contact you out of the blue and give you the hard sell on buying shares that are either non-existent or virtually worthless and so difficult to sell on.

You might be offered secret stock tips to make it all seem more believable and sent fake share certificates to try to make the business seem legitimate. Then the fraudsters will disappear with your money.

More about boiler room scams on the Action Fraud website

Vehicle fraud

There are a number of scams around buying and selling cars. You may be sold a stolen vehicle or a cloned car where the details of the car have been changed to match a legitimate vehicle. You could pay for a car that is never delivered to you or one that doesn’t match what you’ve paid for.

Advice on buying and selling vehicles safely from the Metropolitan Police website

Online auction fraud

With the growth of online auction sites, there are con artists who will pose as fake buyers who appear to pay for the goods that you then send to them. The problem is that the payment bounces. Or there could be fake sellers who take your money but don’t send the goods, or send something that’s less valuable or very different from the description.

Tips for buyers and sellers to avoid auction fraud from the Action Fraud website

Job scams

There are a variety of job scams which range from promises of a new career, where you’re asked to pay up front for training or materials, to being offered non-existent jobs abroad where you are then asked to pay a fee to organise visas and accommodation.

Advice on avoiding employment fraud from the Action Fraud website

You might also get caught by a work at home scheme where you are told you’ll make easy money and you may have to pay a fee up front to register. However, the ‘leads’ or products turn out to be worthless and – worse still – your registration details may be sold on to other scammers.

Working-from-home fraud alert from the Metropolitan Police website

Health scams

If you see an email or an advert for a ‘miracle cure’ for baldness, cancer, impotence, acne or weight loss, then steer clear.

  • You could be offered something that appears to be a legitimate alternative medicine but doesn’t actually work.
  • Or you might think you are getting drugs and medicines very cheaply or without a prescription but they may not be the real thing – if they actually turn up at all.

In some cases these fake medicines can actually damage your health.

More about health scams on the Action Fraud website

Prize draws, sweepstakes and lottery scams

You could get a letter or email telling you that you have won a lottery, sweepstake or other prize draw and offering you a large prize. The scam can then take different forms:

  • you might be asked to send a small amount of money in order to claim it as a processing fee or legal fee – but no prize exists and you lose the cash
  • you might be asked to prove your identity with a passport – which is then used by the crooks to steal your identity
  • you might be asked to provide your bank account details so they can pay the money in but this information is then used to clear out your account
  • you might be told you have won a prize and you need to ring a special phone number to claim it – the call goes to a premium rate  number, takes ages and will cost you more than the value of the prize you’ve won

More about prize draw scams on the Action Fraud website

Property fraud

If someone offers you a get rich quick property scheme then there are a variety of ways they could be trying to defraud you.

  • You might be offered a way to buy into a development that is not yet built with all sorts of claims about the profits you’ll make – but the land is either farmland or derelict and will never get planning permission or is unsuitable for development so you’ll lose your money. This type of fraud is also sometimes called ‘landbanking’.
  • A fraudster might steal the title deeds to a property and pretend to be the owner and then try to borrow money against the property.

Find out more about the different kinds of property fraud on the Action Fraud website

Read about land banking scams on the Financial Conduct Authority website

Face-to-face fraud

There are many legitimate door-to-door sales staff – but others don’t have good intentions. You can be pressured into buying something you don’t want or isn’t worth the money you pay for it.

Fraud by bogus tradespeople can take a variety of forms:

  • fake charity collections
  • selling you unfair or unsuitable contracts
  • home maintenance or improvements that you are overcharged for or are badly done, or
  • potential thieves who are checking out your valuables once inside your home

More about fraud by bogus tradesmen on the Action Fraud website

Pension scams

Pension fraudsters will tell you they know a loophole so that you can get hold of some of your pension money before retirement. While you can make arrangements to get cash from it if you’re 55 or over, it’s likely to be a scam if you see claims that:

  • you can get cash before the age of 55
  • you can get more cash than under your current scheme, or
  • you can have more than 25% of the pension value “released”

They might charge you a fee or land you with a big tax bill.

8 ways to extended you iPhone battery life

1. Disable location and background app refresh for Facebook
The Facebook app for iPhone consumes a huge amount of memory and processing power, even when you’re not using it. Turning off background app refresh can actually cause your battery percentage to increase.

2. Disable background app refresh for apps you don’t care about
Background App Refresh was a feature added in iOS 7, to allow apps to check for new content and download updates even when they’re not running. However, it can use up a lot of power, and you don’t necessarily need it running for every app that supports it.

3. Stop quitting your apps in multitasking
A lot of people tell you that closing your apps will save your battery life because it keeps the apps from running in the background. However, this can actually make your battery life worse if you do it on a regular basis. Closing the app, removes it from the phone’s RAM, so when you open it again your device has to load it back into memory again. The truth is, apps in your multitasking menu are not running in the background at all: iOS freezes them where you last left the app. Unless you have enabled Background App Refresh, most of your apps are not allowed to run in the background.

4. Disable push email temporarily
Push email allows your device to receive instant notifications every time you get an email. It is great if you need to know when every single email comes in, but does impact battery if configured incorrectly. Try changing the setting to fetch emails every hour, thirty minutes, or fifteen minutes and see if the drain stops. You could also trying disabling Push on individual accounts if you have multiple.

5. Disable push notifications for annoying apps
Every time you get a push notification, your phone wakes from sleep for 5 to 10 seconds to light up your screen and wait for your potential action upon each notification. If you receive 50 notifications during the day and never act on them, that will add 4 to 8 minutes to your Usage time.

6. Turn off battery percentage
People that are anxious about their iOS device battery life are constantly checking it to see the percentage and how much it has dropped from the last time they checked it. So if you check your device twice as much, simply to check on the battery life, you are essentially halving the time your device will last.

7. Enable airplane mode in areas of poor cellular service
When the iPhone detects that you are in a place of low signal, it will increase the power to the antenna in order to stay connected enough to receive calls and maintain a data connection. This will destroy your battery life if you are constantly in a location with one bar or no service at all.If you still need to receive calls there is nothing you can do, but if your service is so poor that you can’t receive calls anyway, turn on Airplane mode. You can then turn Wi-fi back on if you need to.

8. Go to an Apple retail store
Apple has rolled out a new ‘Extended Battery Life Test’ for all iOS technicians that allows them to see a detailed report of battery usage on your device. If your physical battery is defective, the technicians can replace it for free if your iOS device is under warranty.

Confused about Heartbleed bug ?

If you are uncertain about whether you need to change your internet services passwords , here is a list of do change and don’t need to change… there is a lot of conflicting info doing the rounds at the moment

Name Vulnerable? Patched? Change password?



No need

Only if shared with vulnerable service

Amazon Web Services





Not clear

Not clear

Not clear




Only if shared with vulnerable service



No need

Only if shared with vulnerable service



No need

Only if shared with vulnerable service











No need

Only if shared with vulnerable service

If This Then That



Will force users to log out and ask them to update



No need

Only if shared with vulnerable service



No need




No need

Only if shared with vulnerable service



No need

Only if shared with vulnerable service



No need

Only if shared with vulnerable service



No need

Only if shared with vulnerable service







No need

Only if shared with vulnerable service

Yahoo/Yahoo Mail