Almost Daily, we get mails from our readers reporting that their mails got hacked. After getting a copy of these mails, we found out that all mails contain the same message but in different wording and in different language. In English, Korean or Japanese. I am sure the same message is written in other languages as well. Throughout the post, we will use “kid” to refer to the spammer.

The spammer’s main mission is well defined in the mails and we can divide the mail into 4 parts:

  1. A lovely story about how the kid hacked the account, sometimes with meaningless technical terms!
  2. The second part is usually combined threats targeting the victim, Things like: all browsing history/screenshot will be published
  3. Then the attacker starts to blackmail the victim to send some amount of money to some bitcoin wallet.
  4. Finally the attacker tries to add a fake evidence that the mail is hacked which is: “Look at the sender field, I’ve sent this mail from your own mail!”.

In this post, we will answer very important questions concerning this widespread social spamming and most importantly: should you pay or not and why? and how did the attacker hacked your account in the first place?

Some samples of the spam:

En1

Subject: your@mail.com – this account has been hacked! Change all your passwords!

Hello!

I have bad news for you.
19/07/2018 – on this day I hacked your operating system and got full access to your account your@mail.com

It is useless to change the password, my malware intercepts it every time.

How it was:
In the software of the router to which you were connected that day, there was a vulnerability.
I first hacked this router and placed my malicious code on it.
When you entered in the Internet, my trojan was installed on the operating system of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a small amount of money to unlock.
But I looked at the sites that you regularly visit, and came to the big delight of your favorite resources.
I’m talking about sites for adults.

I want to say – you are a big, big pervert. You have unbridled fantasy!!!

After that, an idea came to my mind.
I made a screenshot of the intimate website where you have fun (you know what it is about, right?).
After that, I made a screenshot of your joys (using the camera of your device) and joined all together.
It turned out beautifully, do not doubt.

I am strongly belive that you would not like to show these pictures to your relatives, friends or colleagues.
I think $735 is a very small amount for my silence.
Besides, I spent a lot of time on you!

I accept money only in Bitcoins.
My BTC wallet: 1H9bS7Zb6LEANLkM8yiF8EsoGEtMEeLFvC

You do not know how to replenish a Bitcoin wallet?
In any search engine write “how to send money to btc wallet”.
It’s easier than send money to a credit card!

For payment you have a little more than two days (exactly 50 hours).
Do not worry, the timer will start at the moment when you open this letter. Yes, yes .. it has already started!

After payment, my virus and dirty photos with you self-destruct automatically.
Narrative, if I do not receive the specified amount from you, then your device will be blocked, and all your contacts will receive a photos with your “joys”.

I want you to be prudent.
– Do not try to find and destroy my virus! (All your data is already uploaded to a remote server)
– Do not try to contact me (this is not feasible, I sent you an email from your account)
– Various security services will not help you; formatting a disk or destroying a device will not help either, since your data is already on a remote server.

P.S. I guarantee you that I will not disturb you again after payment, as you are not my single victim.
This is a hacker code of honor.

From now on, I advise you to use good antiviruses and update them regularly (several times a day)!

Don’t be mad at me, everyone has their own work.
Farewell.

En2

Subject: Account Issue. Changed password.

Dear user of titrias.com!

I am a spyware software developer.
Your account has been hacked by me in the summer of 2018.

I understand that it is hard to believe, but here is my evidence (I sent you this email from your account).

The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296).

I went around the security system in the router, installed an exploit there.
When you went online, my exploit downloaded my malicious code (rootkit) to your device.
This is driver software, I constantly updated it, so your antivirus is silent all time.

Since then I have been following you (I can connect to your device via the VNC protocol).
That is, I can see absolutely everything that you do, view and download your files and any data to yourself.
I also have access to the camera on your device, and I periodically take photos and videos with you.

At the moment, I have harvested a solid dirt… on you…
I saved all your email and chats from your messangers. I also saved the entire history of the sites you visit.

I note that it is useless to change the passwords. My malware update passwords from your accounts every times.

I know what you like hard funs (adult sites).
Oh, yes .. I’m know your secret life, which you are hiding from everyone.
Oh my God, what are your like… I saw THIS … Oh, you dirty naughty person …

I took photos and videos of your most passionate funs with adult content, and synchronized them in real time with the image of your camera.
Believe it turned out very high quality!

So, to the business!
I’m sure you don’t want to show these files and visiting history to all your contacts.

Transfer $890 to my Bitcoin cryptocurrency wallet: 19qL8vdRtk5xJcGNVk3WruuSyitVfSAy7f
Just copy and paste the wallet number when transferring.
If you do not know how to do this – ask Google.

My system automatically recognizes the translation.
As soon as the specified amount is received, all your data will be destroyed from my server, and the rootkit will be automatically removed from your system.
Do not worry, I really will delete everything, since I am ‘working’ with many people who have fallen into your position.
You will only have to inform your provider about the vulnerabilities in the router so that other hackers will not use it.

Since opening this letter you have 48 hours.
If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted,
and from my server will automatically send email and sms to all your contacts with compromising material.

I advise you to remain prudent and not engage in nonsense (all files on my server).

Good luck!

En3

Subject: Hacking Alert! You account was hacked

Dear user of titrias.com!

I am a spyware software developer.
Your account has been hacked by me in the summer of 2018.

I understand that it is hard to believe, but here is my evidence (I sent you this email from your account).

The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296).

I went around the security system in the router, installed an exploit there.
When you went online, my exploit downloaded my malicious code (rootkit) to your device.
This is driver software, I constantly updated it, so your antivirus is silent all time.

Since then I have been following you (I can connect to your device via the VNC protocol).
That is, I can see absolutely everything that you do, view and download your files and any data to yourself.
I also have access to the camera on your device, and I periodically take photos and videos with you.

At the moment, I have harvested a solid dirt… on you…
I saved all your email and chats from your messangers. I also saved the entire history of the sites you visit.

I note that it is useless to change the passwords. My malware update passwords from your accounts every times.

I know what you like hard funs (adult sites).
Oh, yes .. I’m know your secret life, which you are hiding from everyone.
Oh my God, what are your like… I saw THIS … Oh, you dirty naughty person …

I took photos and videos of your most passionate funs with adult content, and synchronized them in real time with the image of your camera.
Believe it turned out very high quality!

So, to the business!
I’m sure you don’t want to show these files and visiting history to all your contacts.

Transfer $857 to my Bitcoin cryptocurrency wallet: 19qL8vdRtk5xJcGNVk3WruuSyitVfSAy7f
Just copy and paste the wallet number when transferring.
If you do not know how to do this – ask Google.

My system automatically recognizes the translation.
As soon as the specified amount is received, all your data will be destroyed from my server, and the rootkit will be automatically removed from your system.
Do not worry, I really will delete everything, since I am ‘working’ with many people who have fallen into your position.
You will only have to inform your provider about the vulnerabilities in the router so that other hackers will not use it.

Since opening this letter you have 48 hours.
If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted,
and from my server will automatically send email and sms to all your contacts with compromising material.

I advise you to remain prudent and not engage in nonsense (all files on my server).

Good luck!

En4

Subject: Change your password immediately. Your account has been hacked.

I greet you!

I have bad news for you.
11/08/2018 – on this day I hacked your operating system and got full access to your account your@mail.com

It is useless to change the password, my malware intercepts it every time.

How it was:
In the software of the router to which you were connected that day, there was a vulnerability.
I first hacked this router and placed my malicious code on it.
When you entered in the Internet, my trojan was installed on the operating system of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a small amount of money to unlock.
But I looked at the sites that you regularly visit, and came to the big delight of your favorite resources.
I’m talking about sites for adults.

I want to say – you are a big pervert. You have unbridled fantasy!

After that, an idea came to my mind.
I made a screenshot of the intimate website where you have fun (you know what it is about, right?).
After that, I took off your joys (using the camera of your device). It turned out beautifully, do not hesitate.

I am strongly belive that you would not like to show these pictures to your relatives, friends or colleagues.
I think $875 is a very small amount for my silence.
Besides, I spent a lot of time on you!

I accept money only in Bitcoins.
My BTC wallet: 1B1Vov1LTLGLcVG3ycPQhQLe81V67FZpMZ

You do not know how to replenish a Bitcoin wallet?
In any search engine write “how to send money to btc wallet”.
It’s easier than send money to a credit card!

For payment you have a little more than two days (exactly 50 hours).
Do not worry, the timer will start at the moment when you open this letter. Yes, yes .. it has already started!

After payment, my virus and dirty photos with you self-destruct automatically.
Narrative, if I do not receive the specified amount from you, then your device will be blocked, and all your contacts will receive a photos with your “joys”.

I want you to be prudent.
– Do not try to find and destroy my virus! (All your data is already uploaded to a remote server)
– Do not try to contact me (this is not feasible, I sent you an email from your account)
– Various security services will not help you; formatting a disk or destroying a device will not help either, since your data is already on a remote server.

P.S. I guarantee you that I will not disturb you again after payment, as you are not my single victim.
This is a hacker code of honor.

From now on, I advise you to use good antiviruses and update them regularly (several times a day)!

Don’t be mad at me, everyone has their own work.
Farewell.

En5

Subject: password for your@mail.com is compromised

Hello!

I’m a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.

Of course you can will change it, or already changed it.
But it doesn’t matter, my malware updated it every time.

Do not try to contact me or find me, it is impossible, since I sent you an email from your account.

Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.

You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.

I am in shock of your fantasies! I’ve never seen anything like this!

So, when you had fun on piquant sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.

There will be laughter when I send these photos to your contacts!
BUT I’m sure you don’t want it.

Therefore, I expect payment from you for my silence.
I think $822 is an acceptable price for it!

Pay with Bitcoin.
My BTC wallet: 1JTtwbvmM7ymByxPYCByVYCwasjH49J3Vj

If you do not know how to do this – enter into Google “how to transfer money to a bitcoin wallet”. It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.

My Trojan have auto alert, after this email is read, I will be know it!

I give you 2 days (48 hours) to make a payment.
If this does not happen – all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)

Do not be silly!
Police or friends won’t help you for sure …

p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.

I hope for your prudence.
Farewell.

En6

Subject: your@mail.com is compromised. Password must be changed

Hello!

I’m a programmer who cracked your email account and device about half year ago.
You entered a password on one of the insecure site you visited, and I catched it.

Of course you can will change your password, or already made it.
But it doesn’t matter, my rat software update it every time.

Please don’t try to contact me or find me, it is impossible, since I sent you an email from your email account.

Through your e-mail, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a rat software on your device and long tome spying for you.

You are not my only victim, I usually lock devices and ask for a ransom.
But I was struck by the sites of intimate content that you very often visit.

I am in shock of your reach fantasies! Wow! I’ve never seen anything like this!
I did not even know that SUCH content could be so exciting!

So, when you had fun on intime sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I jointed them to the content of the currently viewed site.

Will be funny when I send these photos to your contacts! And if your relatives see it?
BUT I’m sure you don’t want it. I definitely would not want to …

I will not do this if you pay me a little amount.
I think $837 is a nice price for it!

I accept only Bitcoins.
My BTC wallet: 17XHRucfd4kx3W5ty7ySLGiKHqmPUUdpus

If you have difficulty with this – Ask Google “how to make a payment on a bitcoin wallet”. It’s easy.
After receiving the above amount, all your data will be immediately removed automatically.
My virus will also will be destroy itself from your operating system.

My Trojan have auto alert, after this email is looked, I will be know it!

You have 2 days (48 hours) for make a payment.
If this does not happen – all your contacts will get crazy shots with your dirty life!
And so that you do not obstruct me, your device will be locked (also after 48 hours)

Do not take this frivolously! This is the last warning!
Various security services or antiviruses won’t help you for sure (I have already collected all your data).

Here are the recommendations of a professional:
Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

I hope you will be prudent.
Bye.

En7

Subject: account your@mail.com is compromised

Hello!

I’m a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.

Of course you can will change it, or already changed it.
But it doesn’t matter, my malware updated it every time.

Do not try to contact me or find me, it is impossible, since I sent you an email from your account.

Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.

You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.

I am in shock of your fantasies! I’ve never seen anything like this!

So, when you had fun on piquant sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.

There will be laughter when I send these photos to your contacts!
BUT I’m sure you don’t want it.

Therefore, I expect payment from you for my silence.
I think $828 is an acceptable price for it!

Pay with Bitcoin.
My BTC wallet: 1DVU5Q2HQ4srFNSSaWBrVNMtL4pvBkfP5w

If you do not know how to do this – enter into Google “how to transfer money to a bitcoin wallet”. It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.

My Trojan have auto alert, after this email is read, I will be know it!

I give you 2 days (48 hours) to make a payment.
If this does not happen – all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)

Do not be silly!
Police or friends won’t help you for sure …

p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.

I hope for your prudence.
Farewell.

En8

Subject: your@mail.com is hacked

Hello!

My nickname in darknet is xavier59.
I hacked this mailbox more than six months ago,
through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

If you don’t belive me please check ‘from address’ in your header, you will see that I sent you an email from your mailbox.

Even if you changed the password after that – it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right?
If you are of the same opinion, then I think that $532 is quite a fair price to destroy the dirt I created.

Send the above amount on my BTC wallet (bitcoin): 19D67Tgb3neJiTHd8pZDEBYmUn2qSjxEeB
As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device.
Also, I’ll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 50 hours!
After your reading this message, I’ll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson.
Do not be so nonchalant, please visit only to proven resources, and don’t enter your passwords anywhere!
Good luck!

En9

Subject: your@mail.com was hacked

Hello your@mail.com

My nickname in darknet is salman76.
I’ll begin by saying that I hacked this mailbox (please look on ‘from’ in your header) more than six months ago,
through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

Even if you changed the password after that – it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right?
If you are of the same opinion, then I think that $500 is quite a fair price to destroy the dirt I created.

Send the above amount on my bitcoin wallet: 1MN7A7QqQaAVoxV4zdjdrnEHXmjhzcQ4Bq
As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device.
Also, I’ll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 48 hours!
After your reading this message, I’ll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson.
Do not be so nonchalant, please visit only to proven resources, and don’t enter your passwords anywhere!
Good luck!

Kr1

Subject: 긴급 통신!

여보세요!

당신은 나를 알지 못할 수도 있습니다. 왜이 전자 메일을 받는지 궁금합니다. 맞습니까?
이 순간 나는 당신 계정 (your@mail.com) 을 해킹했다. 내 너의 장치에 완전히 액세스 할 수 있습니다!
사실 성인 비디오 (포르노 소재) 웹 사이트에 악성 코드를 설치했는데 무엇을 알고 있었는지,이 웹 사이트를 방문하여 재미있게 지내는 것이 었습니다.
비디오 클립을 시청하는 동안 인터넷 브라우저가 RDP (원격 데스크톱)로 작동하기 시작했습니다.
그게 나에게 당신의 스크린과 웹캠에 대한 액세스를 제공하는 keylogger를 가지고있다.
그 직후, 내 소프트웨어 프로그램은 전자 메일뿐만 아니라 메신저, 소셜 네트워크에서 전체 대화 상대를 모았습니다.

내가 뭘 한거지?
나는 이중 스크린 비디오를 만들었다. 첫 번째 부분은 시청 한 비디오 (좋고 이상한 맛)를 보여 주며 두 번째 부분은 웹캠 녹화를 보여줍니다.
정확히 무엇을해야합니까?

음, 878 달러는 우리의 작은 비밀에 대한 공정한 가격이라고 생각합니다. Bitcoin이 지불합니다 (모르는 경우 Google에서 “비트 코인 구매 방법”검색).
내 BTC 주소 : 1B1Vov1LTLGLcVG3ycPQhQLe81V67FZpMZ
(민감한 cAsE이므로 복사하여 붙여 넣기하십시오)

노트 :
결제하려면 2 일이 소요됩니다.
(나는이 이메일 메시지에 특정 픽셀을 가지고 있으며,이 순간 당신은이 이메일 메시지를 읽었 음을 안다.)

BitCoins를받지 못하면 가족, 동료 등 모든 연락처에 비디오 녹음을 보내드립니다.

그러나 내가 돈을 받으면 즉시 비디오를 파괴 할 것입니다.

이것은 협의가 불가능한 제안이므로이 전자 메일 메시지에 응답하여 개인적인 시간을 낭비하지 마십시오.

다음 번에는 조심하세요!
안녕!

Jp1

Subject: あなたのパスワードが侵害されました (your@mail.com)

こんにちは!

私は数ヶ月前にあなたの電子メールとデバイスをクラックしたハッカーです。
あなたが訪問したサイトの1つにパスワードを入力君た。それを傍受しました。

もちろん、それを変更したり、すでに変更したりすることができます。
しかし、それは問題ではありません、私のマルウェアは毎回それを更新しました。

私に連絡したり、私を見つけようとしないでください。それは不可能です。 私はあなたのアカウントからメールをあなたに送ったので、

あなたの電子メールを介して、私はあなたのオペレーションシステムに悪質なコードをアップロードしました。
私は友人、同僚、親戚とのあなたの連絡先のすべてを保存し、インターネットリソースへの訪問の完全な履歴を保存しました。
また、あなたのデバイスにトロイの木馬をインストールしました。

あなたは私の唯一の犠牲者ではない、私は通常、デバイスをブロックし、身代金を求める。
しかし、私は頻繁に訪れる親密なコンテンツのサイトにショックを受けました。

私はあなたの幻想にショックを受けている! 私はこれのようなものを見たことがない!

だから、あなたがサイトで楽しむとき(あなたは私が何を意味するか知っています!)
あなたのカメラのプログラムを使用してスクリーンショットを作成しました。
その後、私はそれらを現在閲覧されているサイトのコンテンツに結合しました。

これらの写真を連絡先に送信すると素晴らしいことがあります。
しかし、あなたがそれを望んでいないと確信しています。

したがって、私は沈黙のためにあなたからの支払いを期待しています。
私は$847が良い価格だと思います!

Bitcoin経由で支払う。
私のBTCウォレット: 1DbTMUuhB1XPJ2ktxKygDbrXypGofuHhq6

あなたがこれを行う方法を知らない場合 – Googleに「BTCウォレットに送金する方法」を入力します。 難しくない。
指定された金額を受け取ると、妥協しているすべての材料は自動的に破壊されます。私のウイルスはあなた自身のオペレーティングシステムからも削除されます。

私のトロイの木馬は自動アラートを持っています。私はこのメールを読んだ後でメッセージを受け取ります。

私はあなたに支払いのための2日間を与える(正確に48時間)。
これが起こらない場合 – すべてのあなたの連絡先はあなたの暗い秘密の生活からクレイジーショットを取得します!
あなたが妨害しないように、あなたのデバイスはブロックされます(また、48時間後)

ばかなことしないで!
警察や友人はあなたを確実に助けません…

p.s. 私はあなたに将来のアドバイスを与えることができます。 安全でないサイトにはパスワードを入力しないでください。

私はあなたの慎重さを願っています。
お別れ。

 

How did the attacker got my mail?

Only two methods:

  1. Crawling all published emails online, that’s why you should never publish your plain email online.
  2. Enumerate common email combinations: info@website.com, (ceo_name)@website.com, admin@website.com, etc

How did the attacker hack my email and sent me the email through the mail server?

The correct question here is did the hacker really send the email from your mail?, the simple answer is NO. The sender field CAN BE changed using any email client, without any technical hassles check the image below from Thunderbird after choosing the “Customize From Address”!

So manipulating the sender field is so easy, however if you are using good enough mailing server, mails with tampered sender field should be automatically marked as spam! because the mail doesn’t have the required SPF header nor DKIM headers which are essential to pass any mailserver antispam tool.

Should I pay?

Absolutely not, your account is NOT hacked. There is a kid somewhere in the world trying to freak you out and you were chosen randomly (Check first question).

Your mail can be hacked for sure, but in this kind of spamming scenarios, you are 99% safe.

I am not convinced, I will pay! Unless you have better argument?

In short, the kid-trying-to-be-a-hacker will never know you paid, this is what virtual currencies is all about “anonymity“. The attacker will never know the source of the payment! NEVER.

Unless the attacker is one of very few companies in the world that can actually trace a bitcoin transaction!

Why can’t the police track that kid-trying-to-be-a-hacker and put him in a reformatory?

The sender can still be tracked by “received from IP” and “user agent” fields, but both fields can be tampered (IP using a VPN and User Agent can be changed really easily). However, as a matter of fact, there are enough information in the “received from IP” to know the exact location of the sender even if a VPN/Proxy is used, simply because that kid is not an expert by any mean!

Any method the attacker (Again, these mails aren’t made by a pro at all) uses to hide the IP is so trivial that it can be easily reversed to help the authorities find the exact location of the used machine at the moment of sending this mail, but why the bother! it’s most probably just a kid. Also, trying to find the exact location of the sender at the moment of sending the mail is a very complex procedure that involves multiple authorities (ISPs, Cybercrime agency/authority like the europol, etc).

So, have you ever received one of these mails? what did you do? did you get any other variation of this spam? let us know in a comment.

TiTrias Founder and CEO, white hat hacker acknowledged by Microsoft, Apple, Redhat & AT&T.