From: "MrSmith" <maillist@mailserver.com>
To: <root@conman.org>
Subject: DDoS Warning
Date: Tue, 19 Sep 2017 22:08:05 +0400
> Hello, root@conman.org
FORWARD THIS MAIL TO WHOEVER IS IMPORTANT IN YOUR COMPANY AND CAN MAKE DECISION!
We are Phantom Squad
Your network will be DDoS-ed starting Sept 30st 2017 if you don’t pay protection fee - 0.2 Bitcoin @ 1W5FWQjvHGMkaPeuR4SvRNojsv64WgJNt.
If you don’t pay by Sept 30st 2017, attack will start, yours service going down permanently price to stop will increase to 20 BTC (Bitcoin) and will go up 10 BTC for every day of attack.
This is not a joke.
Not quite as dramatic as the last email I received from a black-hat cracker [1] but I do have to wonder—why me?
I'm not a company. I don't make money from this blog. Heck, I don't make any money from my website [2] at all. So why target me? It doesn't make sense—I'm not a big enough target. Why not go after something with a bit more money, like a sports gambling site [3]?
I mean, if this is the same Phantom Squad that took down XBox Live and PlayStaton Network [4] over Christmas of 2015, then yes, this could be bad. But as far as I could tell, that's the only attack Phantom Squad has done and they've been very quiet since. This might even be a scam [5].
I talked with my hosting company, and they said not to worry. If it happens, just give them a call and they can start working with their upstream provider to mitigate the attack. And under no circumstance am I to pay the danegeld [6] (which at the time of writing, 0.2 BTC is worth $802.46).
[5] https://blogs.akamai.com/2017/04/low-risk-threat-ddos-extortion-letters.html