Attacker states they have PW to users email and has implanted trojan on pc which collected pics, URLs etc. Ransom of $900 to BTC acc or collection will be released to contacts. _x000D_ Header:_x000D_ Return-path: <Aaron@Smith931.edu>_x000D_ ip=188.162.48.46 (no ptr match);_x000D_ smtp.helo=Smith931.edu (does not exist);_x000D_ Received: from Smith931.edu (client.yota.ru [188.162.48.46])_x000D_ Received: from [159.62.203.68] by mailout.endmonthnow.com_x000D_ Received: from unknown (HELO nntp.pinxodet.net) by qnx.mdrost.com with NNFMP;_x000D_ Received: from webmail.halftomorrow.com [19.3.69.8] by mtu67.syds.piswix.net with SMTP