The Internet Crime Complaint Center (IC3) has recently received an
increase in reports about extortion attempts received via e-mail and
postal mail and using specific user information to add authenticity.
While there are many variations in these extortion attempts, they often
share certain commonalties.
Extortion attempts vary
widely, but there are a few common indicators of the scam. The following
list of commonalities is not exhaustive, but intended as examples of
red flags. It is import to remember these extortion scams change to take
advantage of current events such as high profile breaches or new trends
involving the Internet to add authenticity.
- The extortion attempt comes as an e-mail or letter from an unknown party.
recipient’s personal information is noted in the e-mail or letter to
add a higher degree of intimidation to the scam. For example, a
recipient’s user name or password is provided at the beginning of the
e-mail or letter.
- The recipient is accused of visiting adult websites, cheating on a spouse, or being involved in other compromising situations.
e-mail or letter includes a statement like, “I stumbled across your
misadventures,” or “I installed malware on the adult video site” as an
explanation of how the information was supposedly gathered.
e-mail or letter threatens to send a video or other compromising
information to family, friends, coworkers, or social network contacts if
the ransom is not paid.
- The e-mail or letter provides a short window to pay, typically 48 hours.
recipient is instructed to pay the ransom in Bitcoin, a virtual
currency that provides a high degree of anonymity to the transactions.
TIPS TO PROTECT YOURSELF:
- Do not open e-mail or attachments from unknown individuals.
- Monitor your bank account statements regularly, as well as your credit report at least once a year for any fraudulent activity.
- Do not communicate with unsolicited email senders.
- Do not store sensitive or embarrassing photos of yourself online or on your mobile devices.
- Use strong passwords and do not use the same password for multiple websites.
provide personal information of any sort via e-mail. Be aware that many
e-mails requesting your personal information appear to be legitimate.
- Ensure security settings for social media accounts are turned on and set at the highest level of protection.
providing personally identifiable information, credit card information,
or other sensitive information to a website, ensure the transmission is
secure by verifying the URL prefix includes https, or the status bar
displays a “lock” icon.
The FBI does not condone the
payment of extortion demands as the funds will facilitate continued
criminal activity, including potential organized crime activity and
associated violent crimes.
you believe you have been a victim of this scam, you should reach out to
your local FBI field office, and file a complaint with the IC3 at www.ic3.gov.
Please provide any relevant information in your complaint, including
the extortion e-mail with header information and Bitcoin address if