The FBI Internet Crime Complaint Center reports attempts with extortion through e-mail and postal mail are continuing to increase.
Extortion attempts can vary widely. Here are some red flags to watch out for
- E-mails or letters from unknown party.
- Personal information is noted in e-mail or letter to add higher degree of intimidation. Ex: Username or Password
- Accusations of visiting adult websites, cheating on spouse, or being involved in some other compromising situation.
- Threats to send video or other compromising information to family members, friends, coworkers or social media if ransom is not paid.
- Usually contains a short window to pay. Ex: typically 48 hours
- Instructed to pay ransom in Bitcoin.
How criminals are able to reference a valid password
While the exact methods are unconfirmed, it’s very likely that criminals are referencing a database of passwords and email addresses collected from a large data breach that may have taken place years ago. Several users who received variations of this email said the passwords the criminals referenced were ones they’d used close to ten years ago (even more reason to regularly update your password and avoid password reuse).
To check to see what breaches your email address has been exposed in, you can visit researcher Troy Hunt’s site haveibeenpwned.com.
Tips to Protect Yourself:
- Don’t open attachments from unknown individuals.
- Monitor your bank account statements and credit reports regularly.
- Do not communicate with unsolicited e-mail senders.
- Do not store sensitive or embarrassing photos of yourself online or on a mobile device.
- Do not use the same password for multiple sites.
- Never provide personal information via e-mail.
- Ensure security settings for social media accounts are set at highest level of protection.​
- Varify the URL and https before providing personal information and credit card information on any website.
- Don’t give administrative privileges to your user accounts. Privileged accounts can “reach out” much further and more destructively both on your own hard disk and across the network.
Make sure all users are aware of this danger, trained in response and know to not open suspicious attachments. Here at CCI Tech we pledge to keep you protected and informed about the latest issues. Your peace of mind is our number one priority.
Feel free to contact us at firstname.lastname@example.org. If you have problems and have a service contract with COMP-Connection, Inc. contact us at our normal telephone line (408)848-1137.