An uptick in email scams has cybersecurity professionals concerned, and for good reason. Symantec researchers found that in the first five months of 2019, they prevented almost 300 million extortion email attacks from going forward. Just some of those discovered include blackmail, sextortion, bombs, hit men, and malware threats. The researchers also determined the average cost of paying demands over a 30-day period was $106,240. Putting an estimated annual take of $1.2 million.
More and more often, scammers and hackers demand payment in Bitcoin, an anonymous e-currency that’s very difficult to trace. Many on the receiving end of email extortion schemes don’t know how to move forward as victims, including whether to pay blackmail demands or not. Many also wonder how they became a target to begin with.
Symantec found, in particular, sextortion email scams have been on the rise since mid-2018. They show trending and other patterns as part of their strategy. Recipients of these emails are told pictures, video, texts, and other compromising proof exists and will be publicly exposed if blackmail demands aren’t met. Threats almost always include sending the dubious content to the recipient’s contact list including business associates, family members, and friends. Sextortion tactics often include urgent subject lines and immediate payment demands. They can also contain old passwords or phone numbers gleaned from the many data dumps that hackers make. Email content with misspellings and awkward grammar and phrasing are further signs of an extortion attempt.
Knowing the clues of sextortion and other phishing scams help prevent future victimization. But there are also basic, daily cyber-smart practices that help keep these emails out of an inbox and greatly reduce the likelihood of harm.
Anti-virus software and strong spam settings not only detect spam and viruses, they can keep phishing emails from ever reaching your inbox. Never open emails, follow links, or open attachments from suspicious or unknown senders. All these protections keep email phishing, as well as blackmail and extortion threats from ever taking root.
Use strong passwords and two-factor authentication (2FA) or multi-factor authentication (MFA) whenever possible. Passwords that are long with a mixture of numbers, letters, and symbols are much more difficult for a hacker to figure out. Simple verification steps using 2FA or MFA add security layers when logging-in to an account. If you have any reason to believe your passwords may have been part of a previous data dump, change them immediately.
Never respond to or pay money to silence blackmail or extortion threats. Doing so legitimizes the sender and promotes further attacks. If there are personal safety or other serious concerns, make authorities aware of the email.
Stickley on Security