Extortion Attempt - Real Example

Extortion emails are often attempts to trick the victim into paying large amounts of money based on a threat to expose personal information to family, work and friends. 

The majority of extortion attempts are false, the attacker does not actually hold the information or data they say they do. Head of Innovation at the Cyber Resilience Centre (CRC), Detective Superintendent Neil Jones received this email recently and wanted to share it as an example of what to look out for. 

Tell tale signs of a false extortion attempt:

1. Email address. Note the unusual name spelling and email address used. The alias does not match the email. 

2. Subject. The attacker used an old password likely to have been gained from a data breach. This is used to make the email sound authentic and evoke panic. 

The CRC recommends you change your password regularly and also check your email address from data breaches using https://haveibeenpwned.com. For information on how to create a strong password, visit the NCSC website here.

3. Urgency. Note the sense of urgency in the email. The attack wants the target to pay quickly, without taking a step back to question what is going on. This is often a sign of extortion and often the attacker does not actually have the ability to do what they say. 

4. Cryptocurrency. Attackers often ask for the victim to pay in a cryptocurrency like Bitcoin to avoid being traced. 

5. Spelling/Grammar/Punctuation mistakes. Note the highlighted mistakes in this email. This can sometimes mean that the attackers are not within the country, and so they can avoid getting caught if it is reported. 

Extortion attempts should always be reported to the Suspicious Email Reporting Service by simply forwarding the email to [email protected]. This service has brought down hundreds of fake accounts and malicious website. 

Never pay the demand! Once you have paid the attacker, there is little chance of retrieving the money and it may leave you open for more attempts. 

crc