In today’s highly interconnected world, dangers of extortion, blackmail, and various scams affect absolutely everyone. Just recently, we have seen a steep rise in a class of Trojans called ransomware. This malicious software often poses as a regular email attachment, which seems to be sent by a reputable company. However, when downloaded, this file quickly encrypts user’s computer with a very strong encryption algorithm. The only way to regain access to data is to pay the operators a relatively large sum of money (often around 500 USD).
The above example is just a small part of a much larger problem. According to the FBI’s Internet Crime Complaint Center 2014 Internet Crime Report, more than $16 million dollars were extorted from victims that year. This number is comprised of many different types of blackmail and extortion with an increasingly larger portion involving the threat of releasing personal information and damaging one’s reputation. Identity Theft Resource Center states that such criminal acts have happened 591 times just in the first nine months of this year.
Extortion and blackmail are often used interchangeably, but they refer to slightly different ways of getting money from victims. Extortion involves a threat of violence or damage to property. It is not necessary for the perpetrators to actually obtain the money to commit the offense. On the other hand, blackmail happens when offender threatens to reveal information about a victim. Such information can usually cause substantial social damage and embarrassment for the victim. In return for keeping quiet, the blackmailer demands money, property, or services.
Modern social media networking sites pose a convenient attack vector for attackers and are thus often exploited for profit. What commonly happens is that a person of opposite sex befriends somebody online and establishes a friendship with that person. Their interaction seems very believable and often includes personal pictures, voice messages, and what seems to be a genuine interest in the other person. All of this just to gain the trust of the victim in order to ultimately obtain something that can be used as a leverage for their treats. Attackers often manage to lure their victims into exposing themselves on camera, without knowing that they are actually being recorded and are talking only to a decoy. When this happens, there is only a little that victims can do to protect their privacy. Tracking down the perpetrators is often impossible and paying the demanded amount of money does not guarantee that there will not be more threats in the future. In fact, once scammers find out that the victim is willing to pay, they often try to get as much money from the person as they can.
This leads us to the question: How can victims protect themselves against blackmail and extortion and how should they act when it actually happens? The most important thing is, of course, prevention. Never say or do things online that you might regret in the future. Always assume that everything you do on the web and in front of your web camera could get into the hands of criminals. There have been many cases of celebrities having their smartphones and computers hacked and private pictures published online. Regular citizens are not immune to such crimes. Modern operating systems are capable of data encryption, which prevents random strangers from being able to gain access to data stored on the device. It is always advisable to use every tool that you have at your disposal to increase your chances of staying safe and protected. However, fully relying on these tools is not a good idea as they cannot guarantee complete safety.
Victims of online blackmail or extortion should always contact authorities and use their expertise to decide on the best course of action. The situation often seems much worse than it really is and hasty solutions are the worst enemy of reaching a favorable outcome.
The risks described above are only a handful of vulnerabilities that individuals and businesses face online. One of the easiest ways to ensure individuals are adequately competent in cyber security is to get certified. Unitek Education’s 3 day CompTIA Security Plus boot camp is the perfect course for high level employees that require a solid foundation in cyber security. The Security Plus boot camp is Unitek Education’s most popular entry level security course and is part of the DOD IAT Level 1 on the 8570 certification chart. This course is frequented by members of the Armed forces, Department of Defense and IT Professionals. Learn more.