We're going to explore the personal threats/blackmail tactic today. By the end of this article you will understand what a personal attack, phishing email looks like and what you should do if you receive one.
Be wary of phishing tactics being used by hackers, to extort payments using Bitcoin cryptocurrency. The primary aim of phishing emails is to simply click on a malicious link within the email. That's when the damage can truly begin.
There are several tactics used by cyber criminals to get the desired effect. Commonly, they will impersonate big brands such as Microsoft, PayPal and Apple or your bank to seem legitimate, other times they may use underhand tactics and personal threats to blackmail you.
Blackmail phishing email example
So what does a phishing email look like that uses a personal attack? Below is an example:
Cyber criminal's tactics
|Naming your password or old a password||
They have disclosed a password. This will make then seem legitimate and that they will see the threat through.
Let's remember, you can not be sure whether they have been monitoring your activity or not at this point. Their primary goal is for you to click on the malicious link. If you pay the ransom, it would be an added bonus.
How did they get hold of my password?
Remember to regularly check whether your email has been hacked.
|Monitoring 'accounts, social media, email, browsing history'||While you may use all of these applications, the list is generic and would be relevant to most people. There are no specifics, so this has been mass sent.|
|Belittling and provocative||'I was most struck by the intimate content sites that you occasionally visit'.
Designed to illicit feelings of shock, shame and humiliation, but once again, there are no specifics, with a statement that is vague and realistically, would be relevant to most people's online activity.
|The blackmail||The screenshot and sending to your contact list.|
|Bitcoin ransom||Often used by criminals to hide and launder money because it is not traceable.|
|48 hours to pay||They know their sales and marketing!
Just like DFS' bank holiday offers or Amazon's Black Friday deals, having a short timeframe creates a feeling of urgency and often a knee-jerk reaction to click on the link (or purchase the latest Amazon gadget, again!)
|I hope I taught you a good lesson||I think we can agree with this statement!|
What should you do if you receive a phishing email?
Receiving this email is a big worry and action needs to be taken. But it’s important not to panic and make any rash decisions. Go through this list step by step.
1. Contact your IT support
It’s always best to get a second pair of eyes on the email to check its legitimacy. An IT support company with cybersecurity expertise will have seen this or something very similar before, so it’s worth speaking to them if you can. Get their advice! They may need to warn other users in your organisation if it has been mass sent.
2. Change your passwords immediately
The first thing you must do is change your passwords. Our guide to creating strong passwords can assist you in this.
The biggest worry is if your passwords have been found from somewhere. In some instances, they may list a user’s old passwords rather than current ones.
Whether you use that password for one website or ten, you must change them all immediately to something secure. Never use the same password twice and don't use anything that’s easy to guess. We recommend using a password manager such as LastPass and two-factor authorisation where possible.
3. Don't make any payment
The email asks you to make a payment via Bitcoin to a Bitcoin wallet. Whatever you do, do not make any payment at all. Threats are often empty and your data won’t get deleted or shared.
4. Don't click on any links
Don't click on any of the links in the email. This is more than likely, the gateway to be able to do just what they have threatened and worse. The link is more than likely to be malicious.
5. Report the email as spam and delete
This isn’t the sort of thing you want to keep in your inbox. Once you have alerted your IT support about the email, delete it from your inbox and block the sender.
Easier said than done, however, no matter how big the threat is, don't panic and don't make the payment. Even if it gets to the extreme of you being locked out of your computer you should call the police before ever making payment whether via cash or Bitcoin.
If you’re looking to make your business cyber safe, remember to lean on an expert and ask lots of questions. Hopefully we have answered many of your questions about blackmail emails in this article today.
Speak to an expert
If you still have questions about your business' cybersecurity, then why not schedule some time with one of our experts.
Sign up to our newsletter
If you want to keep up to date with the latest cybersecurity tips, then subscribe to our newsletter: