Bluffing Blackmail

In a recent large-scale cybersecurity attack, scammers sent over 400,000 phony blackmail attempts. These devious e-mails are written in an oddly casual tone and seem to outline the bad guy’s entire blackmail process. The scammer claims to have purchased your information from a hacker. To make this claim more convincing, the scammer references an actual password of yours that has been exposed in a data breach.

The scammer goes on to say that they have installed a piece of malicious software (malware) onto your device. Supposedly, the malware was used to access your webcam and record you without your knowledge. Despite claiming to have full access to your accounts and device, the scammer intends to blackmail you via e-mail. They'll threaten to release an incriminating video of you if you don’t pay them. Don’t be fooled!

Follow these tips to call the scammer’s bluff:

• Think before you click. If the scammer truly has the access to your accounts and device that they claim to have, why are they e-mailing you to ask for money?
• Cybercriminals use information from real data breaches to seem legitimate. Stay informed about data breaches by using a trusted credit and identity monitoring service. A number of reputable institutions provide these services for free.
• Protect yourself from potential data breaches by regularly updating your passwords, using multi-factor authentication, and limiting the amount of information you give to retailers and online services.