What is Cyber Extortion and How Can You Spot It?

As cyber crime continues to grow throughout the worldrates are so high it’s now considered an ‘industry’. This means that cyber criminals have more opportunity to make money and are becoming better at doing it.  

Extortion is a popular form of cyber crime, that could target both individuals and businesses.

What is cyber extortion?

Cyber extortion ian online form of crime where criminals use threats to pressure victims into handing over money or other goods. 

An example of this could be getting hold of sensitive information/data about you and threatening to share it or event infecting a computer system with a virus that can only be removed when a payment has been received. 

How can you protect yourself from cyber extortion?

Although this may seem like a scary prospect, there are many ways to spot the signs of cyber extortion, whether it's a dodgy email, text or otherwise.

Here are some top tips and what to do if you feel threatened.

1. Passwords 

Many cyber crimes can be avoided with better, stronger passwords. Avoid using a common password across all the platforms you use - because chances are, if one becomes compromised - all of them can! 

Michael McIntyre Quote: "You suggest a password" Michael McIntyre Quote: "...and it goes 'WEAK'"

Use a strong password, that uses a mixture of numbers, letters and symbols.

2. Check for data breaches  

Think about the variety of websites you’ve visited that have stored your data in some way. Big companies like airlines, social media apps like Facebook or Instagram and online shopping sites can be victim to data breaches, and stolen data is often then sold on the dark web.

This in turn can lead to extortion.  

Submit button being selected on a computer

Try to keep track of sites you visit, so that when these breaches happen you aware of if your data may have been stolen and you can change your password. The website, haveibeenpwned.com is a great way to stay updated on data breaches and you can even see if your email address has been accessed during a data breach. 

Instead of using auto-fill on online forms, you could even look at getting a password manager for all of the sites and apps you log in to

3. Look out for unauthorised sites 

Unauthorised sites are often built by hackers and scammers, and by entering your details you are giving hackers exactly what they want

If you have used one of your regular passwords, then hackers can use these details to login to other sites and extract valuable information about you. Links like this can be hidden in emails and text messages and appear as hyperlinks or as shortened URL's.

Homer Simpson saying "A scam?"

Never click on a link embedded in an email that you don’t recognise and use your common sense by reading the URL carefully for any signs of an illegitimate website.

4. Check the language  

Make sure you check the language in the emails, if it looks too good to be true it probably is - especially if the spelling and grammar are also questionable.

For example, if you get a text or email saying you have money to collect, such as a tax refund, it’s always good to think critically about what claims are being made. Banks and government agencies will never contact you via email to offer money. 

Steve Carrell in the film Crazy, Stupid, Love, saying "What are you even saying?"

Additionally, if the language is threatening, understand that the hacker may just be trying his luck. Step back, try not to stress about it and report what is happening.

5. Keep your social media private  

It’s amazing how much information can be extracted from a public social media presence. One of the best ways you can protect yourself from cyber extortion is to keep your social media private, which includes monitoring who you accept as a friend.

Daniel Radcliffe in the film Harry Potter and the Half Blood Prince telling Severus Snape "That's private'" after Snape views Harry's memories during an occlumency lesson

Additionally, be careful what you post on there and don’t reveal too much information about yourself, your location or your daily routines - these things can become vital information for hackers and other cyber criminals.

6. Report it   

If you feel threatened by an email or are worried that someone may have sensitive information about you, report it

You can report a cyber crime by calling Police Scotland on 101 (non-emergency) or reporting it in person at any police station.

Kitten putting paw up to say 'STOP' with Stop roadsign next to it

You can also report a crime anonymously to CrimeStoppers UK.

7. Trust your gut  

Ultimately, trust your gut. If it feels too good to be true, it probably is.

If you feel threatened, always tell a responsible adult so that they can report it, or report what is happening to the police yourself. Never pay up in the hope that you can deal with something yourself. And, try to avoid sharing information you feel you shouldn’t be online.

Eeyore from Disney's Winnie the Pooh, saying "I knew it was too good to be true."

If you would like to find out more information on cyber crime, visit the National Cyber Security Centre (NCSC)  and No More Ransom.

For more cyber and digital resilience tips, check out our #YSDigiKnow page.