As cyber crime continues to grow throughout the world, rates are so high it’s now considered an ‘industry’. This means that cyber criminals have more opportunity to make money and are becoming better at doing it.
Extortion is a popular form of cyber crime, that could target both individuals and businesses.
What is cyber extortion?
Cyber extortion is an online form of crime where criminals use threats to pressure victims into handing over money or other goods.
An example of this could be getting hold of sensitive information/data about you and threatening to share it or event infecting a computer system with a virus that can only be removed when a payment has been received.
How can you protect yourself from cyber extortion?
Although this may seem like a scary prospect, there are many ways to spot the signs of cyber extortion, whether it's a dodgy email, text or otherwise.
Here are some top tips and what to do if you feel threatened.
Many cyber crimes can be avoided with better, stronger passwords. Avoid using a common password across all the platforms you use - because chances are, if one becomes compromised - all of them can!
You're probably aware that there’s a lot of guidance out there on what makes a good password — and it can be incredibly confusing. National Cyber Security Centre recommend using three random words. You just put them together, like 'coffeetrainfish' or ‘walltinshirt’.
You can choose words that are memorable but should avoid those which might be easy to guess, such as 'onetwothree' or are closely related to you personally, such as the names of family members or pets.
Using the same password across multiple accounts means your password can be compromised easily, so it is best to use a different password for every account. If you find remembering a lot of different passwords difficult you can use a password manager. A password manager is an app on your phone, tablet or computer your passwords securely, so you don’t need to remember them all.
The NCSC strongly recommend that you set up two factor authentication If you have the option, set up more than one type of second factor so you have a backup plan to get into your password manager account.
2. Check for data breaches
Think about the variety of websites you’ve visited that have stored your data in some way. Big companies like airlines, social media apps like Facebook or Instagram and online shopping sites can be victim to data breaches, and stolen data is often then sold on the dark web.
This in turn can lead to extortion.
Try to keep track of sites you visit, so that when these breaches happen you aware of if your data may have been stolen and you can change your password. The website, haveibeenpwned.com is a great way to stay updated on data breaches and you can even see if your email address has been accessed during a data breach.
Instead of using auto-fill on online forms, you could even look at getting a password manager for all of the sites and apps you log in to
3. Look out for unauthorised sites
Unauthorised sites are often built by hackers and scammers, and by entering your details you are giving hackers exactly what they want.
If you have used one of your regular passwords, then hackers can use these details to login to other sites and extract valuable information about you. Links like this can be hidden in emails and text messages and appear as hyperlinks or as shortened URL's.
Never click on a link embedded in an email that you don’t recognise and use your common sense by reading the URL carefully for any signs of an illegitimate website.
4. Check the language
Make sure you check the language in the emails, if it looks too good to be true it probably is - especially if the spelling and grammar are also questionable.
For example, if you get a text or email saying you have money to collect, such as a tax refund, it’s always good to think critically about what claims are being made. Banks and government agencies will never contact you via email to offer money.
Additionally, if the language is threatening, understand that the hacker may just be trying his luck. Step back, try not to stress about it and report what is happening.
5. Keep your social media private
It’s amazing how much information can be extracted from a public social media presence. One of the best ways you can protect yourself from cyber extortion is to keep your social media private, which includes monitoring who you accept as a friend.
Additionally, be careful what you post on there and don’t reveal too much information about yourself, your location or your daily routines - these things can become vital information for hackers and other cyber criminals.
6. Report it
If you feel threatened by an email or are worried that someone may have sensitive information about you, report it.
You can report a cyber crime by calling Police Scotland on 101 (non-emergency) or reporting it in person at any police station.
You can also report a crime anonymously to CrimeStoppers UK.
7. Trust your gut
Ultimately, trust your gut. If it feels too good to be true, it probably is.
If you feel threatened, always tell a responsible adult so that they can report it, or report what is happening to the police yourself. Never pay up in the hope that you can deal with something yourself. And, try to avoid sharing information you feel you shouldn’t be online.
If you would like to find out more information on cyber crime, visit the National Cyber Security Centre (NCSC) and No More Ransom.
For more cyber and digital resilience tips, check out our #YSDigiKnow page.