Security Tip of the Week – Bluffing Blackmail

In a recent large-scale cybersecurity attack, scammers sent over 400,000 phony blackmail attempts.

These devious emails are written in an oddly casual tone and seem to outline the bad guy’s entire blackmail process. The scammer claims to have purchased your information from a hacker. To make this claim more convincing, the scammer references an actual password of yours that has been exposed in a data breach. 

The scammer goes on to say that they have installed a piece of malicious software (malware) onto your device. Supposedly, the malware was used to access your webcam and record you without your knowledge. Despite claiming to have full access to your accounts and device, the scammer intends to blackmail you via email. They’ll threaten to release an incriminating video of you if you don’t pay them. Don’t be fooled!

Follow these tips to call the scammer’s bluff:

• Think before you click. If the scammer truly has the access to your accounts and device that they claim to have, why are they emailing you to ask for money?
• Cybercriminals use information from real data breaches to seem legitimate. Stay informed about data breaches by using a trusted credit and identity monitoring service. A number of reputable institutions provide these services for free.
• If you’re asked to log in to an account or an online service, navigate to the official website and log in there. That way, you can ensure you’re logging in to the real website and not a phony look-alike website.

Stop, Look, and Think. Don’t be fooled.

KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.

DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.