Beware the Blackmailing Scam!
Blackmail and extortion are some of the oldest tricks in the book—and for good reason: They work. When a criminal threatens to share potentially explosive information with everyone they know, the victim easily panics and is willing to pay any price to protect their privacy and their pride.
In a fresh twist on this age-old crime, scammers have taken to the internet. Online blackmail is nothing new, but a fresh wave of these scams hit the web last month, and it’s already ensnared dozens. Learn how to spot these blackmailing scams and you’ll get to keep your privacy, and your money, too.
Here’s what you need to know about the most recent blackmailing scams.
How it works
The victim gets an email from an alleged hacker claiming to have cracked their passwords, broken into their computer and used their webcam to watch their online activity. They may threaten to reveal that the victim has been visiting disreputable sites or to use their personal information to empty their financial accounts. The scammer then shares a willingness to back off—for the right price, of course.
As proof that they are “legitimate” hackers, the scammers will share an actual password that the victim has used many years ago. They may even include the password in the subject line of the email to grab the victim’s attention and ensure they actually open the email. Often, they’ll also include other bits of stolen data in their message to appear authentic.
If you receive an email like this, don’t panic. There’s no professional hacker behind the scam, no one has watched your online activity, and there’s not much the scammer can do with the information they may have.
The inclusion of the password might give you a scare, but there’s a simple explanation for how the scammer got hold of it. Over the last decade or so, there have been lots of massive database breaches within major corporations, sites and retail stores like Yahoo, eBay, Target, Macy’s, Sony PlayStation and dozens more.
Thanks to these breaches, there are now huge amounts of personal data and passwords floating around the internet. This data can be easily nabbed by a partially skilled hacker or bought on the black market. Once a scammer gets their hands on a password, they’re free to exhort the victim to pay a steep price in exchange for their privacy or security.
How to spot the scam
Many potential victims recognize this scam for what it is as soon as the hacker claims to have dirt on them. For many others, though, the outdated password is their clue. However, for victims who have been using the same passwords for years, this old code might still be in use and the scam can seem legit.
Now that you are armed with the knowledge that this scam is making its way around the internet and may contain an actual password you once used, or that you may still use, you are already a step ahead. If you receive an email with your password in the subject line, stay calm. Simply ignore the message. Better yet, delete it from your inbox and give it no further thought.
How to protect yourself
There’s not much you can do about any bits of your sensitive data that may be loose on the internet. However, you can do your part to protect yourself from falling prey to this, or a similar scam.
Here’s how:
- Update your passwords frequently and use strong, unique codes for each site you visit. You can use a password generator like 1password or LastPass to make this simpler.
- Choose two-factor authentication when possible.
- Never open emails from suspicious or unknown sources.
- If you are targeted, alert the FTC at ftc.gov.
Don’t let those scammers fool you! Be alert, be aware, and learn how to spot these scams for what they are.
SOURCES:
https://www.nytimes.com/2018/07/23/technology/personaltech/phishing-password-email.html