Cyberextortion

The use of extortion by cybercriminals has been increasing recently. Cyberextortion is when cybercriminals demand payment to stop malicious activity against the victim, such as the release of data.  

In an increasingly common form of cyberextortion, the victim receives an email saying that their information will be disseminated to the public, family, and friends if a ransom is not paid. Criminals may say that they have placed software on the victim’s computer that has allowed them to steal documents, photos, passwords, or other sensitive information. Often the threats are hoaxes.

A few high-profile examples have occurred in the past few years of top entertainment companies where cybercriminals threatened to release movies and TV shows to the public unless a ransom was paid. More recently, we have been made aware of similar threats to employees of state and local governmental entities such as FIT.

This August, there have been reports of an extortion campaign targeting Apple users. It appears hackers are targeting iCloud.com users who have not set up two-factor authentication on their devices or have weak or previously leaked passwords. Once criminals gain unauthorized access, they exploit the “Lost Mode” function within the Find My iPhone application that allows users to lock their device and display a message such as “Please call # if found” if their phone is lost. The hackers utilize the option to lock and display a message that includes the hacker’s email to unlock devices. Victims who email that address are then asked to pay a $50 ransom to unlock the computer. In this case, the perpetrators have created a screen that states, “Your computer is locked. Try again in 59 minutes,” with an additional message to “Write to email: unlock.device[@]gmx.com.” The screen includes the Apple colors and logo to appear even more authentic.

What can you do to protect yourself?

  • Enable two-factor authentication on your iCloud account and all accounts that offer two-factor authentication.
  • Do not reuse the same password for multiple accounts.
  • Ensure your passwords are strong.
  • Back up your devices occasionally on an external hard drive if your cloud backup is compromised or held for ransom.

What do I do if I get a cyber extortion email?

  • Do not contact the attacker or pay the ransom.
  • Do not click on any links in the email.
  • Contact TechHelp.

Be aware—and be cybersafe!