Staying Safe From: Threats & Extortion

1. Common Scams Involving Threats and Extortion
2. Red Flags of Threats and Extortion
3. How to Beat Threats and Extortion
4. Fallen Victim to a Threat or Extortion?

Sometimes scammers try to hook you with the promise of winning money and prizes. Unfortunately, they also do the opposite, using threats and intimidation, which can be even more effective.  

In a recent report by the FBI, threat and cyber extortion scams were the third most common types of online fraud in the United States. These attacks attempt to take advantage of people of all ages, seeking to scare them into providing money or login credentials.

Threats and extortion come in a variety of forms. But the intended result is always the same—to quickly intimidate a victim, get money or steal sensitive information, and then disappear. While these attackers can be elusive, there's a lot you can do to protect yourself, especially when you know how this kind of fraud works, red flags to look out for, and how to beat these scammers.

Common Scams Involving Threats and Extortion

Threats and extortion scams seek to pressure people into paying money or providing sensitive information. Cybercriminals use one or multiple threats to get the target to make an emotional decision.

Threats and extortion scams have been very successful in recent years. For example, the state of Montana alone had 186 victims of extortion in one year, with victims paying, on average, $2,221 per account.

The most common forms of threats and cyber extortion are communications that appear to be from legitimate organizations and those that threaten to expose images or videos of a sexual nature, also referred to as sexploitation.

Sextortion and Blackmail

A sextortion attack typically begins with an email from the attacker saying they have footage of you in a compromising position. It could be anything from videos of you doing sexual things online, a list of your browsing history featuring visits to pornographic sites, to explicit photos.

The criminal will say they're going to publish the content online if you don't pay them a fee, often using cryptocurrency since it's impossible to track. They don't have anything on you in most cases, and they're simply after your money.

Sextortion can even target young children. 

Imposters

Scams where the attacker pretends to be from a legitimate company or government agency work like this:

• The attacker collects details about the company/agency online, using them to craft a convincing email or make them sound legitimate over the phone.
• They claim you owe their organization money, and you face severe penalties, such as legal action or even arrest.
• They ask you to make payment via a method that's hard to trace, such as with a gift card, store card, or cryptocurrency.
• Once you pay, they disappear.

In some cases, they may ask you for identity or account information during the attack. Even though you don't pay them money, they can still profit from selling this to someone else or using it to steal your identity.

It's common for these scammers to impersonate:

• The Federal Bureau of Investigation (FBI)
• The Internal Revenue Service (IRS)
• The Central Intelligence Agency (CIA)
• Customs and Border Patrol
• Well-known companies (e.g., Apple)

Targeting Immigrants

At times, a scammer may try to take advantage of someone from another country, telling them they will be deported unless they follow specific instructions. The instructions will likely include a payment request, but they may also ask for contact information, passwords, or user credentials.

Cyber Extortion

Cyber extortion is where a hacker or group of hackers hold a company's data, systems, or private information (like customer details) for ransom until they are paid. These attacks use ransomware, typically sent out via links in phishing emails to employees.

When someone clicks on the link, the hackers access company systems and infect them with viruses.

There are two main types of ransomware:

• Locker: Locks users out of their accounts until a ransom is paid
• Crypto: Encrypts data on a company's servers, and hackers hold a key that they won't release until a ransom is paid.

Sometimes if they have managed to steal sensitive information like credit card details, they threaten to release it online. This kind of extortion is large-scale—payment demands can be in the millions of dollars.

Red Flags of Threats and Extortion

In many cases, a threat or extortion scam is relatively easy to spot, mainly because of how the attacker tries to leverage fear during the interaction. For example, any time you get a phone call, email, or text that says something terrible will happen if you don't pay money, it may be a scam. This includes communications that seem to be from legitimate businesses you've dealt with in the past.

Threats to Expose Information or Files

If you ever get an email that threatens to expose your online photos, videos, or history if you don't pay them, you should assume it is a scam. In many cases, they may not even have any of this information—they often send out a blanket email to several different people, hoping one or a few would take the bait.

Threats From a Company or Government Agency

Another red flag is if you get a call, email, or text message that appears to be from a company, the police, or a government official or agency, saying you'll have to pay a hefty fine if you don't pay a smaller amount right away. Again, this is typically a scam. In all cases, you can reach out to the actual company or agency the person claims to represent to verify the legitimacy of what they're saying.

Unsolicited Calls from Law Enforcement/Government Requesting Money

If someone from law enforcement or a government department calls you requesting money, it's likely a scam. For example, if you owe money to the IRS, they will send you a letter with information—they won't call you and tell you to pay up.

Additionally, law enforcement will never call you asking for payment to get you out of an arrest warrant. If you have an arrest warrant, they will just come and arrest you—they won't call you to give you an out.

Requests for Payment via Unconventional Methods

If the person you're speaking to requests payment via any of the following methods, it's likely a scam:

• Cryptocurrency
• Wire transfer (e.g., MoneyGram)
• Gift cards

Scammers only want you to pay using methods that can't be traced back to them and can't be reversed.

How to Beat Threats and Extortion

To beat threats and cyber extortion attacks, remember these tips:

• Ask for the person's name and tell them you'll call back. Then, call them back using the company/department number you find online and ask to be transferred to them.
• Never provide any payment or information to someone who claims something terrible may happen if you don't.
• Don't believe calls from law enforcement (e.g., the FBI) claiming you risk being arrested unless you pay money.
• Don't believe anyone who asks for payment via non-conventional methods.
• Even if it seems like you're dealing with a legitimate collection agency or government organization, do not provide any info or payment unless you can verify the legitimacy of the call or email.
• Keep all your files safe by using a virtual private network, anti-virus software, and anti-malware software.
• Don't click on any links or open any email attachments unless you can verify it is from a safe sender.
• Don't use public WiFi when accessing sensitive information or files.

NordVPN

• Malware and adware blockers.
• Secure 6 devices at once.
• 30-day money-back guarantee.

---

Advanced security features.

Protects against phishing and malware attacks.

NordVPN.com

Surfshark

• Military-grade encryption.
• Protection for unlimited devices.
• Allow specific sites to bypass VPN.

---

Great for families.

Connect unlimited devices simultaneously.

SurfShark.com

Express VPN

• Find the fastest server in your location.
• Use on up to 5 devices.
• Robust data encryption.

---

Best for streaming.

Unlock all major streaming services.

30-Day Free Trial

ExpressVPN.com

Fallen Victim to a Threat or Extortion?

If you've fallen victim to a threat or extortion scam, you should report it to:

• The FBI
• The company or government agency they were impersonating
• Your local police

If you've sent money to someone using a cryptocurrency exchange or a gift or store card, you may be able to prevent the payment from going through before they claim the funds. Contact the card-issuing company or the crypto exchange and explain the situation. However, in most cases, the scammer will claim the money immediately, so you don't have time to reverse it.