Sometimes scammers try to hook you with the promise of winning money and prizes. Unfortunately, they also do the opposite, using threats and intimidation, which can be even more effective.
In a recent report by the FBI, threat and cyber extortion scams were the third most common types of online fraud in the United States. These attacks attempt to take advantage of people of all ages, seeking to scare them into providing money or login credentials.
Threats and extortion come in a variety of forms. But the intended result is always the same—to quickly intimidate a victim, get money or steal sensitive information, and then disappear. While these attackers can be elusive, there's a lot you can do to protect yourself, especially when you know how this kind of fraud works, red flags to look out for, and how to beat these scammers.
Threats and extortion scams seek to pressure people into paying money or providing sensitive information. Cybercriminals use one or multiple threats to get the target to make an emotional decision.
Threats and extortion scams have been very successful in recent years. For example, the state of Montana alone had 186 victims of extortion in one year, with victims paying, on average, $2,221 per account.
The most common forms of threats and cyber extortion are communications that appear to be from legitimate organizations and those that threaten to expose images or videos of a sexual nature, also referred to as sexploitation.
A sextortion attack typically begins with an email from the attacker saying they have footage of you in a compromising position. It could be anything from videos of you doing sexual things online, a list of your browsing history featuring visits to pornographic sites, to explicit photos.
The criminal will say they're going to publish the content online if you don't pay them a fee, often using cryptocurrency since it's impossible to track. They don't have anything on you in most cases, and they're simply after your money.
Sextortion can even target young children.
Scams where the attacker pretends to be from a legitimate company or government agency work like this:
In some cases, they may ask you for identity or account information during the attack. Even though you don't pay them money, they can still profit from selling this to someone else or using it to steal your identity.
It's common for these scammers to impersonate:
At times, a scammer may try to take advantage of someone from another country, telling them they will be deported unless they follow specific instructions. The instructions will likely include a payment request, but they may also ask for contact information, passwords, or user credentials.
Cyber extortion is where a hacker or group of hackers hold a company's data, systems, or private information (like customer details) for ransom until they are paid. These attacks use ransomware, typically sent out via links in phishing emails to employees.
When someone clicks on the link, the hackers access company systems and infect them with viruses.
There are two main types of ransomware:
Sometimes if they have managed to steal sensitive information like credit card details, they threaten to release it online. This kind of extortion is large-scale—payment demands can be in the millions of dollars.
In many cases, a threat or extortion scam is relatively easy to spot, mainly because of how the attacker tries to leverage fear during the interaction. For example, any time you get a phone call, email, or text that says something terrible will happen if you don't pay money, it may be a scam. This includes communications that seem to be from legitimate businesses you've dealt with in the past.
If you ever get an email that threatens to expose your online photos, videos, or history if you don't pay them, you should assume it is a scam. In many cases, they may not even have any of this information—they often send out a blanket email to several different people, hoping one or a few would take the bait.
Another red flag is if you get a call, email, or text message that appears to be from a company, the police, or a government official or agency, saying you'll have to pay a hefty fine if you don't pay a smaller amount right away. Again, this is typically a scam. In all cases, you can reach out to the actual company or agency the person claims to represent to verify the legitimacy of what they're saying.
If someone from law enforcement or a government department calls you requesting money, it's likely a scam. For example, if you owe money to the IRS, they will send you a letter with information—they won't call you and tell you to pay up.
Additionally, law enforcement will never call you asking for payment to get you out of an arrest warrant. If you have an arrest warrant, they will just come and arrest you—they won't call you to give you an out.
If the person you're speaking to requests payment via any of the following methods, it's likely a scam:
Scammers only want you to pay using methods that can't be traced back to them and can't be reversed.
To beat threats and cyber extortion attacks, remember these tips:
If you've fallen victim to a threat or extortion scam, you should report it to:
If you've sent money to someone using a cryptocurrency exchange or a gift or store card, you may be able to prevent the payment from going through before they claim the funds. Contact the card-issuing company or the crypto exchange and explain the situation. However, in most cases, the scammer will claim the money immediately, so you don't have time to reverse it.
If a hacker is blackmailing you to get bitcoin, it can be hard to figure out if it's an empty threat or a real one.
You may think you're being invited to an honor society, but you could be the target of a nationwide scam aimed at students.
Scammers are targeting workplaces by impersonating Slack and sending persuasive emails to trick you into giving up your login credentials.
Beware of fake USPS text messages that claim your address doesn’t match your zip code—it’s a scam to steal your Amazon login credentials.
Fabulous wealth and life-changing prizes aren't always what's to be expected after receiving a call from PCH—it could just be a scam to steal your information and money.
FedEx is warning customers of a fake text alert going around regarding an issue with a delivery. Learn how to avoid this tricky scam.
If you receive a text message from Chase Bank, don't click on any links or call the phone number listed—it could be a scam designed to steal your information and money.
You may think that that Truist have sent you a text alert about your account. Here's how to check if it is actually a scam.
Netflix has never offered a free subscription for an entire year. If you receive this offer from "Netflix," it's a scam.
Americans may see a lower tax refund this year, but we've got a few tips and tricks to get the most out of your 2022 tax return.
Multiple text message scams are circulating around the world which claim that your Apple Pay has been suspended. We provide multiple examples of this scam and how to avoid this Apple Pay scam.
How often to change brake pads on your vehicle depends on how much you drive and also your driving style and habits.
If the health dangers surrounding vape cartridges weren't bad enough, fake THC vapes containing harmful contaminants are being sold.
Keeping your accounts secure means having a unique password for each one which is difficult unless you use a password manager.
Zelle scams have reached a serious volume. New reports suggest that banks are looking at new refund protections for customers in 2023.
Hackers have gained access to 9.8 million customer records from Optus in Australia, exposing personal information such as driver licence, medicare and passport details.
Find out what the overturning of Roe vs. Wade means for abortion rights in your state.
The number of people searching for the term "COVID vaccine 5G" on Google has just hit an all-time high, but there's one way to be sure that there are no microchips.
Social media platforms are possibly the most used tools in committing fraud, responsible for $770 million in losses.