Sometimes scammers try to hook you with the promise of winning money and prizes. Unfortunately, they also do the opposite, using threats and intimidation, which can be even more effective.
In a recent report by the FBI, threat and cyber extortion scams were the third most common types of online fraud in the United States. These attacks attempt to take advantage of people of all ages, seeking to scare them into providing money or login credentials.
Threats and extortion come in a variety of forms. But the intended result is always the same—to quickly intimidate a victim, get money or steal sensitive information, and then disappear. While these attackers can be elusive, there's a lot you can do to protect yourself, especially when you know how this kind of fraud works, red flags to look out for, and how to beat these scammers.
Threats and extortion scams seek to pressure people into paying money or providing sensitive information. Cybercriminals use one or multiple threats to get the target to make an emotional decision.
Threats and extortion scams have been very successful in recent years. For example, the state of Montana alone had 186 victims of extortion in one year, with victims paying, on average, $2,221 per account.
The most common forms of threats and cyber extortion are communications that appear to be from legitimate organizations and those that threaten to expose images or videos of a sexual nature, also referred to as sexploitation.
A sextortion attack typically begins with an email from the attacker saying they have footage of you in a compromising position. It could be anything from videos of you doing sexual things online, a list of your browsing history featuring visits to pornographic sites, to explicit photos.
The criminal will say they're going to publish the content online if you don't pay them a fee, often using cryptocurrency since it's impossible to track. They don't have anything on you in most cases, and they're simply after your money.
Sextortion can even target young children.
Scams where the attacker pretends to be from a legitimate company or government agency work like this:
In some cases, they may ask you for identity or account information during the attack. Even though you don't pay them money, they can still profit from selling this to someone else or using it to steal your identity.
It's common for these scammers to impersonate:
At times, a scammer may try to take advantage of someone from another country, telling them they will be deported unless they follow specific instructions. The instructions will likely include a payment request, but they may also ask for contact information, passwords, or user credentials.
Cyber extortion is where a hacker or group of hackers hold a company's data, systems, or private information (like customer details) for ransom until they are paid. These attacks use ransomware, typically sent out via links in phishing emails to employees.
When someone clicks on the link, the hackers access company systems and infect them with viruses.
There are two main types of ransomware:
Sometimes if they have managed to steal sensitive information like credit card details, they threaten to release it online. This kind of extortion is large-scale—payment demands can be in the millions of dollars.
In many cases, a threat or extortion scam is relatively easy to spot, mainly because of how the attacker tries to leverage fear during the interaction. For example, any time you get a phone call, email, or text that says something terrible will happen if you don't pay money, it may be a scam. This includes communications that seem to be from legitimate businesses you've dealt with in the past.
If you ever get an email that threatens to expose your online photos, videos, or history if you don't pay them, you should assume it is a scam. In many cases, they may not even have any of this information—they often send out a blanket email to several different people, hoping one or a few would take the bait.
Another red flag is if you get a call, email, or text message that appears to be from a company, the police, or a government official or agency, saying you'll have to pay a hefty fine if you don't pay a smaller amount right away. Again, this is typically a scam. In all cases, you can reach out to the actual company or agency the person claims to represent to verify the legitimacy of what they're saying.
If someone from law enforcement or a government department calls you requesting money, it's likely a scam. For example, if you owe money to the IRS, they will send you a letter with information—they won't call you and tell you to pay up.
Additionally, law enforcement will never call you asking for payment to get you out of an arrest warrant. If you have an arrest warrant, they will just come and arrest you—they won't call you to give you an out.
If the person you're speaking to requests payment via any of the following methods, it's likely a scam:
Scammers only want you to pay using methods that can't be traced back to them and can't be reversed.
To beat threats and cyber extortion attacks, remember these tips:
If you've fallen victim to a threat or extortion scam, you should report it to:
If you've sent money to someone using a cryptocurrency exchange or a gift or store card, you may be able to prevent the payment from going through before they claim the funds. Contact the card-issuing company or the crypto exchange and explain the situation. However, in most cases, the scammer will claim the money immediately, so you don't have time to reverse it.
If a hacker is blackmailing you to get bitcoin, it can be hard to figure out if it's an empty threat or a real one.
If you're one of the millions of people who buy products from Amazon, you've likely received a text message or two that seem a bit suspicious. We teach you how to identify a fake text and avoid being scammed.
If you received a text from Venmo with a link to verify a payment or deposit, or are asked to complete a survey in exchange for money, it may be a scam.
Sketchy diet pill companies are at it again, using Rebel Wilson's name to falsely endorse their weight loss products.
Scammers are using SMS messages to send fake alerts to customers regarding a package delivery. Here's what to know about this scam.
Verizon may send you text messages from time to time with account updates or data usage alerts, but beware—most of these aren't really from Verizon but scammers.
FedEx is warning customers of a fake text alert going around regarding an issue with a delivery. Learn how to avoid this tricky scam.
T-Mobile customers are receiving scam texts designed to steal personal data. Here are the most common versions to watch out for.
A Navy Federal scam text is going around looking to trick individuals into giving up their personal or account information. Here's what you need to know.
AT&T customers who have received spam text messages need to be careful not to click the link included. Find out how to identify scams and how to block spam texts.
If you're on the hunt for a new pair of Yeezys keep your eyes peeled for fake versions being sold online.
If your new EV qualifies for a government tax rebate, you may be eligible for a federal income tax credit of up to $7,500.
If you're in a hurry to lose weight, the 3-day military diet promises to be the answer to shedding those unwanted pounds fast. But how safe is it really?
Learn how to spot the difference between a genuine and fake bank text and protect yourself from fraud.
When it comes to insurance coverage, every collector’s needs are different. It’s important to consider your needs and explore all of your options before buying coverage.
The number of people searching for the term "COVID vaccine 5G" on Google has just hit an all-time high, but there's one way to be sure that there are no microchips.
Social media platforms are possibly the most used tools in committing fraud, responsible for $770 million in losses.
The FBI is warning Americans about a new scam circulating in the country involving fraudulent QR codes in public places.
Fake Gucci, Chanel, and Louis Vuitton handbags and clothing were just some of the items found in a large shipment of counterfeit goods coming in from China.
Robinhood's latest data breach of 5 million email addresses means that Robinhood users are about to encounter a wave of phishing attempts.