Cyber Extortion: How Hackers Use Stolen Data to Blackmail You

Cyber Criminals

Extortion has been around since the beginning of mankind. It involves the act of blackmailing or shaking down an individual or group of individuals through force, threat, or coercion. It is often used to obtain money, property, or information from someone against their will.

Contrary to popular belief, extortion is not limited to gangs, criminals, or the mafia; it is also commonly found occurring between individuals and even in the business environment. On the Internet, this activity is commonly known as Cyber Extortion, and it has become very popular in the past few years.

What Is Cyber Extortion?

Cyber extortion can present itself in a variety of different ways. For example, a hacker can threaten to attack your website unless you pay them. A particularly harmful form of cyber extortion that targets individuals on the Internet is cyber blackmail, where a hacker or cybercriminal gains access to personal and/or embarrassing information on someone, and then threatens to release that information to the public unless the victim pays up. The release of this information can often be damaging to the victim’s personal life, family life, or career; and so the victim is put in a very difficult position.

A recent story in the news highlights just one case of many where a data breach of a website led to many instances of cyber extortion:

On 5/21, AdultFriendFinder LLC, an adult themed social media website, reported that hackers stole 4,135,628 member email addresses, 1,318,779 postal address details, 822,930 dates of birth,  and 1,787,930 password IDs, along with member nicknames, sexual orientations and preferences.

Breaches like the one at AdultFriendFinder are often used to extort users to pay large sums of money. A cybercriminal may threaten the victim that if they don’t pay, details about their activity on the adult-themed website will be sent to friends and family members. Unfortunately, victims are often forced to comply with the criminal’s request to prevent damage to their reputation or career.

So what can be done to mitigate the risks of you falling victim to a cyber extortionist? Here are a few tips that you should consider when surfing the Internet:

Create an Online Persona

Many Internet users feel like they are anonymous on the Internet, however there are a variety of ways that can be used by cybercriminals to trace an online identity to a real-life identity. When interacting with websites, especially those that are in a subject that would cause you embarrassment, create an alternate identity and stick to it. It’s much harder to track down SnoopyTheDog than it is to track down James_Smithfield_Boston.

Limit the use of personal details online

When interacting with strangers online, never give up details about your identity that may be used to track you down. If you create an account on a website that may be used against you in the future, limit the details that you provide, or use an online persona as mentioned above.

Use “burner accounts” when signing up for non-official services

Consider creating separate email accounts that are expressly used for the websites that you don’t want people to know about, and then use the tips above to completely disassociate your real identity from them. For payment, consider using prepaid debit cards (which can be purchased at most large stores). For telephone service consider using Google Voice or a similar service.

Don’t reuse passwords

Never reuse passwords across multiple websites, especially your email accounts. If a hacker is able to gain your email address and password for one website (such as in the case of AdultFriendFinder) they will be able to log into your email account if you’re using the same password.

Tags: , ,
Previous Post
Sandbox Environment
Malware, Spyware, Viruses, Etc.

Sandboxing 101: Protect Yourself When Opening Suspicious Documents

Next Post
Malvertising
Malware, Spyware, Viruses, Etc.

Malvertisements: How Viewing an Ad Can Infect Your Computer