Oregon FBI Tech Tuesday: Building a Digital Defense Against COVID-19 Extortion Scams

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: building a digital defense against extortion scams. 

During the COVID-19-related stay-at-home orders, the FBI’s Internet Crime Complaint Center (IC3) has seen an increase in reports of online extortion scams. Because many people are staying inside and likely using the computer more than usual, scammers know they can use this opportunity to find new victims to pressure into sending money. The extortionists’ threat: they will release sexually explicit photos or personally compromising videos to the victim’s contacts if they do not pay.  

It’s important to remember that scammers adapt their schemes to capitalize on current events such as the COVID-19 pandemic, high-profile data breaches, or new trends involving the Internet, all in an attempt to make their scams seem more authentic. 

Online extortion schemes vary, but there are a few common indicators. Here are some red flags:  

  • The online extortion attempt comes as an e-mail or letter from an unknown party and, many times, will be written in broken English with grammatical errors. 
  • The scammer will include the recipient’s personal information – such as a user name or password – at the beginning of the message. 
  • The extortionist will accuse the recipient of visiting adult websites, cheating on a spouse, or being involved in other compromising situations. 
  • The message includes a statement such as, “I had a serious spyware and adware infect your computer,” or “I have a recorded video of you” as an explanation of how he gathered the information. 
  • The e-mail or letter provides a short window to pay, typically 48 hours. 
  • The extortionist instructs the victim to pay the ransom in cryptocurrency in an attempt to make the transaction more anonymous.    

Here’s how to protect yourself: 

  • Don’t open e-mails or attachments from unknown people, and don’t communicate with those who send unsolicited messages. 
  • Don’t store sensitive or embarrassing photos or information online or on your mobile devices. 
  • Monitor your bank account statements regularly and your credit report at least once a year for any unusual activity. 
  • Use strong passwords and don’t use the same password for multiple websites. 
  • Never provide personal information of any sort via e-mail. Be aware that many fraudulent e-mails requesting your personal information appear to be legitimate. 
  • Make sure you have activated the security settings for social media accounts and that they are set at the highest level of protection. 

Note: the FBI does not condone the payment of online extortion demands as the funds will facilitate continued criminal activity, including potential organized crime activity and associated violent crimes. 

As always, if you have been victimized by a cyber fraud, you can report it to the FBI’s Internet Crime Complaint Center at www.IC3.gov