What Is Cyber Extortion?

by Billy J Long Guidance, PSA Articles

Article (PSA‑0019)

Cyber‑extortion is a crime in which an attacker compromises a device or network and then demands money (or another concession) to stop the malicious activity. The most common form is ransomware – malicious software that encrypts files and displays a demand for payment to restore access.

How Attackers Get In – The Email Factor

  • High‑volume spam gives attackers a huge audience.
  • Phishing emails are crafted to look like legitimate messages from banks, retailers, courier services, etc.
  • These emails contain malicious links or phone numbers that, when clicked or called, can install ransomware or give the attacker remote access.

Spotting a Phishing / Extortion Email

  1. Don’t trust the content at face value. If an email promises a prize, a sudden payment, or urgent action, treat it with skepticism.
  2. Check the sender address. Look for subtle misspellings (e.g., support@micrsoft.com instead of support@microsoft.com).
  3. Hover over every link—no clicks. The URL shown in the tooltip should match the claimed destination and use a trusted domain (e.g., https://www.paypal.com).
  4. Look for generic greetings. Real companies usually address you by name.
  5. If anything feels off, mark the message as Spam/Junk and delete it. When in doubt, forward the email to your IT provider for verification.

Immediate Steps If You’re Compromised

  • Disconnect the device from the network (unplug Ethernet, turn off Wi‑Fi).
  • Do not pay the ransom. Paying encourages the criminal ecosystem and rarely guarantees file recovery.
  • Notify your IT support or a trusted security professional immediately.
  • Run a reputable anti‑malware scan (Microsoft Defender, Malwarebytes, etc.) to identify and remove the malicious payload.
  • If you have recent, verified backups, restore the affected system from the backup.

Why Backups Are Your Best Defense

Even the most diligent user can fall for a sophisticated phishing attack. A solid backup strategy turns a ransomware incident from a disaster into a manageable inconvenience.

The 3‑2‑1‑0 Backup Rule (quick recap)

  1. Three copies of every important file (the original + two backups).
  2. Two different media types (e.g., internal drive + external SSD, or cloud storage).
  3. One copy off‑site (cloud service or physical storage stored at a different location).
  4. Zero‑error verification – regularly test restores to ensure the backup actually works.

Simple Checklist to Reduce Extortion Risk

  • ✔️ Keep OS, applications, and security software up to date.
  • ✔️ Use strong, unique passwords and enable multi‑factor authentication wherever possible.
  • ✔️ Disable macro execution in Office files unless you specifically need it.
  • ✔️ Regularly back up critical data using the 3‑2‑1‑0 rule.
  • ✔️ Educate family or staff to recognize phishing cues (unexpected urgency, generic greetings, mismatched URLs).
  • ✔️ Restrict administrative privileges – only install software when you have admin rights.

Want Help? We’re Here for You

If you have questions about phishing, ransomware, backup strategies, or any other cybersecurity concern, call PSA Computer Services at (707) 506‑6802. A quick conversation can save you a lot of trouble later.