Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: What Is Cyber Extortion?
Original release date: June 10, 2022
The news is constantly reporting cyber-criminal activity and the devastating consequences of those who are compromised. This article will define what cyber-extortion is, and some steps you can take to make it less likely that you will fall prey to their criminal schemes. I will also lay out for you a vital step you can do now to help recover in the event you are compromised.
So, what is cyber-extortion? Cyber-extortion is a network/internet crime where an individual or group demands money or some other response to discontinue whatever criminal activity they are enacting against you or your business. In one type of cyber-extortion the attackers compromise a device on the victims network and then attempt to install malware known as ransomware on the device. If successful they will then inform the user of the situation and demand payment for the user to regain access to their data.
How are we so easily compromised? Email. Email has become a serious problem with the shear volume of spam that most of us receive. Cyber-criminals know most people are dealing with large volumes of junk email everyday and are likely to click on a link in an email if the email looks legitimate to the user in someway. So these attackers expend quite a lot of effort to custom craft emails to closely resemble authentic emails from companies most of us are very familiar with. Embedded in these counterfeit emails are links to malware and phone numbers to hack groups. Once the link is clicked or the number is called you are well on your way to full compromise and at their mercy.
So what can we do to help avoid this situation? First step, don’t trust any email. You must exercise restraint and common sense. Let me give you an easy example. You receive an email stating that you just won a million dollars. All you have to do is click this link to start your claim. We now apply common sense and mark the email as Spam and then Delete it. Why? Because you did not just win a million dollars and if you click that link to claim it, your going to get something you’ll regret for a long time. Easy right? Let’s try a harder one. You receive an official looking email stating that your payment of $1,200 dollars has been successfully processed and will deduct from your account within the next 3-5 business days. The email then goes on to thank you for your payment and for being one of their valued customers. At the very bottom of the email, where you would expect it to be, is the statement: if you did not initiate this payment please click this link to cancel the payment. What do you do? Take a careful look at the return email address for the email – does it make sense? Now hover over the link they are directing you to – without clicking on it! Does the link make sense? With some training and skill you’ll be able to identify these scam emails and avoid a lot of trouble. If after examining the email you still can’t determine whether it’s legit or not, contact your IT service provider. They will take a look at the email for you and let you know if it’s legit.
What can you do now to help minimize the pain if you do become compromised? Backups. Backup, backup, backup. You hear it all the time, but are you doing it? Are you doing the right kind of backups? If not, you are in store for some serious heartache. With a proper backup system these compromises become less painful. If for some reason you or your business becomes the victim of a cyber-extortion group, it can be mitigated without paying them a dime and with minimal down-time by restoring the system (or systems) to a previous state.
In this article I have attempted to raise your awareness to the ongoing issue of cyber-extortion and cyber-criminals. These crimes are not just happening to corporations or down in the city, they’re happening to local businesses and our neighbors. Knowledge is power – if it is used correctly! I hope you will take what you have learned here and use it as a starting point for your own research into how to protect yourself and your friends from cyber-criminals.
If you have questions concerning cyber-crime, email, backup systems or any other issues give us a call.