Archive

Go to:

October 2017
SMTWTFS
1234567
891011121314
15161718192021
22232425262728
293031
< Sep Nov >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

7 Ways to Combat Personal Ransomware Attacks
Friday, June 10, 2016 6:35 AM

The Internet Crime Complaint Center has warned of extortion schemes connected to recent high-profile data thefts. In these schemes, fraudsters use the breach news to scare individuals into clicking a malicious link or paying a ransom.

Ransomware has surfaced as a major online security threat to businesses and individuals. While companies and other organizations are the primary targets, the IC3 said it continues to receive reports from individuals seeing extortion attempts via email.

The recipients are told that compromising images or personal information, such as names, phone numbers, addresses, credit card information and other personal details, will be released to the recipient's social media contacts, family and friends if a ransom is not paid. Recipients receive instructions to pay in bitcoin within a short timeframe. The ransom amount ranges from about $250 to $1,200.

The IC3 offered the following sample excerpts from the extortion emails:

  • “Unfortunately your data was leaked in a recent corporate hack and I now have your information. I have also used your user profile to find your social media accounts. Using this I can now message all of your friends and family members.”
  • “If you would like to prevent me from sharing this information with your friends and family members (and perhaps even your employers too) then you need to send the specified bitcoin payment to the following address.”
  • “If you think this amount is too high, consider how expensive a divorce lawyer is. If you are already divorced then I suggest you think about how this information may impact any ongoing court proceedings. If you are no longer in a committed relationship, then think about how this information may affect your social standing amongst family and friends.”
  • “We have access to your Facebook page as well. If you would like to prevent me from sharing this dirt with all of your friends, family members and spouse, then you need to send exactly five bitcoins to the following address.”
  • “We have some bad news and good news for you. First, the bad news, we have prepared a letter to be mailed to the following address that details all of your activities including your profile information, your login activity and credit card transactions. Now for the good news, you can easily stop this letter from being mailed by sending two bitcoins to the following address.”

The IC3 gave consumers the following tips to avoid becoming a victim:

  1. Do not open emails or attachments from unknown individuals. Fraudsters quickly use the news release of a high-profile data breach to initiate an extortion campaign.
  2. Monitor bank account statements regularly, as well as credit reports at least once a year for any fraudulent activity. Those who believe they are scam victims should reach out to their local FBI field office and file a complaint with the IC3 at ic3.gov.
  3. Do not communicate with the subject. The FBI suspects multiple individuals are involved in these extortion campaigns. The FBI does not condone the payment of extortion demands, as the funds facilitate continued criminal activity.
  4. Do not store sensitive or embarrassing photos online or on mobile devices. They could end up as a part of the ransom demand.
  5. Use strong passwords and do not use the same password for multiple websites. According to the Los Gatos, Calif.-based cybersecurity firm SplashData, the most commonly used passwords are “123456” and “password.”
  6. Never provide personal information of any kind via email. Question any emails requesting personal information. In addition, when providing personally identifiable information, credit card information or other sensitive information on a website, ensure the transmission is secure by verifying the URL prefix.
  7. Set security settings for social media accounts at the highest protection levels. Even Facebook CEO Mark Zuckerberg’s Twitter and Pinterest accounts faced a compromise, likely because of a huge LinkedIn password hack.

Source:  Credit Union Times, June 7, 2016