Stay Smart Online Advice. Sextortion Scams. 17.04.2020

image

image

16 April 2020

What’s happened?
The Australian Cyber Security Centre (ACSC) is warning Australians to be alert to an email ‘sextortion’ campaign.

The ACSC has received more than 1,900 reports of the emails since 9 April. The cyber scammers responsible are threatening to release personal and sensitive information to the recipient’s contacts unless the scammer is paid in cash or bitcoin.

The ACSC has not received any reports of financial loss in relation to this scam.

How it works
This scam uses a tactic known as ‘sextortion’ – a form of online blackmail where a cyber scammer threatens to reveal intimate images of someone online, often to their friends and family, unless they pay a ransom quickly (often in cryptocurrency). Typically, the scammers have no compromising information.

The email scammers also may also claim to have compromised a computer, or other electronic device, and include either a password or partial password that the recipient has used in the past.

In this case, the name of the ‘sender’ was different in each instance of the email address.

How do I stay safe?

  • In most cases, if you receive an email there is no reason to be concerned. These emails are typically generated in their thousands by online scammers using limited personal details, with the aim of scaring recipients into paying the ransom.The information in the email is often collect from the internet from previously known data breaches.
  • If you receive one of these emails, don’t give the perpetrator any money or images, and stop all contact with them.
  • If a blackmailer is threatening to reveal intimate images of you online, do not give in to their demands. Report it to the Office of the eSafety Commissioner.
  • If the email includes a password which you recognise, or is similar to one you are currently using, you should change all accounts which use this password. Make sure to use a strong password and don’t reuse passwords across different accounts.
  • To find out where your email may have been included as part of a data breach visit Have I Been Pwned.
  • If you have concerns about your physical safety, call Triple Zero (000) or contact your local police.
  • Further information on securing your online accounts can be found in the ACSC’s Easy Steps Guide.
  • To report a cyber security incident or crime to police, visit cyber.gov.au/report.

We encourage you to share this information with your family, friends and colleagues.

More information
If you have experienced image-based abuse, you can also contact the Office of the eSafety Commissioner to report and seek support, including links to counselling support services.

You can report scams to Scamwatch.

See our Get help page for more support resources.

To stay up-to-date on the latest online threats and how to respond, follow us on Facebook and sign up to the Stay Smart Online Alert Service.

The information provided here is of a general nature. Everyone’s circumstances are different. If you require specific advice you should contact your local technical support provider.

Feedback
Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.

Disclaimer
You may have noticed we’ve updated our branding, to incorporate the Australian Cyber Security Centre (‘the ACSC’) logo, and complement the ACSC colours. This is to better reflect that Stay Smart Online is a part of the ACSC.

This information has been prepared by the ACSC. It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.

CONTACT US
Facebook: www.facebook.com/staysmartonline
Email: StaySmartOnline@cyber.gov.au
Web: www.staysmartonline.gov.au

© 2019 Australian Government.


All rights reserved.

5 Likes

I’ve had a few of these over the past year. Deleted after telling the sender where to go.

4 Likes

This has been around for years and discussed at length …

3 Likes