FBI warns about email extortion attempts following data breaches
FBI’s Internet Crime Complaint Center has issued a public service announcement warning users about email extortion attempts related to recent high-profile data thefts.
The contents of the emails, i.e. the threats, vary depending on what information was stolen and/or leaked following a specific breach, and the extortionists request 2 to 5 Bitcoins (approximately $250 to $1,200) to not send the data to the victims’ family and friends (either via social media or actual letters).
For example, if the victims’ data was contained in their adult dating site account, which includes their sexual preferences and activities, they might receive a message that goes like this:
“If you think this amount is too high, consider how expensive a divorce lawyer is. If you are already divorced then I suggest you think about how this information may impact any ongoing court proceedings. If you are no longer in a committed relationship then think about how this information may affect your social standing amongst family and friends.”
“Fraudsters quickly use the news release of a high-profile data breach to initiate an extortion campaign. The FBI suspects multiple individuals are involved in these extortion campaigns based on variations in the extortion emails,” the alert notes.
Vast troves of user data stolen in the LinkedIn, Tumblr, but also Fling.com and Beautiful People breaches have been offered for sale in the last few months.
The extortionists might have gotten their hands on it, but it’s also possible they haven’t, and they are simply sending out random emails in the hopes that the recipients have actually opened an account with those services.
There is a precedent for similar extortion attempts: last year’s leak of user data from the Ashley Madison breach.
The FBI advises victims not to pay the ransom. Instead, they want them to reach out to their local FBI field office and file a complaint with the IC3, which should include the extortion e-mail with header information and the Bitcoin address.