Report Crime Online Emergency Call 999

Whittlesey and District Neighbourhood Watch

Whittlesey and District Neighbourhood Watch

Creating safer, stronger and active communities

Cyber Blackmail-Extortion

This artil is about a common form of cyber extortion scam but now it includes ransomware.

 

Emails are being sent across Cambridgeshire by criminals telling the recipient similar to the following:

  1. That their devices have been compromised with spyware or a key logger.
  2. The email will often include a part or complete password that the victim will be able to identify with, or the name of a spouse or relative all to make it appear more believable.
  3. The content of the email will make accusations that the victim had been viewing illegal material online, or that they have illegal files stored on their device. There will then be a demand for a bitcoin payment. Approximate cost of the blackmail if paid, £300.
  4. The criminal may allege that they have been monitoring the victim for weeks or months.
  5. The criminal may invite the victim to click on a link in order to see the material for themselves, this is nothing more than a link to a criminally controlled website that installs ransomware onto the device. A further demand for payment will be made to un-encrypt the data.

Summary

  1. It is unlikely that the device had already been compromised prior to the delivery of the email.
  2. It is highly likely, that the email address and password had previously been obtained from a data breach via a website/server unbeknown to the victim and sold or shared amongst the cyber criminals.  
  3. The accusation of possessing illegal material is malicious social engineering, it is designed to put fear into the person reading the email and to cause a reaction in this case to pay a ransom.
  4. It is highly unlikely that the criminal has been monitoring the email account for days, weeks or months. A number of cyber criminals are lazy and they do not desire to spend any time researching victims, they just send out blanket emails and wait for a response.
  5. NEVER open an attachment or click on a link to an email you are not 100% satisfied to who actually sent it.
  6. The advice of the National Crime Agency and UK Policing, is never to pay a ransom.

For more information:

https://www.actionfraudalert.co.uk/da/242143/Extortion%20Scam.html

Keep Emails Safer

Cyber Aware is encouraging people to change their email password to make it stronger. 

People are increasingly using online space to live their lives. Making sure their space is as secure as possible is now more and more important. Many of the steps needed are quite simple to do and will keep online spaces safe and secure.

E-mail accounts contain sentimental information, such as confirmation of job offers, holiday bookings and photos of family and friends. They also contain very personal information, such as bank details, addresses or dates of birth. A weak password can enable a criminal to access e-mails, leaving users open to identity theft or fraud. Cyber Aware’s #OneReset campaign recently encouraged people to keep their inbox safe by changing their e-mail password to ensure it is strong and separate from all their other passwords.

Use three random words to create a strong password

It’s simple to help protect you and your family online by ensuring you have a strong and separate password for your email account. Many people find it hard to think up a strong password and even harder to remember what it was! 

A good way to create a strong and memorable password is to use three random words. Numbers and symbols can still be used if needed, for example 3TableSweetGrass27!  Be creative and use words that are memorable so that people can’t guess your password. Remember social media accounts can give away vital clues about a person so don’t use words which could easily link to you such as your child’s name or favourite sports team which are easy for people to guess.

Use a strong, separate password for your email

Use a strong password for your email that is not used for anything else. This means that if cyber criminals steal the password for one of your less important accounts, they can’t use it to access your email account.

Fake Police Message

In the past few days, criminals have been using an automated telephone messaging service within the UK, claiming they are from the South West Regional Cyber Crime Unit. The person listening to the message is told that their internet connection had been compromised and that it would be shut down within 24 hours. The message then invites the person listening to press 1 on their keypad to speak with the technical department. (DO NOT DO THIS)

Although the UK is covered by both regional and local cyber crime units, this is the first time we have known the criminal purport to be from a legitimate UK Police department. This is a total fraud and no one should react to the message by pressing a key other than to disconnect the call.

If you experience this kind of call please contact Action Fraud

To report fraud online click this link:  REPORT FRAUD 
  or telephone 0300 123 2040