After the mega breaches of LinkedIn, MySpace, and Tumblr millions of user emails and passwords have been stolen and put up for sale on the dark web. The FBI warns that a series of bitcoin extortion cases have been reported in the US as a follow up to these breaches.
The hackers threaten to release a user’s private information such as name, phone number, address and bank information online on their social media networks unless a ransom in bitcoin is paid. The ransom varies between approximately $250 and $1,200.
“We have some bad news and good news for you,” read one e-mail. “First, the bad news, we have prepared a letter to be mailed to the following address that details all of your activities including your profile information, your login activity, and credit card transactions. Now for the good news, You can easily stop this letter from being mailed by sending 2 bitcoins to the following address.”
“Unfortunately your data was leaked in a recent corporate hack and I now have your information. I have also used your user profile to find your social media accounts. Using this I can now message all of your friends and family members.”
The FBI advises users to take measures quickly to protect their devices and private information. However, if they receive such an email, users should immediately contact the FBI, rather than pay the ransom, which will be further used to fund criminal activities.
To avoid having their personal data exposed and identity stolen, users should avoid opening emails from suspicious sources, regularly check their bank accounts to make sure no fake transactions have been recorded, use strong passwords and change them on a regular basis, and always look twice at what type of URL they click on.