What is cyber extortion?

Cyber extortion is a broad category of internet and computer-related crime. As the name suggests, the cyberattacks included under this umbrella term involve criminals forcing people and businesses to hand over money or sensitive data, often with threats and coercion.

Cyber extortion attacks involve hackers attempting to convince, trick, or bully a victim into giving up money or confidential data (or both). Hackers can do so through phishing emails, ransomware attacks, and other extortion methods. The result of a successful cyber extortion attack could be a data breach, financial theft, or even cyber espionage

Cyber extortionists have two general methods for getting what they want (which is, in most cases, money).

• Coercion and social engineering. The subtler of the two tactics involves tricking people into giving away sensitive information or handing over money directly. Hackers can pretend to be someone else — a friend, a romantic partner, or even a business like a bank or online retailer — and try to convince a victim to do what they want. Common examples of this technique include phishing emails and romance scams.
• Threats and ransom demands. If a cyber extortionist favors a more direct route, they can cause, or threaten to cause, intense distress and disruption for the person being targeted. They then give the victim an ultimatum: pay up, or suffer the consequences. The hackers could threaten to leak a victim’s personal photos or private information if they don’t pay a certain amount of money. Alternatively, they could use ransomware to make a company’s files inaccessible and return them only if a fee is paid.

Related articles

Attacks & breaches What are nation-state actors?

Aug 02, 2022

·

5 min read

Attacks & breaches Real-life ransomware examples and the damage they did

Mar 28, 2020

·

3 min read

A cyber extortion attack can come in many forms. Here are just a few of the most common types of online extortion.

Ransomware

Hackers often target businesses and government agencies with ransomware. A ransomware attack involves infecting a device with a type of malware that encrypts data, making it impossible for the device owner to access essential files and resources. The hackers then demand a ransom in return for a digital key that will allow the person or company to decrypt their files. If they fail to pay, the hacker might leak the stolen data on the dark web.

Even if they manage to regain access to their data, a ransomware attack can cause immense disruption and reputation damage. In 2021, the company operating the Colonial Pipeline in the US was hit by a ransomware attack, which caused drivers to panic-buy gasoline and drove the cost of gas up considerably.

DDoS attacks

Distributed denial of service (DDoS) attacks are used to make websites, apps, and other online services inaccessible to their intended users. These attacks usually involve hackers flooding the target with an artificially inflated volume of traffic. For example, they could use bots to overwhelm a website’s servers, ensuring that it cannot display pages for genuine visitors. The cyber extortionist then offers to call off the attack if they are paid a requested amount.

Email-based extortion

Email-based cyber extortion is common and usually sees the hacker pretending to be someone else: a business, for example, or a friend of the target. They take on this persona to lull the target into a false sense of security before trying to convince them to transfer money (perhaps pretending to be a friend in need) or expose private information (login details for a banking app, for example).

Cyber blackmail

A cyber extortionist may target a victim with blackmail, threatening to leak personal data or even compromising images unless they pay up. They may claim to have more leverage than they do, but the fear of exposure or public embarrassment can be enough to ensure that the victim pays the requested fee.

When cyber extortion occurs, it is vital that you report it because doing so can help you stay safe and lowers the likelihood of other people being targeted in the same way. You can report cyber extortion in two ways:

• Contact law enforcement. While the authorities may not be able to find and charge the person behind the extortion — perpetrators often target people in other countries — they can advise you on how to proceed. Many law enforcement organizations have specialized officers and units to deal with issues around cybercrime and extortion.
• Contact the platform on which the extortion takes place. By doing this, you alert the website or service to scams they may not have been aware of and can even get the hackers blocked or banned (though if they’re using multiple accounts, this might not keep them away for long). If you think you’ve received a phishing message on Instagram or Facebook, for example, use the sites’ reporting system to report it to moderators.

PRO TIP: Don't let scammers intimidate you into not contacting the police. It's a common tactic among fraudsters to claim that they will know if you engage the authorities, but this often not the case. If you speak with law enforcement, they can provide you with expert advice.

Cyber extortion is a very real threat for both individuals and businesses. Whether we’re talking about companies having to pay up or risk massive data breaches or individuals falling victim to manipulative phishing emails, extortion is a risk to everyone. If you are a victim of cyber extortion, you can always take steps to protect yourself.

• Contact the authorities. As soon as possible, speak to the police. This step is important for two reasons: they can advise you on the best response to the threat of extortion, and they may even be able to find the person targeting you. Many cyber extortionists will tell their victims not to contact the police, but that shouldn’t dissuade you from doing so. In most cases the perpetrator won’t actually be able to tell if you have reported them or not. Whether you’re dealing with direct extortion or other forms of cyber harassment, going to the police is a good idea.
• Be wary of emails. If you receive an email from someone you don’t know, or even a slightly unusual message from a contact you recognise, be on your guard. It could be a cyberattack, and you should always take some steps to verify an email’s authenticity. Check for spelling mistakes, unusual email handles, and attempts by the sender to pressure you into clicking on a link or exposing information. If possible, find an alternative way to contact the company or person the sender claims to be and have them confirm that the email came from them.
• Stay up to date on cyber threats. It’s important to be aware of emerging threats online. For example, if a company you have previously given your information to suffers a data breach, you should change your passwords and be extra vigilant. When news breaks that a new email scam has appeared online, take note. Knowing in advance what risks you may face makes you far less likely to fall victim to cyber extortion. To learn more about cyber threats, take a look at our Cyber Risk Index .
• Avoid potential malware sources. Malware can be downloaded from many different places: infected websites, links in suspicious emails, and even online ads. Once your device is infected with malware, it becomes extremely difficult to regain control of your data, so it’s best not to end up in that situation in the first place. Try using NordVPN’s Threat Protection feature to prevent you from stumbling onto websites that are known to spread malware. NordVPN also encrypts your connection data, and improves overall security online.