Cyber Blackmail – Do’s and Don’t’s

In Interviews

Morgan Wright, Chief Security Advisor at SentinelOne, discusses with Security MEA about cyber blackmailing and steps to be taken to mitigate the risk of becoming a victim of cyber blackmail.

What is cyber blackmailing and how does it work?

Cyber blackmailing plays upon the fears of people, and exploits their lack of technical expertise, to obtain money, photos, or instill fear. Many times, contact is initially made from a public post, and the victim is gradually ‘groomed’ into providing more personal information, or pictures. This process could take a few days to a few weeks. The goal of the blackmailer is to get the intended victim to become less and less apprehensive about their activity. Once the compromising material is obtained, then demands more explicit photos or money is generally made. The threat being that if the victim does not comply, the embarrassing information will be made public. Generally, men are targeted with this scheme more often than women.

Which age group is particularly targeted more?

It crosses many age ranges, but men seem to be targeted more than women.

Do the victims and the perpetrators of cyber blackmail fit into any specific profiling?

The victims may be people who are looking for attention and are receptive to compliments about their appearances. The criminals don’t really care about their looks – they only care about exploitation. Older people tend to be lonelier and can be more easily exploited.

What are the various methods used for cyber blackmailing?

It can involve compromising a victim’s personal email account or obtaining access to their storage account where personal photos and information are kept. This could start off as a phishing email, purporting to be something of interest to the victim, and getting them to click a link. This leads to hijacking the account and downloading personal data.

Another method is to just scan social media, looking for potential targets and starting up non-threatening conversations with them. Once someone is found to be receptive, the conversation gradually moves into active exploitation.

 What are the provisions as per the laws in the UAE that we should be aware of that addresses the issue of cyber blackmail?

Under UAE law, cybercrime is punished by a minimum of two years in jail and/or fines that range between Dh250,000 and 500,000. Since confidentiality is of utmost importance, victims can use a smartphone app – “inform the prosecution” – and notify authorities.

How should one respond to cyber blackmail?

Report it immediately. Many victims will be reluctant because of societal norms, or religious views, and decide to live with the shame and the blackmail. The criminal is counting on this. If you compromise once with blackmailers, they can count on you compromising twice. Stop the cycle by reporting any cyber blackmail right away.

Basic do’s and dont’s to be followed to ensure we don’t become victims of cyber blackmail.

• Be cautious what you post on social media. This is how criminals begin targeting their next victim. Be very careful of unsolicited direct messages.

• Always protect your stored information by encrypting it, using strong passwords, and multi-factor authentication (like Authy, Google Authenticator, Microsoft Authenticator, etc.).

• Don’t click on links in unsolicited emails (phishing emails).

• Never share personal details or information with persons you know only from online. You have no way of knowing who they really are.

• Keep your software on all devices up-to-date and always apply the latest security patches.

• Utilize the privacy features of your devices and apps. Keep the exposure of personally identifiable information to an absolute minimum.

Comments

You may also read!

ESET recognized with Outstanding Product Award by AV-Comparatives

ESET, today announced that it has received recognition with an Outstanding Product Award in AV-Comparatives’ Public Consumer Main Test

Read More...

COVID-19 Shifts 2021 Security Spending Priorities for Businesses

Toni El Inati – RVP Sales, META & CEE, Barracuda Networks, explains the shift in 2021 security spending priorities

Read More...

DNS services are the most targeted part of telco networks finds Telecoms.com survey

DNS services are the most attacked part of telcos’ networks, according to the recently released Telecoms.com Annual Industry Survey.

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu