NOTICE: Online extortion scams increasing during COVID-19 pandemic

Thursday, April 23, 2020

The FBI's Internet Crime Complaint Center (IC3) has seen an increase in online extortion scams, and U-M is experiencing a similar increase.

4/29/20 update: The Federal Trade Commission (FTC) reports that these emails are continuing to increase: Scam emails demand Bitcoin, threaten blackmail (FTC, 4/29/20).

Emails received at U-M

Subject lines vary, but the emails seen at U-M claim to have the recipient's password for accounts such as Facebook, LinkedIn, or other popular services, as well as embarrassing or compromising video or photos obtained through spyware. The emails threaten to forward the video or photos to others unless payment is made using Bitcoin or other cryptocurrency.

This is a resurgence of an old scam seen at U-M in the past:

The password included in the scam messages is typically one used outside the university that was exposed in a large data breach. Exposed passwords are widely available to attackers on the Dark Web. For example, millions of passwords exposed in data breaches years ago at LinkedIn, Yahoo, Sony, eBay, and others are still used by cyber criminals and other attackers. This is why it is so important that you not reuse old passwords.

Do not reply

This is a scam. The sender does not have explicit photos or video of you. Do not reply to the extortion email. Do not pay the ransom. If you are still using the password included in the email anywhere, change it immediately.

If your UMICH account or password is involved, change your password and report the incident. ITS Information Assurance staff will follow up to see if there are logins to your U-M account from suspicious Internet Protocol (IP) addresses and advise you if any action is needed.

How to protect yourself from scams like this

You can check Phishes & Scams on the Safe Computing website for examples of recent phishing and scam emails received at U-M.