Action Fraud, the national fraud and cybercrime reporting centre said it has seen an increase in cases of ‘sextortion’ since the start of October.
Thirteen sextortion scam attempts have were reported in the North Wales area last month.
Sextortion scams are a type of phishing attack where people are coerced into paying a BitCoin ransom because they have been threatened with sharing video of themselves visiting adult websites.
An Action Fraud spokesperson said: “These scams are made to appear all the more credible because they provide seemingly plausible technical details about how this was achieved, and the phish can sometimes also include the individual’s password.
The phisher is gambling that enough people will respond so that their scam is profitable; they are guessing and do not actually know if you have a webcam, have been visiting adult websites, or the means by which you communicate with people.
Action Fraud suspects that the fraudsters may have gained victim’s passwords from an old data breach.”
Detective Sergeant John Black from the North West Regional Organised Crime Unit said: “While we have seen an increase in reports, we know that it remains a massively under reported crime. It is only natural that a victim would feel reluctant to report it.
However, we will treat all reports with discretion and compassion, and every report to us or Action Fraud helps us identify who is responsible for sending the messages, bring them to justice and could stop others becoming victims.
There is no need to suffer in silence and I encourage anyone who has been a victim of this crime to report it.”
North Wales Police Live Chat
Action Fraud: 0300 123 2040
Advice from the National Cyber Security Centre:
• As with other phishes, our advice is not to engage with the phisher, delete the email and report it to Action Fraud: https://www.actionfraud.police.uk/report-phishing
• Do not be tempted to pay the BitCoin ransom, doing so will likely encourage more scams as the phisher will know they have a ‘willing’ customer
• Do not worry if the phish includes your password; in all likelihood this has been obtained from historic breaches of personal data. You can check if your account has been compromised and get future notifications by visiting: https://haveibeenpwned.com/
• If the phish includes a password you still use then change it immediately, advice on how to create suitable passwords and enable other factors of authentication is available from Cyber Aware: https://www.cyberaware.gov.uk/passwords
• If you have been a victim of a sextortion scam and have paid the BitCoin ransom, then report it to your local police force by calling 101
• If you need emotional support this is available from charities such as Victim Support by calling 0808 168 9111 or visiting: https://www.victimsupport.org.uk/
Action Fraud has also published some useful guidance in response to sextortion scams: https://www.actionfraud.police.uk/alert/alert-cyber-criminals-send-victims-their-own-passwords-in-new-sextortion-scam