Maryland residents who receive threatening emails warning their privacy has been compromised may be the targets of an online extortion scam, Maryland Attorney General Brian Frosh warned in a statement issued Monday.
The scammers attempt to exploit the feeling of vulnerability created by the ubiquity of internet connected devices and the potential security risks they expose if those devices can be hacked and used to “spy” on someone within their own home.
A common scam, Frosh’s statement warned, involved people getting emails saying their accounts have been compromised, often with a password for an account shown in the email. The password is usually obtained through a larger data breach of a corporation, meaning scammers have likely not gotten hold of an individual’s email or password. Regardless, scammers attempt to use their target’s unease about internet security to threaten they can release embarrassing photos or video, perhaps obtained through another device connected to the internet, to the target’s email contacts list.
If you have been targeted by such a suspicious sounding email, do not pay into the extortion scam. Instead, Frosh’s office said to:
- Change your email password immediately to something you have not used before for any account.
- Don’t click on any links in the email.
- Delete the scam email.
- Block the sender from sending you future emails or materials, if possible.
- If you are still worried about someone potentially hijacking devices like a webcam, take the advice of internet security professionals, and put some black tape on the camera when you’re not using it.
“If you get a threatening email like this, delete it,” said Frosh in his statement. “It’s a numbers game for these thieves; only one person has to fall for it for the scammer to make thousands of dollars. Don’t fall for it; it’s a scam, plain and simple.”