What’s happened?

Members of the public have reported receiving scam emails. It appear to come from their own email account. Threatening to reveal intimate images of them unless they pay a fee.

This email scam is widespread, with the Australian Cyber Security Centre. Office of the eSafety Commissioner and Scamwatch receiving over 300 reports from the public this week.

How it works

This scam uses a tactic known as ‘sextortion’ – a form of online blackmail where a cybercriminal threatens to reveal intimate images of someone online, often to their friends and family, unless they pay a ransom quickly (often in cryptocurrency).

The scam uses ‘spoofing’ to make the email look like it’s come from also your own email address. Email spoofing occurs when email addresses are manipulated to come from a different source, but display as a legitimate address. This is a technique commonly used by cybercriminals to make their scam seem real.

How do I stay safe from scam email?

• If a blackmailer is threatening to reveal intimate images of you online, do not give in to their demands. Report it to the Office of the eSafety Commissioner.
• If you also receive one of these emails, don’t give the perpetrator any money or images, and stop all contact with them.
• If you’re concerned about your physical safety, call Triple Zero (000) or contact your local police.
• Change your passwords for all social media and online accounts – including your email account – straight away, and review your privacy and security settings.
• Cybercriminals can also use your personal details to their advantage, like manipulating your email address if it has been caught up in a data breach. You can check if any of your email addresses have been in a data breach by visiting https://haveibeenpwned.com/

For more information, please visit: www.staysmartonline.gov.au