Scammers are finding new ways to target people, threatening to share compromising footage captured without victims’ knowledge unless they transfer large sums of money, Action Fraud has warned.
At least 110 cases so far have been reported to the organisation, which is the UK’s national reporting centre for fraud and cyber crime and part of the City of London Police.
Which? explains what the scam is, what to do if you’ve been affected and how you can prevent becoming the next victim.
What are the scammers doing?
In a new tactic by scammers, the bribery begins with the cyber criminal emailing the victim with their own password as ‘proof’ that they have been hacked in some way.
In a twist straight out of dystopian sci-fi series ‘Black Mirror’, the hacker then claims to have discovered not just the victim’s password, but also footage of adult content that they’ve been watching, footage of the victim watching it, plus details of their contacts on Facebook, Messenger and email.
The victim is left with the choice of sending a large Bitcoin payment to the hacker, or taking the risk that very private footage could be revealed to everyone they know.
Action Fraud has said there is currently no evidence to suggest that these videos have actually been made, although it’s worth bearing in mind that it is possible for your webcam to be hacked.
The issue is also not necessarily specific to computers, Action Fraud has said.
While 110 instances of this fraud have been recorded so far, it could be the case that many more people have been too embarrassed to come forward.
If you have been scammed, defrauded or experienced cyber crime, you should always report it to Action Fraud.
Could I be at risk?
It’s suspected that, rather than actually hacking into individuals’ computers and gaining access to their screens and passwords, fraudsters have actually gained victims’ passwords from old data breaches.
These are incidents where people have signed up to various accounts, which have then been hacked, and the data has been sold on to a network of cyber criminals.
Several data breaches have taken place over the years, and not all of them hit the headlines.
Action Fraud recommends checking whether your details have been accessed on the website Have I been pwned?. After entering your email address, it will tell you whether any sites holding your details have been hacked and which details could have been stolen.
In regards to this latest scam, Action Fraud has run some victims’ email addresses through the site and found almost all affected accounts were identified as at risk.
- Find out more: My data has been lost after a breach, what are my rights?
I’ve received these emails. What should I do?
The police advise against paying criminals and you shouldn’t email the fraudsters back.
Instead, report the incident to Action Fraud as a phishing attempt through the online form.
If you’ve received the email and have already paid the fine, report the incident to your local police force.
- Find out more: How to get your money back after a scam
How to protect yourself from scammers
There are steps you can take to keep your identity safe online.
Action Fraud suggests doing the following:
- Always use a strong and separate password for any account you set up. If possible, enable two-factor authentication (2FA).
- Regularly update your antivirus software and operating systems.
- Cover your webcam whenever it’s not in use.