This article is brought to you by Aura.
Watch the video to see how we protect you online.
This article is brought to you by Aura. Watch the video to see how we protect you online.
Start Free Trial
4.7-star rating on Trustpilot
4.7 stars on Trustpilot
White close button to close the window or modal
Play button to start video/audio
What is Aura? (1:10)
Play button to start video/audio

Extortion Scams: What To Know & How To Protect Yourself

Extortion is a crime recognized by both state and federal laws. If you or someone you know has been extorted, follow these steps to minimize damage.

Extortion is a crime recognized by both state and federal laws. If you or someone you know has been extorted, follow these steps to minimize damage.

Illustration of the profile view of a masked man; a metaphor for catfishing or other online scams

Aura’s app keeps you safe from scams, fraud, and identity theft. Try Aura for free.

Trustpilot logo4.5-star rating on Trustpilot
4.6 stars as of Sept. 2024

In this article:

    In this article:

      See more
      Illustration of a hand holding a phone that resembles a lock

      Aura’s digital security app keeps your family safe from scams, fraud, and identity theft.

      See pricing
      Share this:

      Understanding Extortion Emails and Scams

      Extortion scams happen when cybercriminals threaten to harm you, your family, or friends unless you follow their demands. In 2023, the FBI reported over 48,000 extortion victims — the fourth most prevalent among all online crime types [*].

      What these hackers want depends on the type of scam, but they’re usually after money, gift cards, or cryptocurrency. To get you to take the bait, they may threaten legal action, physical harm, or to leak compromising information.

      To intimidate you and drum up a sense of urgency, they show you snippets of the allegedly stolen data, such as files or screenshots. Though it often seems like posturing, extortion scams can have serious consequences.

      {{show-toc}}

      The Karakurt Group

      The Karakurt group is a data extortion gang that has broken into many victim networks and extracted vast amounts of files and information [*]. They threaten to release stolen data publicly unless they receive thousands of dollars in bitcoin ransoms.

      Yet, even when victims paid, there have been reports of the group still breaching confidentiality. Karakurt's victims are diverse and widespread, but most were chosen because they were vulnerable from either: 

      • Data breaches that exposed stolen or leaked login credentials
      • Known vulnerabilities inside public-facing apps

      Examples of Real-life Extortion Scams

      Most extortion scams share similar motives, but their tactics and targets can vary. The following are examples of some of the more common types of extortion scams:

      1. Financial sextortion scams

      Sextortion or sexploitation scams involve cybercriminals blackmailing minors with illicit material. According to the FBI, there were more than 12,600 of these online scams reported over an 18-month period between 2021 and 2023 [*]. 

      The Yahoo Boys, for instance, target victims through social media and messaging apps. Using a combination of fake social media accounts, generative artificial intelligence (AI), and advanced social engineering methods, these criminals pose as teenage girls or young women and catfish their male victims. 

      The group has also been known to coerce minors into sending compromising photos, only to later threaten and extort them. 

      2. Email-based extortion

      Email-based extortion scams allege that they've accessed your webcam or infected your device with malware to excise data. These emails threaten to expose personal or embarrassing information or harm the victim's computer.

      While there are exceptions, the majority of these scams are hoaxes. Scammers broadcast generic emails, waiting for the most pliable victims to respond. Despite their threats, it's unlikely they can actually harm you. 

      After an analysis of more than 300,000 extortion emails, researchers found that the same 100 email addresses were responsible for over 80% of the attacks [*]. In 90% of these cases, the demands are for less than $2,000 — to be paid in Bitcoin.

      {{show-cta}}

      3. Romance scams

      Similar to sextortion scams, romance scams contrive a fake persona to attract victims on social media and dating sites. These fraudsters painstakingly build relationships with their victims before eventually asking for money in some form. 

      Depending on the scam, the scammers may apply emotional pressure or use blackmail to get what they want. To choose their victims, they may cast a wide net and see who responds. They may also pick individuals that meet certain parameters — such as being single and emotionally vulnerable — particularly among the elderly.  

      When a New Jersey couple conned a 74-year-old-man, they posed as a famous actress interested in pursuing him [*]. The scammers then impersonated the FBI and threatened to pursue a sexual harassment lawsuit. They had been logging intimate conversations and photos to extort the victim.

      How To Protect Yourself and Your Family

      Extortion scams are designed to rush you into making decisions, but paying a ransom is almost never the solution. According to the FBI, this only encourages cybercriminals and in no way guarantees your safety.

      In fact, those who paid lost an average of $575 each, totaling over $430 million in 2023 [*]. Here are some of the best ways to safeguard yourself and your family:

      Protect your children online

      Set up parental controls:

      • On an Android device, filter content by using the built-in Parental Controls in the Family section of your device settings. You can also download Google Family Link and set restrictions for Google Play and Chrome [*].
      • On an Apple device, you can monitor your child's online activity by using Screen Time. Set Content & Privacy Restrictions, such as blocking websites and refining gaming settings [*].
      • On a Windows 10/11 PC, use Microsoft's Family Safety to create a child profile, set content filters, and restrict website access [*].

      Review app privacy settings:

      • For YouTube, enable Restricted Mode in your child's profile settings to filter out mature content. You can also download YouTube Kids and approve the content that your children can access. 
      • For TikTok, enable the Family Pairing function in Settings and Privacy. Customize the commenting, messaging, and search settings on your child's account.
      • For Xbox, use the Family Settings app to add or create a child account. Then set age, communication, and multiplayer gaming restrictions. 
      • For Playstation, adjust privacy settings and permitted games under Family Management Account Management
      • For Nintendo Switch, you can choose preset restrictions based on your child's age. Or, create custom restrictions by using Nintendo's parental controls app. 

      Set a universal screen time limit

      • You can manually set time limits on your childrens' devices or manage them all together. Aura's parental controls allow you to create universal screen time limits (and content filters).
      • Set one daily online time limit, or set individual limits for specific devices, sites, and apps.

      Support seniors at home

      • Add a trusted contact to your elderly loved ones’ financial accounts. If any suspicious activity is flagged in their bank or credit card accounts, the bank will inform this contact. 
      • Limit what they share online. Scammers wield any information they can against their victims — including names, addresses, or even dates of birth. Show senior family members how to reduce the information that they share via social media. 
      • Help seniors understand what phishing looks like. Go over common scams, red flags, and what to do if they receive a phishing email.

      Other ways to stay safe

      • Remove yourself from data broker sites. Data brokers publish and sell your personal data, including personally identifiable information (PII) and browsing history. You can manually remove your information from these sites or use Aura's removal service.
      • Use strong passwords. Lock down your online accounts with unique passwords and a password manager. Also set up two-factor (2FA) or multi-factor (MFA) authentication for more protection.
      • Keep your devices, apps, and antivirus up to date. Turn on automatic updates on all of your devices. Also use reliable antivirus software — like the program included with every Aura plan — across your devices.
      • Shield your email address. Consider setting up a burner email address for online activities to keep your personal and work email addresses safe. MacOS users can use the Hide My Email feature to keep emails private [*], while Aura's email masking feature gives you an email alias to use on any device.
      ⛳️ Try Aura yourself — for free. Sign up for a 14-day free trial and see how easy it is to protect yourself and your loved ones from scammers and hackers.

      If You Think You May Have Been Scammed:

      Extortion is a crime recognized by both state and federal laws [*,*]. Penalties, which can be severe, vary based on jurisdiction, the crime’s seriousness, and its methods. In California, for example, extortion is a felony, punishable by imprisonment and fines up to $10,000 [*].

      If you or someone you know has been extorted, follow these steps to minimize damage:

      • Refuse to pay any ransoms. However, if you have already paid by debit or bank card, contact your bank and try to stop or reverse the fraudulent transaction. If you paid by using a gift card, alert the issuing company and ask for a refund.
      • Stop all communications with the scammer. Quickly save any messages for your records, and then cut the conversation short.
      • Freeze your credit and bank accounts. Contact each of the major credit bureaus (Equifax, Experian, and TransUnion) and freeze your credit files. Also alert your bank about the scam and follow its procedure to freeze or close your accounts. 
      • Run an antivirus scan. Sweep your computer for malicious files or programs in order to remove any access the scammer may have over your device.
      • Secure your online accounts with new passwords to avoid being locked out by intruders.
      • File a report with the Federal Trade Commission (FTC). Visit ReportFraud.ftc.gov to file a report and receive advice on next steps.
      • Contact law enforcement. Depending on the nature of the crime, you can file a police report with your local police department or the FBI. If the crime involves a minor, visit tips.fbi.gov or call 1-800-CALL-FBI. You can also use the National Center for Missing and Exploited Children’s Take it Down tool to remove personal images from the internet.
      • File a complaint with the Internet Crime Complaint Center (IC3). Visit ic3.gov to file a complaint. Your report will then be shared with the appropriate investigative organization.
      • Use Aura’s Dark Web scanner to see if your information has been compromised. Aura will scour the Dark Web to see if your email address or personal information has been leaked. 

      No matter how safe you are and how fast you respond to fraud, it may not be enough. Use Aura’s identity theft protection solution to monitor sensitive information, and online accounts for your entire family.

      Let Aura stand sentry to your identity, information. Start a 14-day free trial.

      Editorial note: Our articles provide educational information for you to increase awareness about digital safety. Aura’s services may not provide the exact features we write about, nor may cover or protect against every type of crime, fraud, or threat discussed in our articles. Please review our Terms during enrollment or setup for more information. Remember that no one can prevent all identity theft or cybercrime.

      Is this article helpful so far?
      Yes
      No
      Skip
      Need an action plan?
      No items found.
      Is your child ready for a cell phone? Take this quiz to find out.
      Start Quiz
      Illustration of a tilted question mark
      What do hackers
      know about you?
      Run a scan and find out now.
      By entering your email and clicking "Scan", you agree to our Terms and acknowledge our Privacy Policy.

      Award-winning identity theft protection with AI-powered digital security tools, 24/7 White Glove support, and more. Try Aura for free.

      Related Articles

      Illustration of a senior sitting down with a laptop on their lap with the Aura logo on the back
      Identity Theft

      The 7 Best Identity Theft Protection Services for Seniors

      Seniors (and their loved ones) should look for services that include retirement account monitoring, home title protection, and generous insurance coverage.

      Read More
      November 8, 2024
      Illustration of a child sitting and leaning against a giant text message box with symbols to signify abusive language
      Family Safety

      The Effects of Cyberbullying (And How To Protect Your Children)

      The effects of cyberbullying can be hard to spot. But it’s crucial that parents know the warning signs to keep their kids safe online.

      Read More
      November 3, 2023

      Try Aura—14 Days Free

      Start your free trial today**