Several members of the University community, including faculty, staff and students, have notified Information Technology Services (ITS) that they recently received sextortion scam emails. It is important to know how to respond if you receive such an email.
What Is Sextortion?
Sextortion is a type of cybercrime in which the attacker claims to have access to intimate or compromising information about you, such as photos or videos. The sender will often demand payment, typically in cryptocurrency, in exchange for not releasing this information. To make their threats seem more real, they might include personal details such as your phone number, address or even the names of friends or family members. It is important to understand that bad actors often collect this information from publicly available sources without an actual breach of your accounts or devices.
What Should You Do if You Receive a Sextortion Email?
- Stay Calm: The goal of these emails is to create fear and urgency. It is important to stay calm and recognize that this is a scam.
- Do Not Respond: Do not engage with the sender or provide any personal information.
- Do Not Make Payments: These threats are baseless. Paying the attacker will encourage them to make additional requests.
- Report It: Forward the email to the ITS Information Security team at infosec@syr.edu so they can investigate and take appropriate action. If you are concerned about your personal accounts, consider updating your passwords and enabling two-factor authentication for additional protection.
Receiving such emails can be distressing. ITS is here to assist and guide you through the situation. The ITS Information Security team is actively working to address these incidents and to help protect our campus community. If you have any questions or need further assistance, please contact the Information Security team at infosec@syr.edu.