National Anti-Scam Centre Sounds Alarm on New Bulk Extortion Email Scam Targeting Australians

National Anti-Scam Centre Sounds Alarm on New Bulk Extortion Email Scam Targeting Australians

National Anti-Scam Centre Sounds Alarm on New Bulk Extortion Email Scam Targeting Australians

Table Of Contents

The Australian Competition and Consumer Commission's (ACCC) National Anti-Scam Centre has detected a growing and alarming trend of bulk extortion emails targeting Australians. The Centre has issued an urgent warning to the public, urging heightened vigilance as the number of victims continues to rise. The criminals behind this scheme send threatening emails, claiming they possess compromising images or videos of the recipient, supposedly captured through hacked webcams or computers. While these claims are entirely fabricated, the emails have successfully sown fear and confusion among many unsuspecting individuals.

In the past week alone, Scamwatch has received hundreds of reports from Australians who have been targeted by these emails. This significant rise in reports indicates that the campaign is widespread, with scammers using personal information gleaned from data breaches to intimidate victims into sending money—often in cryptocurrency.

Despite the elaborate threats made by these cybercriminals, there is no evidence to support the claims that they have accessed victims' webcams or computers. The scam’s real power lies in the use of personal details, such as birth dates and addresses, which add credibility to the extortion attempt and further terrify those on the receiving end.

 

The Anatomy of the Bulk Extortion Scam

The structure of these extortion emails typically follows a similar pattern:

  1. Threats of Compromising Material: The email claims that the scammer has gained access to the recipient’s computer or webcam and recorded compromising material. They threaten to release this footage to friends, family, or colleagues unless a ransom is paid.
  2. Demand for Cryptocurrency Payment: To make the scam harder to trace, scammers demand payment in cryptocurrency, often providing a specific address for the funds to be transferred.
  3. Inclusion of Personal Information: To make the scam appear more legitimate and to add psychological pressure, the emails include the personal details of the recipient. This information is often sourced from previous public data breaches, further enhancing the threat’s credibility.
  4. Urgency and Fear: The scammers leverage fear, giving their victims a short timeframe to act or face the consequences of having their private information exposed. This tactic increases the likelihood of individuals panicking and complying with the scammer's demands without considering the legitimacy of the threat.

This method of extortion is particularly disturbing because of how convincingly the scammer presents their threats. However, ACCC Deputy Chair Catriona Lowe emphasised that there is no evidence to suggest the scammers actually possess the compromising material they claim. “The fictional threats in these emails combined with the inclusion of people’s personal data are intended to terrify the individual reading it. It’s extortion, and it’s a crime,” Lowe explained.

The National Anti-Scam Centre has partnered with law enforcement agencies and IDCARE, a national identity and cyber support service, to tackle this scam. Together, they aim to disrupt the scammers and ensure victims have access to necessary support.

 

Why This Scam Is Effective: Psychological Manipulation and Fear

The effectiveness of this scam lies in its ability to manipulate human psychology. By playing on the fear of public embarrassment and personal exposure, the scammers induce panic and create a sense of urgency. Victims are often so frightened by the idea of having compromising images or videos released that they comply with the demands without fully processing the situation.

In many cases, victims may also feel ashamed of having received such emails, which prevents them from reaching out to family, friends, or even authorities for help. The inclusion of personal information—such as full names, addresses, or even past passwords (often sourced from old data breaches)—adds a further layer of legitimacy to the scam, making it harder for recipients to dismiss the threat outright.

The fact that scammers are demanding payment in cryptocurrency also complicates matters, as this form of payment is difficult to trace. This increases the likelihood that victims will comply with the demand in an effort to make the issue "go away" quickly.

 

Scamwatch’s Key Message: Don’t Fall for the Extortion

Despite the disturbing nature of these emails, Scamwatch is urging Australians to stay calm and not engage with the scammers. Their advice is clear:

  1. Do not respond to the email, and do not send any money. The threats are empty.
  2. Delete the email from your inbox. Responding or engaging with scammers only encourages further contact.
  3. Check the security of your device. If you are concerned about the possibility of a hack, contact a computer specialist to perform a security check. However, in the case of these scams, there is no evidence that the criminals have access to anyone’s devices.
  4. Report the scam. Anyone who receives such an email should report it to Scamwatch at scamwatch.gov.au/reportascam. Your report helps authorities track the spread of these scams and take appropriate action.

 

The Bigger Picture: Data Breaches and Cybercrime

One of the reasons why these scams are so successful is the prevalence of data breaches. Personal information that scammers use in their emails often comes from these breaches, which occur when cybercriminals steal data from organisations or online platforms. This can include everything from email addresses and phone numbers to sensitive personal information like passwords and dates of birth.

Unfortunately, data breaches are a common occurrence in today’s digital world, and they make people more vulnerable to scams like these. It is crucial for individuals to remain vigilant, update their passwords regularly, and monitor their accounts for any suspicious activity.

 

What to Do If You’ve Been Targeted

If you have received one of these emails and are concerned that you may be at risk, here are some steps you can take:

  1. Secure your accounts: Immediately change your passwords, especially if you use the same password across multiple accounts. Consider using two-factor authentication (2FA) for added security.
  2. Contact your bank: If you’ve sent money or provided personal financial information, contact your bank or credit card provider immediately to stop any transactions and secure your accounts.
  3. Report the scam: By reporting the scam to Scamwatch and authorities, you can help ensure others are warned about these tactics. This information also helps law enforcement agencies track down and disrupt these criminal operations.
  4. Get emotional support: Being targeted by scams can be emotionally distressing. It’s essential to talk about your experience and seek help if needed. You can contact organisations like BeyondBlue or Lifeline for emotional support.

 

How the National Anti-Scam Centre Is Tackling the Issue

The National Anti-Scam Centre, in collaboration with partner organisations, is working tirelessly to disrupt these scammers. They are coordinating efforts across law enforcement agencies, IDCARE, and other cybersecurity groups to stop the scam from spreading and ensure that victims have access to the support they need.

Moreover, the Centre is continuously monitoring new and emerging scams to warn the public. Scamwatch’s active engagement with the public and their reporting system is helping them stay ahead of criminals. Through education, public alerts, and partnerships with cybersecurity experts, the Centre is striving to create a safer digital environment for all Australians.

 

Stay Vigilant and Informed

In today’s digital age, scams are becoming more sophisticated and harder to detect. The bulk extortion email scam is just one of many examples of how criminals exploit personal information to intimidate and extort individuals. By staying informed and vigilant, Australians can protect themselves and help authorities in their fight against cybercrime.

The National Anti-Scam Centre’s warning serves as a timely reminder that while the threat may seem real, it’s important to remember that these scams are based on fictional claims. If you receive one of these emails, stay calm, delete it, and report the scam to Scamwatch.

Together, through awareness and reporting, we can help stop scammers in their tracks and protect others from falling victim to their tactics.

Back to blog

Search

RECENT POSTS

Why Choose CAQA??

Why Choose CAQA??

Connect with CAQA Resources on Social Media: Stay Informed, Engaged, and Inspired

Connect with CAQA Resources on Social Media: Stay Informed, Engaged, and Inspired

Elevating Training with CAQA Resources: Unlock the Power of SCORM for Competency and Micro-credentials

Elevating Training with CAQA Resources: Unlock the Power of SCORM for Competency and Micro-credentials

Tags

Sukh Sandhu

Executive Director

Sukh has been working in the VET and Higher Education Industry for over 25 years. In this time, he has held several roles with RTO's and Higher Education Providers (HEP) including CEO roles for International Colleges and National Compliance and Quality Assurance Manager roles for several RTO's, TAFE's and Universities. Sukh has also worked for the Australian Skills Quality Authority (ASQA) as a Business Systems Project Official. Sukh is a Canadian permanent resident and Australian citizen.

Sukh has had extensive project management experience in risk management, compliance, administration and as a training consultant. He has extensive knowledge in government compliance standards and has participated in nearly one hundred audits across Australia and provided consultancy advice regarding ASQA/VRQA, TEQSA, ACPET, DET-HESG, VQF/Higher Education, ELICOS, NEAS, ANMAC, AHPRA, CRICOS, ESOS and ISO.

Sukh is a member of several independent professional organisations and government bodies including, ACPET, VELG, ACS, AITD, MARA, MIA, ISANA, APEX, IEEE, The Internet Society (Global Member), AISIP, IAMOT, ACM, OISV, APACALL, IWA, Eta Kappa Nu, EDSIG and several others.

Sukh's qualifications include two MBAs, three masters in IT and systems, a Graduate diploma of management learning, Diploma in training design and development, Diploma in vocational education training, Diploma of work, health and safety, Diploma of Quality Auditing, Advanced diploma of management, Advanced diploma in marketing, human resources, information technology, and a number of other courses and qualifications. He has been working as a lecturer and as a trainer and assessor since 1998, Sukh has been a vocal advocate of audit reforms and system centred auditing practices rather than auditor centred auditing practices for many years.