(800) 849-6515
(800) 849-6515
What are You Looking for?
A laptop screen showing a "Warning" message with an email icon, surrounded by the text "Don't Get Hooked by Phishing Emails." The laptop is placed on a pastel pink background, with a person typing on the keyboard. A laptop screen showing a "Warning" message with an email icon, surrounded by the text "Don't Get Hooked by Phishing Emails." The laptop is placed on a pastel pink background, with a person typing on the keyboard.

    Get Help Now
    24/7 Support

    ByViktor Sobiecki
    October 16, 2018

    Phishing Attacks: Here’s How They Hook You

    Welcome to the world of phishing where criminals do everything they can, so you will click on an email they send, that once opened will lead to all sorts of malware, online blackmail, sextortion, smishing, and cyber extortion scams.  And it can happen with just a careless click of the mouse. Phishing email is a form of cybercrime and is commonly used in blackmail and cyber extortion scams that can trick people into unknowingly share sensitive data, while even downloading all sorts of malware, revealing personal information, like passwords and access to credit cards numbers and accounts. Over the years, sextortion emails have increased as a form of phishing and now it has come to an alarming rate in the online world.

    Understanding Phishing in Cases of Online Blackmail

    To better understand what phishing is, it is best to look at all the different forms they come in and what they are called:

    • Email Phishing:  This is when someone sends you an email that seems legitimate and you may even know the individual or company, that is requesting sensitive information like passwords, or credit card information.  They will request that you click on a malicious link where you can submit personal information that they want you to give them, onto a phony website where they take the data you submitted, and start to use it against you. 
    • Spear Phishing:  Another form of phishing campaign that goes directly to the person who is involved with something that is of interest to the targeted person.  They might be a member of a special interest group that they are involved with current events or reviewing financial documents.  In other words, the perpetrators have done their homework and illegally obtained an email list in which to directly target individuals’ computers and infect with malware.
    • Smishing: This is usually when innocent people are sent a text message (SMS phishing) from a reputable company that the person might know and provide them with sensitive information not knowing that a criminal is taking the information.  An example of this is when a targeted person that knows the hacked individual who contacted them, and is asking for money. Or when they click on a link, malware is automatically introduced into their computer or device.

    In cases with generic phishing attacks, they usually send out a non-personal message which goes out to a massive database of emails in hopes that the unsuspecting individual will know the hacked source and then give up sensitive information once they receive the email.  The message will usually include words pertaining to extortion, utilizing a tailored message that the victim identifies as legitimate. More targeted scammers will use phishing email as more of a spear-fish and use more precise information that the individual can relate to and will think it is specifically for them. For example, it could be sent from the CEO of the company or impersonation of a senior official in the company requesting information on a project they are working on.  In some cases, the scammers will use fear and urgency to manipulate victims into clicking malicious links.

    How Phishing Leads to Sextortion and Online Blackmail

    Phishing can easily be used to steal personal data and gain leverage over victims. Once someone has clicked on the malicious link and submitted sensitive information, that is when the perpetrators can now gain leverage over the victims.  If the victim submitted any kind of credentials like user names and passwords, then they can get into bank account on a website and other social accounts to extend their crimes to other people. Phishing email is another way of social engineering attacks where they can manipulate people with scareware where they bombard victims with false claims.

    Sextortion Emails and Phishing Attacks

    When it comes to sextortion emails most of them are sent out on what is called bulk emails, and they get them from breached data bases.  When criminals have hacked a company’s database of emails, they can then threaten individuals with claims they have compromising pictures or videos of them.  In some cases, the phishing link will provoke the innocent person to click on a link, thinking they will see the pictures the scammer has to prove they have sensitive images of them.  The link when clicked on will install malware or steal login credentials. Usually, they have nothing, but are hoping to trick people into thinking they do, and when they do, they will start advising the victim to send payments with Bitcoin or other cryptocurrencies.

    There are some red flags when it comes to telling the difference between a real threat and phishing attempt.  A real threat refers to any malicious activity or something dangers that has tangible evidence and could be harmful in many ways to the user.  With phishing email, usually it is fake information that is not credible or deceptive in hopes that you are tricked into clicking on a link because the perpetrators are trying to lure you into doing something (an action) to see something that is not there. It is a form of manipulation so that they will get something they want from the victim.

    Preventive Measures Against Phishing and Sextortion

    There are several ways you can stop any form of cyber extortion, online blackmail, and sextortion.  The most important way is to recognize red flags as to closely monitor all your online communications like emails, social media, messaging services and any apps you are one.  Blackmailers will usually contact people who are on any of the popular dating sites, gaming apps or social media because they are easy targets. Some of the warnings signs is when an online profile looks like it was made up or when they engage in texting with you it does not match up to what they are saying.  For emails and phishing, do not click on any links that look questionable, even if they do come from someone in your office. If the email looks or feel like a scam, contact the person who sent it to you and ask it this is a legit email.  Always be careful and know the warning signs of phishing email so you do not click on a bad link.

    Recognizing signs of phishing and sextortion

    There are essentially three types of ways to recognize phishing emails and they are:

    1. Fake emails:  If something does not look right, then the best thing to do is check the actual email and see if it has a strange domain extension or is a different interpretation of a known company URL along with the name.
    2. Websites:  Make sure that the email is not a reiteration of a company with an established website and domain.  Sometimes they will rework the domain and extensions to make it look similar.
    3. Links:  If the links look made up or they use some form of “Bitly” to shorten their corrupt domain or hide it, do not click on it.

    Use email security features

    There are several ways that can help protect your email like spam filtering, phishing email prevention and encryption

    1. Spam filtering: Today’s email providers and especially corporate accounts do a good job of separating phishing emails and will automatically send spam to you junk box or delete them
    2. Phishing emails:  Providers will analyze all emails coming to you and are good at detecting any signs of phishing and send them to the junk box.
    3. Encryption:  Email providers have built in sophisticated encryption which will ensure that the confidentiality and integrity of email messages are protected from hackers

    Deploy Antivirus and Anti-Phishing tools

    If you work with a company or at home make sure that your computer is updated with the latest security software and browser extensions.

    Limit overexposure of your personal data

    Everyone should limit the data and your personal information that you put out there in the online world.  When it comes to you and your information, less is better. If there is something out there online you do not like or approve, get it off immediately so a criminal cannot use it against you.

    Do you need assistance?

    Digital Forensics Corp is there to help you if you think you have been included into any kind of phishing emails, phishing attack, online blackmail, sextortion, sextortion email, impersonation, or smishing.  We can track cyber criminals and bring them to justice, no matter where they are in the world.

    The first steps is to reach out to one of our team members at our Blackmail Helpline. Whether you are a business or an individual, out team will guide you through the proper steps for recovering from a Phishing attack.

    DISCLAIMER: THIS POST IS FOR INFORMATIONAL PURPOSES ONLY AND IS NOT TO BE CONSIDERED LEGAL ADVICE ON ANY SUBJECT MATTER. DIGITAL FORENSICS CORP. IS NOT A LAWFIRM AND DOES NOT PROVIDE LEGAL ADVICE OR SERVICES. By viewing posts, the reader understands there is no attorney-client relationship, the post should not be used as a substitute for legal advice from a licensed professional attorney, and readers are urged to consult their own legal counsel on any specific legal questions concerning a specific situation.

    ByViktor Sobiecki
    Published Updated

    Read Next

    Comments are closed.

    ©️ ©2025 DigitalForensics.com. All Rights Reserved.