Extortion

Extortion attacks are essentially blackmail by cyber means. Typically, the attacker in these scenarios claims to possess highly sensitive or embarrassing information regarding the victim that would compromise their public image. These incidents target work email addresses and use the loss of their livelihood as the bargaining chip to solicit ransom payments from the victim to prevent their exposure. Payments for extortion attacks are almost exclusively conducted via cryptocurrency, in an attempt by the attacker to collect the funds anonymously.

‍
Although they tend to garner publicity whenever they pop up, rarely do these incidents actually reflect a real compromise of company data. They rely on the embarrassment of the  accusations, which often allege inappropriate behavior or browsing captured on the victim’s website as proof of the compromise, to prevent the employee from reporting the incident to security. This means that although these incidents are almost always faked, people do pay the ransoms. While the individual ransom payments may be fairly small, when the cryptocurrency payments for these high-volume email campaigns are aggregated the results are not insubstantial.