NOTE TO READERS: The Catch of the Day blog not only posts examples of phishing, fraud, and other malicious emails, but also best practices and general CIS news items.  This is one of them!  You can always locate best practices and news items by clicking on any category (right-hand sidebar).

Computing and Information Services has received increasing reports of incoming emails that attempt to blackmail the recipients.  The emails claim that there is compromising or unsavory information that will be sent to the recipient’s friends and family, unless funds are paid via wire transfer or Bitcoin.

These emails are sent by criminals in an attempt to get money directly via extortion.  The individuals sending these emails do not have any real information, and can’t contact your friends and family.

The emails may contain some details about you such as your full name and role at Vassar.  In more extreme cases, they contain enough details that you may be convinced the threat is real.  Those details are gained from various sources on the Internet, and do not indicate that the attacker actually knows you or has gained access to any of your Vassar or personal accounts.

If you receive a blackmail or extortion attempt via email, please send it to catchoftheday@vassar.edu so we can evaluate the content.  We can advise you on the best action to take.

And remember: the best way to protect your accounts is by using multi-factor authentication!  See our post here: http://pages.vassar.edu/catchoftheday/2017/06/29/best-practice-enabling-multi-factor-authentication-with-duo/