Cyber Extortion definition

Cyber extortion is an online crime where hackers hold your website, data, computer systems, or other sensitive information, hostage until you meet their demand for money. Cyber extortion permeates actions such as ransomware, email ransom campaigns, and distributed denial of service (DDoS) attacks. This can severely damage a business or ruin someone’s life. 

In our cybercrime investigations, we specialize in cyber extortion cases on a more personal level. Most of our clients, businesses, and individuals are extorted by people within their own industry or who they know personally. 

Some cyber-criminals left the art of stealing credit cards and personally identifiable information (PII) for a more straightforward scam where they threaten victims and demand money instead of stealing it. While authorities are finally trying to catch up, cyber extortion has already grown into a multi-million-dollar cybercriminal industry. 

See how our investigators uncovered a massive organized crime racket that targeted wealthy European entrepreneurs with online smear campaign threats if they did not submit to the criminal’s extortion demands.

Examples of Cyber Extortion


Ransomware infections have grown to be the most common cyber extortion attack and will continue to grow as technology evolves. An example of a ransomware attack is where the victim clicks a link or pop-up ad or opens a corrupted file sent through email, or visits a website. By doing so, the victim unknowingly “activated” the ransomware that spread and infected the company’s site, computers, or the entire network. The ransomware makes the servers and data inaccessible through encryption. To gain access, the victim must give in to the payment demands of the attacker. 

Ransomware victims are, in most cases, demanded to pay the money in bitcoin, although other currencies, gift cards, and ransoms of up to several thousand dollars are also common. The payment demands are often between $200 and $1,000 because cybercriminals know that by keeping ransom demands small and building a reputation for handing over decryption/access keys consistently, they can make up to tens of thousands of dollars each month.

Email-Based Extortion

Another way that cyber extortion occurs is via email-based ransom demands. With email-based extortion, the attacker threatens to reveal the victim’s sensitive and personal information to their social media contacts, family, and friends, unless the victims pay. The victim has to pay in some form of currency, often bitcoin, within a short amount of time. 

Someone can gather sensitive and personal information from email, webcam, other third party sites that have your personal information on file. Threats of revealing personal information are sometimes real, but attackers also use bluff. 

Distributed denial-of-service (DDoS) attacks

In DDoS attacks, a network of infected computer systems is used to send a surge of internet traffic to bring down a website, server, or system. You can think of this as a traffic jam. This attack will only stop if the victim pays up. However, open-source reporting suggests that if the victim does not pay the ransom, the long-term crippling DDoS attacks do not last for long periods of time. Because of this, it is likely that most cybercriminals look for victims who panic because they can’t access their systems and pay quickly. Sometimes the cybercriminal relies on this panic alone and makes money from just the threat of a DDoS attack. 


Another common threat is that the attacker obtains (or pretends to have obtained) private sexual material from your device or webcam. With sextortion, the attacker will often pretend to be someone else to gain the trust of the victim. They are present in chat rooms and webcam sites to record people who post or live-stream sexually explicit images and videos. Or they will hack into someone’s device, use malware, and get access to the files, webcam, and microphone without the victim knowing it. 

We also deal with many cases where an ex extorts their former partner with sexual images or videos. A threat is made to reveal the material to the victim’s friends and loved ones. 

How to deal with Cyber Extortion

Determine whether the threat is credible.

Like mentioned before, sometimes attackers bluff in the hope the victim might panic. So first, determine if the threat is credible. Someone might threaten to reveal sexual videos or images of you, but if you never made those, there is a chance the attacker is bluffing. Also, ask yourself how bad it really is. Can the exposure of the material ruin your life? Is it worth the payment?

Save all proof!

Too many organizations and people erase or lose forensic evidence. Make sure to save all proof, such as emails, texts, social media messages, or mail. Save phone numbers, email addresses, and all other data given to you. If you decide to contact the police or engage investigators, they will need this proof.

Contact the police.

If you are comfortable, we encourage you to go to the police. Depending on your case, you might want to bring a trusted friend or family member for emotional support. 

We know that the police can’t always help or does not always take cyber extortion cases seriously. But we think this is all the more reason for people to report cyber extortion. If more people report tech-related extortion, law enforcement and legislators are forced to take it more seriously and improve protocols and laws. Blackmail is illegal and should be wiped out.

Identify your attacker to stop the threat.

Our cyber investigators specialize in identifying cybercriminals, antagonists, and money mules. We can identify individuals, cyber extortion groups, and bank accounts to retrieve your money. 

Contact us