A group with a Ukrainian top level domain is sending out blackmail threats, using Ashley Madison information. They sent one to me, so here's what to e
A group with a Ukrainian top level domain is sending out blackmail threats, using Ashley Madison information. They sent one to me, so here’s what to expect:
“On May 1 2017 we are launching our new site — Cheaters Gallery – exposing those who cheat and destroy families. We will launch the site with a big email to all the friends and family of cheaters taken from Facebook, LinkedIn and other social sites. This will include you if do not pay to opting out.”
Then they quoted from my AM profile. Give them points for the human touch.
The price for “opting out”? About $500 at today’s bitcoin value.
There is no “opting out”
Of course, they’re lying. You can’t opt out. The AM data is out on the dark web, accessible by criminals, forever.
So even if you pay these guys off, they can come back in a couple of months, posing as a different group — if they even bother — and hit you up again. The infinite and perfect replicability of digital data guarantees that my AM profile — and yours — will be on the web forever.
Wouldn’t surprise me if they sold lists of people foolish enough to pay up to other groups. Once you pay you’ve told them you’re vulnerable to blackmail forever.
How to fight back
Large-scale, web-based blackmail is like an infectious disease. We need to rely upon, and encourage herd immunity, at least until we get an effective internet police force.
See also: What does the Ashley Madison hack mean for CIOs? (TechRepublic)
It takes work to threaten hundreds of thousands of people. If the payback is too low, then the criminals will look for something more profitable to do. If most people don’t comply — are “immunized” against blackmail — the criminals will leave the business.
What are they punishing?
The blackmailers claim they are targeting people who destroy families by cheating. In fact, by publishing this information, the criminals themselves might be destroying families.
What they are really punishing is hypocrisy: saying one thing and doing another. But even that isn’t always as simple as moralizers might believe.
If you must
If you do engage in sketchy activities on the web, use an anonymous email address — a burner address — when you set up an account. I didn’t because I wasn’t cheating.
A free account from Hushmail is probably all you need to protect yourself from non-governmental tracking when registering. Hushmail will give up your info when presented with a warrant, and they could be hacked, but it’s an easy first step.
For more dangerous uses, read this primer from the Electronic Frontier Foundation. If what you are doing could interest intelligence services, the EFF primer is the place to start.
The Storage Bits take
The reality of web non-anonymity means unless you take precautions you must be prepared for exposure. Ultimately, it may be that the “share everything” ethos of today’s Facebook posters will educate people that to be human is to be flawed, and focus our attention on whether people live honestly despite their flaws.
Yeah, honesty can be hard, but there are few secrets on the web. Stay real. It’s a jungle out there.
Courteous comments welcome, of course. I stand with the Duke of Wellington “Publish and be damned!”
How stealing your data just got easier: