Extortion Phishing Examples

Below is an example of a recent phishing emails that are being sent to our campus faculty. These types of phishing messages are commonly referred to as "Sextortion" attacks. For more information on Sextortion attacks visit the

Our security team is currently evaluating additional security features that we can implement to prevent these emails being delivered to our campus community. If you receive one of these emails you should report them to helpdesk@csusm.edu but otherwise ignore them. The attackers sending these emails are gathering your personal information from public record databases online. This is a scare tactic to attempt to extort money from the campus community.

Example Email

One way you can tell that this message is a phishing attempt is by the fact that the body of the email just contains personal information with no further context. In previous phishing attacks, the content of the PDF has been included in the body of the email. If you receive any messages demanding payment or there will be consequences forward them to helpdesk@csusm.edu immediately; do not respond to or further engage with the sender.

If you were to open the PDF attachment, which we do not recommend, you would see additional indicators of phishing such as an urgent call to action, a threat to expose your personal information if you don't comply, a demand for payment using easily transferable untraceable currency (See example below).

Extortion Email

Example Attachment

Extortion Example 1

Extortion Example 2

Objective

Exercise caution when encountering unfamiliar URLs or those not belonging to a �� webpage. For added security, consider seeking a second opinion from helpdesk@csusm.edu before accessing potentially malicious content.

��������