The Charity Commission warns that trustees, charity professionals and volunteers should continue to be aware of online extortion or ‘ransom’ demands affecting UK businesses. Charities could also be vulnerable to attack and so are encouraged to be vigilant. This advice is particularly relevant for those charities which operate overseas and/or deal with international partners in high risk zones.
The information contained within this alert is based on reports made during the past week, to Action Fraud, the UK’s national fraud reporting centre.
What to look out for:
a number of businesses throughout the UK have received online extortion demands from a group calling themselves ‘ Lizard Squad’
the group have sent emails demanding payment of 5 Bitcoins (a form of digital or ‘crypto’ currency) by a certain date and time. The email states that this demand will increase by 5 Bitcoins for each day that it goes unpaid
if their demand is not met, they have threatened to launch a ‘denial of service’ attack (‘DDoS’) against organisations’ websites and networks, taking them offline until payment is made
the demand states that once their actions have started, they cannot be undone
Action to take:
If you have received such a demand, or receive one in the future, you are advised to:
NOT meet their demands and pay the ransom
make a report to Action Fraud on Tel. 0300 123 2040 or via their website at www.actionfraud.police.uk
retain the original emails (with headers)
make a note of the attack, recording all times, type and content of the contact
call your Internet Service Provider (ISP), or hosting provider if you do not host your own Web server, tell them you are under attack and ask for help
