Protect Against the Growing Threat of Cyber Extortion and Online Blackmail Scams Amongst Youth & Adults

What Is Cyber Extortion and Online Blackmail? 

In a cyber extortion scam, cyber criminals demanding money in exchange for not releasing or destroying sensitive information. Online blackmail scams often involve threats to release fabricated or manipulated content to coerce victims into compliance.  

There are various cyber extortion and online blackmail methods, including: 

• Ransomware: Locking data until a ransom is paid. 
• Social Engineering: Deceptive tactics to manipulate individuals into divulging confidential information. 
• Doxxing: Releasing private information publicly to harm reputations. 
• Swatting: False emergency reports to disrupt victims’ lives. 
• Triple Extortion: In addition to encrypting or leaking data, attackers threaten to harm a company’s customers or partners.

Now, two emerging methods of cyber extortion and online blackmail are increasingly showcasing the dark and dangerous side of such scams. 

1. Deepfake Impersonations  

Scammers are leveraging using AI-powered deepfake technology to create emails, texts or audio that impersonates someone in an attempt to extort money or blackmail victims online – like convincing a finance worker to transfer $25 million to scammers after a deepfake video call impersonated their Chief Financial Officer asking them to do so . Recent data shows 15% of Canadian businesses and 13% of consumers lost money to payment fraud in the last six months – with impersonator fraud accounting for 25% of such scams.  

More than half of businesses in the U.S. and U.K. have been targeted by deepfake financial scams, with 43% falling victim to such attacks, according to a survey by finance software provider Medius.  

Individuals are being tricked by deepfakes too. A Nigerian cyber criminal group calling themselves the “Yahoo Boys” are using real-time face-swapping deepfakes to extort money from victims in elaborate romance scams. Canadians are already losing over $50 million a year to romance scams – putting them at higher risk of such deepfake extortion and online blackmail scams. 

2. Sextortion 

In these scams, cyber criminals prey on a victims’ shame, embarrassment – and vulnerability – these scams are not limited to adults but also target teens and young children – by using threats of exposing explicit content for financial gain. 

Sextortion is the fastest-growing scam affecting teenagers globally – and has been linked to more than 27 suicides in the U.S. alone. Most recently, a 20-year-old university student took his own life after being sextorted on social media. 

The FBI has warned about an “explosion” of sextortion scams targeting more than 3,000 minors in 2022. Between 2021 and 2023, reports of online enticement to the National Center for Missing & Exploited Children’s CyberTipline increased more than 300%. 

Deepfakes are also making their way into sextortion scams. A recent study revealed that 1 in 4 teens have seen sexualised deepfakes of a friend, teacher or even themselves, over a quarter of girls have seen rumours about their own sexual behaviour online, and 13% reported they’ve received online threats. 

These trends point to an escalating risk for youth, who are often unaware of the dangers of sharing personal content online, says Jardine.

“As a whole, cyber extortion and online blackmail scams continue to thrive because of victim shaming. If there were no stigma attached to having personal information exposed, extortionists wouldn’t have the same leverage.” 

It’s therefore critical for everyone to understand the trauma behind cyber scams to end victim shaming and support recovery. 

“The reality is, because of AI, it’s becoming near impossible for most people to spot increasingly sophisticated, hyper-realistic and personalized scams,” adds Jack Brooks, Head of BOXX Insurance Hackbusters and vCISO. “Any of us can be tricked. Nobody is immune. Just because you can see through a type of attack, simply means that it was not crafted for you. It does not make the victim somehow less smart.”  

“Victim shaming leaves many victims too afraid or embarrassed to come forward,” Brooks says. Only 5-10% of victims report instances of online fraud to the police.

3. Targeted Platforms for Cyber Extortion and Online Blackmail

Cybercriminals are exploiting a range of platforms to carry out their attacks like email, social media and communications platforms. 

Email accounts remain the most commonly exploited cyber threat vector. Attackers often use email to harvest credentials, allowing them to gain access to systems and deploy ransomware. Once the ransomware is deployed, they can extort individuals and businesses by withholding access to their data.  

Sensitive data such as employee contracts, medical documents, tax information or private discussions between two individuals can also be stolen from email accounts leading to online blackmail.  

Cybercriminals are always on the lookout for their next victim and send emails to new victims with attachments that contain infected with malware.  

Video communication platforms like Teams and Zoom are also prime targets for cyber extortionists. Cyber criminals can exploit security vulnerabilities or use DeepFakes and AI to manipulate individuals by creating believable deepfakes that trick employees into taking actions to further their interests. 

“The shift to virtual business meetings has introduced new attack vectors for cybercriminals. Without robust authentication protocols and proactive security controls, the rise of deepfake technology makes platforms like Teams and Zoom susceptible to impersonation, social engineering, and hijacking—often leading to extortion, financial fraud, or data breaches.” says Jardine. 

In addition, social media platforms like LinkedIn, Facebook, TikTok, Snapchat, Instagram and Wizz have become prime targets for cybercriminals seeking to exploit users through extortion and online blackmail. Criminals take advantage of the anonymity and accessibility of these platforms to manipulate victims, often using tactics like social engineering, sextortion scams and impersonation. “All users are at risk, from young people to CEOs, as fraudsters prey on trust and social interactions to coerce individuals into compromising situations. As cyber threats continue to evolve, these platforms remain high-risk environments where human error can be leveraged for financial and emotional exploitation.” Jardine says.

No matter the platform or method, the majority of cyber scams succeed due to human error – and cyber criminals have found sophisticated ways of exploiting this. 

“This is why education and awareness is the key to protecting ourselves online,” Jardine says. “We need to create a safe space for colleagues, family and friends to report these instances. Our children especially need to know they can come to us if they’re being extorted or blackmailed online.” 

4. How Businesses Can Protect Themselves from Cyber Extortion and Online Blackmail 

Invest in Cyber Security and Insurance 

• Have a Code Word: Designate a code word amongst colleagues that you can ask to validate their identities. This also applies to business partners. 
• Be Aware of Your Digital Environment & Risks: Training and knowledge about AI, deepfakes and online scams is the best protection. Stay alert, stay safe. 
• Multi-Factor Authentication (MFA): Add an extra layer of security to all accounts, including social media. 
• Have a Corporate Policy: Let employees know that you have a corporate policy that deals with online blackmail and it starts by not victim shaming. 
• Cyber Security Training: Educate employees about the risks of phishing and social engineering scams. Brooks recommends monthly phishing simulations and short training sessions that will help employees recognize threats and reduce mistakes. 
• End-to-End Encryption: Use encryption for sensitive communications to prevent eavesdropping. 
• Comprehensive Insurance Solution: Look for an insurance policy that also includes robust cyber security services and support. BOXX’s Cyberboxx® Business coverage offers small businesses critical protection against cyber extortion and online blackmail incidents. It includes ransomware loss coverage and access to Hackbusters®, which provides 24/7 cyber security experts on call to mitigate damage. 

5. How Individuals Can Protect Themselves from Cyber Extortion and Online Blackmail 

• Have a Code Word: Designate a code word amongst your closest family members that you can ask to validate their identities. You could also create one amongst a close group of friends. 
• Be Aware of Always-Evolving Tech: Training and knowledge about AI, deepfakes and online scams is the best protection. Stay alert, stay safe. 
• Educate the whole family: 30% of parents admit they’ve never talked to their children about cyber security. “Understanding AI and deepfakes is crucial. Teens especially need to be educated about the risks of sextortion and the importance of safeguarding personal information online. They need to feel safe and empowered to have conversations with parents or someone they trust if something like this is happening,” Jardine says. Teach kids how to spot phishing attempts, fake profiles, deal with cyber bullies and how to avoid romance scams.  
• Implement Parental Controls: Use tools like Boomerang Parental Control or Net Nanny to monitor device activity, block inappropriate content and set time limits for apps and websites. Customize settings to align with each child’s age and maturity level.  
• Use Shared Password Management: Introduce password managers to ensure everyone follows strong password practices without having to remember complex strings.  
• Personal Cyber Insurance: Look for a cyber insurance policy that can predict threats, prevent breaches and insure against online safety and cyber risk events at home, including protection against extortion, cyber bullying and more. Be sure to check for value-added services like 24/7 incident response teams or apps that keep your family’s personal, sensitive and private information secure while you’re online. 

The Growing Need for Cyber Security and Cyber Insurance Defences to Keep Safe Online 

As cyber extortion and online blackmail rise, businesses and individuals must adapt to increasingly sophisticated tactics, including AI-powered deepfakes that are making cyber scams more difficult to detect and prevent – and more dangerous than ever. The situation is compounded by victim shaming and scammers preying on human emotions and vulnerability, of especially youth. 

“Education is critical – if people understand the power of AI and the risks involved, they’ll be much better equipped to handle these attacks and reduce the chances of falling victim to extortion,” Jardine says. 

“There’s a reason cyber crime is easily the third largest economy on earth,” Brooks adds. “For anyone who has been a victim, know that it’s not your fault. Reach out – we can help. It’s not easy, but you don’t need to feel shame.” 

Stay vigilant, educate your employees, yourself and your family, and invest in cyber insurance and security tools to protect against these growing threats.