Should you respond to hackers’ threats or ransom demands?

Anton P. | April 13, 2021

Ever felt the uncontrollable fear triggered by intense scare tactics hackers employ? Hopefully, not. Criminals can play deranged games with their victims, and contacting them directly is one of them. Frankly, this is all part of their scheme. Criminals intimidate victims with threats like “we have something on you” in hopes of quick compliance. For instance, a sudden rush of panic might make people pay ransoms or continue the conversation further. However, sometimes, the best response is no response at all. Submitting to hackers’ demands or threats is never the answer, and we will show you why.

Why cybercriminals are untrustworthy

First of all, you should fully understand what criminals truly are and what they are after:

  • Hackers and fraudsters online are cunning individuals without a moral compass in sight. Their goal is to deceive, swindle, and exploit humans’ weaknesses and fears.
  • One of the strongest motivations for attacks is monetary gain from victims or third parties interested in their loot.
  • Characteristics that online criminals won’t possess are sincerity, reliability and kindness. You cannot expect a hacker to feel remorse or empathy; emotions victims might attempt to trigger.
  • Promises are nothing to hackers, and they will break them without a second thought. Do criminals claim to delete information they have on you once you comply with their demands? For events to go that way would mean that crooks no longer see a profit prospect. Knowing that personal data, pictures, or video footage have a market, it is unlikely that hackers will give up on them.

Scare tactics crooks use

Con artists and hackers have many techniques for terrorizing their victims. Typically, criminals will use bait to get your attention. That dangling carrot is likely to be personal data, some intimate photos, or footage they have on you. If crooks contact you, they will likely follow several steps to sound more menacing.

  • Claiming they have something on you. Criminals will strongly suggest having incriminating, embarrassing, or sensitive information about you. They might claim to have access to all your accounts or have hacked your computer. For instance, sextortion scams will imply having footage of you watching porn or during other intimate moments.
  • The threat to share information. Fraudsters will offer a solution: paying them (typically in cryptocurrency/gift cards/cash) to make it all go away. In one reported email, criminals demanded two thousand dollars in Bitcoin. The actual ransoms might differ scam-by-scam.
  • Deadline for paying. Attackers will likely give you a specific number of days for paying them. This time limit pressures targets even more, forcing them to act quickly, preferably without consulting specialists.
  • No other choice but to pay. The threatening messages will claim that contacting law enforcement agencies is futile.
  • Evidence that they have data on you. Some generic scams sent out to thousands of random people might not contain victims’ information. However, more targeted attacks can include a sneak peek of the data they have. They might address you by name or even provide passwords that you have used.

What to do if you receive threats?

If criminals contact you, the first course of action is not to panic. Your initial thoughts will mainly revolve around resolving the situation as soon as possible. Thus, you will likely see compliance as the only way out. However, that is precisely what fraudsters and hackers want. They expect you to act irrationally without attempting to dig deeper or contacting the authorities.

Instead, try to analyze the message you have received. If it contains your password, do not be hasty to jump to conclusions. Instead, ask yourself several questions:

  • Have I used this password? When?
  • Has that password leaked?

The password used as proof that criminals have something on you might be old, one you have not used in years. Likely, some fraudsters have simply taken credentials exposed after a specific company suffered a data breach. If the message contains your telephone number or name, these details possibly came from the same place.

Thus, most of the threats or extortion attempts are nothing more than scams. In reality, these fraudsters actually have nothing on you. They have retrieved information from public databases of breached personal data. So, what you need to do is as follows:

  • Simply mark the email as spam and delete it.
  • If the password included in the email is the one you currently use, change it immediately.
  • If a message seems to contain pictures or video footage, do not open them without consulting specialists. Report it to authorities or talk to cybersecurity experts.
  • Even if you believe that your computer or accounts are in danger, never try to take matters into your own hands. Contacting hackers can only lead to more problems. For instance, if the message is a scam, you will show that your email account is active. Then, you can expect even more phishing emails arriving at your account.

What about ransomware?

Ransomware, without a doubt, is one of the most frightening malware infections out there. These crippling attacks have been capable of damaging even the biggest companies. Some victims have even agreed to pay the demanded ransoms for the sake of recovering their data or services. However, compliance is not something that experts recommend. Yes, it may seem like the only solution, but this decision goes beyond victims.

Specialists emphasize that complying with the demands and paying ransoms only motivates hackers to continue. In some cases, agreeing to send transactions can even lead to penalties and fines for the victims. Thus, the general recommendation is to never give in to hackers. Additionally, if the ransom note contains an email address, attempts to contact it will lead nowhere. If criminals do respond, their only goal will be to convince you to pay. No emotional appeal will be enough to make hackers recover your data without payment.

Security specialists recommend keeping back-ups of essential files. If ransomware encrypts the original versions, you can always retrieve copies you made beforehand. Hence, there will be no reason to pay the ransom. Additionally, it is best to avoid unknown software or pirated programs. The latter is a popular bait to get people to download malware. If you do become a victim, law enforcement agencies should be the ones you contact, not hackers.

Final notes: be cautious and skeptical

Overall, contacting or replying to hackers, fraudsters and scammers is never the sensible option. Only security specialists and law enforcement agencies will know how to respond to such threats and avoid further risks. Thus, if you receive warnings or frightening ultimatums, consult appropriate authorities. They will guide you through the situation and offer assistance in finding practical solutions. Other than that, it is best to disregard random attempts to intimidate you. If the threats reach you via email, never download files or click on the links presented. And, of course, never reply to the message with attempts to negotiate or get more information.

Anton P.

Anton P.

Former chef and the head of Atlas VPN blog team. He's an experienced cybersecurity expert with a background of technical content writing.

Tags:

ransomwaredata breachsextortion