Subject: URGENT: Online Extortion Demand Affecting UK Businesses
This is a message sent via Neighbourhood Watch. This information has been sent on behalf of Action Fraud (National Fraud Intelligence Bureau)
(Please do not reply directly to this email, please use the Reply button at the bottom of this message)
Message sent by
Action Fraud (Action Fraud, Administrator, National)
Within the past 24 hours a number of businesses throughout the UK have received extortion demands from a group calling themselves ‘Lizard Squad’.
Method of Attack:
The group have sent emails demanding payment of 5 Bitcoins, to be paid by a certain time and date. The email states that this demand will increase by 5 Bitcoins for each day that it goes unpaid.
If their demand is not met, they have threatened to launch a Denial of Service attack against the businesses’ websites and networks, taking them offline until payment is made.
The demand states that once their actions have started, they cannot be undone.
What to do if you’ve received one of these demands:
- Report it to Action Fraud by calling 0300 123 2040 or by using the online reporting tool
- Do not pay the demand
- Retain the original emails (with headers)
- Maintain a timeline of the attack, recording all times, type and content of the contact
If you are experiencing a DDoS right now you should:
- Report it to Action Fraud by calling 0300 123 2040 immediately.
- Call your Internet Service Provider (ISP) (or hosting provider if you do not host your own Web server), tell them you are under attack and ask for help.
- Keep a timeline of events and save server logs, web logs, email logs, any packet capture, network graphs, reports etc.
Get Safe Online top tips for protecting your business from a DDoS:
- Consider the likelihood and risks to your organisation of a DDoS attack, and put appropriate threat reduction/mitigation measures in place.
- If you consider that protection is necessary, speak to a DDoS prevention specialist.
- Whether you are at risk of a DDoS attack or not, you should have the hosting facilities in place to handle large, unexpected volumes of website hits.