This is a message from the NHW Liaison Office for East Division about another scam, this time involving online extortion demands.
Within the past few days a number of businesses throughout the UK have received extortion demands from a group calling themselves ‘Lizard Squad’.
METHOD OF ATTACK:
The group have sent emails demanding payment of 5 Bitcoins, to be paid by a certain time and date. The email states that this demand will increase by 5 Bitcoins for each day that it goes unpaid.
If their demand is not met, they have threatened to launch a Denial of Service attack against the businesses’ websites and networks, taking them offline until payment is made.
The demand states that once their actions have started, they cannot be undone.
WHAT TO DO IF YOU’VE RECEIVED ONE OF THESE DEMANDS:
. Report it to Action Fraud by calling 0300 123 2040 or by using
the online reporting tool
. Do not pay the demand
. Retain the original emails (with headers)
. Maintain a timeline of the attack, recording all times, type
and content of the contact
IF YOU ARE EXPERIENCING A DDoS RIGHT NOW YOU SHOULD:
. Report it to Action Fraud by calling 0300 123 2040 immediately.
. Call your Internet Service Provider (ISP) (or hosting provider
if you do not host your own Web server), tell them you are
under attack and ask for help.
. Keep a timeline of events and save server logs, web logs, email
logs, any packet capture, network graphs, reports etc.
GET SAFE ONLINE TOP TIPS FOR PROTECTING YOUR BUSINESS FROM A DDoS:
. Consider the likelihood and risks to your business and put
appropriate threat reduction/mitigation measures in place
. If you consider that protection is necessary, speak to
a DDoS prevention specialist. Your ISP should be able to
help with this
. Whether you are at risk of a DDoS attack or not, you should
have the hosting facilities in place to handle large,
unexpected volumes of website hits.