Calgary Police Service warning of phishing scams demanding Bitcoin

If you’ve received a threatening email in the past few weeks, the Calgary Police Service wants to hear about it.

According to a CPS release, there have been multiple reports of Calgarians being contacted by scammers who are demanding money and threatening to leak the victim’s questionable browsing history.

See also:

• This group wants to make sure youth don’t fall for fake news this election
• Vancouver waterproof shoe startup halts sales amid ‘insane’ demand
• A massive glow party is coming to Calgary this weekend

The scammers are selling the threat by including the would-be victim’s login information, police state, which they may have obtained from a “previous and unrelated data breach in which the victim’s password was compromised, such as through an app, social media platform, or retail company.”

However, these scammers do not actually have recorded evidence of browser history and never gained access to the victim’s computer, though that is the threat that they are trying to convince people in order to have them send money, usually via Bitcoin.

“We want to remind citizens to always protect their personal information when online, to change their passwords regularly, and to pay attention to data breaches,” said Sgt. Ray Kelly of the CPS Cybercrime Team in the release.

“Criminals take advantage of the fact that many citizens use the same password for many of their online accounts and change these passwords infrequently. At the very least, citizens should use unique passwords for each account and passwords should be changed regularly, as well as following a data breach.”

CPS also provided the website www.haveibeenpwned.com as a place where citizens can check their email addresses and online account information to see if it has been compromised.

According to the release, over $1.2 million has been lost as a result of phishing scams in Calgary since the start of the year, 75% of which being through fake employment offers.

Here are a few tips to keep in mind if you’re ever reached out to by suspicious emails:

• Be suspicious of unexpected and unusual emails, especially ones demanding some form of urgent action. Never click links, send money, or respond until you have confirmed the email to be legitimate through a second source.
• Know how to recognize phishing emails.
  • Check who sent the email. Be suspicious of emails sent from people you don’t communicate with regularly and look for spelling mistakes or extra letters, numbers and symbols in the sender’s email address.
  • Check for bad grammar and spelling mistakes in the body of the email.
  • Check hyperlinks by hovering your mouse over a link to check its true destination. Never open attachments or click on links until you’ve verified it is a legitimate email.
  • Check the date and time the email was sent. Phishing emails are often sent at times you wouldn’t normally receive emails.
• Change passwords regularly and after an account has been compromised by a data breach.