Charities remain at risk of online extortion demands - Lizard Squad
The Charity Commission, the independent regulator of charities in England and Wales, is issuing this alert to charities as regulatory advice under section 15(2) of the Charities Act 2011.
Trustees, charity professionals and volunteers should continue to be aware of online extortion or ‘ransom’ demands affecting UK businesses. Charities could also be vulnerable to attack and so are encouraged to be vigilant. This advice is particularly relevant for those charities which operate overseas and/or deal with international partners in high risk zones.
The information contained within this alert is based on reports made during the past week, to Action Fraud, the UK’s national fraud reporting centre.
What to look out for:
a number of businesses throughout the UK have received online extortion demands from a group calling themselves ‘ Lizard Squad’
the group have sent emails demanding payment of 5 Bitcoins (a form of digital or ‘crypto’ currency) by a certain date and time. The email states that this demand will increase by 5 Bitcoins for each day that it goes unpaid
if their demand is not met, they have threatened to launch a ‘denial of service’ attack (‘DDoS’) against organisations’ websites and networks, taking them offline until payment is made
the demand states that once their actions have started, they cannot be undone
Action to take:
If you have received such a demand, or receive one in the future, you are advised to:
- NOT meet their demands and pay the ransom
- make a report to Action Fraud on Tel. 0300 123 2040 or via their website at www.actionfraud.police.uk
- retain the original emails (with headers)
- make a note of the attack, recording all times, type and content of the contact
- call your Internet Service Provider (ISP), or hosting provider if you do not host your own Web server, tell them you are under attack and ask for help
Carl Mehta, Head of Investigations and Enforcement Operations at the Charity Commission, said,
Charities need to be aware of the imminent danger posed by this fraudulent group and to take appropriate steps to protect their charity’s assets and good reputation – both of which could be damaged if the ransom demands of the group are met.
I urge all charities, if they suspect they may have fallen victim to such extortion or ransom fraud, to report it immediately to Action Fraud.
Get Safe Online tips for protecting your business from a DDoS attack:
- consider the likelihood and risks to your organisation of a DDoS attack, and put appropriate threat reduction/mitigation measures in place
- if you consider that protection is necessary, speak to a DDoS prevention specialist
- whether you are at risk of a DDoS attack or not, you should have the hosting facilities in place to handle large, unexpected volumes of website hits
Latest News from
Charity regulator appoints interim manager to Birmingham charity under inquiry23/03/2020 11:20:00
Appointment follows continued concerns about Sikh Channel Community Broadcasting Company.
Coronavirus (COVID-19) guidance for the charity sector20/03/2020 14:20:00
Guidance to help with running your charity during the Coronavirus (COVID-19) outbreak.
Regulators urge safe giving to charities as communities respond to Coronavirus pandemic20/03/2020 13:15:00
The Charity Commission and Fundraising Regulator yesterday urged people to ‘give safely’ as people continue to respond with generosity in the current crisis.
Commission finds misconduct by charity who loaned half a million pounds to company of former trustee19/03/2020 12:20:00
Charity was receiving no repayment for loan prior to inquiry opening.
Filing charity annual returns during the coronavirus pandemic17/03/2020 12:43:00
Any charity that needs an extension to their annual return deadline can contact the Charity Commission to ask for one.
“Unscrupulous pattern of dishonesty” at 8 charities used to launder proceeds of crime from the sale of counterfeit medication17/03/2020 11:05:00
Individuals disqualified following regulator’s inquiry into Chabad UK and 7 linked charities
Inquiry finds mismanagement at charity that funded failed film project16/03/2020 09:20:00
Regulator’s intervention leads to governance improvements at Fadak Media Broadcasts
Trustee operated without oversight at ‘inadequately run’ charity finds Commission13/03/2020 09:20:00
Trustee removed for failures including authorising his own expenses