Then we put some blocks in our e-mail filters to kill off any more e-mails like that one. We've blocked the IP addresses from FTP and Web access in case the same culprits try it again. I think that will cover the bulk of it for now. If they change addresses or e-mail message types, we'll need to do the same procedure again, of course. Filtering is a very on-or-off type of experience. We won't pick up any changes in the attack automatically, and so we'll need to see a sample to tune the filters and kill off other variants of the message as well. It's the same problem we have with the spam filters. Spammers have an easy time tweaking messages to get around any filters we set up.

What fun. SecuritySecurity gets messy when it involves employees' privacy and protection from things like this. I have had to deal with the lovelorn stalker e-mail and the vicious ex-spouse mail several times. Alles zu Security auf CIO.de

This was my first extortion scam, but it turns out, it wasn't the first that my company has dealt with.

"We have this down to a science," my security team told me proudly.

"What do you mean by that?" I asked. "Why haven't I known about the others?"

"They happened before you came to work here," they explained. But they happened.