July 16, 2013 2:03
There is a new racket going on working its way around with two very different variations to be aware of.
First, there is a growing number of websites that scrape existing, real mugshots out of public databases and contact these people. People who have been arrested in the past are blackmailed to pay, sometimes hundreds of dollars, to remove their mugs from general search engines because they feel embarrassed or threatened that their friends and/or employers will find out. Sites like this are being sued for extortion in a lawsuit testing the bounds of the First Amendment, but in the meantime there are victims that scammers are making thousands of dollars off of.
The second scam is even more evil, and it's a heads-up of social engineering scams people can expect in their inbox. In this attack, people that weren't arrested in the first place are being targeted with an email that claims their mugshot is easy to find on the Internet and if they want to see this embarrassing picture, "Click Here Now". The link leads them to a legit site that has been compromised and infects their PC with a drive-by attack, laying down a trojan virus on the person's hard disk making the PC a zombie. This is a textbook example of social engineering using the "prevent a negative consequence" trick.
Bank of Ann Arbor's security team reminds you to please "Think Before You Click" and delete emails that mention mugshots of anyone; themselves, friends, family or co-workers.