News story

Charities remain at risk of online extortion demands - Lizard Squad

The Charity Commission, the independent regulator of charities in England and Wales, is issuing this alert to charities as regulatory advice under section 15(2) of the Charities Act 2011.

This news article was withdrawn on

No longer current.

Trustees, charity professionals and volunteers should continue to be aware of online extortion or ‘ransom’ demands affecting UK businesses. Charities could also be vulnerable to attack and so are encouraged to be vigilant. This advice is particularly relevant for those charities which operate overseas and/or deal with international partners in high risk zones.

The information contained within this alert is based on reports made during the past week, to Action Fraud, the UK’s national fraud reporting centre.

What to look out for:

  • a number of businesses throughout the UK have received online extortion demands from a group calling themselves ‘ Lizard Squad’

  • the group have sent emails demanding payment of 5 Bitcoins (a form of digital or ‘crypto’ currency) by a certain date and time. The email states that this demand will increase by 5 Bitcoins for each day that it goes unpaid

  • if their demand is not met, they have threatened to launch a ‘denial of service’ attack (‘DDoS’) against organisations’ websites and networks, taking them offline until payment is made

  • the demand states that once their actions have started, they cannot be undone

Action to take:

If you have received such a demand, or receive one in the future, you are advised to:

  • NOT meet their demands and pay the ransom
  • make a report to Action Fraud on Tel. 0300 123 2040 or via their website at www.actionfraud.police.uk
  • retain the original emails (with headers)
  • make a note of the attack, recording all times, type and content of the contact
  • call your Internet Service Provider (ISP), or hosting provider if you do not host your own Web server, tell them you are under attack and ask for help

Carl Mehta, Head of Investigations and Enforcement Operations at the Charity Commission, said,

Charities need to be aware of the imminent danger posed by this fraudulent group and to take appropriate steps to protect their charity’s assets and good reputation – both of which could be damaged if the ransom demands of the group are met.

I urge all charities, if they suspect they may have fallen victim to such extortion or ransom fraud, to report it immediately to Action Fraud.

Get Safe Online tips for protecting your business from a DDoS attack:

  • consider the likelihood and risks to your organisation of a DDoS attack, and put appropriate threat reduction/mitigation measures in place
  • if you consider that protection is necessary, speak to a DDoS prevention specialist
  • whether you are at risk of a DDoS attack or not, you should have the hosting facilities in place to handle large, unexpected volumes of website hits

Updates to this page

Published 9 May 2016