SAN FRANCISCO (KPIX 5) — While the investigation into the mass email of bomb threats Thursday that set law enforcement agencies across the country scrambling, authorities are trying to zero in on exactly who could be behind the emails.

KPIX 5 security expert Jeff Harp, a former FBI Assistant Special Agent in charge of San Francisco, says the wording in the emails is providing some hints about the culprit. Harp also says the person or persons behind Thursday’s bomb threats is probably overseas and not an Islamic extremist.

READ MORE: Lockdown-Violating Underground Gatherings Investigated Over Recent Spate of San Jose Shootings

Law enforcement officers were tied up for hours after dozens of people received email messages claiming a bomb made from the explosive chemical compound Tetryl would be detonated in their building unless the recipient sent $20,000 in Bitcoin to a specified account.

In the end, all the threats were determined to be hoaxes.

While authorities have yet to make any announcements on results to the investigation into who sent the emails, Harp told KPIX 5 the messages do provide clues.

First, statements like, “I want to propose you a bargain,” and “if you are late with the payment explosive will detonate,” reflect an unfamiliarity with the English language.

“I read the email myself and I was one sentence into it and it seemed fishy to me,” said Harp.

Second, the request was for Bitcoin, which is a currency often demanded by international hackers.

“It’s more than likely, from what I’ve seen, something that’s been developed overseas,” observed Harp.

The demand for Bitcoin as ransom also distinguishes this attack from Islamic terror attacks like the recent shooting in France.

READ MORE: The Game Changer: New Test Helps Doctors Find Hidden Prostate Cancer

“If you think about ISIS and Al Quaeda aggression,” said Harp, He explained Bitcoin in exchange for safety is “just not something they typically do.”

Still, he stressed these are preliminary observations.

“Drawing a profile off one letter is pretty difficult,” said Harp.

Luckily, law enforcement officers are already on high alert during the holiday season. According to Harp, this is because people in the U.S. are gathering together in public places.

“Typically around Christmas, there’s always been threat briefings; we’ve had several incidents occur, like Pier 39 last year and the Christmas Day bomber up in Portland in 2018,” explained Harp

Having all those officers ready to inspect for bombs also means there’s a risk of a secondary incident. Harp pointed to people like Eric Rudolph, who he said “made bombs and then used secondary devices that targeted first responders.”

On Thursday, for example, once the threat was determined to be a hoax, the next concern was whether a real, delayed attack was planned at the bomb site or was happening on the other side of town.

Finally, even though there were no explosives found Thursday, the bomb threats still posed a real danger to public safety.

“What comes to my mind is our law enforcement is now occupied doing something dealing with a hoax when there’s real crime being committed,” said Harp.

MORE NEWS: Oakley School Board Interim Trustees Vote to Fill Vacant Seats; Reject Special Election

While whoever sent the emailed threats would be subject to a number of criminal penalties, according to Harp, they could also be sued in civil court and be forced to repay law enforcement agencies for all the time that officers spent chasing down the hoax threats.