Where our lives are increasingly intertwined with technology, a disturbing trend has emerged that exploits our deepest fears: sextortion scam emails. Imagine receiving a threatening message from someone claiming to have compromising material about you, demanding a ransom to keep it private. This unsettling scenario is the reality for many who fall victim to sextortion.
You might assume that no one would fall for these scams, but cyber extortion is neither new nor ineffective. When these schemes first appeared in 2018, they quickly got over $50,000 in just one week, and scammers continue to profit from them even today.
What is a sextortion scam?
A sextortion scam is a type of online blackmail where scammers threaten to release private, embarrassing, or sexual content about you unless you pay them money. These criminals often claim to have hacked your computer or phone, and they say they have videos or photos of you in intimate situations. They demand a ransom—usually between $500 and $5,000—so they won’t share this material with your family, friends, or co-workers.
Though this might sound far-fetched, these scams are very common and have been successful at scaring people into paying. Here is how it works:
- Contact from the scammer: The scam usually starts with an unexpected email or message. The scammer claims they’ve hacked into your device and found sexual or embarrassing content, often saying they recorded you through your webcam while you were on adult websites.
- The threat: The scammer threatens to send this material to everyone you know—your family, friends, colleagues—unless you pay them. Payment is almost always demanded in cryptocurrency like Bitcoin, which is hard to trace.
- False claims: In most cases, the scammer hasn’t actually hacked you or found any sensitive material. They rely on fear to make you panic and pay. To seem more believable, they might include old passwords or personal details they’ve found in data breaches.
- Emotional manipulation: The scam works because it plays on your fear of embarrassment. Even if you know there’s no material to leak, the thought of such a thing happening can cause anxiety, which makes some victims more likely to pay.
Scammers use several tactics to make their threats seem credible and to pressure victims into paying. They often include passwords or personal information from past data breaches to falsely claim they’ve hacked your device. They may also use phishing techniques, such as fake links or websites, to trick you into providing more personal details or clicking on harmful content. Additionally, they apply psychological pressure by creating a sense of urgency and fear of public embarrassment, aiming to force a quick response before you have time to think critically about the scam.
Sextortion scams come in several forms, each exploiting different tactics to scare victims into paying money. The most common type is email-based sextortion, where scammers claim to have hacked your webcam or device and threaten to release compromising videos unless you pay them. Social media sextortion involves scammers using social platforms to make threats, either by pretending to have hacked your accounts or by impersonating someone you know, demanding money to avoid sharing fake content. Romance sextortion occurs when scammers, posing as potential partners on dating apps, trick victims into sharing intimate photos or videos, which they later use to blackmail the victim. Revenge sextortion involves blackmail from someone you know, such as a former partner or friend, who uses intimate content to extort money or favors from you.
What to do if you get a sextortion email?
If you receive a sextortion scam email, stay calm and follow these steps recommended by the National Cyber Security Centre:
- It’s important to stay calm and follow security protocols if you receive a sextortion scam email. Do not engage with the scammer.
- Forward the email to [email protected], which is the National Cyber Security Centre’s Suspicious Email Reporting Service (SERS) and delete the email from your inbox.
- Avoid paying the Bitcoin ransom; doing so may encourage more scams by signaling that you are a willing target.
- If the email includes a password you still use:
- Change the password immediately.
- Check if your data has been compromised by visiting Have I Been Pwned.
- Create stronger passwords and enable additional security measures using resources from Cyber Aware.
- If you have paid the ransom, report the incident to your local police by calling 101.
- For emotional support, contact Victim Support at 0808 168 9111 or visit Victim Support.
Sextortion scam emails are a form of cyber extortion; educate yourself on how to handle them safely.
Featured image credit: Eray Eliaçık/Bing