Is that sextortion or blackmail email real? Here's what to do
Sextortion emails are a specific, highly distressing type of scam. The message claims the sender installed spyware on your computer, secretly recorded you via your webcam during an adult website visit, and will send the footage to your contacts, employer, and family unless you pay — typically $1,000–$3,000 in Bitcoin — within 24 to 48 hours.
In the vast majority of cases, the claim is entirely false. The scammer has done nothing except send a mass email to millions of addresses purchased from breach databases. To make the email feel credible and targeted, they include a real password you have used in the past — one they found in a publicly leaked breach dataset, not from your device.
This is the most important thing to understand: seeing one of your real passwords in the email does not mean your computer was hacked. It means your email address and that password appeared in a database breach. The webcam footage claim is almost always a complete bluff.
🚩 Red flags to watch for
- ▶Your password appears in the email — but it's an old one, or one you've reused across multiple sites. This is from a public breach, not your computer.
- ▶You're asked to pay in Bitcoin to a specific wallet address within a 24–48 hour deadline.
- ▶No actual evidence is attached — no video clip, no screenshot, no list of your contacts to prove they have access.
- ▶The email may appear to have been sent from your own email address — a spoofing trick that doesn't mean your account was compromised, just that the 'From' field was faked.
- ▶The language is impersonal and generic — clearly sent to millions of people with the same template.
- ▶The scammer claims to have been silently watching you for weeks via your router or webcam.
✅ What to do
- 1Do not pay. Payment confirms you're responsive and may invite further, escalating demands. It does not guarantee the scammer stops.
- 2Do not reply to the email — engaging can signal that you're a viable target.
- 3Check if your email address appeared in a breach: visit haveibeenpwned.com. If the password mentioned is one you still use anywhere, change it immediately on every site where it was used.
- 4Enable two-factor authentication on your email and all important accounts.
- 5Report it: to the FTC (reportfraud.ftc.gov in the US), Action Fraud (UK), or local police. Collective reports help law enforcement track campaigns.
- 6If you're in genuine distress, the Cyber Civil Rights Initiative (cybercivilrights.org) offers support specifically for victims of image-based abuse.
📣 Where to report (by country)
🇺🇸 United States
🇬🇧 United Kingdom
- Action Fraud
- Police Scotland — call 101
🇦🇺 Australia
🇨🇦 Canada
🌍 Everywhere else
- Contact your local police and your bank immediately
- If money was sent, ask your bank about a recall request — act within hours
Got a suspicious message right now?
Paste it into our free AI checker for an instant pattern analysis
No account needed · Free to try · Privacy-first
Check your message free →No tool is a guarantee. AI pattern detection is a guide, not a verdict — always use your own judgment.
Common questions
The email includes a password I actually used. Does that mean my computer really was hacked?
Almost certainly not. Passwords from thousands of data breaches are available in searchable databases. Scammers buy email-password pairs in bulk and use them to personalise these emails at scale. The presence of your real password indicates a past breach, not current spyware.
Should I pay if I'm genuinely worried they have something?
No — and this advice comes from cybersecurity professionals and law enforcement agencies consistently. Payment doesn't guarantee the scammer deletes anything, stops emailing, or doesn't sell your details to other scammers. It only confirms you'll pay under pressure.
The email appears to be sent from my own email address. Was my account hacked?
Almost certainly not. Email spoofing — faking the 'From' address — is trivially easy and doesn't require access to your account. Log in to your real email account normally; if you can log in with your correct password and see no suspicious activity, your account is fine.