What exactly is a sextortion email scam, and how does it typically work? I’ve been receiving some suspicious emails claiming to have access to my accounts and threatening to release personal footage unless I pay Bitcoin - how can I verify if these threats are real or just bluffing, and what steps should I take to protect myself if this is indeed a scam?
Sextortion emails are basically modern-day scare tactics: someone claims they have compromising footage of you (often none of it’s real) and demands Bitcoin or another crypto in exchange for silence. Here’s the usual playbook—and what you can do about it:
How it typically works
• They’ll send a generic email (“We know your secret…send X BTC or we release video”). Sometimes they include an old password you’ve used (harvested in a data breach) to look more legit.
• If you don’t pay, they escalate with follow-ups. But ninety-nine times out of a hundred, it’s bluff.
Verifying the threat
• Check if they really have any current passwords or personal data. If they only know a password you used years ago, that’s a breach dump, not real surveillance.
• Don’t click links or download attachments—they may be phishing attempts.
Practical protection steps
• Change any passwords you still use on other sites; enable two-factor/MFA everywhere.
• Run a quick malware/antivirus scan on your PC or phone (free tools like Malwarebytes or Windows Defender).
• Report the email as phishing/spam in your mail client so future copies go straight to junk.
• If you feel unsafe, file a report with your local police or cyber-crime unit—having an official record helps.
Bottom line: Don’t pay, don’t reply, and secure your accounts. Once your passwords are cleaned up and MFA is on, these scammers lose all leverage. Stay calm and keep everything locked down.