Extortion emails

There has been a spike of reports about an email scam where the scammer pretends to have intimate recordings of a person in order to blackmail them into sending money. 

How the scam works

  • People receive an email that claims their computer has been hacked and that the scammer has obtained intimate recordings of them, for example using a porn site.
  • Most versions of the scam have included the person’s password – often the password is in the subject line. This may be a current password or one the person used years ago.
  • The scammer claims to have access to the person’s contact list and threatens to send the footage to the person’s contacts unless a payment is made (often as Bitcoin).

NetSafe has reported that they have received thousands of reports about this scam in New Zealand and are not aware of any cases where there has been proof of the recordings or where recordings have been released. Even if the scammer has obtained a password for your online accounts, it is very unlikely that they have been able to use this to access your computer’s content, webcam or browsing history.

What to do if you’ve been affected

  • Don’t respond or send any payments to the scammer.
  • If the password in the email is one that your currently use anywhere, immediately change the password wherever it is used. 
  • Use different password variations for each online account. This step should protect you in the future because if one account is breached, no other account should be affected.
  • Consider using a password manager such as Lastpass https://www.lastpass.com/ to manage all your passwords. Lastpass is a popular and free password manager.
  • The website Have I Been Pwned? allows you to check if your email address is listed as being affected by one of the large data breaches included on their database. If your email address is listed, make sure you update your password on any of the affected sites. You can also register to be notified for any future breaches which contain your email address.

If the scammer has obtained your password, it is likely this was collected in a data leak from one of the major online services such as Adobe, LinkedIn, Yahoo or one of many others.

Find out more