Sextortion Email Scam Sextortion Email Scam

Is That Sextortion Email Real? Identifying and Avoiding Online Extortion Scams

You open your email, and your stomach drops.
The subject line alone makes your pulse race. Inside, a scammer claims they’ve hacked your device, watched you through your webcam for months, and even lists one of your passwords as proof. They claim to have recorded you visiting intimate websites, capturing explicit footage which they will share with your friends, family, and colleagues.

Panic sets in. Is this nightmare real? Should you worry, or is this just another scam designed to manipulate and exploit your fear?

Sextortion email scams have become increasingly common. The likelihood of being targeted by sextortion scammers in the first few months of 2025 increased by a whopping 137% in the U.S., while the risk jumped to 49% in the U.K. and 34% in Australia, according to data from Avast. These emails are often sent in mass to hundreds of recipients, hoping some will not be marked as spam and the unlucky few will click the bait.

Whether the threat is real or not, sextortion emails can understandably cause panic and inflict severe emotional distress. But you’re not alone. Help is available. Most likely, the situation isn’t as dire as you fear.

Let’s provide clear steps on how to determine the authenticity of a sextortion email scam and what actions you need to take to protect your digital reputation.

Understanding the Anatomy of a Sextortion Email

These scammers prey on fear and wield a sense of urgency to trick you into complying with their demands. They’ll claim to have compromised your webcam or personal data. The threats may be vague or specific, but they could apply to anyone. They may use fake data as a bluff to make you think they have more than they truly do.

The good news is they likely have no actual content on you. Otherwise, they’d provide evidence. They probably bought your contact information after a data breach granting them certain information about you but no real intimate content.

Red Flags to Look For

Here are a few signs a sextortion email is little more than a phishing email:

  • Suspicious sender addresses and names
  • Poor grammar and spelling
  • Generic greetings and demands
  • Requests for payment in cryptocurrency
  • Lack of specific details

You can do a Google search on portions of the email to see if they are using a generic script. If they are, the sextortion email is likely a phishing attempt.

The Psychological Manipulation of Email Scams

In these fake sextortion emails, cybercriminals will target shame and fear to get you to react. They create a deep sense of isolation because they want you to feel alone and afraid. But help is available. You’re not alone. You can take action and protect yourself.

How Scammers Obtain Personal Information

Crooks will obtain personal data through data breaches, where hackers exploit security vulnerabilities to steal user data, including email addresses and passwords. This stolen data can be leaked publicly or sold on the Dark Web. Cybercriminals can also collect personal information from public social media profiles and unsecured websites.

How to Verify Claimed Compromised Passwords

If a hacker claims to have compromised your password, you can check at Have I Been Pwned to see if it was stolen in a data breach.

Technical Indicators of a Fake Sextortion Email

Analyzing Email Headers

Being able to read email headers is important in email tracing and determining the origin of an online extortion.

The email header provides a list of technical details about the email, including:

  • Who sent it
  • What software was used to compose it
  • What email servers it passed through on its way to the recipient

To view email header:

  • Open your email client and click the More icon in the top right.
  • Look for an option such as “View Original” (Gmail) or “Show Source” (Outlook).
  • The full email header will appear in a new window.
  • Copy the email header information by clicking “Copy to clipboard.”
  • Paste into a TXT file or Word document.

IP addresses and sender domains in the email header help verify the authenticity of the sender and detect potential spoofing. In the “Received” fields, the IP address shows the actual source of the email. You can cross-check this against the claimed sender’s domain. If it doesn’t match the IP’s origin, the email is likely malicious.

Examining Links and Attachments

A fake sextortion email likely contains malicious links and attachments to infect your device with malware. Avoid clicking links or downloading attachments. You can hover the mouse over the link without clicking to reveal its actual destination. Suspicious URLs likely lead to phishing or malicious websites.

Take Action: What to Do If You Receive a Sextortion Email

If you receive a sextortion email, don’t panic. Stay calm and don’t give in. Most likely, it’s SPAM, but there’s a chance the online extortion is real, or it could be a sign your computer is infected with malware. Here’s what you need to do to protect yourself.

Do Not Pay the Blackmailer

Under no circumstances should you pay the scammer, even if they present evidence that they have your sensitive content. Payment won’t prevent exposure. It inevitably leads to increased demands for more payment until there’s no end in sight.

Report the Email Scam

Report the sextortion to your email provider and law enforcement authorities. Your email administrator can flag the email as SPAM or malicious. They’ll investigate the sender and possibly block them.

You should report the email scam to local police and the FBI. This will begin a paper trail that law enforcement can use to prosecute the scammer and bring them to justice. You can file a report with the FBI under the Internet Crime Complaint Center (IC3), the FBI’s central hub for reporting cybercrime.

When filing a police report, you need to only include screenshots of the threat itself. You do not need to include any intimate content.

Strengthen Your Online Security

Take steps to strengthen your digital security. Maintain a strong password of at least 12 letters and several numbers and special characters. Enable two-factor authentication on all accounts.

You should also update all software and antivirus programs so they aren’t vulnerable to hackers.

Seek Support and Guidance

If you are a victim of online extortion, you don’t have to face it alone. Seek help from a trusted friend, parent, or therapist. Sextortion is a crime that happens to thousands every day. It happens to all ages and genders; no one is immune. Help is available. Reach out and connect.

Here are a few resources for sextortion victims that provide counseling and support:

  • Victim Connect: 1-855-4-Victim (1-855-484-2846)
  • National Sexual Assault Hotline: 1-800-656-HOPE (1-800-656-4673)
  • National Deaf Domestic Violence Hotline: 1-855-812-1001 (video phone)
  • The Network/La Red LGBTQ Hotline: 1-800-832-1901
  • BetterBrave

Digital Investigation Inc.: Your Partner in Digital Security

If you have been sent a sextortion email, we can help. Even if the email is SPAM, it’s possible your system is infected with malware. We can do data reviews and system scans to see if your device has been infiltrated.

At Digital Investigation Inc., we specialize in:

  • Email tracing
  • Digital forensics
  • Cybersecurity consulting

Our cyber experts can help you determine the authenticity of the threat and help you form a strategy to move forward.

If we find an actual threat, we can help identify and track the scammer. We’ll use this information as leverage to convince them to abandon their scheme and leave you alone.

Once the immediate threat has been addressed, we’ll provide ongoing support to ensure your safety. We’ll monitor different platforms for instances of sensitive content and work with platform administrators to remove it. We’ll use advanced monitoring techniques to prevent the content from resurfacing.

Call our 24/7 helpline.