“I Have Your Password and a Video of You…” – Your Guide to Beating the Sextortion Scam
Your heart races. You’ve just opened an email that starts with a password you once used. It gets worse. The sender claims they’ve hacked your webcam, recorded you in a private moment, and will send the video to all your contacts if you don’t pay them in Bitcoin within 24 hours.
This is a terrifying scenario, and it’s exactly what hackers are counting on. But before you panic, take a deep breath. This is almost certainly a bluff. You are the target of a massive, automated scam known as “sextortion,” and understanding how it works is your first step to beating it.
The Truth Behind the Terrifying Email
Let’s break down the scam piece by piece to see why it’s a house of cards:
-
“I have your password: [YourOldPassword]”: This is the only real part of the email. Scammers get these old passwords from massive data breaches at companies like LinkedIn, Yahoo, or Adobe. They use automated tools to match email addresses with these leaked passwords. It feels personal, but it’s just data mining. It does NOT mean they have access to your computer or webcam.
-
“I recorded you through your webcam”: This is the lie designed to create maximum fear and embarrassment. Infecting a computer with malware to record someone is technically possible, but it’s complex, targeted, and rare. This scam is sent to millions of people at once. They have no video of you.
Your 3-Step Action Plan: Don’t Pay, Don’t Panic
-
DO NOT REPLY AND DO NOT PAY: Paying the ransom does two things: it funds criminal activity, and it tells the scammers your email is active, guaranteeing you will be targeted again. Ignoring them is the most powerful response.
-
DELETE THE EMAIL IMMEDIATELY: This isn’t just about cleaning your inbox; it’s a psychological win. Deleting it is you taking control and dismissing their threat. You can also mark it as “Spam” or “Phishing” in your email client.
-
SECURE YOUR ACCOUNTS:
-
Change Your Passwords: If you see an old password in the email, and you’re still using it anywhere, change it immediately. Use a strong, unique password for every important account (email, social media, banking).
-
Enable 2-Factor Authentication (2FA): This is your superpower. Even if a hacker gets your password, they can’t log in without the second step, like a code from your phone. Turn on 2FA for your email and other critical accounts today.
-
Remember, these scammers are playing a numbers game. They send out millions of these emails hoping a small percentage of people will be too frightened to think clearly. By knowing the facts and taking simple, proactive steps to secure your accounts, you can render their threats powerless. Share this information with friends and family—especially those who may not be as tech-savvy. Awareness is our best defense.
