How it works

The extortion scammer sends an email that says they have captured video footage of the recipient showing the person involved in explicit behaviour. They say this was accessed via malicious malware previously downloaded onto their computer. The extortion scammers often threaten that if the recipient of the email does not pay the ‘one off’ demand for money within 24-48 hours they will expose the explicit material to all of their contacts (supposedly also downloaded during the attack). 

In our experience most of these blackmail threats to expose information/hack accounts or compromising photos/videos are nothing more than a bluff. IDCARE has been contacted by many clients over the past 4 years who have also been victim to blackmail just like this. So far no one has reported that the scammer followed through with their threats. While no extortion attempt can be completely discounted, the likelihood of the criminal going ahead with these threats is minimal. 

It is important to remember that the motivation of the scammer is financial gain. They are not going to gain anything by following through with their threat to expose illicit material. They make their money through intimidation and fear of exposure. Furthermore, if you do choose to pay them they are likely to keep coming back with further demands for money as they see you as a soft target. Scammers will keep trying until they recognise that they have exhausted the ability for the victim to pay. That's why it's important that you cut all ties by blocking all avenues THROUGH which these criminals can contact you.

Ways you can avoid getting caught up in extortion scams
  • Cover your webcam on all devices when not in use
  • Change your passwords regularly
  • Make all passwords unique to the online service you are applying them to
  • Run anti-virus software regularly and install software updates when available
Most commonly reported extortion scams:

Webcam hack: This is where the scammer tells the target they have had access to the user’s webcam for a period of time and have managed to capture compromising video of them. These threats will be general, eg. the user was captured doing everyday things in their homes half-dressed, and/or sometimes specific eg. if the user has recently visited a pornography website or other unsecure website and they receive an email soon after. 

Illicit acts: Scammers will pose as someone looking for an online relationship. Once trust has been establish (often within hours of connecting) scammers will request the victim to record an illicit act to send to them. Scammers will then use the video to blackmail the individual.

Compromised/hacking accounts: Scammers will obtain small amounts of personal information such as user names or passwords associated to a websites that have been breached, then email the information to the user to convince them their systems have been compromised.

Assignment extortion: Scammers will set up websites offering to do university assignments for a fee. Once paid, the student will instead receive a threatening email telling them the website owners will expose them to the university unless they pay an additional fee.

How do scammers get this information?  

Passwords and users names are often collected by scammers through the use of malicious software unintentionally downloaded by the Internet user through a phishing email or visiting an unsecure website. It can also happen when a phishing email redirects the receiver to a website that mirrors a legitimate site, prompting the user to ‘log in’ resulting in the capture of information.

As data breaches are extremely common there is a good chance the information in the new extortion emails was first collected from the data set of a known breach. Data from data breaches is bought and sold to and from different scammers across the globe. Each scammer/group will have different agendas for what the data will be used for once obtained. For example some scammers may only be interested in accessing your account to pretend to be you in an attempt to scam your contacts. Other scammer’s may be interested in taking the log in information, sending you an email with the information and claiming to also have access to other online accounts.

As I write this, one of my personal email accounts has been involved in 3 separate KNOWN data breaches since 2015, one of which captured my email account password. My information may also have been exposed in other breaches that have never been recorded, unfortunately this is the nature of the ecosystem.  As I change my passwords regularly there is less likelihood that my email may have been accessed. 

You can check your email account to ensure it has not been compromised in a known breach by going to If your email is found to be associated with any listed known breaches, change your password immediately. 

Disclaimer: Ransomware has been excluded from this article due to the difference in the nature of the cyber-attack. This scam information is also related to scams that are being perpetrated by scammers with no personal connection to the victim.


Success Stories!

Other News

IDCARE is always active in the media from radio to TV, social media and news articles. Keep up to date with what's happening at IDCARE and in the media.

You can now report a phishing scam to IDCARE

Information sharing is an important way to help keep IDCARE informed.

more info

iappANZ Annual Summit – Melbourne 2018

Australian Information and Privacy Commissioner discusses latest quarterly report on the Notifiable Data Breaches scheme.

more info

Cathay Pacific Data Breach

Today Cathay Pacific publicly notified the probable compromise of personal and account related information of some 9.4m customers.

more info
Data Breaches

Success Stories!


IDCARE is here to provide you with specialist support and guidance when faced with a cyber and  identity related issue. Contact one of our Identity & Cyber Security Counsellors to learn more about our Support Services and how we can help you.   


1300 432 273
Mon - Fri : 8am - 5pm AEST


0800 201 415
Mon - Fri: 10am - 7pm NZST