I recently got an email claiming they have personal videos of me and my details, threatening to release everything unless I pay them in bitcoin. They're using a password that I know I've used before, but I can't recall which account it's linked to. I've checked the password against Have I Been Pwned, and it says it hasn't been compromised. I'm familiar with these scams—if they don't provide proof, they likely don't have anything. But is there anything more I should do besides ignore it? Should I be concerned?
5 Answers
Just ignore the email. Don't pay anything, and change any accounts using that password. Scammers recycle old data and often bluff without any real evidence.
They probably got your password from a previous data leak. Beyond that, they have nothing on you. Go change any passwords you remember using, and just ignore them.
This is known as sextortion, one of the most common email scams out there. They usually don't have any real evidence. If they did, they would show you. Just block them and forget it.
That makes sense, but I got worried when I saw they had my password, which isn't showing up on Have I Been Pwned.
They're just bluffing. Still, to be safe, change your passwords everywhere you can, especially if you can't remember where that password has been used. Adding two-factor authentication is also a good move. I've seen this happen at work, and the person just ignored it and was fine in the end.
Thanks! I figured since they just threw my password at me without context, it was a typical scam. They want $800 in bitcoin in four days.
If they didn't send any proof, like a screenshot of a video, they probably don't have anything. It's just a scare tactic.
Yeah, no screenshot was sent.
I guess maybe Have I Been Pwned just hasn't caught it yet, since it says my password is safe, which was concerning.