Fake Hacked Webcam Bluff Scam via Bitcoin
A sextortion email demands Bitcoin payment to a specific wallet, using an old leaked password as fake proof of a webcam hack that never actually happened.
Part of: Fake Hacked Webcam Bluff Scam
Last reviewed: 5 July 2026
Bitcoin's pseudonymous, hard-to-trace nature makes it the payment method of choice for sextortion bluffs that claim to have hacked a victim's webcam, since a wallet address can be generated instantly and abandoned the moment payment lands.
How this scam works on Bitcoin
The email typically opens by citing an old password associated with the victim's email address, pulled from a historical data breach rather than any actual current compromise, to create an immediate sense that the sender truly has access to the victim's accounts. It then claims to have used that access to install malware and record webcam footage supposedly showing the victim during private moments, threatening to send the footage to the victim's contact list unless a specific Bitcoin amount is sent to a wallet address included in the message.
No actual hack, malware, or footage exists in the overwhelming majority of these cases; the scam relies entirely on psychological pressure from the real but outdated password and the shame-based nature of the threat to prevent victims from pausing to verify the claim. Because Bitcoin transactions are irreversible and the wallet is typically used briefly before being abandoned, once payment is sent there's no way to reclaim it even after the bluff is exposed.
Common red flags
- An email citing a password that is old, reused, or no longer in active use anywhere.
- No actual attached evidence beyond a text description of the alleged footage.
- A demand for payment exclusively in Bitcoin to a one-time wallet address.
- Generic mass-blast phrasing that could apply to virtually anyone, rather than specific personal detail.
- A tight deadline (typically 24 to 72 hours) pressuring quick payment before the victim can think it through.
- No verifiable connection between the sender and any real access to your devices or accounts.
How to protect yourself
- Do not pay; there is no evidence in the vast majority of these cases that any actual hack or footage exists.
- Check whether the cited password appears in a known public data breach using a reputable breach-checking tool, and change it immediately if still in use anywhere.
- Cover your webcam with a physical cover as a general precaution, independent of any specific threat.
- Do not reply to the email or engage with the sender in any way.
- Run a reputable antivirus/anti-malware scan on your device to rule out any actual compromise, for peace of mind.
- Save the email as evidence in case you want to report it, but avoid clicking any links within it.
How to report it
- Report the email to your email provider's phishing or spam reporting tool.
- File a report with the FBI's IC3 at ic3.gov, including the Bitcoin wallet address if payment was demanded.
- Report to the FTC at reportfraud.ftc.gov or Action Fraud in the UK.
- If you're a minor or the threat involves someone underage, contact the National Center for Missing & Exploited Children (NCMEC) or local police immediately.
Frequently asked questions
How did the scammer get my real password if there's no actual hack?
The password almost always comes from a historical data breach unrelated to your webcam or device, and the scammer simply pairs a leaked email-password combination with a mass-blasted threat template.
Should I pay just to be safe?
No, paying doesn't guarantee the threat stops and often invites repeat targeting, since scammers frequently return demanding more once they know a target is willing to pay.