Hitman Email Extortion Scam via Email
How mass-mailed emails falsely claiming to be from a hired assassin threaten the recipient's life unless a cryptocurrency payment is made to call off the fabricated hit.
Part of: Hitman Email Extortion Scam
Last reviewed: 13 July 2026
The hitman email extortion scam is delivered entirely through unsolicited email, sent in bulk to large purchased or breached address lists. The message claims the sender was hired by someone the recipient knows — often left deliberately vague — to kill them, but offers to abandon the contract in exchange for payment, usually described in cryptocurrency to make it feel operationally sophisticated and untraceable to law enforcement.
There is no genuine hit and no real hired assassin behind these emails; they rely purely on fear to extract a fast payment before the recipient has time to think it through, verify anything, or contact police. Because the email is sent identically to enormous numbers of recipients, the specific claims about surveillance and personal knowledge are almost always vague boilerplate that could apply to anyone.
How this scam works on Email
The email typically opens by claiming the sender is a professional contract killer who has been surveilling the recipient for days or weeks and knows their daily routine, home address, or workplace, though the details given are usually generic and could describe most people (e.g., 'I know when you leave for work'). It states someone close to the recipient — a family member, coworker, or business rival — paid for the contract, without naming anyone specific.
The email then pivots to an offer: the sender will cancel the hit and disappear if the recipient pays a specified amount in Bitcoin or another cryptocurrency to a wallet address, usually within a short window measured in days. Threats of consequences for contacting police are included to discourage reporting, falsely claiming the sender will 'know' and proceed regardless.
Because these are mass-mailed using the same or nearly identical templates across huge numbers of recipients, the absence of any specific, verifiable personal detail (beyond information that could be inferred from public records or social media) is the clearest sign the threat is fabricated.
Common red flags
- An unsolicited email claims to be from a hired killer and demands payment to call off a supposed hit
- The 'surveillance' details described are generic and could apply to almost anyone (routine, workplace, home)
- No specific, verifiable identifying detail about you is provided, only vague claims of being watched
- Payment is demanded exclusively in cryptocurrency with a tight deadline
- The email threatens harm if you contact police, which is designed to suppress reporting
- Similar or identical wording has been reported by many unrelated recipients online
How to protect yourself
- Do not reply, click any links, or send any payment
- Save the email with full headers as evidence rather than deleting it immediately
- Report the threat to local police regardless of how implausible it seems — threats of this nature are taken seriously and are commonly identified as mass-scam campaigns
- Avoid sharing the email publicly with identifying details that could help the scammer refine future attempts
- Change any passwords referenced in the email if it includes breached credentials, and enable two-factor authentication
- Talk to someone you trust if the email has caused significant anxiety; the fear response is the entire point of the scam
How to report it
- Report the email to local police as a threat, even though these are near-universally identified as mass-scam campaigns
- File a report with the FBI's IC3 (ic3.gov) in the US, or your country's equivalent cybercrime reporting body
- Report the email as phishing/scam through your email provider's built-in tools
Frequently asked questions
Should I take this seriously and go into hiding or change my routine?
These emails are sent identically to enormous numbers of people using purchased mailing lists, not based on any real surveillance of you specifically. While the fear is completely understandable, there is no evidence in the vast majority of reported cases that any genuine threat exists. Still, report it to police for the record.
The email mentioned my real address — doesn't that prove it's real?
Home addresses are often available through public records, data broker sites, or previous data breaches, and can be included in a template without any genuine surveillance having occurred. It increases the fear factor without confirming the threat is real.
Will police actually investigate this?
Reports of hitman extortion emails are generally logged and, particularly when many people report similar emails, can contribute to broader investigations into the campaign. Individual follow-up varies, but reporting is still the correct step.
If I already paid, can I get the cryptocurrency back?
Cryptocurrency payments are generally irreversible. Report the transaction and wallet address to your national cybercrime authority; recovery may depend on the payment method and timing, but you should not expect the funds returned.
Why do scammers use cryptocurrency specifically for this scam?
Cryptocurrency payments are fast, cross-border, and difficult to trace back to a specific individual, which fits the scammer's need to collect payment anonymously and disappear before any investigation can catch up.