Scam script · Email

Sextortion Email Script

An email claims the sender has recorded you via your webcam and threatens to send the footage to your contacts unless you pay in cryptocurrency.

Last reviewed: 1 June 2026

Sanitized example messages

Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].

I have full access to your device and have been monitoring you. I recorded footage via your camera while you visited adult sites.

Your contact list is ready. If you don't send [amount] in Bitcoin to [wallet address] within 48 hours, everyone will see the video.

To prove access, your password is [old leaked password]. Don't try to change it — I have full control.

Delete this email and I release it to your contacts. Pay and it disappears. The choice is yours.

What the scammer wants

To use fear and shame to make you pay quickly without stopping to think. The password shown is typically from a historical data breach, not live device access — no recording exists in the vast majority of cases.

Red flags in the message

Email opens with a real old password — sourced from a data breach, not your device
Claim of webcam recording with no actual evidence provided
Demand for cryptocurrency payment to a wallet address
Short deadline to prevent you pausing and thinking
Shame and isolation tactic — 'don't tell anyone'
Mass-sent template with minor personalisation
No actual screenshot or clip provided as proof

A safe response

Do not pay. This type of email is sent en masse using old breach data. Cover your webcam if it makes you feel better, change the exposed password, and mark the email as spam. Paying does not guarantee any outcome.

What not to send

Cryptocurrency payments
Any reply to the sender
Personal information

What to do if you already replied

If you paid, document the wallet address and report it to your national cybercrime authority
Change the password that appeared in the email and any account using the same password
Enable two-factor authentication on key accounts
Contact a support line if you are feeling distressed — you are not alone
Report the email to your email provider

Evidence to preserve

Screenshot the full message or call details
Note the sender number, email, or profile
Save any links (without clicking) and payment details
Record dates and times

Sanitized example messages

Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].

I have full access to your device and have been monitoring you. I recorded footage via your camera while you visited adult sites.

Your contact list is ready. If you don't send [amount] in Bitcoin to [wallet address] within 48 hours, everyone will see the video.

To prove access, your password is [old leaked password]. Don't try to change it — I have full control.

Delete this email and I release it to your contacts. Pay and it disappears. The choice is yours.

Red flags in the message

Email opens with a real old password — sourced from a data breach, not your device

Claim of webcam recording with no actual evidence provided

Demand for cryptocurrency payment to a wallet address

Short deadline to prevent you pausing and thinking

Shame and isolation tactic — 'don't tell anyone'

Mass-sent template with minor personalisation

No actual screenshot or clip provided as proof

What to do if you already replied

If you paid, document the wallet address and report it to your national cybercrime authority

Change the password that appeared in the email and any account using the same password

Enable two-factor authentication on key accounts

Contact a support line if you are feeling distressed — you are not alone

Report the email to your email provider