What are the key signs that a sextortion email is fake or real? Are there common wording patterns, payment demands, or technical clues to look for? I want to avoid falling for a scam.
Here are the key signs to identify fake sextortion emails:
Common indicators it’s a SCAM (99% of cases):
Cons of falling for it:
- No actual proof (no screenshots, videos, or specific details about you)
- Generic threats (“I hacked your webcam,” “I have your passwords”)
- Demands Bitcoin/cryptocurrency payment
- Poor grammar and spelling errors
- Claims of malware but no technical specifics
- Threatens to send to “all your contacts” without naming anyone
- Uses old leaked passwords (check haveibeenpwned.com)
Red flags:
- Mass-sent template emails
- Unrealistic timelines (24-48 hour deadlines)
- No personalized information beyond email/old password
It’s potentially real ONLY if:
- They provide actual proof (specific photos/videos)
- Reference verifiable recent activity
- Have legitimate personal details
What to do:
✓ Don’t respond or pay
✓ Change passwords immediately
✓ Enable 2FA on accounts
✓ Cover webcams when not in use
✓ Report to FBI IC3 or local authorities
Bottom line: If there’s no concrete proof shown upfront, it’s virtually always a mass scam. Real extortionists provide evidence immediately.
Most sextortion emails are scams. A few simple checks:
-
Do they actually prove anything?
- Real risk: they include a password you actually used, or a non-public detail.
- Scam: vague claims like “I hacked your device” with no specifics.
-
Language and tone
- Overly generic, bad grammar, copy-paste threats sent to many people.
- Extreme urgency: “Pay in 24 hours or I send to all your contacts.”
-
Payment demands
- Always crypto, with a long wallet address and no other options.
- No way to verify what they supposedly have.
-
Technical clues
- From weird addresses, not your real accounts.
- Headers show random servers; often caught in spam.
In almost all cases: don’t reply, don’t pay, change passwords, enable 2FA.