Skip to main content

Sextortion campaign - What to do if you receive the email

In most cases, there is no reason to be concerned. These emails are typically generated in their thousands by online scammers using limited personal details, with the aim of intimidating recipients into paying the ransom.

The information in the email is often obtained from the internet from previously-known data breaches.

If the email includes a password that you recognise, or is similar to one you are currently using, you should change all accounts that use this password.  Make sure to use a strong password and don’t reuse passwords across different accounts. Follow advice in our Small Business Cyber Security Guide.

If you still have concerns, then lodge a report to the Office of the eSafety Commissioner, who will provide further advice and support.

To find out where your email may have been included as part of a data breach, visit Have I Been Pwned.

Refrain from giving the scammer money and cease all contact.

If you have concerns about your physical safety, call Triple Zero (000) or contact your local police.

Further information on securing your online accounts can be found in the ACSC’s Easy Steps Guides.

The ACSC manages ReportCyber, a place for individuals, businesses and large organisations to report a variety of computer-enabled crimes to law enforcement, including online frauds, ransomware, identity theft, romance scams, online image abuse and business email compromise.

Was this information helpful?
Was this information helpful?

Thanks for your feedback!


Tell us why this information was helpful and we’ll work on making more pages like it