Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.



411 University St, Seattle, USA


+1 -800-456-478-23

What To Do If a Phishing Email Tries to Blackmail You


“I’ve hacked {your webcam, your email, your device} and filmed you. Send $795 in Bitcoin to the following address … or I will share this footage with everyone in your contacts list.”

This message will raise the hairs on your neck. What if you have done something to put yourself in a compromising position? Here’s what to do if a message ever lands in your inbox.


Millions of phishing emails hit inboxes every day. Your spam filter should catch the majority, but sometimes one can slip through the net. It takes just one terrified email recipient to pay for the scammer to profit.

Reports of “webcam blackmail”  have increased in recent months as scammers try more personal tactics. While it’s safe to ignore such emails, you might want assurances that the threat is not real.

The first action to take is to copy/paste a section of the email into a search engine. Fake scams typically appear in forum discussions. One search, then you can rest a little easier knowing others have received the exact same bogus threat.


Impersonal emails lack impact, meaning spam messages are rarely successful. However, blackmailers are using more sophisticated tactics to personalize phishing emails and make them more believable. Here’s how:

Email spoofing

Few email providers can authenticate the “From” and “Reply to” fields in an email, so spammers use these fields to add an address they think will make you believe the message is real – and any familiar information can do the trick.

You can set up a service called DMARC to check the authenticity of a domain or try typing the address into this online tool if you suspect a message is fake.

Sensitive information

A password – or just part of a phone number – is a second way to make an email look authentic. Scammers often add this detail to push you into just enough of a state of panic that you consider making the payment.

Fraudsters obtain these details from security breaches: such as the Yahoo hack that revealed the personal information of 3 billion users in 2017. Hacks happen more often than you might think, so it is always possible your personal data can be used.


If you’re concerned your data was hacked, type your email address into Have I Been Pwned?. This is a database of all accounts that have been compromised through major security breaches, listing some 5.7 million accounts from 339 separate websites.

If you find out your data was compromised – change your password on all sites that suffered a security breach. Moreover, if you use the same password on other sites, update your information there as well.

For added peace of mind, test your password security using Dashlane: an online tool that tells you how long it would take to crack your password. Just bear in mind, if you’ve already been hacked in a separate security breach, your password is useless no matter the result.


You’ll likely receive so many scam emails that you choose not to report most of them. However, major websites like PayPalApple, and others, offer you an email address to which you can quickly forward suspect messages. Doing so helps others avoid falling suspect to fraudulent messages.

If you lose money through extortion or blackmail, you can report it as a crime. You’ll need to contact your local law enforcement agency for the appropriate advice.

The most effective way to deal with phishing emails is to delete them on sight.

  • Do not open them
  • Do not reply to them
  • Do not click any links
  • Do not open any attachments

Never enter personal information if you’re redirected to a form – and under no circumstances should you send money.


Other risks to be aware of are single-pixel images known as beacons: the email can use these to alert the attacker that your email is a working address. While Gmail pre-fetches images to avoid sending the alert – not all email providers offer the same protection.

There’s also the risk of spam email downloading malware onto your device. It’s imperative you keep your antivirus software and operating system up-to-date so that your computer can detect if this happens. As recently as 2017, WannaCry ransomware caused global chaos by infecting over 230,000 computers. Robust security is your only protection against such risks.


If you receive a phishing email or blackmail attempt, the most important action to remember is: do not panic.

Thousands of people receive the same message every day. Just delete the email and move on  – and if you still have concerns, give us a call.

Phhising Email Attack

More Posts

Quarterly Maintenance Audit: Why It’s Important.

At AngelCom, we preform quarterly maintenance audits that allow us to take a deeper look into a customer’s systems, setup, and hardware to ensure everything is functioning as intended. This comprehensive overview allows us to ensure your system is functioning as intended. Learn about why it’s so important here.

How Managed IT Services Can Reduce Costly Downtime

Instead of worrying about how much a period of downtime could cost you, it’s better to have a plan in place that can reduce and prevent it whenever possible. And a managed IT partner can help you devise such a strategy.

Why Is It Important to Have a Robust DNS Filter?

A robust suite of cybersecurity tools is a vital necessity for any business. Failing to protect your network and devices can have huge financial consequences. DNS filters are more than just a tool — they’re an investment in your business. Here’s how having your IT team set up a DNS filter can provide big benefits across your organization.