Close this search box.

Watch out for this latest phishing email scam

Table of Contents

[fusion_builder_container type=”flex” hundred_percent=”no” equal_height_columns=”no” menu_anchor=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=”” background_color=”” background_image=”” background_position=”center center” background_repeat=”no-repeat” fade=”no” background_parallax=”none” parallax_speed=”0.3″ video_mp4=”” video_webm=”” video_ogv=”” video_url=”” video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” overlay_color=”” video_preview_image=”” border_color=”” border_style=”solid” padding_top=”” padding_bottom=”” padding_left=”” padding_right=””][fusion_builder_row][fusion_builder_column type=”1_1″ layout=”1_1″ background_position=”left top” background_color=”” border_color=”” border_style=”solid” border_position=”all” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding_top=”” padding_right=”” padding_bottom=”” padding_left=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” center_content=”no” last=”true” min_height=”” hover_type=”none” link=”” border_sizes_top=”” border_sizes_bottom=”” border_sizes_left=”” border_sizes_right=”” first=”true”][fusion_text columns=”” column_min_width=”” column_spacing=”” rule_style=”default” rule_size=”” rule_color=”” content_alignment_medium=”” content_alignment_small=”” content_alignment=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” sticky_display=”normal,sticky” class=”” id=”” margin_top=”” margin_right=”” margin_bottom=”” margin_left=”” font_size=”” fusion_font_family_text_font=”” fusion_font_variant_text_font=”” line_height=”” letter_spacing=”” text_transform=”none” text_color=”” animation_type=”” animation_direction=”left” animation_speed=”0.3″ animation_offset=””]

Cyber criminals are increasingly turning to phishing tactics to blackmail victims into sending them large sums of money – and this latest phishing email scam is no different.

In fact, IT security firm Symantec reported that almost 300 million extortion scam emails were blocked in the first five months of 2019 alone!

Neuways wrote about a similar ‘career-ending phishing campaign’ earlier this year. This new method differs slightly.

There are a few ways you can combat this latest threat, however. We can run a dark web monitoring scan and see if you have actually suffered a breach. In the meantime, you can use our phishing awareness resources to arm yourself with knowledge.

What do the criminals want?

Hackers are buying up breached passwords on the dark web and using them as ‘proof’ that they have access to the victim’s private photos, videos, accounts, and webcam.

Phishing emails are typically used for a few reasons – money, a vehicle to harvest credentials, or a means to deliver malware.

They’re straightforward to conduct, and with a 1 in 10 chance of success, a phishing email can be incredibly lucrative for a cyber criminal.

In this new case, it’s purely about the money.

The criminals behind this type of campaign are relying on your embarrassment for a successful extortion.

The message is typical of phishing – great urgency and fear-mongering, followed by a ‘simple solution’ that can take all of the fear away.

The latest phishing email extortion scam

How does this latest phishing email scam work?


This phishing email scam begins with a bold opening gambit.

It actually includes the victim’s password in the subject line, reading “You got owned – [victim’s password].”

The hacker then claims to have gained access to your private photos, videos, and accounts via previously installed malware.

The password, according to the hacker, is proof that your photos, videos, and accounts are compromised.

Unless you have used the same password for every account for years, this is highly unlikely to be the case. But in a high-pressure situation, the hacker’s hope is that you panic and act irrationally.

If your credentials have previously been involved in a breach, they could end up on the dark web. Therefore, it’s not impossible for a criminal to have acquired one of your older passwords.

However, this does not mean that they have access to your photos, videos, and accounts. And it certainly doesn’t mean that they have access to your webcam.

It’s simply a way for the hacker to generate panic and urgency among their victims.


The next stage of the phishing email is the threat – blackmail.

In this situation, the hacker claims to have used your webcam to record you watching pornographic material. Or they might claim to have unearthed and be in possession of private photos you do not wish to be in the public domain.

In the state of heightened panic, they threaten to leak your personal information onto the web.

“We both know that your life won’t be the same,” reads the email.

Naturally, there is a solution…


A one-time payment, typically in Bitcoin, and all of the fear and anxiety will go away.

By creating a fictional problem, the hacker then manufactures a very real solution. Pay the problem away – to them, naturally!

They will typically present themselves as an agent of benevolence, offering you ‘a chance’ to prevent this from happening. Not only does this imply that this fictional ‘hack’ is your fault, but that the actual perpetrator can offer you a way out.

On the face of it, it’s an obvious attempt at a shakedown on behalf of the criminal. But in the moment? If you’re not prepared for this type of attack and feel under duress, this option might feel like salvation.

In this particular incident, the criminal argues that this ‘is a very good price, compared to living hell’.

To raise the stakes, the hacker will often give a limited amount of time for you to make the payment. This is to create urgency and try and extract payment before you reflect upon this situation and consult someone else, such as the police.

After all, embarrassment is a real motivator.


After I have received the payment, you never will hear from me again

Reassuring, perhaps. But not true.

People who pay up are far more likely to be targeted again in the future.

From the cyber criminal’s perspective, willingness to co-operate indicates either gullibility, weakness, or wealth. All three are desirable attributes to a cyber criminal because they can be exploited.

How to protect yourself against phishing email scams

Firstly – arm yourself with knowledge.

Phishing emails used to be predictable and easy to spot. And in many cases, they still are. However, some of the more sinister phishing attempts are well-crafted and targeted towards an individual.

So, how do you know if it’s a phishing email? We’ve compiled a detailed phishing email awareness hub for you to share with friends and colleagues. However, a brief overview of what to look out for is as follows:

  • Clickbait subject
    This might be a direct demand or a claim that a ‘critical security incident has occurred (or words to that effect). Also look out for excessive use of punctuation!!!!

  • Poor spelling
    Professional communications rarely contain spelling errors. On the other hand, phishing emails ar oftun put together qwickly and tend to be fool off speling mistakes.

  • Unnecessary sense of urgency
    Phishing emails often contain THREATS, openly or passive. You’ll also find that they result in a DEMAND for payment as recompense. They want you to act IMMEDIATELY.

In the meantime, it’s well worth consulting a Dark Web Monitoring service. It’s a straightforward way for you to find out if personal or business data is for sale on the dark web.

If you know your data is out there, you can act before a breach happens.

Dark Web Monitoring delivers peace of mind and puts you back in control of your data.

If you’re concerned about phishing, email us at or call us on 01283 753 333.


Want to keep up with our blog?

Get our most valuable tips right inside your inbox, once per month!

Latest IT News & Insights
Microsoft Dynamics 365 Business Central Main Product Mockup Showcase ERP
Why Business Central enhances and streamlines solutions
See how Microsoft Dynamics 365 Business Central enhances business solutions and streamlines the processes...
Read More
Neuways artificial intelligence
Artificial Intelligence: The Good, The Bad & The Ugly
AI is the Marmite of the IT world. Love it or hate it, the reality is it filters into our everyday lives...
Read More
Choose Neuways for your IT Support, Cyber Security and Business Central needs.
Cyber Security Acronyms Part 1: Neuways
We are helping clients to understand cyber security. We're making it easy for you, as we are jargon busting...
Read More
Password Manager and Security with neuways
Password Managers just became an even more important tool for Employees
The Government has brought in a ban on employees and manufacturers using default passwords.
Read More
Dark Web monitoring
What is the Dark Web?
Dark Web Monitoring identifies whether any of your company data (including login credentials and confidential...
Read More
Password Manager and Security with neuways
Password Security
Business Password Manager Tool Protect your remote workforce with Password Manager Tool, the business...
Read More
WatchGuard WiFi Security
WatchGuard User Services Platform – Simple, Secure and Intelligent WiFi
Why do Neuways partner with WatchGuard? Find out below to see how we improve the cyber security of your...
Read More
Endpoint Security
Endpoint Security
Protect your business with the best in Endpoint Security – How Neuways can help you Protect Your...
Read More

Frequently Asked Questions

Managed IT support is a comprehensive solution where an expert IT provider, like Neuways, handles your technology infrastructure. This includes proactive monitoring, maintenance, cyber security, and support.

Contact us

Support: 01283 753300

Business Development: 01283 753333

Purchasing: 01283 753322

Admin and Accounts: 01283 753311


Yes we do. Your business needs Cyber Security due to the increasing number of cyber threats that are affecting businesses in all industries. If your business has data and technology systems implemented, you will need Managed Cyber Security.

Yes we can. We have our own dedicated Microsoft Dynamics 365 Business Central teams who work to ensure that we can implement the right systems and solutions into your website that are absolute right for you. 

Got a question?

Reach out
& Connect

Please enable JavaScript in your browser to complete this form.