top of page

Beware of scam emails threatening to reveal intimate images

Updated: Sep 11

What’s happened?

Members of the public have reported receiving scam emails that appear to come from their own email account, threatening to reveal intimate images of them unless they pay a fee.

This email scam is widespread, with the Australian Cyber Security Centre, Office of the eSafety Commissioner and Scamwatch receiving over 300 reports from the public this week.

How it works

This scam uses a tactic known as ‘sextortion’ – a form of online blackmail where a cybercriminal threatens to reveal intimate images of someone online, often to their friends and family, unless they pay a ransom quickly (often in cryptocurrency).

The scam uses ‘spoofing’ to make the email look like it’s come from your own email address. Email spoofing occurs when email addresses are manipulated to come from a different source, but display as a legitimate address. This is a technique commonly used by cybercriminals to make their scam seem real.

How do I stay safe?

  1. If a blackmailer is threatening to reveal intimate images of you online, do not give in to their demands, it is most likely a fake threat.

  2. Report it to the Office of the eSafety Commissioner. (you can find the matching eSafety agency in your country by googling: cybersecurity government agency in <country name>)

  3. If you receive one of these emails, don’t give the perpetrator any money or images, and stop all contact with them. In Gmail you can open the scam email and tap on the 3 dots menu and select Report phishing (similar options will be found in other email programs). This will alert your email account company and they will warn others and block such emails from coming to other users.

  4. If you’re concerned about your physical safety call Triple Zero (000) or contact your local police.

  5. Change your passwords for all social media and online accounts – including your email account – straight away, and review your privacy and security settings.

  6. Cybercriminals can use your personal details to their advantage, like manipulating your email address if it has been caught up in a data breach.

  7. You can check if any of your email addresses have been in a data breach by visiting and type in your email address. If there are some that come up gop to those websites and change your password.

  8. Additional Setup from Cyberkite: Visit Cyberkite website and select Book a Cybersecurity Healthcheck to book us for a cybersecurity healthcheck or select Request a Quote of you need an overhaul of your small business IT security.

More information

If you have experienced image-based abuse, you can also contact the Office of the eSafety Commissioner to report and seek support, including links to counselling support services. You can report scams to Scamwatch: (you can report a scam in a similar way in your country by googling: report an email scam in <country name> )


© 2019 Australian Government. All rights reserved.

Republished by Cyberkite with additional notes.


Recent Posts

See All

About Michael Plis


Michael is a technology and cybersecurity professional with over 18 years of experience. He offers unique insights into the benefits and potential risks of technology from a neurodiverse perspective. He believes that technology is a useful servant but a dangerous master. In his blog articles, Michael helps readers better understand and use technology in a beneficial way. He is also a strong supporter of mental health initiatives and advocates for creating business environments that promote good mental health.


Cyberkite blog - your go-to source for smart technology and data security insights for small business. Stay ahead of the curve with our expert tips and strategies, and join the Cyberkite community by subscribing today!

Disclaimer: Please note that the opinions expressed by Michael or any blog assistants on this blog are his/their own and may not necessarily reflect the views of Cyberkite. Michael shares his opinions based on his extensive experience in the IT and Cybersecurity industry, learning from the world's top subject matter experts and passing on this knowledge to his audience in the hopes of benefiting them.

View our full Site Disclaimer

View our Affiliate Statement

bottom of page