+1 (877) 634-6847
Customer Support
Cybersecurity Glossary

What Is Sextortion?

Sextortion is a form of blackmail where an attacker threatens to release intimate images, private information, or fabricated claims unless the target pays money, shares more material, or follows instructions.

Learn More
Glossary Index Phishing & Social Engineering
Short definition

Sextortion is a social engineering and extortion tactic that uses fear, shame, and urgency to pressure a person into paying, sending more content, or staying silent. The threat may involve real material, stolen account data, fake screenshots, or AI-generated content.

At a glance: Sextortion works by isolating the target and creating panic. The safest first step is to stop engaging, preserve evidence, and report the threat through trusted channels.

Sextortion Meaning

Sextortion scams often begin with a message that claims the attacker has compromising images, videos, browsing history, or private account access. The attacker may demand payment, cryptocurrency, gift cards, or additional private material.

Some sextortion attacks involve real stolen or shared content. Others rely entirely on false claims. Attackers may reference a breached password, a public profile, a hacked social account, or a fake screenshot to make the threat feel credible.

The tactic is closely tied to social engineering because the attacker is trying to control behavior through fear and embarrassment. They want the target to act quickly and avoid asking for help.

Organizations should treat sextortion as both a personal safety issue and a cybersecurity issue. Account compromise, exposed credentials, impersonation, and deepfake content can all be used to support the threat.

How Sextortion Works

Sextortion depends on pressure, secrecy, and a claim that the attacker has leverage.

  1. The attacker makes contact. The message may arrive by email, text, social media, dating app, gaming platform, or collaboration tool.
  2. A threat is introduced. The attacker claims they can expose private content, account activity, contacts, or fabricated material.
  3. Pressure is applied. The message may include deadlines, public-shaming threats, screenshots, passwords, or claims that reporting will make things worse.
  4. Payment or compliance is demanded. The attacker may ask for money, cryptocurrency, gift cards, account access, or additional private content.
  5. The threat may continue. Paying or responding can lead to more demands because the attacker knows the pressure worked.

Common Sextortion Examples

Sextortion can be based on real compromise, manipulation, or completely fabricated claims.

  • Password-based email threat: A message includes an old breached password and falsely claims the attacker recorded private activity.
  • Social account takeover: A compromised account is used to threaten the target or contact their friends and family.
  • Fake screenshot threat: The attacker sends edited or fabricated images to make the threat seem real.
  • Deepfake extortion: AI-generated or manipulated images are used to create fear even when no real content exists.
  • Romance or trust manipulation: An attacker builds a relationship and then uses shared content or private conversations as leverage.

Why Sextortion Matters

Sextortion matters because victims may delay reporting due to fear or embarrassment. That delay gives attackers more room to escalate the threat.

The tactic can also intersect with workplace security. A threat may arrive on a work device, use a business email address, include a reused password, or lead the target to click links, install software, or send money.

Training should make clear that reporting is the right response. Employees should know that security, HR, legal, or trusted leadership can help preserve evidence and protect accounts without judgment.

How to Reduce Sextortion Risk

Prevention focuses on account security, privacy habits, and safe reporting paths.

  • Use unique passwords and MFA. Reused passwords from old breaches make threats look more believable.
  • Limit public personal details. Reduce exposed contact lists, family links, employer details, and profile information attackers can use for pressure.
  • Be careful with unknown links and files. Extortion messages may include links that steal credentials or install malware.
  • Report quickly. Targets should preserve messages, avoid paying, and escalate through trusted safety, security, or law enforcement channels.
  • Support nonjudgmental response. Organizations should make it easy for employees to report threats without fear of blame.

What to Do After a Sextortion Threat

A calm response protects evidence and reduces additional leverage.

  1. Stop engaging. Do not argue, pay, send more content, or follow links from the attacker.
  2. Preserve evidence. Save messages, usernames, email headers, URLs, payment demands, and screenshots.
  3. Secure accounts. Change exposed passwords, enable MFA, review account recovery settings, and revoke suspicious sessions.
  4. Report through trusted channels. Use internal security, HR, legal, platform reporting tools, or law enforcement depending on the situation.

Related Sextortion Terms

Sextortion overlaps with social engineering, identity abuse, and manipulated media.

  • Social Engineering explains how attackers manipulate emotions and trust to influence behavior.
  • Deepfake Scams covers fake or manipulated media used to support fraud and extortion.
  • Identity Theft shows how exposed personal information can be used for pressure or fraud.

Sextortion Takeaway

Sextortion is designed to make a target feel alone and rushed. The safest response is to stop engaging, preserve evidence, secure accounts, and ask for help through trusted channels.

For organizations, a clear and nonjudgmental reporting culture helps employees surface threats before attackers gain more leverage.

Navigation
Back to Glossary View Category

Share This Page

Send this glossary page to a teammate, client, or employee who needs a quick explanation.

Email Facebook LinkedIn
FAQ

Questions Teams Ask About Sextortion

Quick answers about sextortion threats, fake claims, account security, and safe reporting.

What does sextortion mean?

Sextortion is blackmail that uses intimate content, private information, or claims about such material to pressure a target into paying or complying.

Are sextortion threats always based on real images?

No. Many threats rely on fake claims, breached passwords, edited screenshots, or AI-generated material.

Should a target pay a sextortion demand?

Paying can lead to more demands. Targets should stop engaging, preserve evidence, secure accounts, and report the threat through trusted channels.

Why is sextortion a cybersecurity topic?

It can involve account compromise, stolen passwords, phishing links, malware, identity abuse, and manipulated media.