The National Cyber Security Centre (NCSC) has received reports of a common email phishing scam known as Financially Motivated Sexual Extortion (FMSE). These emails are designed to scare recipients into paying a ransom.
How does this scam work?
Scammers send emails claiming they’ve installed malware (malicious software) on your device and have recorded you visiting adult websites. They threaten to release this (fake) footage unless you pay a ransom—usually in cryptocurrency like Bitcoin.
To make the scam more convincing, the email might include real personal details like your password or home address. These are often taken from old data breaches.
Some people who received these emails later discovered their online accounts had been hacked including social media and bank accounts.
What to do if you receive an email like this:
- Never pay the ransom. Paying only encourages more scams, as scammers see you as a potential target.
- Don’t reply to the email. Instead, forward the email to [email protected] (NCSC’s Suspicious Email Reporting Service).
- Check if your data has been leaked using the Have I Been Pwned tool.
- Change your password immediately especially if the email includes one you still use. The Government’s Stop! Think Fraud Campaign provides advice on how to create suitable passwords and enable other authentication methods.
- Received an email like this to your BU email account? If you receive an email like this to your BU email account, please log a job with the IT Service desk – then delete the email.
Need Help?
If you’re worried someone has intimate images of you or you’ve been a victim of extortion, contact your local police by calling 101.
If you’ve lost money or shared financial info, contact your bank immediately and report it to Action Fraud or call 0300 123 2040 (in Scotland, call Police Scotland on 101).
