--- title: "There’s Nothing Sexy About Sextortion | DuoCircle" description: "There was a time when hackers and email scammers used spear phishing to trick their victims into sending money." image: "https://www.duocircle.com/images/og-default.png" canonical: "https://www.duocircle.com/blog/phishing-protection/theres-nothing-sexy-about-sextortion/" --- Quick Answer Sextortion is a coercive scam where attackers threaten to expose embarrassing or fabricated material unless the victim pays, typically in cryptocurrency. The 2019 variant tracked by KnowBe4 took it further: attackers threatened to plant child pornography on the victim's devices and report them to authorities unless paid, weaponizing the irreversible reputational damage of even a false accusation. Earlier sextortion campaigns paired the threat with a real password leaked in a prior breach, making the demand seem credible. The FBI's IC3 advice: do not pay, save the email, report it, and assume the password (if any) is from a known data breach (check haveibeenpwned.com). Defenses: link-time phishing protection on inbound mail to filter most extortion campaigns, password managers and unique passwords per site, MFA on every account, and educating users that paying never resolves the threat, it just funds the next campaign. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fphishing-protection%2Ftheres-nothing-sexy-about-sextortion%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=There%E2%80%99s%20Nothing%20Sexy%20About%20Sextortion&url=undefined%2Fblog%2Fphishing-protection%2Ftheres-nothing-sexy-about-sextortion%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fphishing-protection%2Ftheres-nothing-sexy-about-sextortion%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fphishing-protection%2Ftheres-nothing-sexy-about-sextortion%2F&title=There%E2%80%99s%20Nothing%20Sexy%20About%20Sextortion "Share on Reddit") [ ](mailto:?subject=There%E2%80%99s%20Nothing%20Sexy%20About%20Sextortion&body=Check out this article: undefined%2Fblog%2Fphishing-protection%2Ftheres-nothing-sexy-about-sextortion%2F "Share via Email") ![There's Nothing Sexy About Sextortion](https://media.mailhop.org/duocircle/images/2019/04/dmarc-generator-5316.jpg) There was a time when hackers and email scammers used spear phishing to trick their victims into sending money. By the time someone figured what had happened, the money was gone forever. But, people are starting to get wise to that tactic. So, what do the hackers do? _They evolve…all the way to blackmail._ [![spear phishing](https://media.mailhop.org/duocircle/images/2019/04/dmarc-report-service-4983.jpg)](https://media.mailhop.org/duocircle/images/2019/04/dmarc-report-service-4983.jpg) According to an [article](https://blog.knowbe4.com/heads-up-this-evil-new-child-porn-phishing-attack-could-absolutely-ruin-your-life) on security training firm KnowBe4’s website, the newest **spear phishing threat** encountered is one that threatens the victim with a new kind of blackmail called _sextortion_. > [Sextortion](https://en.wikipedia.org/wiki/Sextortion) is a form of sexual exploitation that employs non-physical forms of coercion to extort money or sexual favors from the victim. In this case, the extortion is in the form of a threat to blame you for child pornography. According to the article, the victim receives an email that “claims the CIA will bust you for child porn unless you pay 5,000 dollars and only then your records will be deleted.” The email also contains a malicious link. The endgame for this type of blackmail is scary to imagine. It wouldn’t be difficult for the attackers to place actual child pornography on your computer or fill your search history with fake child pornography searches. Then they could anonymously notify the FBI or law enforcement which would cause a big headache for you. In case you’re wondering how big of a problem sextortion is, an [article](https://www.helpnetsecurity.com/2019/03/21/bypass-traditional-email-security/) on security website HelpNetSecurity confirmed that “Sextortion scams make up 10 percent of all **spear-phishing attacks** \[and\] continue to increase. Employees are twice as likely to be the target of blackmail than business email compromise.” This is just one of the findings from a new report by Barracuda titled [_Spear Phishing: Top Threats and Trends_](https://www.barracuda.com/spear-phishing-report). The report analyzed three major types of attacks: brand impersonation, business **email compromise and blackmail**. [![Advanced Threat Defense](https://media.mailhop.org/duocircle/images/2019/04/spf-record-6789-1.jpg)](https://media.mailhop.org/duocircle/images/2019/04/spf-record-6789-1.jpg) Some of the findings in the report include the following: - The majority of subject lines on sextortion emails contain some form of security alert. - Attackers often include the victim’s email address or password in the subject line. - Scammers use name-spoofing techniques to make the email appear to come from a company employee. _Even though spear phishing attacks are evolving, the tactics and techniques employed to pull them off remain the same_. And that means the technology required to defend yourself against them still work. What technology is that? **Cloud-based email security** with [Advanced Threat Defense](/advanced-threat-defense) like that offered by DuoCircle. If you want to ensure unwanted child pornography never ends up on your computer, head on over to our [phishing prevention](/) services. You’ll be up and running in 10 minutes. ![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) Brad Slavin General Manager General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio. ## Secure your email infrastructure Protect, authenticate, and deliver. Contact our team to find the right solution. [Contact Sales](/contact/) [Explore Products](/products/) ## Related Articles [ Phishing 11m AI-Generated Phishing Has Eliminated the Typo: Why Traditional Email Filters Are No Longer Enough Apr 28, 2026 ](/blog/ai-generated-phishing-eliminates-typos-making-traditional-email-filters-ineffective/)[ Phishing 5m 10 Applications of ChatGPT that Hackers Are Already Exploiting May 3, 2023 ](/blog/phishing-protection/10-applications-of-chatgpt-that-hackers-are-already-exploiting/)[ Phishing 4m 65% of Global Businesses Ill-Equipped to Defend Against Email-Based Cyber-Attacks Mar 29, 2016 ](/blog/phishing-protection/65-global-businesses-ill-equipped-defend-email-based-cyber-attacks/)[ Phishing 9m 7 Ways to Protect Your Organization from Email-based Ransomware Attacks Feb 11, 2018 ](/blog/phishing-protection/7-ways-protect-organization-email-based-ransomware-attacks/) ```json {"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}} ``` ```json [{"@context":"https://schema.org","@type":"BlogPosting","headline":"There’s Nothing Sexy About Sextortion","description":"There was a time when hackers and email scammers used spear phishing to trick their victims into sending money.","url":"https://www.duocircle.com/blog/phishing-protection/theres-nothing-sexy-about-sextortion/","datePublished":"2019-04-01T13:38:23.000Z","dateModified":"2025-05-27T14:14:25.000Z","dateCreated":"2019-04-01T13:38:23.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/phishing-protection/theres-nothing-sexy-about-sextortion/"},"articleSection":"phishing-protection","keywords":"","wordCount":430,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2019/04/dmarc-generator-5316.jpg","caption":"There's Nothing Sexy About Sextortion","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"Phishing"},{"@type":"ListItem","position":3,"name":"There’s Nothing Sexy About Sextortion","item":"https://www.duocircle.com/blog/phishing-protection/theres-nothing-sexy-about-sextortion/"}]}] ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"Phishing","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"There’s Nothing Sexy About Sextortion","item":"https://www.duocircle.com/blog/phishing-protection/theres-nothing-sexy-about-sextortion/"}]} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"There’s Nothing Sexy About Sextortion","description":"There was a time when hackers and email scammers used spear phishing to trick their victims into sending money.","url":"https://www.duocircle.com/blog/phishing-protection/theres-nothing-sexy-about-sextortion/","datePublished":"2019-04-01T13:38:23.000Z","dateModified":"2025-05-27T14:14:25.000Z","dateCreated":"2019-04-01T13:38:23.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/phishing-protection/theres-nothing-sexy-about-sextortion/"},"articleSection":"phishing-protection","keywords":"","wordCount":430,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2019/04/dmarc-generator-5316.jpg","caption":"There's Nothing Sexy About Sextortion","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ```