A chilling email lands in your inbox. It opens with a jarring phrase—"Hello pervert"—and claims to have recorded you during a private moment using your own webcam. Even more terrifying, it appears to be sent from your own account. The sender demands a cryptocurrency ransom and threatens to share the alleged footage with your entire contact list unless payment is made within 48 hours.

This is the modus operandi of a rising cybercrime threat: sextortion phishing scams. These scams exploit human fear and shame, coercing victims into parting with money under the belief that their devices have been hacked and compromising videos captured. Despite the alarming tone and seemingly personal details, cybersecurity experts confirm: these threats are almost always fake.

The scammers claim to have installed surveillance tools like Pegasus spyware—notorious for state-level espionage—on the victim's device. They allege to have captured footage through the webcam and sometimes include a leaked password (likely obtained from older data breaches) to increase credibility.

One version of the scam warns the victim that their "privacy is gone" and that the "tsunami" of leaked footage will destroy their life unless they pay ₹1.2 lakh (~$1,450) in cryptocurrency. Often, the emails feature technical jargon or even your email ID to increase panic and discourage rational thinking.

But cybercrime authorities, including the UK's National Cyber Security Centre (NCSC) and global experts, reiterate: these scammers do not actually have videos. They rely on fear psychology and play a numbers game—sending millions of emails in hopes a few people "take the bait."

This scam is not about technical sophistication; it is about psychological manipulation. Victims are targeted for their emotions—fear, embarrassment, and urgency. Scammers issue warnings not to contact police, threaten automatic video release, and claim they are monitoring all activity. These tactics are designed to isolate the victim and create a false sense of imminent danger.

Cybersecurity experts stress that the scam is based on bluffing. Even if the email includes a password, it likely comes from older leaks and does not imply active access to your device. Many victims panic and pay the ransom, only to realize later that there was no real compromise.

If you receive such an email:

• Do not reply or engage with the sender
• Do not pay the ransom—it validates you as a target
• Do not click on links or attachments
• Report the scam immediately to:
  - Cybercrime Helpline: 1930
  - National Cybercrime Portal: cybercrime.gov.in
• Check if your credentials were leaked using haveibeenpwned.com
• Change all passwords associated with the email ID and enable 2-factor authentication
• Educate others—sextortion scams thrive on silence and stigma

For emotional support, Indian victims can contact mental health helplines such as iCall (022-25521111) or AASRA (91-22-27546669).

This latest wave of sextortion phishing campaigns is a digital form of psychological warfare. While the threats are baseless, their emotional damage can be profound. India's cybersecurity infrastructure urges citizens to remain vigilant, report promptly, and remember: the scammer's power ends the moment you stop believing their lies.