Urgent Warning: Phishing Emails Using Extortion Tactics on the Rise

Action Fraud is sounding the alarm following a dramatic surge in reports of phishing emails employing sinister extortion tactics. In March 2025, the National Cyber Security Centre’s (NCSC) Suspicious Email Reporting Service (SERS) received a staggering 2,924 reports of these malicious emails. This marks an alarming increase compared to the mere 133 reports received in February, highlighting a significant and concerning trend.

These reported phishing attempts centre around a particularly nasty form of extortion known as ‘Financially Motivated Sexual Extortion’ (FMSE). The emails typically claim that the sender has installed malware on the recipient's device and recorded them viewing adult content. They then threaten to release these fabricated videos unless a ransom, often demanded in cryptocurrency like Bitcoin, is paid.

Detective Chief Inspector Hayley King, Head of Prevention at the National Fraud Intelligence Bureau (NFIB), emphasises the deceptive nature of these scams: "Criminals will go to great lengths to make these types of extortion scams more convincing, including using a leaked password or home address in the phishing email to make it seem genuine."

Crucially, these criminals often include genuine personal information, such as old passwords or even home addresses, in their emails to appear legitimate. This information is likely obtained from historical data breaches. Worryingly, analysis suggests that individuals receiving these extortion emails are also at a higher risk of having their online accounts hacked.

One victim in his thirties experienced this firsthand in 2024. After receiving numerous extortion emails containing a password he recognised, he dismissed them as scams. However, shortly after, he discovered that his bank account and multiple social media accounts had been compromised, leaving him locked out.

What should you do if you receive an email like this?

The advice is clear: do not engage with the sender. Instead, follow these steps:

• Forward the email immediately to report@phishing.gov.uk. This is the NCSC's Suspicious Email Reporting Service (SERS).
• Delete the email after forwarding it.

Never consider paying the Bitcoin ransom. Doing so will likely mark you as a target for future scams, as the criminals will know you are willing to pay.

The presence of genuine personal information in these phishing emails is a strong indicator that your data may have been compromised in a past data breach. You can check if your online accounts have been affected by using this free service: https://haveibeenpwned.com

If the phishing email contains a password you still use, change it immediately. For guidance on creating strong passwords and enabling multi-factor authentication, visit: https://stopthinkfraud.campaign.gov.uk/protect-yourself-from-fraud/protecting-against-online-fraud/improve-your-password-security/

If you have been a victim of extortion, or if you are concerned that someone may possess intimate images of you, it is vital that you report it to your local police force by calling 101.

Stay informed and protect yourself from fraud: https://stopthinkfraud.campaign.gov.uk

If you have lost money or provided financial information as a result of any phishing scam, notify your bank immediately and report it to Action Fraud at https://www.actionfraud.police.uk/report-phishing or by calling 0300 123 2040. In Scotland, call Police Scotland on 101.

Stay vigilant, and remember that by reporting these suspicious emails, you are helping to protect yourself and others from falling victim to these damaging scams.