We highlight current cyber security threats in New Zealand, and provide guidance on what to do if they affect you.

11:45am, 29 October 2018

TLP Rating: Clear

Webcam and password blackmail scam

Updated: 29 October 2018. Added information about the email appearing to come from yourself.

CERT NZ has seen a spike in online blackmail incidents. Scammers say they have:

  • a password which you use (or show your password)
  • your website browsing history
  • video footage of you in compromising positions
  • access to your email because the email appears to be from you.

They use these claims to blackmail you into sending money.

What's happening

Systems affected

In the reports we've received, the blackmail emails follow a similar format. The email:

  • includes a previous password that you have used,
  • claims that you visited an adult website and that the scammer turned on your webcam and recorded what was happening,
  • claims that they have a copy of your website history or that they've added malware to your computer,
  • claims to have access to your email account because it looks like it was sent from your email address.
  • threatens to send the video to all of your contacts unless they pay a ransom between $1,700 and $3,000 NZD.

What this means


The password is one you’ve used in a different online service. The scammer gets it from one of the data leaks that have been posted online, this is called a credentials dump. They are taking advantage of finding this data leak and are trying to pretend they have access to your computer.

Credential dumps: how your password could be shared online


In some of these reports, the email appears to come from your email address. In the reports we've seen, the scammer hasn't had access to your email account. The scammer has faked the from address and this is called spoofing. Some email providers will block spoofing or flag it as spam.


We can’t confirm whether the video recordings actually exist, or if this is an opportunistic scam. We have not had any reports of scammers releasing a video when a ransom isn’t paid.

What to do


If you're affected by this scam, CERT NZ recommends you report the incident to us via our reporting form and allow us to share your report with our partner agencies (for example, NZ Police).

Blackmail incidents are shared with Police, with your permission, because they are a criminal offence in New Zealand. If you report this scam to us, keep the email and any other correspondence.
We'll ask for the email header information. 

How to extract header information from an email

We also recommend you:

  • change your password on any account that still uses that password. We recommend using strong, unique passwords on each account.
  • do not pay the ransom. It can be tempting to pay money to make the problem go away. In similar cases overseas, the scammers continue to ask for more money once the first ransom is paid.
  • do not contact the scammers. Block them on whichever method of communication they’re using to speak to you.
  • consider temporarily deactivating your social media profiles so no one can access your contacts.
  • check common data leaks to see where your passwords may have been leaked: Have I been pwned? External Link
  • run a thorough check for malware on your computer or take your computer to an IT specialist. If you're affected by this scam, there is a chance that you could have malware on your computer system.

If you need to talk to someone, the following free helplines operate 24/7:

  • Depression helpline: 0800 111 757
  • Lifeline: 0800 543 354
  • Need to talk? Call or text 1737
  • Samaritans: 0800 726 666
  • Youthline: 0800 376 633 or text 234

More information

If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.

Report online

Data breaches: How passwords can be leaked

Credential dumps: how your password could be shared online 

How to create a good password

Password managers: How to keep passwords safe

For media queries, contact