"I Hacked Your Webcam, Send BTC": How I Disarmed the Email That Cost Me 3 Sleepless Nights
Key Results
The Challenge
A 34-year-old accountant in NYC opened his inbox one morning to find a threat email with his own password printed at the top. The message was direct: "$1,500 in BTC within 48 hours or your contacts get the footage I recorded through your camera." The familiar password stopped him cold. He spent 3 sleepless nights researching how to buy BTC. He was 2 clicks from sending the payment.
Our Solution
Altahonos traced the password to the 2019 Collection #1 data breach during a 30-minute free consultation. The email was confirmed as a mass-blast bot sent to millions of people. No device had been accessed, no footage existed. 2FA was set up across all critical accounts and 7-day leak monitoring was activated.
What Happened?
An ordinary morning. Inbox open. And there, in the first line of the email: an old password. His password. One he had used years ago and barely remembered.
The email continued: "I have access to all your devices. I recorded footage through your webcam. Send $1,500 in BTC within 48 hours or your contacts receive the footage."
A 34-year-old accountant in New York, he froze. The password was real. He had used it for years. So was the rest of it real too?
3 Days, 0 Sleep
His first instinct was to delete and move on. But something stopped him: that password. It was not random. It was genuinely his. What if they really had access?
He thought about going to the police. But what if the footage was real? His colleagues. His family. His clients. In that state of panic, clear thinking was almost impossible. His mind kept looping back to the same question: "What happens if they send it?"
He could not sleep at night. During the day, he kept checking his phone in the middle of client meetings. He lost track of conversations. For three days he lived inside that loop.
He researched how to buy Bitcoin. Opened a crypto exchange account. Completed identity verification. Reached the transfer screen. Entered the amount. He was 2 clicks from sending.
He stopped. And called Altahonos.
How This Attack Actually Works
These emails are known as sextortion bot-blasts. Here is how they work: attackers purchase lists of millions of email addresses and matching old passwords from the dark web. These lists come from large data breaches that happened years ago. LinkedIn, Adobe, MySpace, hundreds of smaller sites. Billions of account credentials are still circulating today.
The attacker sends the same email to every person on the list. The only difference is that each email includes that person's real password. This single detail makes the message feel personal and credible. It creates the impression that someone genuinely knows you.
In reality, no device is accessed. No footage is taken. The attacker is running a list, a template, and an automated sending system. The same email reaches thousands of people simultaneously across every country.
Most recipients delete it. A small percentage pay. For the attacker, that percentage is more than enough. The cost is near zero, the payment is instant, and it leaves no trace.
Need Expert Help?
Our team has resolved thousands of cases. Get confidential support now.
30 Minutes Changed Everything
Within the first 10 minutes of the consultation, we traced the password to its source: the 2019 Collection #1 data breach. This was one of the largest credential leaks ever recorded, with 773 million email addresses and billions of passwords exposed in a single event. His password had been sitting in a dark web list for years.
The attacker had never touched his devices. He had simply taken an email address and matching password from that list and sent the same message to millions of people. The email was a bluff. Completely. No device had been accessed. No footage had been taken. No footage had ever existed.
We then set up 2FA across all his critical accounts. A 7-day leak monitoring period was activated. If any new threat signal appeared linked to his email address, he would be notified immediately.
When It Was Over
He paid nothing. No footage went anywhere because none existed. He closed the transfer screen and withdrew the money from the exchange.
Nine months later, a follow-up check confirmed everything was clean. Accounts secure, no new threats, 2FA active.
If You Got the Same Email
This email reaches tens of thousands of people every day. Across the US, Europe, and every corner of the world. Seeing a real password in the subject line is designed to stop you cold. But that password is evidence of a data breach, not a camera hack. Those are two very different things.
What you should not do: do not pay. People who pay once typically receive a second demand. You have just signaled that this works on you. Do not let the 48-hour deadline pressure you. It is a psychological tactic, not a real countdown.
What you should do: do not delete the email, take a screenshot. Go to haveibeenpwned.com, enter your email address, and see which breaches you appear in within seconds. Change your password on every account where you used it. Set up 2FA.
If you are still not sure, take 5 minutes before you pay a cent. Real or bluff, we will tell you immediately. Got the same email? Free 5-min verification before you pay a cent: +1 (855) 853-2415
"I was 2 clicks from sending the money. Altahonos showed me in 30 minutes that the whole thing was a bluff. I slept that night for the first time in days."— Anonymous
Frequently Asked Questions
No. Old passwords are obtained from data breaches, not from hacking your device. These mass-blast emails include a real password to make the threat feel personal and credible. It is evidence of a breach, not a camera hack.
Go to haveibeenpwned.com and enter your email address. You will see every breach your credentials appear in within seconds. It is free and safe to use.
No. Most likely there is no footage to begin with. Paying signals that the tactic worked on you, which typically triggers a second demand for a higher amount.
Do not delete it, take a screenshot. Change the password on every account where you used it. Set up 2FA. Do not pay. If you are unsure, call us before doing anything else. Free 5-minute verification: +1 (855) 853-2415
About the Author
Altahonos Team
The Altahonos Team consists of cybersecurity and online reputation management specialists with extensive experience in digital threat mitigation and content removal strategies, helping individuals and businesses protect their digital presence.