Inboxes are being flooded with alarming emails falsely claiming sensitive personal data has been compromised. Scammers assert they possess passwords, files, and financial details, threatening to sell them on the dark web unless a ransom is paid, typically in Bitcoin.

These extortion attempts rely on fear and urgency, but lack any concrete proof of a data breach. Warning signs include vague language, demands for untraceable cryptocurrency like Bitcoin, and a clear lack of specific details about compromised data. Such messages are mass-sent, not personalized attacks.

Your email address likely appeared in an unrelated past data breach, not a current compromise of your devices or accounts. Scammers purchase leaked lists and send these generic threats, hoping a small percentage will pay.

If you receive such an email:

  1. Do not reply: This confirms your email is active.
  2. Do not send money: Paying emboldens scammers.
  3. Mark as spam or phishing: This helps train email filters.
  4. Delete the message: Securely remove it.

To enhance security against such scams, use unique passwords for all accounts, enable two-factor authentication, keep software updated, and consider data removal services to limit publicly available personal information. Always pause and verify before acting on urgent requests, especially those involving payments.