People are being sent horrifying messages threatening to post video of their most intimate moments on the internet.
What's more, the messages are shockingly believable: they appear to include secret information about the recipient that suggests the threats are real.
But in fact the messages are a scam. And they seem to be relying on the vast number of stolen passwords that are available across the internet.
The messages always begin with the most convincing part of the email: the claim that the person sending it has your password, which is included in the message itself. After that, it begins with a series of threats and demand for a ransom.
"I'm going to cut to the chase," the message reads. "You don't know anything about me whereas I now know a lot about you and you are probably thinking why are you receiving this mail, right?"
It goes on to claim that the sender has been able to break into the computer and use some kind of malware, which is often wrongly identified, as a way of watching a person's screen and taking over their webcam. It claims that by doing so the sender has been able to put together a video of the recipient watching pornography.
If the person receiving the message doesn't pay a vast amount of money in bitcoin – often $1600, though the number seems to vary – then that video will be sent to the user's family and friends, the message claims.
Various parts of the message flag it up as a fake: despite claiming to have spent a great deal of time watching the recipient of the email, for instance, the person supposedly sending the message is unable to give any detail at all on what they have found.
But for senders they might be outweighed by the fact that the message includes a password, suggesting that there really has been some kind of breach. And in fact there has – though not of the kind the message claims.
In truth, the passwords are all thought to have come from one of the many leaks and hacks that have hit big companies in recent years. Many of the world's biggest online services – from LinkedIn to Adobe – have had passwords leaked onto the internet, and those are relatively readily available on the darker parts of the internet.
It appears that a scammer or group of them is using those passwords and probably automatically sending the emails out to users. It is then hoped that at least some of the users will panic and send the bitcoin – something that according to public records at least some recipients have actually done.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies