SEXTORTION
Protecting digital identity and psychological well-being by analysing the mechanisms of online sexual extortion.
Introduction
Fake accounts pose a systemic threat to digital security, as they distort reality and undermine trust online. So-called ‘ghost armies’ operate for purposes ranging from political destabilisation to financial crime. In this context, phishing is one of the most insidious techniques: it exploits the identities of trusted organisations, such as banks, to deceive victims and steal their credentials. The user, trusting the fictitious sender, takes actions that compromise their own security.
These practices do not merely affect individuals; they can become tools for large-scale manipulation, thereby jeopardising democratic stability. To protect against this, users and platforms must play an active role, implementing measures such as two-factor authentication and ‘zero-contact’.
IMMEDIATE
INTIMACY
INTIMACY
The predator accelerates the relationship to exploit emotional vulnerability and steer the conversation toward sexual topics.
PLATFORM
MIGRATION
MIGRATION
The abuser attempts to move the conversation away from the original social network and onto external messaging apps.
URGENCY
THREATS
THREATS
A sudden shift in tone to aggressive language, imposing extremely tight deadlines for payments or compliance.
Building trust
Grooming is a systematic process of enticement and psychological manipulation, aimed at establishing a false sense of trust for the purposes of extortion or exploitation. The interaction progresses from an initial phase of emotional bonding to strategies of isolation and the rapid collection of sensitive biometric data, thereby increasing the risk of security breaches.
A social engineering tactic designed to obtain blackmail material as quickly as possible, by sending explicit content or forcing the victim to use their webcam. Resolving the issue requires recognising and halting the disruption of communication patterns, dismantling the relationship and countering the shame that often prevents victims from reporting the matter to the authorities in a timely manner.
Relocation of the conversation
Platform migration, which refers to the attacker’s deliberate attempt to shift the interaction from the original social network to instant messaging apps with end-to-end encryption or lower levels of moderation. As highlighted in Europol’s reports on transnational cybercrime, this tactic is designed to isolate the victim from the monitoring systems of the original platform, facilitating the extortionist’s anonymity and hindering digital forensics procedures.
This migration serves to make ‘following the trail’ more complex, requiring a coordinated technical effort to remove content from third-party servers and to initiate international letters rogatory for the tracing of connection metadata and subsequent de-anonymisation.
Temporal coercion
The final stage of the attack takes the form of a sudden shift in tone, which escalates into aggressive time pressure. The attacker imposes extremely tight deadlines for compliance with extortion demands, often involving payments in cryptocurrency or the sending of further material, thereby creating a paralysing sense of psychological urgency.
According to the FBI (2025), this “sense of
artificial urgency” is designed to bypass
the victim’s capacity for critical analysis
and prevent them from seeking legal
or technical advice. The defence strategy involves
the immediate suspension of all interaction
and the activation of digital identity protection measures, transforming the user’s awareness into the first line of defence against social engineering techniques and the manipulation of personal dissent.
Let’s defend humanity
in the digital age
in the digital age
We are building collaborative and innovative approaches to
protect those in need
/ CYBER NEWS