Disconnect the device and assume full compromise

    Remote-access scams give the attacker complete control of the device. Until it's clean, you can't trust anything on it — keep it offline until the remediation step.

    What they likely did

      • Opened your banking app or email and screenshotted
      • Installed a hidden remote-access tool that survives reboots
      • Disabled antivirus or security warnings
      • Saved files (passwords, ID copies, browser data) for later use

    More from Communications Security

    No image

    Confirm the inbox is actively compromised

    Pin down which account, who's been emailed, and which sessions are unfamiliar.
    No image

    Make the next phishing email harmless

    Use a password manager, hardware key and email aliases so a single phish can't cascade.
    No image

    Use specialised victim resources

    Sextortion has dedicated services — they're free, confidential and fast.