Harden against repeat OTP-extraction calls

    OTP scams have one trick: convincing you to read out a code under time pressure. The protective layer is a personal rule that overrides the panic.

    The single line that prevents this

    Nobody legitimate — not your bank, not Microsoft, not the police — will ever ask you to read out an OTP, password or 2FA code. If they do, it's a scam, every time.

    More from Communications Security

    No image

    Confirm the inbox is actively compromised

    Pin down which account, who's been emailed, and which sessions are unfamiliar.
    No image

    Make the next phishing email harmless

    Use a password manager, hardware key and email aliases so a single phish can't cascade.
    No image

    Use specialised victim resources

    Sextortion has dedicated services — they're free, confidential and fast.