Australia Logged 2,000 Sextortion Complaints in Six Months. Big Tech Still Isn't Scanning for the Scripts.

Australia's online safety watchdog says the same blackmail messages keep showing up across platforms, and most major tech companies still aren't using the detection tools that already exist.

ThreatVectr Newsdesk· 3 min read
A wide 16:9 editorial photograph of a neat wooden desk under warm office lighting, with an open study notebook filled with handwritten notes, a laptop displayin
Share

Key points

  • Australia's eSafety Commissioner received more than 2,000 sextortion complaints between 1 July and 31 December 2024.
  • Young men aged 18 to 24 were the most commonly targeted group during that period.
  • Instagram, WhatsApp, Gmail, Google Messages, Discord and Apple's iMessage did not use language analysis to detect extortion attempts, according to eSafety's third transparency report.
  • eSafety Commissioner Julie Inman Grant says platforms have been given the exact scripts and images criminals use, yet have not acted adequately.
  • Only Microsoft was using proactive detection tools to disrupt video calls streaming live child sexual abuse.

Sextortion, where criminals trick someone into sharing intimate images and then threaten to release them unless they pay, is surging in Australia. The country's eSafety Commissioner, the government body that oversees online safety, recorded more than 2,000 complaints in just the second half of 2024. Most victims were young men aged 18 to 24.

The scams follow a predictable script. A stranger opens a friendly conversation, often posing as a woman using an AI-generated video, coaxes the victim into sharing a private image, then immediately pivots to threats. Real messages collected by eSafety include: "I have everything to ruin your life," "Only money can help you now to end this peacefully," and "I don't f***ing care even if you block me."

First contact most often happened on Tinder, followed by Instagram, Grindr, TikTok and Telegram. The threats themselves were most frequently delivered on WhatsApp and Telegram. Blackmailers then harvested victim contact lists from Instagram, Facebook and Snapchat to make the pressure more credible.

Why haven't the apps stopped this already?

Because most of them are not even scanning for the words. eSafety's third transparency report, first reported by ABC News Australia, found that Instagram, WhatsApp, Gmail, Google Messages, Discord and Apple's iMessage rely almost entirely on users reporting harm themselves rather than scanning messages for known extortion language. Snapchat ran language analysis only on messages users had already flagged. Microsoft used it on Xbox but not on Microsoft Teams, its workplace chat tool.

The detail that makes this harder to dismiss is this: eSafety gave these platforms the actual scripts. The regulator handed over real examples of the coercion messages criminals reuse across hundreds of cases and said, in effect, here is exactly what to look for. Inman Grant says the response has still been inadequate.

"Even when we've laid this out, we haven't seen adequate responses, despite the technology being readily available," she said.

The report also flagged gaps in detecting live-streamed child sexual abuse. Only Microsoft was actively scanning video calls for abuse material. YouTube, Facebook Live and Instagram Live scanned public broadcasts but not private calls.

End-to-end encryption, which scrambles messages so only the sender and recipient can read them, complicates scanning on platforms like WhatsApp. eSafety acknowledges this and says, at minimum, platforms should apply language detection to the parts of their services that are not encrypted.

If you or someone you know has received this kind of threat, do not pay. Contact eSafety at esafety.gov.au. Payment rarely ends the extortion and often invites further demands.

Train2Secure offers security-awareness training that covers social engineering and digital personal-safety skills relevant to exactly this kind of manipulation.

© 2026 Threat Vectr