This is the first time itās happened to be and I was definitely gullible. But Iād like to ask for advice and sorry if itās long post: So, I was on Discord as usual and someone on my friend messaged me. I havenāt talked to this person in over 4 years but I do remember them so, I let my guard down when they asked if I could try out their game project and give them a feedback which would only take around 5-10min. And since I thought I was helping an old āfriendā, I opened the website and downloaded the file. However, the moment I ran the exe. File, my browsers would close and no āgameā would appear which alarmed me. Link is in the screenshot above. Thatās when the person impersonating my friend sent me screenshots of my email from my Gmail accounts and said that they āhackedā me and that they have all my password and info etc. All of which seemed broken English when I look back at it so I knew it couldnāt have been the actual owner of that Discord account as theyāre fluent in English. But since it was the first time it happened to me, I was panicking a bit on what to do first (like do I call the police etc.?) They tried to blackmail me saying things like: Pay $350 for passwords and $350 for photos, info etc. Or both for $650. If not, I sell to deep web. (Isnāt it the Darkweb?) Anyways, they tried to pressure me to paying obviously at this point but I told them, Iām in debt and recently got fired from my job. They can even see the termination letter in my email. Thatās when they stopped messaging me. Iāve already logged out all my emails and changed password, making sure I have the 2FA set up to all the important stuff etc. I also reported the Discord profile used to scam me and ran my computer through malware scanner along with checking if anything recent was installed still on my computer. After calming down a bit, I thought it was a bit strange that they only showed screenshots of my emails even alternative ones that I never really use and just a screenshot of my Discord that shows my email and phone number since it was a friend contact. Thereās no other āscreenshotsā of anything else āimportantā but I could be underestimating things. They tried to access one of my Google accounts but was automatically locked out because it was detecting an Istanbul which I am nowhere near. I also thought it was weird that they had screenshots of my emails that I clearly didnāt have those tabs opened at that moment even though I closed all my browsers and deleted history, cache etc. Luckily I never save passwords to the browser password managers just in case. So my question is: What should I do next? Was there anything that I can do better or did I miss any other steps? Are cases like these common? I know often of just email, text message and so forth types of scams which is easy to detect but since it was someone on my Discord āfriendlistā, I thought this might be something to worry about and spread awareness to those who never had this experience. I