Why I Told a Blackmail Victim Not to Hire a PR Firm — Including Mine
At Daher Media, I want to start sharing some of the more interesting client stories I've come across over the years.
No names. No private details. Nothing covered by an NDA. Here's one.
A few years ago a lawyer friend introduced me to a Cypriot attorney who was in Paris for a few days. We met at Le Bristol. I went in thinking it was a favor, an hour of advice for a friend's contact, nothing more.
His client was a wealthy Arab businessman whose name had surfaced in Al Jazeera's Cyprus Papers investigation, the reporting on Cyprus's "golden passport" scheme, where people obtained Cypriot citizenship through investment. But the lawyer waved that off almost immediately. The article wasn't why he'd flown in. After Al Jazeera ran, someone had started a campaign against his client, fabricated stories, the same name repeated across a wall of low-quality "news" sites, and the person behind it wanted 20,000 USD a month to make it stop.
Then he told me who was behind it.
I knew the name, and I knew how the operation worked. The lawyers were treating this as a two or three website problem, a nuisance they could litigate away. They had no idea the same hand was behind hundreds of sites, or why a few dozen articles had been enough to trip every background-check system their client touched. I did. The moment I explained the real scale, the meeting stopped being a favor.
They went quiet. Then they asked what it would cost to fix.
I told them the truth, which wasn't what they wanted to hear. Back then, forcing down a single malicious site, the right hosting company, the right registrar, could run around 10,000 dollars. Sometimes more. That's per site. And for every one you removed, he could stand up another for the cost of a domain, add 50 dollars, maybe less. Doing it properly at the scale he was operating meant spending into the millions with no end in sight. There was no final invoice in that approach. There was just a meter running on my client's side while the other side's costs stayed near zero.
That was the part the lawyers hadn't grasped. They were thinking like litigators: one bad actor, a few bad articles, a case you build and win. He wasn't running a case. He was running a numbers game, and the numbers were entirely in his favor.
And the damage wasn't theoretical. This is the part most people don't understand about banking. A bank can hold a $100 million account and still walk away from it if the name attached starts creating compliance risk, reputational risk, or the possibility of regulatory attention. They don't need a court judgment. They just need enough noise around a name. Background-check platforms had started flagging him as high risk. European banks closed his accounts one after another. Even the Swiss didn't want the headache. Eventually he could only keep accounts in his home country. He wasn't afraid of one article. He was afraid that every bank, partner, and compliance officer would see the same manufactured story before they ever spoke to him.
The economics of the extortion were just as ugly. Twenty thousand a month, no deadline, no final payment, no guarantee. They'd also floated a one-time "solution" for around a million dollars, also with no guarantee. Pay once, he could ask again. Pay monthly, he could raise the price. Take down one site, he launches ten. That was the whole machine.
So they asked what I'd do. I told them: don't pay. Not the blackmailer, and not a PR company either, including one like mine.
That's an unusual thing to say when someone is effectively offering you the job. But paying the blackmailer doesn't end it, it just turns you into a subscription. And paying a firm to fight it site by site is the same trap with a respectable invoice attached, you'd spend into the millions chasing something that regenerates for 50 dollars. I could have done that work. I knew the network, I knew how to run the takedowns. It still would have been the wrong move, and I wasn't going to promise an outcome I couldn't guarantee.
What struck me was their reaction. They weren't surprised. They were relieved. They had already researched every angle and come up empty, and what they actually needed wasn't a clever fix. It was someone who understood how the operation worked to tell them plainly that there was no clean solution to buy, and that the smartest move was to stop trying to buy one.
The plan I left them with was almost the opposite of what people expect in a crisis. Don't pay. Don't panic. Don't go on the offensive site by site. And don't try to build some loud, polished public image to drown it out, this was a man who valued a low profile, for reasons of his own, and a sudden PR push would have been its own kind of red flag. The move was to stay quiet, monitor the damage, remove only what could realistically and cheaply be removed, and let a low-quality network do what those networks eventually do: lose visibility.
They took it from there. I wasn't running daily monitoring or managing his name month to month, that wasn't what he wanted and it wasn't what the situation needed. I'd given them the read they came for.
Years later I got a WhatsApp message on my French number. The operation had stopped on its own. The sites had faded, Google had gotten better at ignoring junk networks, and the name that once tripped every compliance system had gone quiet. He had paid nothing, not the blackmailer, not a monthly fee, not a million-dollar "solution." And the point that stayed with me was the one I'd made at Le Bristol: if he had paid, it wouldn't have solved anything. It would only have proven he was worth targeting again.
Here's what I take from it.
This was never only a legal problem. It was a reputation problem, a search problem, and a banking-risk problem at the same time, and by the time the lawyers came to me it had already cost their client bank relationships across Europe. One fake article can become ten. Ten can become a pattern. A pattern can become a compliance flag, and a compliance flag can become a closed account. The damage moves from a screen to a balance sheet faster than people expect.
Most high-net-worth individuals keep lawyers, accountants, and bankers close, and only think about reputation after something has already broken. That's the mistake. The irony of this story is that the right call was restraint, not a campaign, but I could only see that because I understood the machine. Knowing when not to spend is its own kind of expertise, and it's a lot cheaper to get that read early than to learn it after the banks have already started leaving.
