Back to Back Issues Page
Watch For Scams Newsletter. Hello pervert sextortion scam
September 22, 2024
Hello

Hello Pervert Sextortion Scam

Watch For Scams is dedicated to helping you avoid becoming a victim of fraud.

If you like this ezine, do a friend a big favor and forward this to them. If a friend forwarded this to you, and if you like what you read, please subscribe by visiting the link below:

Subscribe Here

Hello Pervert Sextortion Scam

“Hello pervert” sextortion scam includes new threat of Pegasus—and a picture of your home.

After using passwords obtained from one of the countless breaches as a lure to trick victims into paying, the “Hello pervert” sextortion scammers have recently introduced two new pressure tactics: Name-dropping the infamous Pegasus spyware and adding pictures of your home environment.

They do this to add credibility to the false claims that the scammers have been watching your online behavior and caught you red-handed during activities that you would like to keep private amongst your friends and family.

The email usually starts with “Hello pervert” and then goes on to claim that the target has been watching pornographic content. The scammers often claim to have footage of what you were watching and what you were doing while watching.

To stop the sender from spreading the incriminating footage, the target will have to pay the scammer, or else they will send it to everyone in their email contacts list.

More recently, scammers have started increasing their threats by mentioning a powerful spyware called “Pegasus.”

Some messages state "Have you heard of Pegasus? This is a spyware program that installs on computers and smartphones and allows hackers to monitor the activity of device owners. It provides access to your webcam, messengers, emails, call records, etc. It works well on Android, iOS, and Windows."

Though Pegasus is indeed a powerfully invasive spyware tool, the threat of its use, as included in these scam emails, is entirely empty. This is because Pegasus has never been observed outside of a surveillance campaign carried out, specifically, by governments.

But the pressure tactics don’t end with Pegasus, as many of these emails include an old (or active) password that a scam target has used in the past. It is likely that the scammers bought your password from other cybercriminals that obtained them during one of the countless data breaches that hit company after company every week.

When scammers have access to such data, it may also include your physical address. With that knowledge, scammers have increased their threats by simply adding a photograph of your personal neighborhood by looking it up online. For most places in inhabited areas, you can grab such pictures from Google Maps or similar apps.

As an extra threat the email may include something like:

“Or is visiting [your physical address] a more convenient way to contact if you don’t take action. Nice location btw.”

Implying that they know where you live and threatening to stop by and create a scene.

How to recognize “Hello pervert” emails

Once you know what’s going on it’s easy to recognize these emails. Remember that not all of the below characteristics have to be included in these emails, but all of them are red flags in their own right.

1. They often look as if they came from one of your own email addresses

2. The scammer accuses you of inappropriate behavior and claims to have footage of that behavior

3. In the email the scammer claims to have used Pegasus or some Trojan to spy on you through your own computer

4. The scammer says they know “your password.”

5. You are urged to pay up quickly or the so-called footage will be spread to all your contacts. Often you’re only allowed one day to pay

6. The actual message often arrives as an image or a pdf attachment. Scammers do this to bypass phishing filters.

How to react to “Hello pervert” emails

First and foremost, never reply to emails of this kind. It may tell the sender that someone is reading the emails sent to that address and they will repeatedly try new and other methods to defraud you.

1. If the email included a password, make sure you are not using it any more and if you are, change it as soon as possible

2. If you are having trouble organizing your password, have a look at a password manager

3. Don’t let yourself get rushed into action or decisions. Scammers rely on the fact that you will not take the time to think this through and subsequently make mistakes

4. Do not open unsolicited attachments. Especially when the sender address is suspicious or even your own

5. For your ease of mind, turn off your webcam or buy a webcam cover so you can cover it when you’re not using the webcam

If you believe you have been a victim of this type of scam you should promptly report it to the IC3's website at www.IC3.gov. The IC3's complaint database links complaints together to refer them to the appropriate law enforcement agency for case consideration.

Remember - always watch for scams!

Steve

Back to Back Issues Page