A long-running email scam known as the “Hello pervert” hoax has resurfaced, using updated language and design to frighten victims into paying money. Security researchers say that this extortion campaign spreads through mass email distribution and relies entirely on psychological manipulation rather than real hacking.
The emails typically arrive in a person’s inbox with a subject line designed to shock. The email then claims that the sender has gained access to the recipient’s computer or smartphone and recorded them using their webcam. The supposed attacker threatens to send this footage to friends, family, or employers unless a ransom is paid in cryptocurrency within a short time frame.
What makes the scam effective is its appearance of technical authenticity. In most cases, the email appears to have been sent from the victim’s own address. This is achieved through a simple technique called email spoofing, where the sender’s address is forged to look identical to the recipient’s. The effect is meant to convince the target that their account has been compromised.
False claims of device infection
The body of the message usually contains alarming, technical-sounding statements. The scammer may claim to have installed spyware or a remote access tool such as Pegasus or njRAT on the victim’s computer. They allege that this software has allowed them to record private activity through the camera, monitor browsing history, and capture keystrokes or passwords.
These claims are entirely false. There is no evidence that the senders of these messages have any real access to victims’ devices. The same message template is sent to thousands of email addresses at once. Nothing in the email is specific to the recipient except, in some cases, a reused password obtained from an old data breach.
This small detail is what often convinces people to panic. Including an old password creates a false sense of proof. Many victims see the password, assume a real hack has occurred, and immediately fear exposure. In reality, these passwords are widely available through public breach databases or underground data leaks.
Exploiting fear and shame
The scam works because it targets human emotion, not technology. Fear of embarrassment, reputation loss, or professional damage can cause otherwise rational individuals to act quickly. The scammer’s language is designed to create urgency. They insist that the victim must pay immediately or face humiliation, reinforcing the sense of isolation that prevents victims from seeking advice.
The subject line “Hello pervert” is deliberate. It plays on guilt and shame, regardless of whether the recipient has done anything compromising. The accusation itself is enough to generate panic, which leads some recipients to pay the demanded ransom just to avoid the possibility of exposure.
In most cases, the ransom demand is between several hundred and several thousand dollars, paid through cryptocurrency. The messages often include a Bitcoin wallet address and a countdown timer to heighten stress. The scammers rarely respond once money is sent, and there is no evidence that any actual recording exists.
Why the scam keeps spreading
Despite being an old tactic, this scam continues to circulate because it costs almost nothing to send and still produces results. Mass email campaigns can reach millions of users in a single day. Even if only a small fraction of recipients pays, the attackers make a profit.
The scam also evolves over time. Earlier versions were poorly written and full of spelling errors. Recent variants use professional formatting, cleaner grammar, and more realistic technical descriptions. Some even reference specific operating systems or antivirus tools to appear legitimate.
Another reason for the scam’s persistence is its psychological depth. Victims rarely report the incident because they feel embarrassed or believe they are the only ones targeted. This silence allows scammers to keep operating undetected.
Recognising the signs of sextortion emails
There are consistent signs that an email is part of this scam. The most common indicators include:
- The message claims to be from your own email address.
- It begins with an accusatory phrase such as “Hello pervert” or “I know what you did.”
- It mentions spyware or webcam access without offering any specific evidence.
- It demands cryptocurrency payment within a short deadline.
- It includes an old password that may have been used years earlier.
- It contains no identifying details beyond what could have been taken from a data leak.
Understanding these traits helps users separate fact from fear. If an email contains these elements, it is almost certainly a mass hoax, not a targeted hack.
How victims should respond
The most important step is to remain calm and avoid engaging with the sender. Responding confirms that your email account is active, which may invite further targeting. Victims should never pay the ransom or attempt to negotiate. Paying does not guarantee that the threat will stop and may encourage the attacker to return.
Next, it is advisable to change passwords on all accounts, particularly if the message includes a password that is still in use. Enable multifactor authentication wherever possible, and avoid reusing passwords across multiple services.
It is also important to report the email to the provider’s abuse department and to local law enforcement. While authorities cannot recover lost funds, they can track recurring scam patterns and block related domains. Forwarding the message to a national cybersecurity centre or fraud reporting agency can also help improve threat intelligence.
If there are concerns that a real breach has occurred, run a malware scan using reputable security software. In most cases, no infection will be found, but confirming that your system is clean can provide reassurance.
The role of online awareness
This scam highlights how easily fear can override critical thinking. Public awareness campaigns are essential for prevention. People should understand that scammers rely on universal human emotions, fear, guilt, and panic, rather than sophisticated hacking skills.
Security professionals advise users to treat all unsolicited threats with skepticism. Genuine authorities do not issue blackmail through email, and legitimate security alerts never demand cryptocurrency payments.
In workplaces, cybersecurity awareness training should include examples of sextortion scams. Employees who know what to expect are less likely to fall for intimidation tactics. Organisations should also remind staff that it is safe to report suspicious messages without fear of embarrassment.
The importance of digital hygiene
Good online habits can significantly reduce exposure to scams. Avoid sharing personal contact details publicly and use unique passwords for each account. Keep software up to date, since vulnerabilities in email clients or browsers can make spoofed messages more convincing.
Another practical step is to check whether personal information has been exposed in a known data breach. Services such as Have I Been Pwned allow users to verify if their email or password has appeared in leaked databases. If so, those credentials should be changed immediately.
Finally, users can cover webcams when not in use. While the scam itself rarely involves a real recording, physical precautions can help build peace of mind and protect against unrelated privacy risks.