Post

Unmasking the 'Hello Pervert' Sextortion Scam: What You Need to Know

Posted
By Vitus White
4 min read
Unmasking the 'Hello Pervert' Sextortion Scam: What You Need to Know

TL;DR

  • A new wave of sextortion emails is using email spoofing to trick victims into believing their email accounts have been compromised.
  • The scam claims to have recorded inappropriate behavior through a remote access trojan (njRAT) and demands a Bitcoin ransom.
  • Recognize the signs of sextortion and take preventive measures to protect yourself.

Main Content

A new iteration of the infamous "Hello Pervert" sextortion email scam has emerged, leveraging classic email spoofing techniques to deceive victims into believing their email accounts and computer systems have been compromised. This sophisticated scam aims to exploit fear and panic to extort money from unsuspecting individuals.

Understanding Email Spoofing

Email spoofing involves sending emails with a falsified sender address. This tactic is commonly used by scammers to impersonate trusted entities, thereby increasing the likelihood of deceiving the recipient. By sending a message that appears to come from the victim’s own email address, scammers hope to convince the victim that their account has been hijacked.

Anatomy of the Sextortion Email

The sextortion email typically contains the following threatening message:

"As you may have noticed, I sent you an email from your email account. This means I have full access to your account. I’ve been watching you for a few months. The thing is, you got infected with njRAT through an adult site you visited."

"The njRAT gives me full access and control over your device. This means I can see everything on your screen, turn on the camera and microphone, but you don’t know it. I also have access to all your contacts and all your correspondence."

"On the left half of the screen, I made a video showing how you satisfied yourself, on the right half you see the video you watched. With a click of a mouse, I can send this video to all your emails and contacts on social networks. I can also see access to all your communications and messaging programs that you use."

"If you want to avoid this, transfer the amount of 1200 USD to my Bitcoin address. My Bitcoin address (BTC wallet): 1FJg6nuRLLv4iQLNFPTpGwZfKjHJQnmwFs. After payment is received, I will delete the video and you will not hear from me again. I’m giving you 48 hours to pay. Do not forget that I will see you when you open the message, the counter will start. If I see you’ve shared this message with someone else, the video will be posted immediately."

The mention of "njRAT" is designed to add credibility to the scammer’s claims. njRAT is a remote access trojan capable of logging keystrokes, accessing the victim’s camera, stealing browser credentials, and more. However, despite the frightening claims, this threat is typically empty. There is usually no compromising video, no njRAT infection, and no list of contacts. The scam relies on inducing panic to drive victims to pay the ransom.

Upon investigation, it was reassuring to find that the scammer’s Bitcoin wallet was empty, although they may have set up separate wallets for each victim.

Recognizing Sextortion Emails

Identifying sextortion emails becomes easier once you know the common characteristics. Remember, not all sextortion emails will include every red flag, but any of the following should raise suspicion:

  • The email appears to come from one of your own email addresses.
  • The scammer accuses you of inappropriate behavior and claims to have footage of that behavior.
  • The email mentions the use of "Pegasus" or some Trojan to spy on you through your computer.
  • The scammer claims to know "your password" or that your account has been compromised.
  • You are urged to pay quickly, often within a day, to prevent the alleged footage from being shared with your contacts.
  • The message may arrive as an image or a PDF attachment to bypass phishing filters.

What to Do If You Receive a Sextortion Email

If you receive a sextortion email, follow these steps to protect yourself:

  1. Scan your computer with an anti-malware solution that can detect and remove njRAT if present.
  2. Check if your email account has been compromised. Change your password and enable 2FA if possible.
  3. Do not respond to the scammer, as this will confirm that your email address is active and may lead to more scam emails.
  4. Avoid rushing into decisions. Scammers rely on panic to drive victims into making mistakes.
  5. Do not open unsolicited attachments, especially if the sender address is suspicious or appears to be your own.
  6. For peace of mind, turn off your webcam or use a webcam cover when not in use.

Conclusion

Sextortion scams exploit fear and panic to extort money from victims. By recognizing the signs of these scams and taking proactive measures, you can protect yourself from falling prey to such deceptive tactics.

Additional Resources

For further insights, visit the full article: source

Cybersecurity & Data Protection, Scam Protection
sextortion email spoofing njrat
This post is licensed under CC BY 4.0 by the author.