The Pegasus email is a constantly circulating scam campaign that many people are currently receiving.
This particular email originally starts off stating “Have you heard about Pegasus” wherein the sender claims they have infected the user's device.
The email will explain that the sender has captured explicit content from the recipient's malware-infected camera and audio.
They will then proceed to threaten to share this content with the recipient's close relatives and contacts unless the demanded amount is paid.
This is simply just another long-running blackmail scam. This Pegasus email scam stands out from others because it provides specific information about the user's data, like an old password, address, and first name.
This personalization makes the recipient believe that the email is specifically aimed at them, which adds credibility to the sender's claims.
From the information provided on the scam email's content, it seems that the hacker/sender claims there is malware present in a program that the user frequently utilizes.
While the user was watching explicit videos, their device suddenly began acting as a remote access device.
The sender of the Pegasus email allegedly managed to successfully infiltrate the device, the Wi-Fi network, and all other linked devices.
According to their statement, the malware can transmit a wide range of data, including contacts, photos, and videos.
This email scam campaign is similar to another deceptive one, where the threat actor claims to have your passwords and credit card information, even though they don't.
How this scam tricks people into thinking it's real
They use the tactic of blackmailing individuals by threatening to disclose sensitive information unless a payment is made, typically in the form of cryptocurrency.
This scam is similar to other email scams that try to scare you by threatening to expose your passwords or credit card information.
One alarming feature of this Pegasus scam is how personal the email seems. The subject line includes your first name, which makes it feel more targeted.
The newer version of the Pegasus emails has an attached PDF file that also has your first name as the file name (such as john.pdf or michael.pdf), which may cause concern and prompt individuals to open the email.
When you open it, you'll see a message with your mobile phone number displayed in bold. This is meant to scare the person who receives it.
Upon opening, the email will attempt to persuade you that they possess substantial evidence of your visits to adult websites and your utilization of malware to monitor your actions.
The rest of the email follows a typical pattern seen in extortion scams, where the scammer asks for payment to avoid the public release of personal videos.
The scammers' requested amounts can vary, ranging from a few hundred dollars to a few thousand.
The individuals responsible for these Pegasus scam emails impose a strict deadline, pressuring the recipient to make a hasty payment without considering the situation.
The email is just a scam designed to scare people into making payments, even though it may seem believable.
Contents of the Pegasus email scam attachment
Throughout its active scam campaign, the Pegasus email scam underwent numerous email variations.
The progression involved a series of steps, starting with sending threatening emails, then including the user's data in the content, and finally using PDF files to deliver the message.
Here are a few of the Pegasus email scams that users have reported to us:
The newer version of the Pegasus email:
*First Name*,
I know that, XXX-6573 is too personal to reach you.
I won't beat around the bush. You don't know anything about me whereas I know you and you must be thinking why are you getting this e-mail, right?
I actually placed Pegasus (spyware) on pxxx website and guess what, you visited same sxx website to have fun (if you know what I mean). And while you were busy watching those videos, your internet browser started working as a RDP (Remote Device) that has a backdoor which provided me accessibility to your screen and also your camera controls. Immediately after that, my software program obtained all of your information and your complete contacts from device including all of your photos.
Exactly what I want?
It is simply your misfortune that I am aware of your misdemeanor. I then invested in more days than I probably should have exploring into your data and prepared a split-screen videotape. First part shows the recording you were watching and 2nd part displays the capture from your web camera (it is someone doing nasty things). In good faith, I am ready to delete everything about you and allow you to continue with your regular life. And I will present you two options which will achieve it. These two alternatives are to either turn a blind eye to this letter (bad for you and your family), or pay me a small amount.
What should you do?
Let us understand these 2 options in more details. Alternative one is to ignore my e mail. Let us see what is going to happen if you choose this path. I definitely will send your sxxxxxx to your entire contacts including friends and family, co- workers, and so forth. It will not protect you from the humiliation your household will face when relatives and buddies discover your unpleasant videotape from me in their inbox. Wise option is to pay me, and be confidential about it. We will name it my “privacy charges”. Now Lets see what will happen if you opt this path. Your dirty secret Will remain your secret. I'll keep my mouth shut. After you pay, You go on with your daily life and family as if nothing ever happened. You will make the transfer through Bitcoin.
Required Amount: $4950
BTC ADDRESS: 15a2rbdy Xq4qRurasoxxxxxxxxxxx
(Here is QR code, scan it)
Important: You have one day to make the payment. (I have a special pixel in this email message, and now I know that you have read through this mail). The task to acquire bitcoins usually takes some efforts so don't delay. If I don't get the BitCoins, I will definitely send your sxxxxxx to all of your contacts including close relatives, colleagues, and so on. nevertheless, if I receive the payment, I'll destroy the video immediately. If you really want evidence, reply with “yes!” and I will certainly send out your video to your 8 friends every day. It is a non negotiable one time offer, thus kindly do not waste my personal time & yours by replying to this e-mail. Let me remind you, my malware will be sharing what action you adopt when you are done reading this email. Let me tell you If I see any suspicious activity from your web history then I'll share your sxxxxxx to your close relatives, coworkers even before time finishes.
Another version of the Pegasus email scam
You have been hacked
Hello pervert, I've sent this message from your iCloud mail.
I want to inform you about a very bad situation for you. However, you can benefit from it, if you will act wisely.
Have you heard of Pegasus? This is a spyware program that installs on computers and smartphones and allows hackers to monitor the activity of device owners. It provides access to your webcam, messengers, emails, call records, etc. It works well on Android, iOS, and Windows. I guess, you already figured out where I'm getting at.
It's been a few months since I installed it on all your devices because you were not quite choosy about what links to click on the internet. During this period, I've learned about all aspects of your private life, but one is of special significance to me.
I've recorded many videos of you jxxxxxx off to highly controversial pxxx videos. Given that the “questionable” genre is almost always the same, I can conclude that you have sick pxxxxxxxxx.
I doubt you'd want your friends, family and co-workers to know about it. However, I can do it in a few clicks.
Every number in your contact list will suddenly receive these videos- on WhatsApp, on Telegram, on Instagram, on Facebook, on email – everywhere. It is going to be a tsunami that will sweep away everything in its path, and first of all, your former life.
Don't think of yourself as an innocent victim. No one knows where your pxxxxxxxx might lead in the future, so consider this a kind of deserved punishment to stop you.
I'm some kind of God who sees everything. However, don't panic. As we know, God is merciful and forgiving, and so do I. But my mercy is not free.
Transfer 850 USD to my Litecoin (LTC)
wallet: Itc1q6hm6wd4ye67p0k4z2ue76xxxxxxxxxxxxx
Once I receive confirmation of the transaction, I will permanently delete all videos compromising you, uninstall Pegasus from all of your devices, and disappear from your life. You can be sure – my benefit is only money. Otherwise, I wouldn't be writing to you, but destroy your life without a word in a second.
I'll be notified when you open my email, and from that moment you have exactly 48 hours to send the money. If cryptocurrencies are unchartered waters for you, don't worry, it's very simple. Just google “crypto exchange” or “buy Litecoin” and then it will be no harder than buying some useless stuff on Amazon.
I strongly warn you against the following:
* Do not reply to this email. I've sent it from your iCloud mail.
* Do not contact the police. I have access to all your devices, and as soon as I find out you ran to the cops, videos will be published.
* Don't try to reset or destroy your devices. As I mentioned above: I'm monitoring all your activity, so you either agree to my terms or the videos are published. Also, don't forget that cryptocurrencies are anonymous, so it's impossible to identify me using the provided address.
Good luck, my perverted friend. I hope this is the last time we hear from each other.
Here's why the Pegasus email is fake
The scam can be quite alarming for individuals, as it revolves around the use of personal data that they might assume is not easily accessible to the public. These scammers rely on people's phone numbers, previous passwords, and first names.
Scammers were able to access your private data through a data breach database that was available on the dark web.
We have an extensive discussion of data breaches on our website, which allows us to have a clear understanding of how frequently websites are being breached every day.
It appears that scammers have discovered a more efficient method for carrying out their email scams.
Instead of going through the tedious process of manually sending emails to thousands of users every day, they opt to utilize data obtained from breached websites to make the email have much more credibility.
Lastly, Pegasus spyware is not a tool that can be easily accessed by just anyone. This hacking tool is typically reserved for governments due to its high level of sophistication.
Therefore, it is highly unlikely that someone claiming to have used this tool for a small sum of money would be considered credible.
What should you do about your data?
Our team has been tracking these sextortion emails for a long time, and we frequently receive emails and messages from site visitors asking what they should do next after disregarding the email.
Having your private data floating around the corners of the internet can make you feel vulnerable and exposed.
As a result, we recently partnered with DeleteMe, a privacy service that can help you remove your private information from the internet.
DeleteMe removes your personal information from over 750 data brokers (full list) and offers custom removal requests, automatic routine removal, and detailed reporting to give you peace of mind.
Right now, Hackerdose visitors can get 20% off DeleteMe, allowing you to get your data off the internet and stop receiving these scary emails for good.
Email scams in general
Many email scams are currently circulating on the internet, with thousands of individuals being targeted. There are other email scams similar to the Pegasus scam.
There have been many different versions of this scam, involving credit cards, passwords, and even computer hardware specifications.
We have encountered a more challenging situation involving a scam where users are understandably concerned because the email appears to be sent from their Microsoft account, but it is a result of spoofing.
Just to clarify, email scams have been around for quite some time and they are not a recent development. However, cybercriminals and scammers are always finding ways to enhance their tactics and make these scams even more misleading for users.
Now that you have a clear understanding, it would be advisable to delete the email and move forward to prevent any negative impact on your day.
If you find yourself concerned about the presence of malware on your computer, you can follow the steps below to confirm its absence. If you desire peace of mind, you have the option to do so.
How to remove malware from computer
You've come to the right place if you need help getting rid of malware risks on your computer.
In the steps that follow, you'll learn how to get rid of harmful risks and make sure your system is malware-free.
We considered the technical skills of the people who use the internet, so we made sure the steps are simple enough that even those who aren't tech-savvy could follow them.
Before you continue, make sure you have a copy of your data saved somewhere else. If you don't, your files could get damaged or lost while you follow the steps below. These kinds of things don't usually happen, but we suggest doing it just in case.
Remove Malware Instantly
Tired of battling stubborn malware? Let Bitdefender, the world’s leading antivirus, handle it with ease. It's time to stop worrying about malware.
We've teamed up with Bitdefender to offer Hackerdose visitors an exclusive 50% discount on their products. Now is the time to start taking your computer security seriously with the best antivirus on the planet.
To remove malware from your computer, you only need to follow a simple three-step procedure:
Step 1: Run malware scans
Step 3: Use the Tron script
Step 1: Run malware scans
New threats might not be found by antivirus engines in the early stages of an infection because their signatures are still being researched and put to a database for detection. It might be found in the end, but it may be too late for the computers that were infected.
However new malware threats can have some strings and signatures of some older malware in a database of other security software. Therefore it might get detected by other antivirus and not by others.
Since people who aren't tech-savvy might have trouble finding the malware, we will need more than one piece of security software to help us find the malicious threat.
Please run the software individually. You can do so in any particular order.
- Removal Tool
- Emergency Kit
- ESET Scanner
- Malwarebytes
Kaspersky Virus Removal Tool is an excellent tool for scanning and disinfecting malware-infected computers. Please note that this tool is separate from the mainstream Kaspersky security applications, so worry not about the company's controversies.
1. To start, download the Kaspersky Virus Removal Tool.
2. Once the download of the executable file (KVRT.exe) is complete. The program doesn't need to be installed on the computer, so you may begin running it straight away.
3. After reading the KSN Statement, Privacy Policy, and End User License Agreement, check the box indicating your agreement to the terms and conditions. To continue, click Accept.
4. Please wait for the system initialization process to finish, as the program will first check if your system is compatible.
5. Before we start scanning, we will have to set the scope of the scan. Click the Change parameters option to do so.
6. Check all the boxes to allow the computer to search through all of the disks and directories for malware. After that, click OK to return to the main screen.
7. We can now begin the scan; simply click the Start scan button, and the Virus Removal Tool will begin.
8. Await the scan's completion with patience. If there are any risks within the computer system, a notification will be displayed.
9. To completely remove the risks that the program has identified, click Delete from the drop-down menu of each discovered object.
10. Click Continue to remove the identified malware threats from your computer.
As the name implies, the Emergency Kit software by Emsisoft is a must-use in your malware scanner arsenal. It features the same powerful scanning technology used by their flagship software, Emsisoft Anti-Malware.
1. Download the Emsisoft Emergency Kit portable software.
2. You can launch the executable program (EmsisoftEmergencyKit.exe) directly from your downloads folder after downloading it.
3. Click Yes to let the program start on the computer when the User Account Control window appears.
4. Choose your program's destination folder and accept the license and maintenance terms. Next, click Install to continue.
5. Click Malware Scan on the homepage of the Emergency Kit application to start the scanning process. The amount of time it takes for the program to scan your computer will depend on how many files you have and the hardware capabilities of your system.
6. Emsisoft Emergency Scanner will display a list of the files that the program has detected when the scan is complete. To get rid of threats from your computer, click on Quarantine selected.
7. To complete the malware removal procedure, Emsisoft Emergency Scanner may also ask you to restart your computer. Simply click Reboot your system to finish the process.
ESET Online Scanner is a program that is designed only to remove malware threats from your computer for free. It is simple to use and features an advanced malware detection system. There is no need for registration, free trials, or anything else. Simply download, execute, and remove the malware.
1. Download the most recent version of ESET Online Scanner.
2. After pressing the download button, the file (Esetonlinescanner.exe) should have been downloaded to your computer. It does not require any installations so you can simply run the aforementioned file.
3. Before using ESET Online Scanner, it must be initialized. Choose your preferred language and click Get started. Continue as directed by the screen until the homepage appears.
4. Click Computer scan from the homepage, then select Full scan from the three options available.
5. Give ESET Online Scanner the permission to detect and remove potentially unwanted apps by ticking the Enable option. After that, click Start scan to begin the scanning process.
6. Await the completion of the malware scan for your machine by the ESET Online Scanner. ESET Online Scanner would have automatically removed the threats it found after the scan. To complete the malware cleanup process, click Proceed.
Malwarebytes Anti-malware is well-known in the security field; they have helped many people with malware issues through their software, and downloading it will help you as well.
Note: We will only use the free version of Malwarebytes because it includes all of the capabilities we require.
1. Download the latest version of Malwarebytes Anti-malware.
2. Malwarebytes will start downloading (MBSetup.exe) the installation file. Run the executable after the download is complete.
3. To allow the program to execute, simply click Yes in the User Account Control window that may appear.
4. The Malwarebytes setup wizard will now open; select Install to continue.
5. You will be prompted by Malwarebytes to install the Browser Guard extension. Depending on whether you want it on your browser or not, you can choose to download it (the extension is completely free).
6. Please wait as the Malwarebytes Setup installs itself. Follow the on-screen instructions until you have successfully installed Malwarebytes.
7. Start by launching Malwarebytes Anti-malware for the first time after it has been installed. If you're installing Malwarebytes for the first time, you'll get a 14-day free trial of the premium version.
8. After the program takes you to the main dashboard, click the Scanner box in the middle to start scanning the computer.
9. You won't click Scan just yet when you get to the Scanner page. Rather, select Advanced scans as shown below.
10. In the Custom scan section, click Configure scan. We will be able to alter the way the software scans the computer as a result.
11. To detect hidden malware, click the box next to Scan for rootkits on the Configure Custom Scan screen. Additionally, to enable Malwarebytes to scan every drive on your computer, check the boxes next to each one.
12. Once the Custom Scan options have been adjusted, click the Start Custom Scan button to get started.
13. A side window displaying the computer scan's progress will appear. Please wait until Malwarebytes has completed its malware scan of the entire system.
14. Following the completion of the scan, a list of threats found will appear. Check the boxes near all the malicious files and get rid of them from the computer by clicking the Quarantine button.
If prompted, please restart your computer since Malwarebytes may require it.
Step 2: Uninstall unrelated software
You may discover programs on your computer that you did not install yourself and that you do not recognize. Since they might be the source of the malware infection, we should delete them as a result.
While the most recent version of Windows settings allows you to accomplish this through the Add & Remove Programs section, it is far simpler to use the Programs and Features page in the Control Panel.
The publisher name, the installation date, and the version number will all be displayed on a single grid screen, making it simpler to locate the virus. Here's how to do so:
1. Click on the Windows key to open the Start menu.
2. Type Control Panel in the provided search bar and select the first item from the search results.
3. Click on Programs and inside, select Programs and Features.
4. You will be presented with a list of programs currently installed on your computer.
5. Find programs you do not recognize and right-click the item then select Uninstall/Change from the dropdown menu.
We'll need to use a powerful uninstaller to do the dirty work for us if the software is stubborn and won't go away with normal approaches.
Fortunately, there are tools for this; Revo Uninstaller is a good uninstaller program made to tackle and remove uninstallable programs.
Uninstall unwanted program/s using Revo Uninstaller1. To start, download Revo Uninstaller by clicking here. Avoid downloading from third-party sources as they may contain additional bloatware upon installation.
2. On the download page, opt for the free version of Revo Uninstaller as it has all the features we need. Click on Free Download to begin downloading the setup file.
3. The revosetup.exe file would have started downloading. Click on it to start installing the software.
4. Revo Uninstaller setup would now begin and follow the typical setup procedure such as selecting your setup language, accepting the license agreement, and selecting the installation location. Once setup is ready click Install.
5. After the setup is finished, check the Launch Revo Uninstaller option to open the program upon closing the installer.
6. Once Revo Uninstaller has opened, it will show you the list of applications currently installed on the computer. Find the program/s you do not recognize, right-click it, and select Uninstall from the drop-down menu. (We will be using PC App Store to demonstrate.)
7. A confirmation message stating if you are sure you want to uninstall the said program, click Continue.
8. Follow the uninstallation instructions and this time, Revo Uninstaller would have forced the program to continue with the uninstallation compared to the previous attempt via Control Panel.
9. You will be notified that the software has been uninstalled, Revo Uninstaller will now conduct a preliminary examination and get rid of additional files and registries related to the program.
10. On the selection of Scanning modes, select Advanced to make sure everything is scanned without leaving a single directory unnoticed.
11. Wait for the scan to finish as Revo Uninstaller is checking for residual files and registries related to the program.
12. Revo Uninstaller may have found leftover Registry items, click Select All and proceed to delete them by clicking the Delete button next to it. After that, click Next.
13. It may have also found some leftover files and folders, simply do the same by clicking Select All and deleting them. Now click Finish and the uninstallation of the unwanted program is done.
Step 3: Use the Tron Script (Optional)
The Tron script fights for the user, therefore it is one of our all-time favorites; it uses practically every removal and optimization method known to man, all with the touch of a single button.
It automates functions and programs for removing malware and bloatware, as well as cleaning up the computer, so the user behind the screen doesn't have to do any work at all.
With that being said, let us proceed and use the Tron script to clean the system:
1. To start, download the Tron script.
2. Extract the downloaded Tron file, with the use of an archiver like 7-Zip. Please keep in mind that you will not run the Tron script exactly as it is downloaded. You'll need to extract the.exe first.
3. After extracting the compressed file, open the Tron folder, right-click the Tron script, and run it as administrator.
4. The Tron script would have opened up and initialized by updating the database and checking the repo.
5. Once the initialization is finished, the disclaimer will be shown on the screen. Read it and type I AGREE in all caps to continue.
6. After agreeing to the disclaimer, it will show your current settings, as well as the Runtime estimate on how long the script may run. Press any key to begin running the Tron script on the system.
7. It will create a system restore point before beginning the process so if you run into any issues after running the script, you can always restore to the point it created before it started.
8. Please wait for the whole process to finish. You may see Tron script download and run multiple programs on the computer but it will uninstall them after finishing the process. This might take a long time as shown on the Runtime estimate.
9. Once everything has finished, the CMD window will have turned green which indicates that the process is a success. Press any key on your keyboard to close the Tron script.
10. To finalize the Tron script process, we recommend that you restart your computer.
After restarting your computer, you should no longer see the presence of malware threats. You can always use the Tron script as a last option if you believe your machine is infected and there is no chance of detecting the malware.
Tips to protect your PC from malware
As the saying goes: “The biggest vulnerability is the person behind the screen“
So, here are some tips and what you need to know in order to keep your device safe and malware-free in the long run.
Keep every software installed up to date
Make sure that all of the programs in your computer is up-to-date with the latest version released by the developer. The reason behind this is that these updates frequently tackle bugs and issues that malware actors often exploit.
The same goes for your computer's operating system, make sure Windows is up-to-date with the latest software update to prevent malware from exploiting a hidden vulnerability.
Avoid downloading files from unknown sources
One of the biggest sources of malware infection in a computer system is third-party installations. This happens when a user downloads a certain program from sources that are not the official download links. Some of the common types of sources where malware is present are torrent files, cracked software, and games.
Be careful with opening email attachments
Malware often disguises itself as resumes and quotations and threat actors often send thousands of these infected emails to company employees around the world in order to infiltrate their network.
Always check where your emails are coming from as there may be a chance that the project attachment you received via email did not actually come from a co-worker.
Do not visit unreputable websites
Avoid visiting websites that contain unfiltered advertisements such as illegal streaming websites, cracked software platforms, and links sent out to you by somebody you do not trust.
These sites are often linked to redirect chains that load once you click on an ad element on the page. Following this chain often leads to drive-by malware and phishing pages that an average user may eventually fail to notice.