FacebookTwitterLinkedIn

Avoid getting scammed by hoax "Hello Perv" emails

Also Known As: Hello Perv spam
Type: Phishing/Scam
Damage level: Severe

Tomas Meskauskas Written by on (updated)

What kind of email is "Hello Perv"?

"Hello Perv" is one of many scam campaigns presented as a threatening, ransom demand email. In this case, cyber criminals attempt to trick people (email recipients) into believing that they have obtained compromising videos and will proliferate them unless their demands are met.

There is nothing to worry about, since all statements made by the "Hello Perv" scam are false. The best option is to ignore the statements and delete this email.

Hello Perv spam campaign

"Hello Perv" email scam overview

Scammers behind this campaign claim that the recipient has visited pornography websites, one of which has infected the computer with a virus. They explain that by playing a video, the recipient caused download and installation of malicious software. As a result, the computer was infected with a program that was capable of recording videos of the recipient (via the webcam).

Cyber criminals claim that they have recorded a video of the recipient masturbating and fabricated it to seem as if child pornography was watched at the time (by the inclusion of the recipient video plus child pornography in an edit). They also claim that they have gathered all contacts that were stored on the computer.

The main purpose of this scam is to trick people into believing these actions were carried out and to encourage them to pay cyber criminals 500 Euros in Bitcoins (to a Bitcoin wallet provided).

They claim that the videos will be deleted once they receive payment, however, if the transaction is not made within 24 hours, they will proliferate the video by sending it to all of the user's contacts. They also attempt to make people believe that they can monitor everything users are doing with their computers.

These claims are false and should not be trusted. If you receive this email, simply ignore/delete it and never trust any similar scams.

Threat Summary:
Name Hello Perv Email Scam
Threat Type Phishing, Scam, Social Engineering, Fraud
Cyber Criminal Cryptowallet Address 1E3mVbLSLLUgdmrp8GV5RRu1Qz5FkWs4rJ, 32r5aJ5KAN7Q1mEd1a9xUhtHh5JfpYkrKX, 3JkyLvpShtrCRFyxnooCD7dQ6n4oBmVtD7, 1Pd7qACCUtM1zVXixbyxuJCXmDi4D1qMjn, 1C2g3BixavU7Vupm1Atka6qErPZkhS18TY, 375aStdNuAL2mnBpPGX6RZBPDU5YGCh78B, 1Abx3eY5pHFE1aC4AJLdU91qhHS5rzqP4E, 1A28fiWUfQnqEMqoDmMf7KZcjSDY7mEjfs
Symptoms Unauthorized online purchases, changed online account passwords, identity theft, illegal access of one's computer.
Distribution methods Deceptive emails, rogue online pop-up ads, search engine poisoning techniques, misspelled domains.
Damage Loss of sensitive private information, monetary loss, identity theft.
Malware Removal (Windows)

To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
▼ Download Combo Cleaner
To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

There are many similar scams. Some other examples include I Hacked Your Device, I Am A Spyware Software Developer, and So I'm The Hacker Who Broke Your Email. These emails are often used to trick people into believing that cyber criminals have recorded humiliating, compromising videos, or taken a photo of this type.

The main purpose is usually is to extort money from people by demanding ransom payments (via a cryptocurrency), however, other spam campaigns infect computers with high-risk viruses such as LokiBot, TrickBot, Emotet, AZORult, Adwind, and so on.

Scammers send emails that contain malicious attachments such as Microsoft Office documents, PDF documents, executable files (.exe), archive files, etc. If opened, these attachments download and install computer infections, which then cause other infections (such as ransomware), financial loss, problems with safety, privacy, and so on.

Viruses proliferated using malicious email attachments steal passwords and logins, banking details, and other sensitive information that could be used to generate revenue.

We receive a great deal of feedback from concerned users about this scam email. Here is the most popular question we receive:

Q: Hi pcrisk.com team, I received an email stating that my computer was hacked and they have a video of me. Now they are asking for a ransom in Bitcoins. I think this must be true because they listed my real name and password in the email. What should I do?

A: Do not worry about this email. Neither hackers nor cyber criminals have infiltrated/hacked your computer and there is no video of you watching pornography.

Simply ignore the message and do not send any Bitcoins. Your email, name, and password was probably stolen from a compromised website such as  Yahoo (these website breaches are common). If you are concerned, you can check if your accounts have been compromised by visiting the haveibeenpwned website.

How do spam campaigns infect computers?

Malicious attachments (proliferated through emails) infect computers when they are opened. A computer cannot be infected without first opening the attachment. For example, if the email includes a Microsoft Office document, once opened, it will ask to enable macro commands. Enabling them will allow an infected document to download and install a malicious program.

If the attachment is an archive file, it will contain an executable (or other file) that, once opened, will also result in download and installation of a computer infection. Therefore, the attachment must first be opened, regardless of the file format.

How to avoid installation of malware?

Do not download/open attachments (or web links) without carefully studying the received email first. If the email seems irrelevant or has been received from a suspicious, unknown/untrustworthy email address, it is better to keep the attachment or website link unopened.

Furthermore, do not use third party software downloaders, installers, unofficial web pages, peer-to-peer networks, and other similar sources to download or install software. Downloaders are often monetized by promoting rogue applications that might cause unwanted installations or even computer infections.

Install and download software with care and check all "Custom", "Advanced" settings/options and other similar sections of the download/installation set-ups. Deselect offers to install unwanted software and only then finish the download/installation. Update your software via implemented functions or tools provided by official software developers.

Using unofficial/fake updaters might cause installation of malicious programs rather than the updates or fixes. Use Microsoft Office 2010 or later, since newer versions include "Protected View" mode, which prevents downloaded (infected) attachments from installing/downloading computer infections.

If you have already opened malicious attachments, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate infiltrated malware.

Text presented in the "Hello Perv" email message:

Subject: You are my victim.

Hello, Perv.
You've been looking at porn sites recently .
One at them had my virus on it .
When u started its video, your computer downloaded and launched my malicious software.
After that, I started your camera and recorded a video at u masturbating .
I've gathered all its contacts from your computer.
After that, I put together a video at your Masturbation and added videos with child porn.
In my version at its video, u masturbate to sex with kids.

I'm giving u its opportunity to save your life!
Below I will provide u with its address at My bitcoin wallet.

Send me 500 EURO in BTC.

BTC wlt - 1Pdf1QMXH7e9957vhMskAFKQNi79eoa9Rm, 1JVMTup4zuS1JMGXAYYRgvyr2PUmNnY6g2
(If you don't know what bitcoin / write to buy bitcoin in Google)

You have 24 hours after reading its letter.
As soon as my wallet receives its payment , its system will automatically destroy all its dirt that I made.
If u need more time , open its notebook and write " Plz 48"
In that case , u'll have 48 hours to send me its money.
If after a time, I do not see its money in my wallet .
I'll send my dirt to all your colleagues and friends right away.
I can see everything u're doing on your computer , so don't try to trick me.
If I understand that u're just stalling, I will immediately send dirt on your contacts!
Hurry u have little time, save your life!

Second variant of "Hello Perv" spam email:

Hello Perv email spam campaign (sample 2)

Text presented within this email:

Subject: Hi perv. I recorded you masturbating! I have captured '*********.mp4'!

ATTN: *********

THIS IS NOT A JOKE - I AM DEAD SERIOUS!

Hi perv,

The last time you visited a p0rnographic website with teens,
you downloaded and installed software I developed.

My program has turned on your camera and recorded
the process of your masturbation.

My software has also downloaded all your email contact lists
and a list of your friends on Facebook.

I have both the '*********.mp4' with your masturbation
as well as a file with all your contacts on my hard drive.

You are very perverted!

If you want me to delete both the files and keep the secret,
you must send me Bitcoin payment. I give you 72 hours for payment.

If you don't know how to send Bitcoins, visit Google.

Send 2.000 USD to this Bitcoin address immediately:

3JkyLvpShtrCRFyxnooCD7dQ6n4oBmVtD7
(copy and paste)

1 BTC = 3,580 USD right now, so send exactly 0.567380 BTC
to the address provided above.


Do not try to cheat me!
As soon as you open this Email I will know you opened it.

This Bitcoin address is linked to you only,
so I will know if you sent the correct amount.
When you pay in full, I will remove the files and deactivate my program.

If you don't send the payment, I will send your masturbation video
to ALL YOUR FRIENDS AND ASSOCIATES from your contact list I hacked.

Here are the payment details again:

Send 0.567380 BTC to this Bitcoin address:

----------------------------------------
3JkyLvpShtrCRFyxnooCD7dQ6n4oBmVtD7, 32r5aJ5KAN7Q1mEd1a9xUhtHh5JfpYkrKX
----------------------------------------

You саn visit police but nobody will help you. I know what I am doing.
I don't live in your country and I know how to stay anonymous.

Don't try to deceive me - I will know it immediately - my spy ware is
recording all the websites you visit and all keys you press.
If you do - I will send this ugly recording to everyone you know,
including your family.

Don't cheat me! Don't forget the shame and if you ignore this message your
life will be ruined.

I am waiting for your Bitcoin payment.

If you need more time to buy and send 0.567380 BTC,
open your notepad and write '48h plz'.
I will consider giving you another 48 hours before I release the vid.

Anonymous Hacker

A slightly updated variant of this email scam:

you are perverted email scam variant

Text presented in this email scam:

Subject: MPORTANT! You have been recorded masturbating! I have Support.mp4!
Hi there,
The last time you visited a porn website with teens,
you downloaded and installed the software I developed.
My program has turned on your camera and recorded
the process of your masturbation.
My software has also grabbed all your email contact lists
and a list of your friends on Facebook.
I have the - Support.mp4 - with you jerking off to teens
as well as a file with all your contacts on my computer.
You are very perverted!
If you want me to delete both the files and keep the secret,
you must send me Bitcoin payment. I give you 72 hours for the payment.
If you don't know how to pay with Bitcoin, visit Google and search.
Send 2.000 USD to this Bitcoin address as soon as possible:
375aStdNuAL2mnBpPGX6RZBPDU5YGCh78B
(copy and paste)
1 BTC = 3,850 USD right now, so send exactly 0.523250 BTC
to the address provided above.
Do not try to cheat me!
As soon as you open this Email I will know you opened it.
I am tracking all actions on your device.
This Bitcoin address is linked to you only,
so I will know when you send the correct amount.
When you pay in full, I will remove both files and deactivate my program.
If you don't send the payment, I will send your masturbation video
to ALL YOUR FRIENDS AND ASSOCIATES from your contact lists I hacked.
Here are the payment details again:
Send 0.523250 BTC to this Bitcoin address:
----------------------------------------
375aStdNuAL2mnBpPGX6RZBPDU5YGCh78B
----------------------------------------
You саn visit police but nobody can help you. I know what I am doing.
I don't live in your country and I know how to stay anonymous.
Don't try to deceive me - I will know it immediately - my spy software is
recording all the websites you visit and all keys you press.
If you do - I will send this ugly recording to everyone you know,
including your family.
Don't cheat me! Don't forget the shame and if you ignore this message your
life will be ruined.
I am waiting for your Bitcoin payment.
You have 72 hours left.
Anonymous Hacker

Another variant of this sextortion email:

Hello pervert sextortion email example

Text presented in this variant:

Hello pervert,

I want to inform you about a very bad situation for you. However, you can benefit from it, if you will act wisely.

Have you heard of Pegasus?
This is a spyware program that installs on computers and smartphones and allows hackers to monitor the activity of device owners.
It provides access to your webcam, messengers, emails, call records, etc. It works well on Android, iOS, and Windows.
I guess, you already figured out where I'm getting at.

It's been a few months since I installed it on all your devices because you were not quite choosy about what links to click on the internet.
During this period, I've learned about all aspects of your private life, but one is of special significance to me.
I've recorded many videos of you jerking off to highly controversial porn videos.
Given that the "questionable" genre is almost always the same, I can conclude that you have sick perversion.

I doubt you'd want your friends, family and co-workers to know about it. However, I can do it in a few clicks.
Every number in your contact book will suddenly receive these videos - on WhatsApp, on Telegram, on Skype, on email - everywhere.
It is going to be a tsunami that will sweep away everything in its path, and first of all, your former life.
Don't think of yourself as an innocent victim. No one knows where your perversion might lead in the future, so consider this a kind of deserved punishment to stop you.

Better late than never.
I'm some kind of God who sees everything.
However, don't panic. As we know, God is merciful and forgiving, and so do I.
But my mercy is not free.

Transfer $1320 USD to my bitcoin wallet: 1Abx3eY5pHFE1aC4AJLdU91qhHS5rzqP4E

Once I receive confirmation of the transaction, I will permanently delete all videos compromising you,
uninstall Pegasus from all of your devices, and disappear from your life. You can be sure - my benefit is only money.
Otherwise, I wouldn't be writing to you, but destroy your life without a word in a second.

I'll be notified when you open my email, and from that moment you have exactly 48 hours to send the money.
If cryptocurrencies are unchartered waters for you, don't worry, it's very simple.
Just google "crypto exchange" and then it will be no harder than buying some useless stuff on Amazon.

I strongly warn you against the following:
) Do not reply to this email. I sent it from a temp email so I am untraceable.
) Do not contact the police. I have access to all your devices, and as soon as I find out you ran to the cops, videos will be published.
) Don't try to reset or destroy your devices.

As I mentioned above: I'm monitoring all your activity, so you either agree to my terms or the videos are published.

Also, don't forget that cryptocurrencies are anonymous, so it's impossible to identify me using the provided address.
Good luck, my perverted friend. I hope this is the last time we hear from each other.

And some friendly advice: from now on, don't be so careless about your online security.

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
 ▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

Types of malicious emails:

Phishing email icon Phishing Emails

Most commonly, cybercriminals use deceptive emails to trick Internet users into giving away their sensitive private information, for example, login information for various online services, email accounts, or online banking information.

Such attacks are called phishing. In a phishing attack, cybercriminals usually send an email message with some popular service logo (for example, Microsoft, DHL, Amazon, Netflix), create urgency (wrong shipping address, expired password, etc.), and place a link which they hope their potential victims will click on.

After clicking the link presented in such email message, victims are redirected to a fake website that looks identical or extremely similar to the original one. Victims are then asked to enter their password, credit card details, or some other information that gets stolen by cybercriminals.

Email-virus icon Emails with Malicious Attachments

Another popular attack vector is email spam with malicious attachments that infect users' computers with malware. Malicious attachments usually carry trojans that are capable of stealing passwords, banking information, and other sensitive information.

In such attacks, cybercriminals' main goal is to trick their potential victims into opening an infected email attachment. To achieve this goal, email messages usually talk about recently received invoices, faxes, or voice messages.

If a potential victim falls for the lure and opens the attachment, their computers get infected, and cybercriminals can collect a lot of sensitive information.

While it's a more complicated method to steal personal information (spam filters and antivirus programs usually detect such attempts), if successful, cybercriminals can get a much wider array of data and can collect information for a long period of time.

Sextortion email icon Sextortion Emails

This is a type of phishing. In this case, users receive an email claiming that a cybercriminal could access the webcam of the potential victim and has a video recording of one's masturbation.

To get rid of the video, victims are asked to pay a ransom (usually using Bitcoin or another cryptocurrency). Nevertheless, all of these claims are false - users who receive such emails should ignore and delete them.

How to spot a malicious email?

While cyber criminals try to make their lure emails look trustworthy, here are some things that you should look for when trying to spot a phishing email:

  • Check the sender's ("from") email address: Hover your mouse over the "from" address and check if it's legitimate. For example, if you received an email from Microsoft, be sure to check if the email address is @microsoft.com and not something suspicious like @m1crosoft.com, @microsfot.com, @account-security-noreply.com, etc.
  • Check for generic greetings: If the greeting in the email is "Dear user", "Dear @youremail.com", "Dear valued customer", this should raise suspiciousness. Most commonly, companies call you by your name. Lack of this information could signal a phishing attempt.
  • Check the links in the email: Hover your mouse over the link presented in the email, if the link that appears seems suspicious, don't click it. For example, if you received an email from Microsoft and the link in the email shows that it will go to firebasestorage.googleapis.com/v0... you shouldn't trust it. It's best not to click any links in the emails but to visit the company website that sent you the email in the first place.
  • Don't blindly trust email attachments: Most commonly, legitimate companies will ask you to log in to their website and to view any documents there; if you received an email with an attachment, it's a good idea to scan it with an antivirus application. Infected email attachments are a common attack vector used by cybercriminals.

To minimise the risk of opening phishing and malicious emails we recommend using Combo Cleaner Antivirus for Windows

Example of a spam email:

Example of an email spam

What to do if you fell for an email scam?

  • If you clicked on a link in a phishing email and entered your password - be sure to change your password as soon as possible. Usually, cybercriminals collect stolen credentials and then sell them to other groups that use them for malicious purposes. If you change your password in a timely manner, there's a chance that criminals won't have enough time to do any damage.
  • If you entered your credit card information - contact your bank as soon as possible and explain the situation. There's a good chance that you will need to cancel your compromised credit card and get a new one.
  • If you see any signs of identity theft - you should immediately contact the Federal Trade Commission. This institution will collect information about your situation and create a personal recovery plan.
  • If you opened a malicious attachment - your computer is probably infected, you should scan it with a reputable antivirus application. For this purpose, we recommend using Combo Cleaner Antivirus for Windows.
  • Help other Internet users - report phishing emails to Anti-Phishing Working Group, FBI’s Internet Crime Complaint Center, National Fraud Information Center and U.S. Department of Justice.

Frequently Asked Questions (FAQ)

Why did I receive this email?

Spam emails are not personal, even if they do include details relevant to recipients. This mail is proliferated in massive campaigns – hence, thousands of users receive identical emails.

Was my computer actually hacked and does the sender have any information?

No, all the claims made by the "Hello Perv" email are false. This means that the recipient's device has not been infected, nor has the sender obtained any compromising content (e.g., sexually explicit recordings of the recipient, etc.).

How did cyber criminals get my email password?

Scammers most commonly acquire email log-in credentials through phishing scams (e.g., fake account sign-in pages, verification processes via email credentials, registration forms, etc.). Hence, it is most likely that you've fallen victim to such a scam. The less likely scenarios include the cyber criminals obtaining this information through a data breach on the user's end or, even less likely, on a service provider's.

I have sent cryptocurrency to the address presented in this email, can I get my money back?

No cryptocurrency transactions are practically irreversible due to their virtually untraceable nature.

I have provided my personal information when tricked by a spam email, what should I do?

If you have provided your log-in credentials – immediately change the passwords of all possibly exposed accounts and inform their official support. However, if you've disclosed other private data (e.g., ID card details, passport photos/scans, credit card numbers, etc.) – contact relevant authorities without delay.

I have read a spam email but didn't open the attachment, is my computer infected?

No, just reading an email is harmless. Infections are triggered when malicious attachments or links are opened.

I have downloaded and opened a file attached to a spam email, is my computer infected?

If the opened file was an executable (.exe, .run, etc.) – most likely, yes – since these types of files cause infections almost without fail. However, you might have avoided an infection if it was a document (.doc, .xls, .one, .pdf, etc.). These formats may need additional interaction (e.g., enabling macro commands, clicking embedded content, etc.) to start downloading/installing malware.

Will Combo Cleaner remove malware infections present in email attachments?

Yes, Combo Cleaner is capable of detecting and eliminating most of the known malware infections. It must be stressed that since sophisticated malicious software typically hides deep within systems – performing a full system scan is paramount.

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Removal Instructions in other languages
New Removal Guides
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Top Removal Guides
QR Code
Hello Perv spam QR code
Scan this QR code to have an easy access removal guide of Hello Perv spam on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

▼ REMOVE IT NOW
Download Combo Cleaner

Platform: Windows

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.