Is this 'Hello pervert' sextortion email a scam?
Commonly seen since 2023. Last reviewed 2026-06-05.
Check your exact messageExample only - do not act on it
Example only: I have access to your device and private material. Pay in crypto within 48 hours or I'll share it. Keep this quiet.
Why this message is suspicious
- These emails are sent in bulk and almost always empty bluffs.
- An old password they quote usually comes from a data breach, not your device.
- Fear and secrecy are the only real tools they have.
What the scammer wants
- A fast payment driven by fear and embarrassment
- Your silence - they rely on you not telling anyone or reporting
- More money once you pay the first time
Common variations
- Example only: I placed malware on your device and recorded you - pay to keep it private.
- Example only: I know your password [code removed] - send payment or everyone sees.
Red flags to watch for
What to do now
- Do not pay and do not reply - these threats are almost always empty, mass-sent bluffs.
- Don't engage; verify nothing with the sender. Mass 'I hacked you' emails are bluffs even if they quote an old password from a data breach - change that password everywhere it's used.
- Do not send money, images, or any further contact.
- Keep the message as evidence, report it to your cybercrime authority, and talk to someone you trust - you are not alone and you are not in trouble.
What not to do
- Do not pay - paying invites more demands and rarely stops them.
- Do not reply, send images, or try to negotiate.
- Do not delete the message; keep it as evidence before reporting.
- Don't blame yourself or a loved one - these scams are designed to deceive anyone.
If you already responded
Act quickly - the sooner you respond, the more you can limit. Find the situation that matches what you did:
If you clicked a link: Close any page; don't enter card, login, or personal details.If you entered details, treat them as compromised and tell your bank.Expect follow-up pressure - it's part of the scam.
If you paid: Contact your bank or the gift-card/payment provider immediately to try to stop it.Report to your national cybercrime authority with all evidence.Beware 'recovery agents' who appear afterwards - that is a second scam.
If you shared a code, OTP, or login: Never share a one-time code with anyone, for any reason.If you shared one, secure that account and enable app-based 2FA.Tell your bank if it related to a payment or login.
If you only clicked the link but entered nothing: close the page, don't enter anything, and watch the linked accounts for unusual activity. Full steps →
If you entered card details: contact your bank now to freeze the card and dispute charges, then watch your statement. Full steps →
If you shared an OTP or one-time code: the scammer may be logging in right now - change the password, sign out other sessions, and turn on app-based 2FA. Full steps →
If you sent money: contact your bank or payment provider immediately to try to stop or recall it, and report it. Full steps →
If you installed an app / gave remote access: disconnect from the internet, uninstall it, and change key passwords from a different, trusted device. Full steps →
If you shared passport, ID, or KYC documents: watch for identity theft, consider a credit freeze or fraud alert, and keep the evidence. Full steps →
Watch out for a second scam. People who've just lost money are often contacted again by a fake "recovery" service promising to get it back for an upfront fee. Legitimate recovery never starts with a fee paid to someone who contacted you - see recovery scams.
First time dealing with this? Start with the first 24 hours after a scam checklist and how to save evidence.
How to verify safely
Don't engage; verify nothing with the sender. Mass 'I hacked you' emails are bluffs even if they quote an old password from a data breach - change that password everywhere it's used.
How to report it
Report through official channels for your country. Use our scam reporting directory to find the right authority, and never use phone numbers or links from the suspicious message itself. If an official link looks outdated, tell us so we can review it.
Official sources checked
-
Law-enforcement alert
- AARP - Biggest scams to watch for in 2026 Medium reliability
Consumer protection article
Reviewed 2026-06-05. See our methodology for how we select sources.
Related pages
- Sextortion scam
- Recovery scam
- Romance scam
- What to do if you received a sextortion message
- What to do if you sent money to a scammer
- How to save scam evidence
Related platforms
Report in your country
Related terms
Frequently asked questions
The email has my old password - is it real?
Almost certainly a bluff using a breached password. Don't pay or reply. Change that password everywhere and report the email.