Is this sextortion 'hello pervert' email a scam?
Commonly seen since 2023. Last reviewed 2026-06-05.
Check your exact messageExample only - do not act on it
Example only: I have access to your device and embarrassing footage. Pay me or I'll send it to your contacts. You have 48 hours.
Why this message is suspicious
- These are mass-sent bluffs; the 'footage' almost never exists.
- An old password is from a data breach, not a real hack.
- The threat and deadline are designed to scare you into paying.
What the scammer wants
- A crypto or cash payment
- Your fear and silence
Common variations
- Claims to have hacked your camera
- May quote an old leaked password
- Demands crypto payment
- Tight deadline and threats
Red flags to watch for
What to do now
- Do not pay and do not reply.
- If a real password is shown, change it everywhere and enable two-step verification.
- Keep the email as evidence and report it.
What not to do
- Do not pay.
- Do not reply or negotiate.
- Do not panic - these are usually empty threats.
If you already responded
Act quickly - the sooner you respond, the more you can limit. Find the situation that matches what you did:
If you clicked a link: If you opened an attachment or link, run a security scan and change important passwords from a trusted device.
If you paid: Paying invites more demands. Contact your bank, stop further payments, and report it.
If you shared a code, OTP, or login: Secure the affected account: change the password and turn on two-step verification.
If you only clicked the link but entered nothing: close the page, don't enter anything, and watch the linked accounts for unusual activity. Full steps →
If you entered card details: contact your bank now to freeze the card and dispute charges, then watch your statement. Full steps →
If you shared an OTP or one-time code: the scammer may be logging in right now - change the password, sign out other sessions, and turn on app-based 2FA. Full steps →
If you sent money: contact your bank or payment provider immediately to try to stop or recall it, and report it. Full steps →
If you installed an app / gave remote access: disconnect from the internet, uninstall it, and change key passwords from a different, trusted device. Full steps →
If you shared passport, ID, or KYC documents: watch for identity theft, consider a credit freeze or fraud alert, and keep the evidence. Full steps →
Watch out for a second scam. People who've just lost money are often contacted again by a fake "recovery" service promising to get it back for an upfront fee. Legitimate recovery never starts with a fee paid to someone who contacted you - see recovery scams.
First time dealing with this? Start with the first 24 hours after a scam checklist and how to save evidence.
How to report it
Report through official channels for your country. Use our scam reporting directory to find the right authority, and never use phone numbers or links from the suspicious message itself. If an official link looks outdated, tell us so we can review it.
Official sources checked
-
Law-enforcement alert
Reviewed 2026-06-05. See our methodology for how we select sources.
Related pages
- Sextortion scam
- Phishing
- What to do if you received a sextortion message
- What to do if you shared your password
Related platforms
Frequently asked questions
They knew my password - is the threat real?
An old password usually comes from a data breach, not a real hack. Change it everywhere, enable two-step verification, and do not pay.