Hello Pervert Scam Email: What to Do About It
The "hello pervert" scam email has become one of the most widely distributed sextortion attempts on the internet, with tens of millions of copies sent since 2022. If you received one, you are not being personally targeted — you are one of thousands of recipients on a spam list, and the vast majority of these emails are bluffs backed by no actual material. Understanding this correctly is central to the response. This guide covers exactly what to do about a hello pervert scam email, from assessing whether any threat is real through reporting and long-term email hygiene.
Understand How Hello Pervert Emails Work
The hello pervert email is a template attack. The same email, with small variations, is sent to millions of addresses drawn from public breach compilations.
The Standard Template
The email typically opens with "Hello pervert" or "Hello, I know you are wondering why you received this email." It claims the sender has installed malware on your computer, recorded you through your webcam during private moments, and threatens to send the recording to your contacts unless you pay a specific amount in cryptocurrency.
The Fake Proof Techniques
To create the illusion of legitimacy, the email often includes an old password of yours (harvested from a public breach), your phone number (also from a breach), or a photograph of your street or home (from Google Street View). These details feel personal but are trivially findable in leaked databases.
The Real Threat Assessment
In documented cases across the past three years, the vast majority of hello pervert emails contain no actual video, no actual malware, and no ability to distribute anything. The template is designed to trigger fear and produce cryptocurrency payments before the recipient investigates. Because of the sheer volume, even a fraction of a percent payment rate produces significant revenue for operators — but that reality does not change the fact that individual emails are almost always bluffs. See hello pervert scam email response resources for detailed analysis.
What to Actually Do When You Receive One
The correct response is the opposite of what the email tries to provoke.
Do Not Pay
Payment produces no benefit. There is no material to release, no leverage that ends, no relationship with the sender. Payment confirms the address is active and viable, adding you to lists that receive more sophisticated follow-ups. Non-payment is the strongest signal.
Do Not Reply
Replies do the same thing payment does — they confirm the address is monitored. Silence is correct.
Do Not Click Any Links
Some variants include links that install actual malware or capture credentials. Do not click anything in the email regardless of what it claims. If you already clicked a link, treat your device as potentially compromised and consider a professional scan.
Screenshot Before Deleting
Save the full email including all headers as a PDF or forward it to a separate email address you control. Even bluffs deserve documentation — pattern analysis by law enforcement uses reported bluffs to identify operator infrastructure.
Verify the Password Claim
If the email references an old password, treat that specific password as compromised and check whether other accounts using it are exposed.
Check the Password Against Known Breaches
Have I Been Pwned lets you search for your email address across known breaches. If your address appears, you know when it was breached and which service was involved. The password mentioned in the hello pervert email is almost always from one of these breaches.
Rotate Any Reused Password
If you used the mentioned password on other services, rotate all of them immediately. Reused passwords are the single most common cause of account takeover following exposure. Move to a password manager if you have not already, and generate unique passwords for every account.
Enable Two-Factor Authentication
Two-factor authentication with an authenticator app blocks most account-takeover attempts even when the password is known. Prioritize enabling 2FA on email, banking, primary social media, and any account that stores payment methods.
Need Expert Help?
Our team has resolved thousands of cases. Get confidential support now.
Report the Email
Reporting these emails contributes to takedown work and produces the pattern analysis that helps other recipients.
File With FBI IC3
The FBI Internet Crime Complaint Center accepts sextortion complaints including email variants. Include the full email with headers and any wallet address or payment demand. Even bluff cases contribute to cluster analysis that produces enforcement action.
Report to the FTC
ReportFraud.ftc.gov accepts consumer fraud reports including sextortion attempts. FTC data feeds law-enforcement partnerships and produces the public consumer alerts that reduce future targeting.
Report to Your Email Provider
Gmail, Outlook, Yahoo, and other major providers accept spam and phishing reports directly through the email interface. Reporting improves the spam filter and reduces future delivery of similar messages to you and other users. See stop email sextortion for detailed reporting workflows.
Reduce Future Email Sextortion Targeting
If you received one hello pervert email, you will likely receive others. Long-term hygiene reduces the volume and impact.
Move to a Password Manager
Every reused password is a future incident waiting to happen. A password manager generates unique passwords for every account and eliminates the reused-password vector that most email sextortion campaigns rely on.
Use Email Aliases
Some email services support aliases that route to your main inbox but that you can dispose of individually. Using different aliases for different services means a leak from one service does not expose you elsewhere. Aliases also let you identify which specific service leaked your address.
Enable Advanced Spam Filtering
Modern spam filters catch most hello pervert variants. Ensure your email service uses its most aggressive spam filter, and consider adding a service like SpamAssassin or ProtonMail's enhanced filtering if you receive high volumes.
Consider a Personal Data Broker Removal
Data brokers sell email-address-to-phone-number-to-address mappings that let scammers construct more convincing threats. A one-time removal campaign reduces both the volume and the personalization of future scam attempts. Related response guidance in report blackmail email covers the broader email extortion landscape.
What to Do If the Email Is Actually Backed by Real Material
A small fraction of emails using similar templates are backed by actual compromise. If you have reason to suspect yours might be, treat it more seriously.
Signs of a Real Case
Real cases usually include specific personal details that would not appear in breach data — a recognizable photograph of you in a private setting, quotes from a specific private conversation, or knowledge of a specific event only close contacts would know. Template threats do not include these specifics.
Escalated Response for Real Cases
If any of those signs are present, follow the response steps for genuine sextortion: preserve evidence, submit any intimate content to StopNCII, coordinate with law enforcement more urgently, and consider engaging a specialist team. The response steps are largely the same as for other sextortion cases but with the urgency of a case that might involve real distribution.
Assume Bluff Unless Proven Otherwise
For the vast majority of hello pervert emails, no real material exists. Assuming bluff and responding accordingly — non-payment, non-reply, reporting, hygiene — is the correct default. Escalate only if specific evidence suggests otherwise.
Get Professional Help for Persistent Sextortion Email
If hello pervert emails become persistent, if you cannot tell whether a specific case is real, or if you have already paid, specialist teams can help. Response typically includes analysis of email headers to identify sender infrastructure, cross-reference with known operator databases, evidence packaging for IC3, and where relevant, direct engagement with your email provider to reduce inbound volume.
If you received a hello pervert email, do not pay, do not reply, and do not click any links. Report to IC3 and the FTC, rotate any reused passwords, and enable two-factor authentication broadly. If the pattern escalates or if evidence suggests a real threat behind the template, reach out for coordinated response support.
About the Author
Altahonos Team
The Altahonos Team consists of cybersecurity and online reputation management specialists with extensive experience in digital threat mitigation and content removal strategies, helping individuals and businesses protect their digital presence.
