Pegasus Email Scam

You may have heard about the Pegasus malware – a type of spyware that infects Android and iOS mobile devices to extract contacts, call logs, messages, browsing data, photos and videos, and access various communication apps. If you’ve recently received an alarming email message telling you that Pegasus has infected your mobile device or PC, it’s normal to be worried.

The email sender is probably asking you to pay them a set amount of money (likely in Bitcoin) or they’ll send sensitive information, images, or videos of you to all your contacts. Such threats can be especially stressful and intimidating. Also, in almost all instances, these threats are totally fake.

What is the Pegasus Virus Email Scam?

The Pegasus email scam is a blatant attempt to use manipulation and scare tactics in order to blackmail the targeted users and get them to send a moderate amount of money to the scammer. There are many similar scams like it, including the Malware On Porn Website Scam, which is basically the same thing under a different name. This is the oldest trick in the book of email scams, only with its flavor changed through the use of the Pegasus malware as the scarecrow that’s supposed to get you to pay up.

Pegasus Scam Email
En excerpt of the Pegasus scam email letter.

Don’t get us wrong, Pegasus is a real malware – a very potent and powerful one at that. However, you are almost certainly not infected by it. If you’ve received a Pegasus malware email and you are being blackmailed to pay the self-proclaimed hacker, do not give in to their demands! This is just a scam intended to steal money from you and not paying the requested amount won’t result in any negative consequences.

However, we do understand that the wording and information in the email might make it seem like the scammers have actual access to your devices and web accounts. There are several manipulation tactics that scammers use to give their Pegasus malware emails some superficial credibility which, combined with the inescapable shock factor, can convince you that the threats are real. So if you are still worried that the Pegasus email scam is more than just a scam, we’ll break it down for you in the next lines.

Tactics the Pegasus Malware Email Scam Uses

The Pegasus malware scam isn’t particularly complex or advanced, but the few credibility tactics it employs really help sell its premise and get the user worried about their digital privacy. Here’s what you can expect from such an email. If any of the following sounds like the email you’ve received, then you’ll know that you are indeed faced with the Pegasus malware scam and not an actual attack from the malware:

  • Spoofed sender address – Email spoofing refers to the practice of masking/changing the sender’s address by using a modified email header. In the case of the Pegasus malware scam, the sender will often spoof their email address to make it seem as if the message is sent from the victim’s own email account. They use this as proof that your device has been hacked by the Pegasus spyware and now they have access to your devices and accounts.
  • An attached image of your neighborhood – Online data leaks allow scammers to gain bits of data about their victims, such as their approximate location. They cleverly use this to find your neighborhood in Google Maps and get an image of your street from there. Attaching that image to the email can greatly enhance the intimidation factor and make the victim more likely to pay.
  • Some personal information about you – Other info collected through data leaks can also be used. The scammers might know your name, your phone number, or even some old passwords that you used in the past and they can include this info in the email to gain further credibility.
  • Calculated guesses about user behavior – This type of scam is built around the assumption that the victim has visited sites with adult content which, let’s be fair, is very often the case. They use this calculated assumption to make it seem like they have a way to monitor your online behavior and record it. However, they won’t ever provide more details because this will quickly expose their ruse.

If any of these “credibility” tactics sound familiar because they’ve been employed in the email you received, take a breather and try to stay calm. These are nothing more than ways to manipulate you and get you to cooperate with the scammers, which is exactly what you shouldn’t do.

How to Spot the Pegasus Scam Email

If you know what to look out for, the Pegasus scam email is really easy to spot. Here are the main red flags that indicate you are being targeted by a scam and not infected with an actual malware:

Urgency and pressure

A trademark of most email scammers is that they’ll always give you a short deadline – 24 or 48 hours – in which you must transfer the money. The main goal is to instill further panic and not give you time to think rationally which makes you more likely to fall for the scam.

Claims of hacked webcam and microphone

Pretty much all sextortion scammers claim they’ve recorded video and audio footage or images of you while visiting adult-content sites. This is their main leverage that they use for the blackmailing. Of course, none of it is true. If it were, they’d certainly provide some type of proof they’ve recorded you.

Spoofed email address

Look out for inconsistencies between the email header (the sender’s name) and the actual email address.

Also, in the case of the Pegasus malware, it may seem like the letter is sent from your own email, but if you carefully check the sender address, there will be some small difference between it and your actual email.

Emails with more advanced spoofing will seem very convincing, so then you need to click to open the letter’s options menu and click Show Original.

email show original

Then look at the DMARC rating, if it says “FAIL“, this is a good indication the email address is spoofed.

dmarc fail
The DMARC “FAIL” rating indicates a likely spoofing.

Generalized information

Email scammers will rarely provide some super specific information about you, other than stuff they’ve collected through data breaches (phone numbers, old passwords, your name and address, etc.). However, they will never tell you what sites you’ve visited and what content you’ve viewed, (because they’ve got no idea).

Use of techno-babble

Another favorite tactic of scammers is to use tons of technical jargon to confuse you and to make themselves seem like skilled hackers. Ignore any such confusing wording. Chances are the scammers themselves have no idea what they are talking about.

Dramatic wording

Finally, many sextortion scammers, including the ones behind the Pegasus email scam, will try to manipulate you through the use of overly dramatic wording played for shock value. They’ll say things like “Extracted quite a bit of juicy info from your system.” or “I can’t even fathom the humiliation you’ll endure”. All this is to get a reaction from you, but don’t fall for it. It’s just a badly-disguised scam.

Pegasus Scam Email Mobile
The Pegasus scam email sent to a mobile device user.

What to Do About the Pegasus Email Scam?

You don’t really need to do anything about the Pegasus scam email that you’ve received other than ignore it and delete it. However, we do recommend that you also block the sender’s email and report it to the respective authorities in your country. In most cases, this won’t do much, and the scammer will simply create another spoofed email, but it’s still better than nothing and at least one of their accounts will get blocked.

Additionally, if the email contained some of your old passwords, we recommend changing your current ones for the respective online accounts. Data breaches are a very real thing and though they rarely reveal to the hackers a user’s current password, it’s always best to be a step ahead of them and update your passwords. Also, it’s strongly recommended to enable two-factor authentication for any online accounts that are of high importance to you.

Last, but not least, we recommend installing reputable security software on your PC, such as Spy Hunter 5, which can help keep you protected in case you do end up faced with malware. Yes, the Pegasus email scam is only this – a scam – but it’s still better to be protected for just in case. As we said, Pegasus is an actual existing malware, and there are many others like it that can indeed access sensitive personal data and spy on the user. For this reason, it’s never a bad idea to add a bit more protection to your digital life.


About the author

blank

Brandon Skies

Brandon is a researcher and content creator in the fields of cyber-security and virtual privacy. Years of experience enable him to provide readers with important information and adequate solutions for the latest software and malware problems.

Leave a Comment