Introduction
Email scams continue to rise in 2025, with millions being targeted by financial fraud attempts. One such popular scam is the "Pegasus spyware email scam". In this blackmail scam, scammers demand money from email users by threatening that they have been spying on their online activities and will release controversial photos/videos of the user unless the money is paid.
The goal of scammers is to create a sense of danger and urgency. Some users fall for the scam and end up paying the ransom money. The Pegasus email scam can impact mental health and instill a fear of being spied upon.
It's imperative to be aware of the different types of email scams on the loose to avoid falling prey to them. This is exactly what we aim for in this article. If you or anyone in your circle has been targeted by the Pegasus email scam, you should know what it is, how it works, and how to avoid this scam in the future.
What is the Pegasus Email Scam?
The Pegasus email scam is a sextortion scam in which cybercriminals blackmail users that their devices have been hacked. They threaten to leak private and explicit content unless the user pays them money to stop the release.
Cybercriminals use the name of an actual spyware program called Pegasus developed by NSO Group, an Israeli cyber-intelligence organization. The scammers claim that they have been spying on your online activities and webcam using the software.
Note that Pegasus is an expensive spyware program, only used by certain governments and common people don't have access to it. Scammers only use the name to intimidate people.
How Does the Scam Work?
A common question asked by targets of the Pegasus email scam is how the scammers obtain their email addresses. Your email address and other personal information can be leaked in data breaches and misused for such scams.
Scammers include publicly available information from social media accounts in the scam emails to make the users believe that they are actually being spied on.
For example, you may receive an email including an image of where you dined last night. However, the image was not taken from your mobile's photo gallery but your Instagram/Snapchat account instead.
Not all Pegasus scam emails are personalized. You may receive an email that looks something like this:
Image: MalwareTips
Recently, scammers have been making the scam email look more convincing by including images of your house in the email. This lets people believe that the scammer has actually been spying on them. However, the reality is far from it. The images are actually taken from Google Maps using your address information.
Spoofed Email Address
Pegasus scam emails are meticulously crafted. To make the hacking seem legitimate, scammers spoof the sender's email address to make it look like the email was actually sent from their own account. Thus, making it look like they have access to your email account.
The spoofing is also done to avoid getting blacklisted. Since the sender's actual email address is hidden, you cannot block it.
What to Do If You've Been Targeted
If you've received a Pegasus email, don't panic. The email is fraudulent and a scam. The scammer doesn't have access to any of your accounts or your webcam to spy on you. Any personal information or images included in the email are either taken from a data breach or your publicly available information on social media.
Here's the do's and don'ts if you receive a Pegasus scam email:
- Don't open any attachments or click on any links.
- Don't send them the money they demanded from you.
- Report the email as spam.
- Block words or phrases commonly used in Pegasus scam emails (More on it in the next section).
Note that if the email was legitimate and the scammer really had access to your account, he'd already have taken some action rather than threatening you.
How to Avoid Pegasus Scam Emails
Let's see how you can avoid receiving Pegasus scam emails ever. These emails usually follow the same pattern e.g. starting with "Hello pervert" and/or including the mention of Pegasus spyware software. You can set up email filters to delete emails that appear to come from your own email account and including these phrases.
Let's see how to set up this filter in Gmail.
Note: Gmail filters can only be set up using the desktop app.
- Go to Gmail and log in to your account.
- Click on the "Show search options" icon.
- Type your email address in the From and To fields.
- Type "Hello pervert OR (pegasus AND spyware)" in the Has the words field.
- Click "Create filter".
- Select "Delete it" from the list of available options and click "Create filter".
Once this rule is set up, any emails containing the filtered phrases and having your email address in both the From and To fields will be automatically deleted by Gmail.
Conclusion
Receiving an email claiming that you are being spied upon and being threatened that your private photos/videos will be leaked can be disturbing. Such are the tactics used in the Pegasus scam emails. Using the name of a real spyware program, scammers blackmail users and demand money to stop the release of private data.
The Pegasus scam emails are fraudulent and all claims made by the scammer are false. They can't hack your device, monitor your online activities, or access your webcam unless they have access to the real Pegasus spyware program which is a military-grade software and not publicly available.
So, if you receive such an email, just mark it as spam, don't send any money to the hackers, avoid clicking on any links, and report the email as spam. To avoid further emails, set up an email filter to automatically delete such emails
