Now Hiring: IT Support Engineer

News

IT NEWS

“I sent you an email from your email account,” sextortion scam claims

by April 17, 2025

In a new version of the old “Hello pervert”  emails, scammers are relying on classic email spoofing techniques to try and convince victims that they have lost control of their email account and computer systems.

Email spoofing basically comes down to sending emails with a false sender address, a method in use in various ways by scammers. Obviously, pretending to be someone else can have its advantages, especially if that someone else holds a position of power or trust with regards to the receiver.

But sending a message to the victim’s from their own email address might convince the victim that they have lost access over their own account.

The text of the email roughly looks like this:

“As you may have noticed, I sent you an email from your email account

This means I have full access to your account

I’ve been watching you for a few months

The thing is, you got infected with a njrat through an adult site you visited

If you don’t know about this, let me explain

The njrat gives me full access and control over your device.

This means I can see everything on your screen, turn on the camera and microphone, but you don’t know it

I also have access to all your contacts and all your correspondence.

On the left half of the screen, I made a video showing how you satisfied yourself, on the right half you see the video you watched.

With a click of a mouse I can send this video to all your emails and contacts on social networks

I can also see access to all your communications and messaging programs that you use.

If you want to avoid this,

Transfer the amount of 1200 USD to my bitcoin address (“write buy bitcoin or find for bitcoin exchange if you don’t know”)

My Bitcoin address (BTC wallet): 1FJg6nuRLLv4iQLNFPTpGwZfKjHJQnmwFs

After payment is received, I will delete the video and you will not hear from me again

I’m giving you 48 hours to pay

Do not forget that I will see you when you open the message, the counter will start

If I see you’ve shared this message with someone else, the video will be posted immediately”

If the victim decides to search for “njrat” they’ll find that it’s a remote access trojan (RAT) has capabilities to log keystrokes, access the victim’s camera, steal credentials stored in browsers, upload/download files, view the victim’s desktop, and more.

Scary stuff, and it supports the claims the scammer makes.

But, as with all sextortion scams, this threat is an entirely empty one. There is more than likely no lurid video, no “njrat,” no list of contacts. Instead, there is just a threat which is meant to drive panic which is meant to drive payment.

When we checked, we were happy to see that the scammers’ Bitcoin wallet is empty, although they could have set up a separate one for each victim.

How to recognize sextortion emails

Once you know what’s going on it’s easy to recognize these emails. Remember that not all of the below characteristics have to be included in these emails, but all of them are red flags in their own right.

  • The emails often look as if they came from one of your own email addresses.
  • The scammer accuses you of inappropriate behavior and claims to have footage of that behavior.
  • In the email, the scammer claims to have used “Pegasus” or some Trojan to spy on you through your own computer.
  • The scammer says they know “your password” or compromised your account.
  • You are urged to pay up quickly or the so-called footage will be spread to all your contacts. Often you’re only allowed one day to pay.
  • The actual message often arrives as an image or a pdf attachment. Scammers do this to bypass phishing filters.

What to do when you receive an email like this

First of all, even if it’s only to reassure yourself, scan your computer with an anti-malware solution that can detect and remove njRAT (if present).

Second, if your computer is clean, check if your email account has not been compromised. Change the password and enable 2FA if possible.

Don’t respond to the scammer, since that will confirm that the email address is in use and the mail is read. This could invoke more emails from scammers.

Don’t let yourself get rushed into action or decisions. Scammers rely on the fact that you will not take the time to think this through and subsequently make mistakes.

Do not open unsolicited attachments. Especially when the sender address is suspicious or even your own.

For your ease of mind, turn off your webcam or buy a webcam cover so you can cover it when you’re not using the webcam.

Tags: