Pegasus spyware phishing emails are back: Here's what you should know

It looks like the infamous Pegasus spyware phishing scam is back, and it’s scaring people once again. Reports are flooding in about a new wave of emails pretending to come from your own account, claiming hackers have installed the notorious Pegasus spyware on your device. The emails threaten to expose private videos and other sensitive information unless a ransom is paid. Here’s what you need to know to stay safe.

What’s going on?

Many users have taken to various subreddits and other community forums to report receiving emails that seem to be from their own addresses. The messages often include personal details, like addresses and names, along with disturbing claims that their device is infected with Pegasus spyware. The hackers use these claims to demand a ransom, usually in Bitcoin, in exchange for keeping supposed compromising videos private.

The scam usually starts with an email that makes it look like the sender is you. It might say something along the lines of, “I’ve installed Pegasus spyware on your device and recorded you doing embarrassing things.” The email will threaten to send these supposed recordings to all your contacts unless you pay a ransom, often ranging around $2,000. Here’s a screenshot of the email that was shared on Reddit:

The scammers try to make the threats as real as possible by including information like your full name, address, or even screenshots from Google Maps of locations near your home. While these personal touches can be terrifying, it’s all part of a scare tactic designed to make you panic and pay up.

How does the scam work?

The hackers behind this scam are using spoofing techniques to make the emails appear as though they’re coming from your own address, as explained by Microsoft Agents. Spoofing means they can disguise the sender’s email to look like it’s coming from any address they choose, in this case, your own. It’s designed to catch you off guard and make the threat seem more credible.

The email typically mentions Pegasus spyware, a real piece of malware that’s known for its use by governments to spy on journalists, activists, and other high-profile targets. However, the claims made in these phishing emails are entirely fake. The scammers have no access to your device, no compromising videos, and certainly no spyware installed. It’s just a bluff to scare you into paying up.

What should you do if you get a similar email?

If you receive one of these emails, take a deep breath and remind yourself that it’s just a scam. The best thing to do is to avoid responding, as engaging with the scammer only confirms that your email is active and might lead to more attempts targeting you. Don’t pay the ransom either; giving in only encourages these criminals to keep scamming people, and paying up doesn’t guarantee they’ll stop bothering you.

If you’re feeling uneasy, you can check the email headers to see if the sender’s address truly matches your own—it usually doesn’t. In programs like Outlook, you can do this by selecting “View Email Source” and looking for actual sender information under fields like [X-SID-PRA]. It’s also a good idea to run a full security scan on your device to make sure everything’s clean; while these emails are often empty threats, it never hurts to double-check.

If you’re still concerned, report the scam to your local police or a cybercrime reporting center—they can offer advice and take appropriate action. The key is to stay calm, not let fear get the better of you, and take simple steps to protect yourself. Remember, scammers prey on fear. They craft these emails to look personal and urgent, hoping to catch you in a vulnerable moment. Don’t let them get to you.

Featured image credits: AI-generated using Microsoft Designer