I received an email this morning. Sent from my own email address complete with my profile photo that's linked to it and all. The same address as mine to the letter. It said the following:
Hello, I'm going to share important information with you.
Have you heard about Pegasus?
You have become a collateral victim. It's very important that you read the information below.
Your phone was penetrated with a “zero-click” attack, meaning you didn't even need to click on a malicious link for your phone to be infected.
Pegasus is a malware that infects iPhones and Android devices and enables operator of the tool to extract messages, photos and emails,
record calls and secretly activate cameras or microphones, and read the contents of encrypted messaging apps such as WhatsApp, Facebook, Telegram and Signal.
Basically, it can spy on every aspect of your life. That's precisely what it did.
I am a blackhat hacker and do this for a living. Unfortunately you are my victim. Please read on.
As you understand, I have used the malware capabilities to spy on you.
And by that I mean that I have collected your parts of your private life.
My only goal is to make money. And I have perfect leverage for this.
As you can imagine in your worst dream, I have videos of you exposed during the most private moments of your life, when you are not expecting it.
I personally have no interest in them, but there are public websites, that have perverts loving that content.
As I said, I only do this to make money and not trying to destroy your life. But if necessary, I will publish the videos.
If this is not enough for you, I will make sure your contacts, friends and everybody you know see those videos as well.
Here is the deal. I will delete the files after I receive 0.035 Bitcoin (about 1600 US Dollars).
You need to send that amount here xxxxx (changed for safety reasons)
I will also clear your device from malware, and you keep living your life.
Otherwise, shit will happen.
The fee is non negotiable, to be transferred within 2 business days.
Obviously do not try to ask for any help from anybody unless you want your privacy to be violated.
I will monitor your every move until I get paid. If you keep your end of the agreement, you wont hear from me ever again.
Take care.
VOX confirmed that my email was cloned and reset my password. I dowoaded and ran Kaspersky before resetting my email password. Found nothing on the scan. The link in the message wasn't highlighted as most links are. Now I'm stuck. How do I change my Gmail password? All my stored passwords? Do I need to worry about my banking app's pin? Do I need to worry at all? I didn't reply or click on the link in the mail. Do I need to stop any cards at the bank? Really really in a flat spin over here. I'm bumming tranquillisers off colleagues. Anyone that had a similar experience or has advice please? I plan to go home later and get Kaspersky on my home laptop a d add all my devices. For now just got the free trial on the phone.
Hello, I'm going to share important information with you.
Have you heard about Pegasus?
You have become a collateral victim. It's very important that you read the information below.
Your phone was penetrated with a “zero-click” attack, meaning you didn't even need to click on a malicious link for your phone to be infected.
Pegasus is a malware that infects iPhones and Android devices and enables operator of the tool to extract messages, photos and emails,
record calls and secretly activate cameras or microphones, and read the contents of encrypted messaging apps such as WhatsApp, Facebook, Telegram and Signal.
Basically, it can spy on every aspect of your life. That's precisely what it did.
I am a blackhat hacker and do this for a living. Unfortunately you are my victim. Please read on.
As you understand, I have used the malware capabilities to spy on you.
And by that I mean that I have collected your parts of your private life.
My only goal is to make money. And I have perfect leverage for this.
As you can imagine in your worst dream, I have videos of you exposed during the most private moments of your life, when you are not expecting it.
I personally have no interest in them, but there are public websites, that have perverts loving that content.
As I said, I only do this to make money and not trying to destroy your life. But if necessary, I will publish the videos.
If this is not enough for you, I will make sure your contacts, friends and everybody you know see those videos as well.
Here is the deal. I will delete the files after I receive 0.035 Bitcoin (about 1600 US Dollars).
You need to send that amount here xxxxx (changed for safety reasons)
I will also clear your device from malware, and you keep living your life.
Otherwise, shit will happen.
The fee is non negotiable, to be transferred within 2 business days.
Obviously do not try to ask for any help from anybody unless you want your privacy to be violated.
I will monitor your every move until I get paid. If you keep your end of the agreement, you wont hear from me ever again.
Take care.
VOX confirmed that my email was cloned and reset my password. I dowoaded and ran Kaspersky before resetting my email password. Found nothing on the scan. The link in the message wasn't highlighted as most links are. Now I'm stuck. How do I change my Gmail password? All my stored passwords? Do I need to worry about my banking app's pin? Do I need to worry at all? I didn't reply or click on the link in the mail. Do I need to stop any cards at the bank? Really really in a flat spin over here. I'm bumming tranquillisers off colleagues. Anyone that had a similar experience or has advice please? I plan to go home later and get Kaspersky on my home laptop a d add all my devices. For now just got the free trial on the phone.
. 
. If I were you I would have just deleted this email. 
