Base64 encoded jpeg image stating that the user had visited a hacked website, and had been video-recorded with RDP, and user's contacts would get a copy of the recording unless $1000 in Bitcoin was paid in a timely manner. More false claims included a "tracking pixel" and that the email originated from the receiver's email account (the email address is spoofed)
