It can be confusing when you receive an email from McAfee, Norton, or another subscription service saying your subscription just renewed. Especially if you don’t use that service or if you’ve turned off the auto-renew feature.
Your first inclination is to get upset because it looks like you’ve been charged for something unexpectedly and without your knowledge. Emotions tend to get us to react without stopping to think first, and this is what phishing scammers are going for.
They want you to click the link or call to contact “McAfee” or another company they’re pretending to be so they can roll out the next phase of their scam.
This kind of email if you aren’t expecting it is probably fake. Please don’t call. They want to get on your computer and scam you out of money.
Once a hacker gains access to your PC, they can steal any sensitive information on your system, look in your browser settings for stored passwords, and plant malware (ransomware, spyware, adware, etc.).
If you call the number on the email in a rush, because you’re angry about being charged for a subscription you didn’t want, what usually happens with these scams is that someone will answer and then will try a few tactics, like:
- Asking to remotely connect to your computer so they can “fix” the subscription renewal feature.
- Try to sell you something.
- Ask for your credit card number, which they never had in the first place, and will promptly use it to get as much money as they can.
How Prevalent Are These Scams?
These fake subscription scams are prevalent. Antivirus is usually the main service used because just about everyone has that on their PC.
There is also a fear factor involved with an antivirus program, without one installed, a person could have their PC infected with malware. Criminals use this threat to coerce victims into giving them money.
Both Norton and McAfee’s help forums are filled with posts about people receiving fake emails that purport to be from Norton LifeLock about the N360 subscription or from McAfee Renewal Support about a disabled auto renewal feature.
Attacks against Software as a Service (SaaS) and webmail subscribers have been increasing. During Q2 of 2021, these types of attacks were just 8.7% of all phishing attacks. In Q3 of 2021, that number rose to 29.1%.
This goes to show how phishing scammers are taking advantage of the reliance on cloud subscription services by tailoring scams that masquerade as these types of services.
Tips for Spotting a Fake Subscription Email
Look for Any Grammar or Spelling Errors
Though scammers are getting more sophisticated and making fewer blatant mistakes, you can still spot some errors that give away phishing emails pretending to be from a legitimate company.
Don’t be fooled by what looks to be the company’s legitimate signature or logo, scammers easily copy these from real company emails.
Look for subtle errors that may be missed if you just scan through the email text.
Hover Over Any Links, But Don’t Click
Hover over links with your cursor to see if the link looks fake. This can often reveal a URL that doesn’t look quite right. Watch out for “look-alike” URLs that are close to the real thing. Criminal groups buy these and use them to create elaborate phishing sites designed to be used for many different types of scams.
Never click the links in one of these emails.
Double Check the Contact Number
Some of these emails will have phone numbers to call either in addition to or instead of a link. This is designed to garner more trust, as many people don’t expect a scammer to have phone representatives. But they do. And they’re trained to scam you and play on your emotions as soon as you call.
If you are unsure about a renewal email you’ve received and there is a number to call, DO NOT call that number. Instead, visit the company’s website by typing the company name into the search box and see if the phone number is the same.
If you see a URL that you think looks legitimate, but aren’t sure about, likewise check this. Not by going to the URL, but by searching that domain plus the word “scam” and seeing what comes up. If it’s a scam, then likely there is a warning.
Contact the Company Directly
When in doubt, contact the company directly by searching for “McAfee,” “Norton,” or another company and visiting their site directly. Then call or email them from their site (NOT through any information or links in the email) to ask whether the message is legitimate or not.
How Reliable Is Your Antivirus/Anti-malware Software?
Two River Computer provides expert computer support for Fair Haven residents and businesses. We can review your current device protection and let you know if you’re adequately secured.
Contact us today for a free consultation. Call 732-747-0020 or reach us online.