You don’t expect antivirus software to spread malware, but it happens. Tap or click here for how this malware can eavesdrop on your calls using your phone’s motion sensors.
Phishing scams are also far too common. Maybe you get a receipt for AV software you never bought, or a marketing email that looks legitimate buts leads you to a bogus page ready to take your credit card info.
Before you get duped, read on to learn more about how one version of this scam works and what you can do about it.
If you get this email, ignore it
Just because a well-known company’s name is attached to an email doesn’t mean it’s legitimate. Scammers often use the branding, logos or colors from retailers or services to trick potential victims.
In the latest scam, the phishing email impersonates McAfee with an accurate color scheme and logo. It looks to be a marketing email to protect your computer. There’s a big red flag, though: The sender address leads is a long, strange string of characters.
The subject line includes a confirmation number to prompt you to open the email. Once you do, maybe you’ll think, “Hmm, I do need antivirus software.” But the link inside doesn’t link to any official site.
In some variations of this scam, the link will take you to a page where you must verify the card details used in a transactions. This will do nothing but harvest your banking information, and the criminals then make off with your cash.
One of our Komando.com writers received one of these messages in her inbox and saw the red flags before even opening it:
- The sender name was “Mcafee” — the company name is McAfee with a capital “A.”
- The sender’s email address was a string of random numbers and letters that didn’t even include the company name. McAfee states that it will only send you emails from domains such as @mcafee.com.
- We attached the content of the email below. Note the error in the line “If your computer is unprotect, it is at risk for viruses and other malware.”
This isn’t the first time McAfee has been used in this scam. Late last year, many users saw malicious pop-up windows in their browsers, claiming the antivirus subscription had expired. The “renew subscription” link captured personal and financial information.
What you can do about it
According to McAfee, the company is regularly the target of scammers and has set up a dedicated educational page where you can report such activity. You can do several things to stay safe, so if you don’t have a McAfee account, deleting the email is a good start.
However, you might take the email seriously if you are already a customer. McAfee warns that you must never blindly trust an email like that and always check your subscription status on the official website.
Here’s how you do that:
- Go to myaccount.mcafee.com.
- Click Login at the top right.
- Type your registered email address and password, and then click Log In.
- Select Account, then choose Subscriptions.
- Click Purchase History. Here, you can view the invoice history of the product.
It’s always a good idea to keep a close eye on your banking statements for any unusual activity. There is always a possibility that a criminal legitimately renewed a McAfee subscription using your details and bank account.
Here are some more tips to stay safe from these types of scams:
- Safeguard your information — Never give out personal data if you don’t know the sender of a text or email or can’t verify their identity.
- Sense of urgency — Here’s a red flag: Any message that tells you to “act now!” or makes you feel rushed and anxious. That’s exactly what the scammers want you to feel.
- Avoid links and attachments — Don’t click on links or attachments you receive in unsolicited emails. They could be malicious and infect your device with malware and/or steal sensitive information.
- Antivirus is vital — Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!
Hundreds of national and local news sites hacked to push malware