Stay Safe Online

Watch out for fake Norton renewal emails. It’s a scam

Email users should watch out for a series of scam emails claiming they’ve been billed for a renewal order of Norton antivirus.

The email appears to be a popular trick with cyber-criminals who are using the email as bait to convince recipients to call a phone number which will connect to a scam call centre.

See some examples of these scam emails below.

The email will appear to look like an order confirmation for a purchase or renewal of Norton antivirus, and shows an order summary.

(The email may contain the recipient’s full name, which the crooks likely obtained from any number of leaked data breaches involving companies the recipient may have had an account with.)

However, the recipient made no such purchase, and they haven’t really been billed for anything. The email is all a bluff, designed to make the recipient think that someone has been making purchases from their account.


Sponsored Content. Continued below...




“Any problems, just call the provided phone number”

The aim of these scams is to lure recipients into calling a scam phone number in order to “cancel” the alleged purchase. However, if the recipient does call, this will connect them to the cyber crooks.

From there, one of two things (or both things) are likely to occur.

Firstly the crooks may attempt to lure the victim into handing over sensitive information, such as their bank details.

Secondly the crooks may attempt to lure the victim into installing malware or remote desktop software onto their computer, thus handing control of it to the crooks, who can then proceed to steal information or install malware.


Sponsored Content. Continued below...




There has been a rise in emails claiming a victim has been billed for a product they didn’t purchase in a bid to trick them into calling a scam phone number. Microsoft has previously warned that crooks were using such a tactic to install the BazaLoader strain of malware.

In the case of the Microsoft warning, crooks were luring victims over the phone to a website containing a “cancellation form” that actually harboured malware.

While scam emails use renewals of Norton antivirus as bait are popular with the crooks right now, they can (and do) use a wide variety of other products as well.

The general advice here is to be sceptical of unexpected emails claiming you’ve been billed for a product (or are about to be billed) especially if they urge you to call a phone number. And remember to always have good, reliable antivirus on your computer. Our current recommendation is here.

Also, you can report fake Norton phishing emails to Norton’s spam email address, spam@nortonlifelock.com.

Share
Published by
Craig Haley