The NortonLifeLock subscription renewal scam is an email scam in which cybercriminals send a fake notification email to recipients about the renewal of an antivirus system. They present the email as an official notification from NortonLifeLock, a real cybersecurity software company.
The scammers add a fake custom ID, invoice number, and renewal date to make the email appear genuine. Using an official logo and professional-looking design, cybercriminals make the email appear authentic.
Besides that, scammers also include a fake invoice and mention a NortonLifeLock subscription that will be renewed within 24 hours. In rare instances, they may further inform their targets that the subscription has already been renewed, and that their account has been debited.
After making victims panic, scammers instruct them to contact their billing department by calling the number provided to cancel the subscription or get a refund for the amount deducted (which hadn’t actually been charged anyway).
The scam begins when someone calls the given number to seemingly avoid being charged for something they don’t want. When the target attempts to cancel the subscription this way, the scam could take several forms.
First, scammers try to convince their targets to grant them remote access to their laptops or computers. Scammers claim that they can only cancel the subscription by accessing the recipient’s device so that it doesn’t renew or by reversing a transaction already made.
If the recipient agrees and gives them remote access, they ask the user to log into their bank account, so they can cancel or reverse the transaction. After gaining access to the user’s bank account, they use software to obscure the screen, so the user cannot see what they are doing.
To ease their targets’ minds, they say that a technical problem has caused their monitor screen to turn black, and they are working to resolve it. However, they really intend to make huge deposits to their bank accounts from the victim’s, install malicious software to track user accounts and access them later, or simply remove the protection on their targets’ devices to scam them again.
There have been reports that scammers also use the notorious tech support refund scam strategy to defraud their targets during this scam. They instruct their targets to note their available bank balance, so they can verify the refund later. Afterwards, they edit the HTML of the bank account page to show a higher amount than what it should be.
After that, scammers claim they have sent more than they were supposed to and demand a refund. In reality, the funds remain the same, and the users end up sending their hard-earned cash to cybercriminals instead. When they make the transaction and refresh the screen, they learn the reality of the situation, but by then, it’s too late.
Besides the above two main ways scammers may attempt to steal from you, there are various other ways they might harm you.
- A scammer may include a downloadable attachment with the email that contains malware, posing as an official invoice.
- They may include a phishing link in the email and ask you to click on it to cancel the renewal or undo the supposed transaction.
- Scammers may ask you to disclose sensitive information in the email reply.
- They may hijack your browser and spy on you later.
What to Do if You Fell for the NortonLifeLock Subscription Renewal Email Scam
If you’ve already called the scammer after receiving the NortonLifeLock subscription scam email or downloaded attachments, here’s what you should do:
- If you’ve only spoken with the scammer, refuse to give them remote access if they ask for it.
- In case you’ve granted scammers remote access, turn off your internet, so scammers can’t connect to your computer if they’ve already installed the tracker. Also, scan your computer for malware and hijacking software before enabling your internet connection again.
- Your privacy could be seriously compromised if they have access to your laptop’s webcam. Turn off your webcam temporarily.
- Scammers may claim to have transferred an extra amount during the transaction reversal and ask you to pay them back. Don’t fall for this.
- If scammers have gained access to your bank account, contact your financial institution and ask them to freeze it.
Information is provided to you by www.makeuseof.com.