I was surprised to receive an email this week telling me that I had renewed my annual subscription for McAfee virus protection.
Why a surprise? Well, I think the only time I’ve ever run McAfee’s anti-virus product on one of my computers was back in the late 1990s when McAfee acquired the company I was working for at the time…
…and I certainly didn’t pay for that.
However, the email tells me that my bank account has already been debited for $249.99 (that sounds like a lot, even if it is to protect two devices with not just anti-virus but also “theft protection.”)
Here’s the email I received:
Hmm… that wacky McAfee logo composed with Unicode characters isn’t the only reason why this email raised my suspicions.
So, what’s actually going on here?
There’s no attachment to the email – so it’s not the case that the email is trying to trick me into opening a malicious attachment.
And there are also no links – so I’m not being duped into entering personal information or passwords into a phishing page.
Instead, this email wants me to scare me into making a phone call. According to the email, if I wish to cancel the subscription, I should call McAfee’s cancellation department immediately on the supplied toll-free number.
Of course, it’s not going to be a genuine McAfee employee who answers that phone call. But if I were able to telephone that number from the UK, my guess is that I would be tricked into handing over some personal financial information that would then be used against me.
I haven’t called the number, and if you receive a similar message you shouldn’t either. At the very least, check your bank account to see if you have actually been charged for something before you take any steps to get your money back…
Further reading: Kirk McElhearn and Joshua Long have delved rather more deeply than myself into what appears to be a similar cybercriminal campaign, posing as emails from GeekSquad. Read what they found out in their article on the Intego blog.
I get over fifty phishing emails a day.
I send them all to [email protected].
Occasionally the address of the phisher changes but not frequently enough.
–
We need a proper organisation to chase these crooks down; using their IP addresses; and lock them up.
Yeah, been there but they won't send me the tee-shirt !!
Get these ever month or so. So do a number of my friends. THose I am close to have clean devices and up to date OSs.
Created an inbound email rule not to read, mark directly as spam and dalete forever… hope it helps.
Thanks, but it does not solve the problem.
They carry on because there are enough of the unwary who get caught.
Edmund
I get multiple ones of these emails every day. But they always misspell McAfee. And blocking them on my email server has no effect. They usually say "last chance" but of course it never ends.