We've had several members contact us in the last week to tell us they'd been scammed by criminals posing as Norton reps urging them to renew their Norton AntiVirus subscriptions.
It's a fresh twist on an old scam using the start of a new year as a ruse, a time when people think about renewing subscriptions.
But it's also a typical social engineering scam designed to trick victims into sharing personal information with an "employee" of a company that seems legitimate, like Norton, Comcast, Apple, or Microsoft.
When these "employees" succeed at getting their target either to grant them a Remote Desktop connection to their computer or divulge sensitive information during a phone call, they then use the connection and information to drain the victim's financial assets.
In the cases we've seen, the victims reached out to the fraudsters using a phone number from an email that looked legitimate to them. The fake employees offered to help enable a license key for the software, requiring remote access to the computer, something the victim agrees to. At this point, the criminals can ask questions that make it easy for them to do things like install malware, get access to non-public personal information, or even ask the the victim to log into their financial accounts.
They've also asked our members to take actions like purchase gift cards to send to specific addresses. We're happy to report that in the cases we've seen, our members shut down the conversations when they realized that sending gift cards to a major U.S. company made no sense.
The criminals who are scamming victims aren't always using subscription renewals as a ruse. A Hanscom FCU employee recently received an email from "Comcast," urging him to click on a link to "revalidate" his account because it had been compromised. The only thing valid about the email is that it was phishing for our employee's personal information. One way to tell is to look at the return address in the email's header, which can look "phishy," as this one does in the example below:
So if you get an email or text from Norton, Microsoft, Apple, or any other company that provides subscription-based services warning you that your tech is unprotected or that your security has been compromised, do not click on any links contained within the messaging. They could contain malware, viruses, or Trojan horses designed to wreak havoc on your computer, smartphone, or tablet.
Then ask yourself, "Does this make sense to me?" For example, you may not even have Norton AntiVirus software on your computer, so why would Norton be reaching out to you? And if you have a subscription, check your own files for a renewal date. Chances are it's probably not even close to being up for renewal.
If you do happen to click on a link or communicate with an "employee" who wants you to log into your financial accounts or give them login and password information, hang up and call your financial institution immediately. If it's a Hanscom FCU account, you can reach our Remote Support team at 800-656-4328.
"It's important to know that Hanscom FCU would never ask you for your passwords or pin numbers for your accounts, so you have to ask yourself why another company would reach out to you and ask for them," said Denise Bouchard, Hanscom FCU's information security officer.
If you were lured into this scam, please contact your financial institution immediately so they can investigate and prevent any further damage to your accounts. Use the phone number on the back of your debit card or the number for the financial institution you've saved in your phone. Never call back a number given to you by the person on the other end of the line.
Detect Safe Browsing (DSB) from EasySolutions is a free download that protects your Hanscom FCU Online Access session from malicious attacks before they can compromise your account's security. Detect Safe Browsing runs quietly in the background and provides real-time security so you don't become a victim of online fraud.
Others are reading: