Like so many other email-borne schemes, the McAfee Renewal Scam is just a fake message, asking you to call a number linked to criminals. Don’t pick up the phone! And don’t reply to the message. Check out these details, so you can react safely to this sort of email.
Here’s a recent example of the McAfee Renewal Scam:
For many, this is an obvious fake, but I’ll still list out the giveaways:
The email came not from McAfee, but from some gobbledygook Gmail address.
Grammar mistakes abound: “successive transaction” and the use of commas in dates.
McAfee does not sell anything so expensive ($716.16)!
They used the word “kindly”.
If this shows up in your inbox, the truth of this matter is this:
There is no charge to any of your bank cards.
The order numbers are meaningless and all made up.
The phone number does not belong to McAfee. It rings somewhere in Scamdinavia, where cybercriminals are standing by for your call.
Anyone calling the number will speak with an eager agent who will seek to connect to your computer through remote control apps. Then they’ll press to access your bank website or other financials, to process a refund. But that will be a sham, where they will steal your money, through quick transfers and shell game switcheroos.
The good news is that this is easily dealt with, once you recognize the scam. When you get this kind of message, just delete it or mark it as spam. If you need further peace of mind, feel free to login at the real McAfee website, to check your account standing. And review your bank statements to see that no strange charges are there.
Arrest Warrant/Court scams have been around for many years and still claim victims: An email or phone call or text informs someone that they are in trouble with the law. “A federal court has issued an arrest warrant in your name! An officer will be at your door soon to take you away.” Or it may be a hefty fine for some missed jury duty. In any case, if you pay the caller or emailer now, then the charges will go supposedly go away and they will call off the arrest.
If you get this kind of call/email, please know that US courts and officers will never contact you urgently for immediate payment. No one is actually coming to arrest you. The charges are made up and do not exist. Disconnect from any call resembling this scheme. Delete/mark as spam any email you receive about this. Contact your local police station if you have any doubts.
Hallmarks of this Scam:
The caller pressures you to pay now, before the officer gets to your house to cuff you and stuff you. High pressure tactics are common with scammers. The US Court System is slow as molasses, and would never do this to you.
The scammer asks for payment using Google Play cards or Walmart gift cards. No government entity wants these things! Anyone demanding a store card like this is always a scammer.
“You are welcome to satisfy your court debt using Zelle or Cash App!” Again, these payment methods are not used with the government. These quick-pay methods are for use with friends and family only.
The person trying to convince you to pay insists you may stay on the line with them. They won’t let you off the phone. They don’t want you to call anyone else. They warn you not to tell the salesperson why you are buying gift cards. They do this to keep you under their spell. They know that as soon as you talk with someone else, the scam will fall apart.
The supposed charges are for outlandish things you know you haven’t committed, like Illegal Drugs in New Mexico or Vehicular Manslaughter in NYC.
Also please consider:
Arrest Warrant and Court Scams may employ call spoofing, and your CallerID may show something convincing, like IRS, US Federal Courts or Attorney General’s Office. Please do not believe your CallerID!
Scammers often have your full name, address, phone number and other sensitive info. They’ve acquired it from public info websites or from data breaches. They may “confirm” that info with you as an intimidation tactic.
If you are emailed any convincing-looking “court summons” documents or citations, feel free to bounce them off of your local police or court officials. Do not call any numbers from the documents or email. Find their contact info through other means, or just stop by the local police station.
Real court summons and citations will arrive via the USPS, and look boringly official and officially boring.
Feel free to Google any phone number you see in such a suspicious email. Googling a scammers number will either turn up nothing, or many results showing that others have been scammed by that number.
There is a large rise in Facebook Account Theft right now. I can’t explain the sudden surge, but for the last few weeks, I see people complaining about and suffering from stolen Facebook accounts almost every day. We need to go over the details, so that you are prepared and protected.
How Facebook Accounts Are Stolen
Your Facebook account can be stolen when a bad guy tricks you into revealing your password. Or, a cybercriminal can attempt to reset the password on your account, and then trick you into giving them the reset/authorization code. Then, they set a new password on the account, locking you out and giving themselves all the control.
To finalize the theft, the crook replaces the email address and/or phone number on your account with their own email/number. This makes it nearly impossible for you to recover your account.
Phishing emails are a common way to take passwords from people. Messages or pop-ups that look deceptively similar to real Facebook notices can pressure people to type in their credentials. But right now, I’m seeing a lot of password-theft happening via stolen accounts, using impersonation tactics. Example:
John Doe gets a PM from his cousin, Uncle Buck. “Hey, John! I’m having trouble with my Facebook account, and I need your help. Imma send you a code — can you tell me what that number is? It’ll help me reset my password, thanks!” John Doe thinks he’s helping his uncle, so he waits for the code to arrive by text message. When it comes, he types it in and sends it over.
But Uncle Buck isn’t Uncle Buck. A cybercriminal is inside Buck’s account, and when he gets the code, it allows him to finish a password reset on John Doe’s account. John Doe soon finds this out, when he is forced out of Facebook and cannot log back in. His account has been hijacked just like Uncle Buck’s.
How to Protect Your Facebook Account
Never share any security code with anyone. When a numeric code is texted or messaged to you, it is for your use only. In the wrong hands, that simple code can defeat the security of an important account. This goes for Facebook, Gmail, your bank login and any other online account you use.
Facebook offers some basic security tips at this page. Implement as much of their advice as you can handle.
Consider setting up additional security features for your Facebook account, like 2FA and login alerts. More info on that at this page.
If you get any fishy emails or PMs from people you would normally trust, pick up the phone and call the sender. Figure out if they really sent those message, or if you’re corresponding with some impostor in Scamdinavia.
Review your Facebook Profile and make sure your Friends List, phone number and other personal info is not viewable by the public. The privacy level on that info should be “Friends Only”, or better yet, “Only Me.”
What to Do If Your Facebook Account is Stolen
Do not delete any security-alert emails that you receive from Facebook. They could be invaluable toward recovering your Facebook. When your password, email address or other sensitive info is changed on your account, you will receive an email. Each message will state: “If you did not make this change, click here.” Sometimes, clicking where indicated is your only hope of reverting the scammer’s change!
Try to recover your account at www.facebook.com/hacked . Alternate links and methods are at this page. I must warn you, though, this process can be time-consuming, frustrating and ultimately unsuccessful. Facebook has made this process difficult, and there is no easy way to contact them.
Contact people outside of Facebook, to let them know your account has been compromised. Tell them to not trust your account until further notice. Ask them to look at your account for any suspicious posts or content. If they see anything that looks bad, suggest to them that they report it to Facebook.
If you want to try to call Facebook, please know that it probably will not help. They do not want to answer the phone for non-paying customers, and at this time, you cannot yet pay Facebook for proper support. But I will give you their corporate numbers in California, just in case: 650-543-4800 and 650-308-7300. Please be careful seeking out other Facebook contact info, as most of the phone numbers you might see in a Google search belong to scammers.
There are many companies on the internet that claim to be able to recover your stolen account, for a fee. Most of these are fraudulent operations. Beware! But one company called Hacked.com seems to be legitimate. I can’t vouch for them 100%, but they have a significant internet footprint and reasonable reviews about the recovery services that they provide.
If all else fails, or the recovery process is too money or time-consuming, make a new Facebook account.
Relevant for Protecting Other Social Media Accounts
This post focuses on Facebook, as that’s where I’m seeing the most harm done right now. But the overall threat and advice is relevant elsewhere. LinkedIn, Instagram, Twitch, Twitter… Accounts can be targeted and stolen on many other social media websites, using the same tactics I’ve described.
And the amount of support you get (almost none) will probably be the same, if you are a free or non-paying user. I will help where I can, but I have no special abilities to get Facebook to do the right thing. It’s up to you to stay alert and not get in a jackpot. Stay suspicious, my friends!
As you use social media, please pause before clicking on a celebrity death news item. I’m seeing a resurgence of celebrity death hoaxes on Facebook and other platforms right now, and they all lead to trouble.
I don’t blame people for clicking on these. Some of them look very believable. But anyone can post anything on Facebook, and Meta is very bad at policing itself and removing bad content. It’s up to us to think twice and avoid or report hazardous posts.
Celebritydeathhoaxesarenothingnew. The recent batch seems bent on tricking users into installing adware and malware on their computers. Here are some shots of the deceptive screens that appear for anyone unlucky enough to click these things:
Anyone falling victims to these sorts of downloads may soon suffer from lots of pop-ups, sales offers and web redirects, or worse. If you’ve caught some computer-crud from these hoaxes, give me a call and we can clean up your system fairly quickly.
And if you see any news on social media about a celebrity death, resist the urge to click. Instead, open a new tab and go to a trusted news website, and search for the celebrity’s name there. That should be a safer way to determine the truth of the matter.
Dish Network subscribers are starting to get unexpected calls about receiver updates. These are yet another scam, similar to the Xfinity Discount scam. Here’s what you need to know before you get one of these calls:
How The Scam Works
A scammer calls and identifies himself as a Dish Network representative. They’ll claim that the Dish receivers in the house urgently need a software update. “We can send a technician to your home to do this upgrade for $300, or I can walk you through it over the phone for only $199.”
At this point, the victim may object, and the scammer is ready: “But sir, it is just a one-time payment of $199.99. Without this, your TV will soon stop working!” When the victim argues further, the crook may offer to offset their fee by promising $25 discounts for several months on future Dish bills. If the victim still does not cooperate with payment, the scammer may become rude, and claim that he will just shut down the entire satellite service.
It should go without saying: If the crook gets any kind of payment over the phone, they will disappear with the money, and the victim gets… nothing. The “upgrade” was a dog-and-pony show and nothing more.
Why This Scam Is Convincing
This scam has a lot going for it, and has the potential to dupe a lot of people.
The scammer on the phone already knows your name, address and (obviously) your phone number.
Your CallerID may be spoofed to show “Dish Networks”.
They will instruct the victim to press buttons and navigate menus on the Dish receiver/TV with a convincing level of accuracy.
If the scammer learns your Dish account PIN, s/he may make changes to your account or add discounts to your billing, to “prove” they are a capable Dish rep.
Do’s & Don’ts
If you find yourself on this kind of call, hang up ASAP. The less you say to the scammer, the better.
Never antagonize or berate the caller. Remember: They have your address. These crooks can get hostile and the worst-case scenario could result in you getting swatted.
Don’t volunteer any extra info, especially your Dish account number or PIN. True Dish representatives never ask for this info over the phone.
To verify any Dish Networks communications, or to report a fraudulent call, call their main number at 1-800-333-DISH or chat them up on their website.
Update!
This scam is no longer just affecting Dish customers, but also subscribers of Xfinity, DirecTV and other big TV companies.
Steam Cards function like gift cards: you spend an amount of money for the card, to be able to use that as a voucher on the Steam website for purchasing video games and other software. And like any other gift card, Steam Cards are often targeted in scams.
Steam Cards can be bought at physical stores or online through the Steam website. They’re often on display with other gift cards, but the scams that involved Steam cards are a little bit different than you’d expect.
Examples of Steam Scams
You find yourself locked out of your Steam account, and someone is contacting you to help you regain access to it. But they need you to buy a Steam Card and send them the number from it before anything can be restored.
Someone messages you, stating, “I accidentally reported your account and am worried that you will be banned from Steam. Contact Steam Support at this number/email and do what they say to remove the account ban!” And if you cooperate, the fake support person will threaten to delete your entire library of games unless you buy Steam Cards for them.
An attractive person messages you over Steam or Discord, asking for Steam Card Codes, so that they can play the same games with you. Instead of pressure tactics, they may be flirtatious or send racy photos.
You encounter a Bitcoin investment opportunity, where you fund it with Steam Wallet eGift Cards.
In any case, treat Steam Cards as you would all gift cards: They are equivalent to cash, and should only be given to people you know and trust. Treat unexpected requests for Steam Cards as you would any other gift card scam. Shut it down as soon as you recognize it. Block or avoid the person trying to commit the scam.
If you don’t use Steam, you may still need to be aware of all of this to safeguard any young gamers in your household. As your children or grandchildren come asking for Steam funds, make sure everything is on the level. Check that they want these cards for their own use. If you learn that they want a Steam Card for something other than just buying a game, you may have a teachable moment on your hands!
Remote control scams are alive and well in 2023. I blogged about this just a year ago, but this is important enough to go over again.
A remote control scam is where someone is out to steal your money, and they use remote control software to get into your computer. Once they have access to your system, they’ll push further into your finances (and your consciousness) to take as much as they can. Some of these bad guys are aiming for a quick $300. But this year, I’m seeing where they aim higher. In the last month, I’ve spoken with victims who have lost $30,000, $75,000, and more than $100,000 to these cybercriminals.
What makes these scams so dangerous, though, is that there is nothing you can put on your computer to protect against them. There is no virus to guard against. Your computer is not being infected or hacked. It’s largely a social-engineering operation, where the victim’s brain is the target. If the crook gets inside your head, then they will win. So please be knowledgeable about how remote control scams work, so that you don’t become a victim someday.
How These Scams Begin
A remote control scam begins over a phone call. That call starts in various ways:
A unexpected notice pops-up on your screen. It claims you are being hacked or infected with many viruses. Or it may accuse you of viewing illegal adult content and threaten you with fines or arrest. A robo-voice warning may blare out of your speakers, and urge you to dial a particular phone number. These pop-ups are often difficult or impossible to close.
You receive a robo-call. The recording tells you that there is a problem with your computer or online account, and you should press 1 to be connected with an agent now!
An email announces that a charge is pending for something you didn’t buy. Something like a Norton renewal, Geek Squad payment, or an expensive app from the Apple Store. And at the bottom of the email, a phone number is offered to you if you wish to dispute the charge.
These alerts almost always drop a big name: Microsoft, Paypal, Amazon, Apple, etc. But that big tech company is not responsible for the urgent notice. You’re being lied to by an impostor. The scammers are just looking to get that phone call started, by stealing and using a respected name and logo!
Getting Inside Your Head
Once an active scam phone call begins, the cybercrook gets to work immediately. And their work is akin to hypnotism. They tell an urgent story, using very convincing jargon and details, in order to get your cooperation.
There are so many stories I can hardly remember them all:
Hackers are attacking your PC right now!
No worries, I can get you a refund for that charge.
I see that your computer is running slowly, and I will fix it for free.
We overcharged you in the past and would like to compensate you as an apology.
You have not paid these back taxes and officers are coming to arrest you in less than an hour.
If they get inside your head, the next step is to see if they can get inside the computer (or mobile device). They guide the victim to install a small program for this. And often, the victim hardly realizes what’s going on, due to the stress & panic of the situation.
The crook emails a link to the victim, for downloading their “helper” app. They instruct on how to click the link and then to click Yes on any prompt while the program loads.
The scammer asks the victim to open Quick Support from the Windows Start Menu, and they ask for the access code on its screen.
A bad guy explains how to open a Run window. He then dictates a website to type in, something like www.ammyy.com or https://get.teamviewer.com .
The criminal tells how to use the app store on the phone to get an inspection app. But once the app is opened on the phone, it turns out to allow remote access.
These are just a handful of free remote access apps that scammers can use.
Anyone who follows these kinds of steps will permit a scammer full control over the computer. It is the same as when I connect to your computers to fix them. The cyber criminal will see the screen and be able to mouse around on the system. But they aren’t there to fix anything. Instead, they’re fixing to invade some bank accounts!
Further Convincing Details
Once aboard the computer, the bad guys often “get right to work”, running scans and opening lots of windows. They may show off a complicated Control Panel to show the thousands of errors on the system. Or launch a DOS window that is covered in IP addresses of the hackers targeting the system. They also can place lots of new and curious icons on the desktop:
Bogus Icons That Sure Look Impressive
Whatever they demonstrate is just computer theater. The goal at this stage is to overwhelm and impress the victim, to get them to fall in line. They are “tenderizing the meat.” The crook really wants to be sure that they’ll get full cooperation on the next step of the plan.
Step 3: Profit
If the scammer has gotten this far, they will now start the financial part of the scheme. Some scammers still ask for gift cards, but the greedier criminals want to see the online bank accounts. They know it’ll net them more money. So they insist that the victim go to their banking website and login, with these types of stories:
I will be happy to refund you the $500 fee, if you can just show me what account number to transfer it to.
We must safeguard your savings before the hackers get to it. They have almost gotten your money, but we can move it to a safe government holding account before they hack you!
You can satisfy your debt with a quick transfer and I can show you how to do it through your bank’s billpay.
These criminals usually don’t care what your bank password is. They typically ignore your bank account numbers. They just want to see your balance. They want to see what the jackpot amount is, and their next scheme adjusts accordingly, to drain your account. One possible scenario:
The thief spots $500 in the checking account and $50,000 in the savings, They offer to refund the fake Norton charges to the checking. “We will give you your $400 back to you right now!”. But after they initiate a transfer, the bank account will refresh and show a $40,000 incoming deposit. The scammer will get angry and loud, claiming, “You mistyped it! You messed it up and took $40,000 from me! I will lose my job for this! I will call the police on you, unless you send me back that money!” And then he will attempt to wire transfer $40,000 out of the savings account to … some other account that he controls.
Here’s another far-fetched story:
The crook sees $20,000 in checking and $80,000 in savings. They say, “OK, look, we can save your money, but we have to move it all into your checking account. The hacker is attacking your savings account” After a quick money shuffle, the checking account holds $100,000. “Oh no, the scammers noticed what I did, now they are hacking after your checking account! We will have to move all your money to a protective FBI account. If we don’t, the scammers will take your money in the next 15 minutes. I can see that they have almost hacked your Bank of America security. Quickly now! We can bring back all of your money after the scammers are defeated!”
This is it. If the scammer has gotten this far, they’ve just won the lottery. The small fortune in American Dollars they’ve just grabbed will convert to a large fortune in their country’s currency.
If they have anything else to do with their victim at this point, it will be to buy for time. They may have other stories now, to calm the victim, to get the victim to relax and just wait a few days. This is to give them time to transfer and hide the money, to make it harder to for that money to be clawed back when the fraud is detected.
If You Have Lost Money To This Scam
After the scam and phone call ends, the hypnotism will fade away and the truth will dawn. At this point, you’ve got to act fast, to get a tourniquet on the situation:
Contact your banking institution to let them know you may have been scammed. Do NOT wait until the morning, call any and every number you have for them, until you reach a live human. Describe the entire scam-process to them, and they will know what you are talking about. Follow all of their instructions to a tee, to protect your account and seek recovery of your money. The sooner you contact your bank, the greater your chances of recovering your money!
Disable or uninstall the remote control software used by the bad guys. If you don’t know how to do this, turn off the computer and seek legitimate computer help!
Change your online banking password (your bank may help you with this when you contact them). Change the passwords to any sites you logged into while the bad guys were connected to your system. Change as many passwords as it takes to get your peace of mind back.
Final Notes & Commentary
When I teach people about these scams, a frequent comment I hear is “Boy, how stupid do you have to be to fall for this?” Let go of that sentiment right now. Scammers can rob people, regardless of intelligence or education level. I have helped so many people recover from these crimes, and the victims come from all walks of life. Some are business owners. Others are teachers. Many have gone to college and have Dr. before their names or many letters after their names. Let’s not victim-shame or victim-blame. We should instead focus on how skilled the criminals are at their game. Some of them truly are world-class hypnotists. Recognizing them as a serious enemy is a better mindset.
Big tech companies are not going to call you out of the blue with an unexpected crisis. It’s always a scam. If you still have doubts, talk to someone else before taking action. Call a friend or a computer tech or a family member. Only call phone numbers that you can trust 100%, like those printed on your billing statements or found at GetHuman.
Antivirus software defeats viruses. Ad-blockers stop malicious ads. Firewalls defends against hackers and malware. But as I mentioned at the start, this type of scam belongs to none of those threat groups. It doesn’t matter if you have a PC, a a Chromebook or an iPhone. Your head is the target, not the device. Knowledge equals protection with this issue, and that’s what all these words are here for. Please be aware, and cultivate a healthy mistrust for the unexpected.
There’s a scam going around right now, promising a 50% discount on your Comcast/Xfinity bill. You might see this scam in your email, Facebook feed or even get a phone call! In any case, please know that it is not a legitimate offer.
It is too good to be true. Anyone duped into calling the offered number will reach a scammer, not an Xfinity rep. And the crook will press you to pay some advance money to qualify for the fictional discount. Once you send them any kind of payment, they’ll disappear.
Xfinity doesn’t offer any deep discounts like this, but you are always welcome to reach out to them to verify other offers you might hear about. You can report this scam to them when you receive it, if you like, but rest assured they already know all about it.
Update!
This scam is no longer just affecting Xfinity customers, but also subscribers of Dish, DirecTV and other big TV companies.
If you’ve ever registered a domain name, you’ve probably come across some postal mail, offering to list your website in an online directory. Here’s an example I received recently:
Now, I’m not going to outright call this a scam. You may if you want to. But I imagine that if I paid them their money, they truly would list me somewhere on the internet. I bet they have a “directory” on their website that anyone can visit and view.
But this sort of offer is, of course, specious and suspect. Most people will spend $300 of their advertising budget in better ways than this. This company is engaging in a curious form of marketing, where they simply see who they can get to pay their bills. It’s not quite phishing and not quite panhandling, but smacks of both.
I’m sure you’re considering the above invoice and thinking, “I would never fall for this nonsense.” That’s good. But this is more about the weakest link in your business. Consider your staff, especially those that open your mail and pay your bills for you. Would any of them rubber-stamp this and pay it without a second thought? If this gives you pause, then perhaps it’s time to have a kind meeting about this topic. Frank conversation and education will defeat this scheme.
If you’re looking to buy Microsoft Office software, you can expect to rent it for $70 or $100/yr, or you can buy it outright for $150, $250, or $440, depending on the version you need. Those are the direct-from-Microsoft prices. But if you search the web for better pricing, you’ll very quickly meet up with software deals that are too good to be true:
Remember the axiom: If It’s Too Good to be True…
Please do not buy anything from these vendors. Only buy your software from trusted stores and websites. Buying directly from Microsoft/Adobe/Intuit is safest, but you’ll also be in good hands buying from Costco, Best Buy, Target and other big names.
There are legitimate software deals out there, but only for specific people or scenarios. Nonprofit orgs and students may be offered ultra-low prices for MS Office, and you can trust in those offers because they’ll come through official channels.
What’s at Risk with These Online Software Deals?
The common problem with these $20 Office specials takes a while to express. It all seems to be fine at first: John Q. User buys his Office software from CrayzeeDeals.com, it installs in a flash and works immediately. All of his Word docs open in his new Word 2021 app, and life is good…
Until a few months later. That’s when Microsoft pops up to say that there’s a problem with his license. The message may or may not be helpful, but at the end of it, Microsoft reports that his Office could not be activated and that it will not work until he purchases a valid activation key.
The explanation for this is a bit convoluted: Mr. Cray Z. Deals guessed, hacked or stole a volume license code or developer’s activation key for Office software. And then he sold that code many times to many people on the internet. Those special codes are designed to be used many times, but eventually, Microsoft will do an audit and catch any abuse. And when they notice a particular code being used in places it shouldn’t be, they flip a kill-switch on it. That switch echoes down to all the internet-connected computers where that license is in use. All those Office installations simply stop working.
That time-delay, between Sale and Kill-Switch, benefits the shady salesman. Mr. Deals is usually long gone by the time your Office software goes belly-up, and in many cases, it’s also too late for a charge-back/dispute with the bank. The bad guy gets away with the money, and the victim must then repurchase their software.
If You’ve Been Had
In the grand scheme of things, this scam does not cause lasting harm to its victims. If you’ve been swindled in this manner, the damage is limited to your lost money, and the time you spend pursuing a legitimate license. Your files will be fine. You can safely remove/replace Office software, and your Word docs and Excel spreadsheets will remain in place, waiting to be opened in the next software you load.
You’re also welcome to report this type of fraud to the FTC, if you like. But don’t look for big results. Most of these software scammers are hard to track down or catch. I’m sure the FTC appreciates the information, but their mission is sadly like a never-ending game of Whack-a-Mole with these criminals.
