Monday, April 12, 2021

Scam E-Mail Supposedly from Norton

The scammers are getting better, but not perfect.

In the mail this morning, this missive:

Hi Robert this is an renwel reminder # 97070-1278-0366

FROM: Norton <*********84@gmail.com> 10:22 AM (1 hour ago)

TO: me
_____________________________________________ 
Hi Robert,

Yes, its time for another year of safe and secure computing experience. Your annual maintenance contract with us is set to renew on 13th April 2021. For your order id 97070-1278-0366

$299.99 will be deducted from your Account. Since your account is set to auto-renew, We will automatically process the charge on 13th of April 2021. There is no action required from your end.

This email is just to remind you about the payment charge to cancel the contract and avoid charges, please reach us on at +1 888-***-****. We're available (24x7).

This is system Generated Email. Replying to this email will not cancel the contract. Please contact our support if you wish to stop this from getting charge.

Thanks.

Norton Support

+1 888-***-****

There are a few tip-offs that this is a scam:
1.  They misspelled "Renewal" in the title line.

2.  Poor Grammar in first sentence ("another year of safe and secure computing experience") - and elsewhere (run-on 3rd sentence, for example).

3.  The return address is some hapless person's gmail account that was hacked.

4.  The use of pressure to get you to act ("We will automatically process the charge on 13th of April 2021").  That's tomorrow.  Note use of foreign date formatting.

5.  The typo in the last line ("if you wish to stop this from getting charge").

6.  The ridiculous price being quoted ($299.99).

7.  Usually a legit e-mail will have the last four digits of the account they are going to charge listed. 

This is better than a previous iteration, which merely said "Dear User" and asked for $549 which is even more ridiculous.  Here they used "Dear Robert" but didn't cover their tracks on the return e-mail address.  They tried to incorporate the Norton logo, but it went to a dead link.  Again, they are getting better, but not perfect.

But then again, they are counting on people who don't notice the details, but get upset right away and call the number provided (an 888 number, no less) and blather out social security numbers, names, addresses, and maybe even credit card numbers, before they realize they have been had.

It's just a phishing expedition, folks.  That's all.

It goes without saying that even if this was charged to your credit card, you could dispute the charge with your credit card company. They want to get you on the panic, but there's no need to panic.