McAfee Invoice Scam Alert: Protecting Yourself and Your Family from Online Fraud

Did you get a fake invoice from McAfee? How the scam works and 2 things you should never do

Legitimate organizations don't ask you to send them Bitcoin deposits or gift cards. Trust us. I just paid $715.15 for a five-year subscription to McAfee Total Protection covering 20 devices. At least, that's what some unknown individual wants me to believe. Also: Do you still need to pay for antivirus software in 2024? The news of my transaction came in the form of an email delivered to my personal account, with a PDF file attached. Here's what the attachment looked like. That "receipt" looks official, doesn't it? Especially to an unsophisticated person who doesn't have the experience to spot the telltale signs of a scam. You've probably seen similar phishing emails, congratulating you on your purchase of a subscription to McAfee or Norton Internet Security or some other brand that's well-known to consumers. Also: Quishing is the new phishing: Why you need to think before you scan that QR code The amount of the supposed transaction is usually just high enough to alarm you. And if you don't realize it's a scam, your first reaction is to pick up the phone and call the toll-free number on the invoice so you can explain that it's all a mistake and you never ordered those products and ask them to please reverse the charges. So, what happens if you call the number on that receipt? Thanks to an affidavit filed as part of a U.S. Federal court case in the Southern District of Mississippi, we now have a detailed description of this scam in operation. (Hat tip to Seamus Hughes and his excellent Court Watch newsletter for the link.) Also: AI phone scams sound scary real. Do these 5 things to protect yourself and your family The author of the affidavit is Martez Simpson, a Special Agent with the United States Secret Service, who described how the victim was taken for nearly $11,000. Agent Simpson even managed to talk to the recipient of the funds, an Indian national who was angry that his crypto account had been seized by the Feds pursuant to a court order. The victim, a Mississippi woman, is identified only as V1 in the affidavit. After she received the phishing email, she called the phone number and spoke to a person who claimed to be a McAfee employee. (He was not, needless to say, a McAfee employee.) That person, referred to in Secret Service-speak as an unknown individual ("UI"), convinced the victim to install software that gave the crooks access to her computer. Using command prompt entries, the UI convinced V1 that, rather than the $723.64 that the email had indicated was improperly taken out of her bank account, her banking data indicated a $77,723.64 amount was refunded. The UI informed V1 that because the wrong amount was refunded to the account, V1 needed to physically withdraw money from the bank and deposit the money into a Bitcoin ATM. (As Agent Simpson notes in a footnote, it's possible that more than one individual was involved in carrying out this scam. And if this story sounds familiar, it might be because several of the plot elements are central to the film Beekeeper, starring Jason Statham, which is now streaming on Amazon Prime.) The victim was apparently convinced that this McAfee employee had access to her mobile phone and her email account and that the only way to regain access was to follow their instructions. She withdrew $15,000 in cash from her bank account and then, while remaining on the phone with the overseas criminals, went to two separate Bitcoin ATMs and converted nearly $11,000 of that cash into Bitcoin. She then emailed the Bitcoin tracking codes to a Gmail address provided by the crooks, who replied with a pair of QR codes that the unfortunate V1 used to transfer the funds to a Binance wallet controlled by the thieves. There's no indication in the affidavit of what happened next, but it's most likely that the bad guys simply hung up. They had their funds, after all, and they no longer needed to keep up the pretense with the victim. Also: The NSA advises you to turn your phone off and back on once a week - here's why After the bank told the victim she'd been defrauded, they called the Secret Service, who were able to trace the funds using blockchain analysis. They convinced Binance (which held the wallet) to freeze the $29,788.29 in that account while they went to court to recover those funds. That's when the owner of the wallet, "Azmi," contacted the Secret Service to find out why his account had been frozen. According to Agent Simpson, "Azmi was adamant that he doesn't know these people, insisting that he was just a trader. I believe Azmi was using the conversation to 'fish' for information regarding the frozen account and become better at this type of cryptocurrency scheme." Good luck with that, Azmi. Your first reaction to this story is probably something along the lines of "Who would fall for this kind of crazy scheme?" The answer is: a lot of people. Typically, they're responding to one of the two universal motivators, fear or greed. The Federal Trade Commission calls them "imposter scams," and what they have in common is that the person trying to take your money wants to convince you they're working for someone you trust: a big company like Amazon or PayPal, a government agency like the FTC, or perhaps your bank or credit union. There are plenty of variations besides the phony McAfee receipt. You might get a phone call, supposedly from Amazon or from your bank, alerting you to "fraudulent transactions." There's the fake antivirus warning that pops up and tells you your computer is infected and you need to call right away to remove the virus. You can find countless examples of people who were scared into responding to these scams, like this Pittsburgh woman who lost $10,000 after she received a phony virus warning. She called the number on the pop-up message and spoke with a man who claimed to work for Microsoft. The thieves said her bank account had been compromised by a gang of Chinese child pornographers who were going to take her money unless she transferred it using a Bitcoin ATM. Also: How to find and remove spyware from your phone And even sophisticated people can get caught up in a money-moving scheme that looks preposterous in hindsight. Take the case of Charlotte Cowles, who is not a senior citizen and writes a financial advice column for New York magazine. She turned over $50,000 in cash to a gang of thieves who claimed to work for Amazon, the Federal Trade Commission, and the C.I.A. They convinced her that her identity had been stolen and they could help her avoid being charged with money laundering. Her bank tried, unsuccessfully, to point out that she was probably a victim of fraud. It's a wild story. The people who run these online scams do it day in and day out. They're experienced in techniques of social engineering designed to make their would-be victims feel anxious and afraid. The best way to fight back is to avoid engaging completely. If you're helping out an unsophisticated friend or relative, here's some advice you can offer them. One of the common threads in every story I've read about an online scam is the victim's rueful comment: "I should have trusted my instincts." If something feels wrong, it probably is. The smartest thing to do when you receive a suspicious unsolicited email is to simply delete it. If you get a pop-up warning you that your computer's infected, press Ctrl+W (Command+W on a Mac), which is the universal shortcut for closing a tab. Press Ctrl+Shift+W (Command+Shift+W on a Mac) to close all tabs. Every online scammer has a script filled with dire scenarios to convince you that you're in danger and that you must act immediately to avoid losing money or being arrested. That's not the way the world works. There will be plenty of time to call your bank or credit card company later. Don't panic. The whole point of a phishing attack is to fool you into talking with someone who is not who they say they are. If someone sends you a message trying to convince you they're from Amazon, Apple, Microsoft, or McAfee, they're probably lying. If they claim to be from your credit card company, call the number on the back of your card or on your printed bank statement and ask to speak to someone in the fraud department. No contact from a legitimate company is ever going to ask for your password, your PIN code, or details about your credit card account. If they start demanding that information, ask them some questions, like what's your account number, and what are the last four digits of the card they have on file. And if they can't answer, well, that says something, doesn't it? Once a scammer has you on the phone, regardless of who initiated the call, know that they thrive on creating panic and paranoia. The best antidote? Talk to a trusted friend or family member. Or call your bank or credit card company! They have a lot of experience with this grift, unfortunately. Legitimate organizations don't ask you to send them Bitcoin deposits or gift cards.

How to Help Protect Your Family From Online Scams

Key Takeaways Beware of messaging scams: ignore unknown numbers and never reveal personal info or transfer money. Watch out for classified scams: always verify the legitimacy of online listings before making payments. Don't fall for fake tech support: Never give someone remote access to your computer. Most of us are pretty savvy to scams, but we all have that friend or loved one that we worry might become a victim. Here's a round-up of the most successful online scams that you can share to help them stay informed of the potential threat. Messaging Scams: Stranger Danger These scams usually start with an innocent sounding message "Hi Tim! It was great to meet you at the conference!". Being polite, you'll reply that this person has the wrong number, and from there they will encourage further conversation. Don't be fooled -- they know they have the wrong number, and are searching for potential targets to develop. Ignore messages from numbers you don't know, and never reveal personal information or click on any links you are sent. Classified Scams: Mind Your Purse There are fake classified ads, online stores, rental properties and job listings that you need to watch out for when shopping online. Examples of this include fake rental property listings that will ask you to transfer a security deposit to the scammer, fake job listings that will ask you to transfer money to pay for training materials (for a job that doesn't exist), and classified ads for used items that will never be delivered. Before you pay for anything, always check that the website you are using is legitimate, and that the product or listing is from a reputable user. Sticking to e-commerce and payment platforms with strong buyer protection and using a credit card that will allow you to report fraudulent transactions can help protect you when shopping online. However, recovering lost funds is rarely successful, so the best protection is simply not to be fooled in the first place. Microsoft/Tech Support Scams: Never Give Anyone Access to Your Computer This one has been around for a long time, but still catches people with their guard down. If someone calls you claiming to be from tech support and wants you to give them details about your computer, accounts, or asks you to download software to give them access, hang up immediately. Neither Microsoft or Apple, nor any other big tech company will call you in this way. Ever. If you get this kind of call claiming to be from your employer's IT department, hang up and call them back through your company switchboard to make sure it was really them. Sometimes, these scams come in the form of ads and popups that look like legitimate messages warning you of viruses that need to be cleaned, asking you to click a link or call a number to resolve the issue. These rely on making you panic so that you'll follow their instructions. Instead, you should ignore them, close your web browser, and run a scan directly using your own antivirus if you are concerned. Phishing: Watch Out for Fake Emails Phishing uses fake emails and websites that look like the real thing to trick you into sharing usernames, passwords, or payment details. These can look like real emails from your bank, government, online stores, or other platforms you use. These can be very difficult to spot, may use real details about you to look legitimate (like your real name and contact details) and even the sending address may appear correct at first glance. The best protection against phishing scams is to never click on links in emails that lead to a login page. Close your browser, and then navigate to the website for the email sender, and log in from there. This way, you know that it's a legitimate login page, and not a fake one set up to steal your information. Cryptocurrency and Investment Scams: You Won't Get Rich Quick Crypto and investment scams may come in the form of phishing, messaging, and even through online ads, but the hook is always the same: with little effort, you can get rich if you transfer some money, but act soon so you don't miss out! Just don't do it. The investment opportunity is fake, or the platform they ask you to use may be fraudulent and used to steal your banking details. Cryptocurrency is often used in these scams as many people aren't familiar with how it works, making it easy to dupe you into handing over their money. Bank Fraud: Be Sure Before You Transfer Money Bank fraud is the end goal of most online scams, and it comes in many forms beyond what's listed in this article. Scammers are creative, and always looking for new convincing stories and technical methods to convince you to give them sensitive information. For example, scammers have been impersonating banks themselves to convince you to give them your details, and have also been tracking legitimate transactions, then issuing fake invoices for them, so you think you are paying for services you actually received, but pay the scammer instead. Never give out your bank details to anyone who contacts you online, and always confirm payment details before you make an online transfer. Funds are rarely recoverable once a bank transfer has been made. Impersonation: Confirm Suspicious Calls from Friends and Family If a family member contacts you, urgently asking for money to be transferred to a new bank account, tread carefully. Scammers trawl social media to find out who you know, then use the details they find (including names, photos, and even information about your activities) to impersonate trusted individuals and try and trick you into transferring them money. This often happens when a friend or family is on holiday overseas, increasing the urgency in which they supposedly need the money. This has even been done by using stolen devices so that the messages come from a legitimate number, which is why it's important to lock your mobile devices with a strong password and follow best practices for staying secure while traveling. AI is even being used by scammers to fake video calls, so this one is going to be harder to spot in the future! If you do get a suspicious message from a friend or family member, contact them through a different channel to confirm that it's really them before continuing to communicate with them. What Can You Do to Protect Yourself and Your Loved Ones? The fastest way to stop a scam in progress is to stop communicating with the scammer immediately, and change your passwords and payment details ASAP so that they cannot use any information that they have collected. The best way to proactively protect yourself is to stay vigilant, share as little about yourself online as possible, and always carefully verify the details of anyone who asks for information or payment. If you're concerned that a loved one may be susceptible to scams, you can help keep their devices secure, set them up on reputable online shopping platforms, and encourage them to stick to them, and contact you if they receive any soliciting messages.