Readers should beware of clicking links in a McAfee invoice scam email that claims to be a "confirmation receipt" for the subscription renewal of the company's products. This email does not come from McAfee Corp.
Email scams that use the names of antivirus and security companies are probably as old as the internet, but this particular one for McAfee apparently tried to combine two different threats into one: malware and phishing.
Snopes reviewed one of the McAfee invoice scam emails. The subject line read, "Confirmation Receipt ID.6030955553." The following message came from an email address associated with uilsducoach.com, not the official company website mcafee.com:
- Reassure your McAfee is up to date.
- Check now as it may have ended.
- Your subscription of McAfee for your computer may ended soon.
- After the ending date has passed your computer will become susceptible to many different virus and threats.
- Your PC might be unprotected, it can be exposed to viruses and other malware...
- You are eligible for discount: -70%*
A malicious URL scanner scan of the links revealed that the email was "hosting malware" and contained a "phishing link."
The link started on an Amazon Web Services page. Vestingsupper.com was one of the redirects. More information was not available at the time this story was published. McAfee has previously published several articles about these types of scams, including details on what to do if you believe you've been a victim of one.
It's recommended, "if you accidentally enter data in a webpage linked to a suspicious email, perform a full malware scan on your device. Once the scan is complete, backup all of your files and change your passwords. Even if you only provided a phishing scammer with the data from one account, you may have also opened the door to other personal data, so it's important to change all the passwords you use online in the wake of a suspected phishing attack."
Malwarebytes and Norton are two other companies that are recommended for malware scans. If readers provided financial information to scammers, such as a credit card number, we recommend contacting that financial institution right away to notify them of the problem. To ensure that scammers do not use the compromised card in the future, a new credit card with a new number may need to be mailed to you in some cases.