It’s a New Year, and there’s an uptick in subscription renewal scams.
Although subscription renewal scams are old identity theft methods, the beginning of a new year is the perfect time for phishing emails claiming, “it’s time to renew your annual subscription”.
Take the latest “Norton Subscription will renew today” email.
The fraudulent emails that are currently circulating claim that Norton subscription holders will be charged $349.99 for the renewal of their subscription. The scammers behind this scheme state that the funds will be withdrawn within a 24-hour period. Victims who wish to cancel their subscription or believe that this is an unauthorized transaction can contact the billing department to obtain a refund.
These types of spam campaigns usually operate as technical support and/or refund scams. Typically, the scam begins when users are tricked into calling fake support representatives or technicians. The cybercriminals then request victims to grant them remote access (via the use of legitimate software) to their devices. Once access is granted, the scam can take various forms.
One common tactic involves scammers tricking victims into disclosing private information, such as personally identifiable details, account usernames and passwords, and credit card details. They may do this by simply asking for it, claiming that they cannot see it as it is being typed, or through phishing websites.
In other cases, cybercriminals may remove genuine protection software, install fraudulent programs that can be purchased (fake anti-viruses, for example), or even infect the system with malware, such as trojans or ransomware. These actions are often performed under the false guise of providing technical support, such as uninstalling products, removing viruses, or manually canceling subscriptions.
In refund scams, victims are asked to type the refund amount themselves, but they are unable to see the screen. By editing the HTML of victims’ bank accounts, the criminals create the impression that the refunded sum far exceeds the agreed-upon amount. In reality, the funds present in the account remain unchanged, and the scam is a ruse to force victims into transferring their own money to the scammers. When victims return what they believe to be the refund excess, they are, in fact, losing their own money.
To make matters worse, cybercriminals often demand that the extra funds be transferred using difficult or impossible-to-trace methods, thereby ensuring that victims will be unable to reclaim their money and the scammers can avoid persecution. Common tactics include requesting payment in digital currencies (such as gift cards, pre-paid vouchers, or cryptocurrencies) or in cash, which can be hidden in packages and shipped.
