Beware of Subscription Renewal Phishing Emails

What happened?
We have received several reports of FIT users getting fake subscription renewal emails from reputable companies, like Norton AntiVirus and McAfee. Scammers will often try to take advantage of the new year, when email inboxes are full of promotions, receipts, and renewal notifications, hoping to catch the recipients off guard. We would like to remind you what tech support scams look like and what to do if you receive one. 

A classic example of this scam is when an email will claim that the recipient made a credit card charge for a subscription renewal to a “number on file” for a large amount of money. The amount is large enough to get the recipient’s attention. The email will include instructions to call a phone number listed if they want to stop the charge or cancel the subscription. Once a potential victim calls the number, the attacker convinces them to grant remote access to their computer to  “check for viruses” or “reverse a charge made in error.” Once the attacker has access to the computer they can easily do any number of malicious things, like install malware or steal data. 

Example email sent to the FIT domain

AV Renewal Phish Example

While our Google mail has excellent spam and phishing filters, some malicious email will always get through. So it’s up to each of us to remain diligent. 

What can you do to protect yourself?

  • Do not trust unsolicited calls, emails, text messages, or instant messages. Even if they are claiming to know you, have your payment information, or to be from a reputable company.

  • If you receive an email like the one described above, mark it as a phishing email in Google. Learn how here. Doing this will help strengthen the Google filters and potentially block future attempts. You can also report it to us by forwarding it to [email protected].

  • Make sure you have a trusted, up-to-date, and active antivirus software installed on your home computer. Learn more here.