McAfee Email Scam Targets Your Credentials

This phishing scheme involves emails that guide users to a malicious webpage, mimicking the design of a simple login site. While scams involving email messages from strangers may employ various tactics, this particular scam impersonates routine notifications from McAfee concerning account details or user licenses. Offers might include a free license for one year, a prompt to approve changes to McAfee policies, or a reminder to renew a soon-to-expire license. However, the phrasing of these messages often renders them suspicious, as genuine communications from McAfee would not include such claims. Is there a specific McAfee scam email circulating in 2023 within the cybersecurity community?

At the bottom of the email, or within the text itself, there is a link or button you can click to get more details. Regardless of the lure, it leads to a phishing page—one that mimics the McAfee login page or a fraudulent survey site. The former is typical of more alarming messages, while the latter usually accompanies offers of gifts. Does McAfee send these types of emails?

The phishing login page features only two states: the default one and a “wrong login/password” notification beneath the credential fields. No matter what you enter, the information is sent directly to fraudsters who can then take control of your account. Additionally, from the phishing page designed to steal your credentials, the site may also include a download button. This button could install software that you would never willingly download, such as adware or rogue applications, which are commonly linked to such scams.

Pseudo-giveaway that promises you a gift will likely ask you for your personal information. Shady persons on the Darknet are willing to pay a lot for a database of users’ information. The pack of name/surname/physical address/email address/system information et cetera gives a lot of advantages for other scams.

Rarely, the message may contain the attached file, and the text allows you to open it instead of following the link. In this file, you’re supposed to see details about the changes in the terms or other stuff they used as a disguise for a letter. This attachment (often a .docx or .xlsx document) contains a virus.

How Dangerous is the McAfee Email Scam?

The main risk associated with following the instructions in a scam email is the theft of your account credentials and personal information. While sharing information with various online services might seem commonplace, these services are typically bound by GDPR rules to keep your data confidential. However, cybercriminals obtaining your information through phishing do not adhere to any rules or laws. Often, this stolen information is compiled into databases and sold on the Darknet, where the new owners are unlikely to have benevolent intentions.

Your McAfee account credentials are particularly valuable as they serve dual purposes. Possession of your account allows a criminal to steal your license key, which might be used to activate a pirated copy of the software or sold online at a fraction of the price you originally paid. If your license covers multiple devices, prepare for potential unauthorized users, or “squatters“, on your account. Additionally, stolen credentials can be added to databases of leaked passwords and logins, which are often utilized in brute force attacks to crack other accounts.

The injection of malware via an email attachment represents another significant threat. Unlike identity theft or account hacking, which may not have immediate effects, malware begins to operate as soon as it is launched. Phishing scams, such as those mimicking McAfee, have become a primary method for distributing malware, posing a serious risk to both individual users and corporations due to human vulnerabilities. The most common types of malware distributed this way include stealers, spyware, and ransomware, which can lead to compromised accounts and encrypted data—a highly undesirable outcome.

How to Protect Yourself from McAfee Email Scams?

The good news about most email scams is that they can easily be mitigated by simple attentiveness. Upon receiving a suspicious email, it is crucial to scrutinize both the body and header of the message. Even the most sophisticated forgeries will contain discrepancies that don’t match the original communications. Simpler scams often exhibit other telltale signs that can help you identify the deceit. So, how can you stop McAfee scam emails?

Typos and Grammatical Errors

Despite the prevalence of online spell checkers, scammers often neglect to use them, resulting in numerous errors in their messages. Poor English, missing punctuation, and subpar design are not features of official communications. The presence of these errors is a clear indicator of a fraudulent email.

Link address

Genuine messages may contain links to their website – for instructions, for example. However, they always belong to the original sender’s domain (mcafee.com for the genuine McAfee email message case). If you see the link to a dubious page, like WebProtectionProgram, or a short link, that is the reason to avoid clicking it. Official mailing never contains links to external sites and never applies using short links.

Sender’s email address

There are official email addresses companies use for mailing or conversations. They are often listed on their website. Receiving a letter that pretends to be sent by McAfee support, but the sender is mikey19137@aol.com does not look trustworthy. In complicated situations, crooks may try to use email addresses that look related to the sender. That’s why it is better to review the contacts on the website. For McAfee, those are the following:

info@authenticate.mcafee.com
Info@notification.mcafee.com
info@protect.mcafee.com
info@smmktg.mcafee.com
info@smtx.mcafee.com
info@mailing.mcafee.com
info@communication.mcafee.com
info@protect.mcafee.com.cname.campaign.adobe.com
donotreply@authentication.mcafee.com
donotreply@mcafee.com
consumersupport@mcafee.com
donotreply@authentication.mcafee.com
mcafeeinc-mkt-prod2@adobe-campaign.com
noreply@mail.idtheftprotection.mcafee.com
research@mcafee.com
mcafee@mail.email-ssl.com
no_reply@mcafee.com
no-reply@mcafeemobilesecurity.com

Strange Offers and Unusual Notifications

Giveaways, quizzes, or notifications about account blocking are not typical for reputable companies. They may contact you if there are issues with your account that need resolving, but you would likely be aware of these issues beforehand. Conversely, offers that require you to share personal information in exchange for a prolonged license are never legitimate. Coupled with the other signs we’ve discussed, these offers clearly indicate a fraudulent message.

Is it Possible to Avoid Email Spam in the Future?

Receiving email spam does not necessarily mean something bad has already happened. Scammers often buy databases filled with random email addresses and send out mass emails hoping to lure someone into a scam. If you do not respond or click on any links, scammers will likely remove you from their list eventually. However, any engagement, such as replying or clicking a link, signals to them that your account is active and susceptible to scams. Experts note that any interaction with a fraudulent email can lead to a significant increase in spam.

Several strategies can help reduce the amount of spam you receive and make it easier to differentiate between genuine and fraudulent emails. First, use a separate email address for registrations on websites or at events where you have concerns about their credibility. Some sites may not prioritize protecting their clients’ data and might sell their databases to third parties. While not always malicious, this practice can lead to unwanted exposure for your primary email address. Using a secondary email address as a buffer can help protect your main accounts from suspicious activities, ensuring greater security for your personal or work emails.

Another tip involves reporting suspicious emails. While most email services employ advanced anti-spam engines to filter out the bulk of spam, no system is perfect. You might still find McAfee phishing emails in your inbox. Reporting these deceptive messages is straightforward: simply click the button with three dots on the message and select “Report Spam.”

Conclusion

In the fight against email scams, especially sophisticated ones like the McAfee email scam, proactive protection is key. While following the tips outlined above can significantly reduce your risk of falling victim to these scams, having robust antivirus software can provide an additional layer of security. We recommend using Anti-Malware for its effective detection and removal of malware threats.

Download and install Anti-Malware by clicking the button below. After the installation, run a Full scan: this will check all the volumes present in the system, including hidden folders and system files. Scanning will take around 15 minutes.

After the scan, you will see the list of detected malicious and unwanted elements. It is possible to adjust the actions that the antimalware program does to each element: click "Advanced mode" and see the options in the drop-down menus. You can also see extended information about each detection - malware type, effects and potential source of infection.

Click "Clean Now" to start the removal process. Important: removal process may take several minutes when there are a lot of detections. Do not interrupt this process, and you will get your system as clean as new.

The post McAfee Scam Email appeared first on Gridinsoft Blog.

What are McAfee Pop-ups? Is It McAfee Scam?

McAfee pop-up notifications can be divided into two types: legitimate ones, which are sent by a browser extension, and fake ones, which are sent by adware installed on the system. But how to stop them? Suppose you have deliberately installed a McAfee browser extension. In that case, it is expected that you will see pop-up notifications from it. On the other hand, if you have no McAfee installed as the app or the browser extensions in Chrome, these are probably fake McAfee pop-ups. Next, we’ll figure out how to disable unwanted pop-up notifications in Chrome and solve the problem of fake notifications.

How to Stop McAfee Pop-ups on Chrome?

You can use Incognito mode in Chrome, temporarily removing the pop-up notifications from McAfee. However, if you need to block them completely, you can do so in Chrome’s notification settings. Alternatively, you can restore Chrome’s default settings. However, if you need to keep all your saved data and browser settings, we have several other options listed below.

Block notifications from McAfee

First, you can block push notifications from any site in Chrome, including the McAfee site. This is the most straightforward action you can take to hide all pop-up notifications from McAfee.

1. Click the three vertical dots, then “Settings“.
   
2. Click “Privacy and security” ⇢ Site Settings.
   
3. Select the “Notifications” option.
   
4. Select “Don’t allow to send notifications“.
   
5. Click the “Add” button next to the “Not Allowed to Send Notifications” section.
   
6. In the “Add Site” window, add the website URL for what you want to stop receiving notifications and click “Add“. In this case, it is a McAfee site.
   Alternatively, click the “Extra Actions” button (three vertical dots) next to the specific site and click “Remove“.

Remove the McAfee Chrome extension

If the first method didn’t work, and you still get the pop-up notifications from McAfee when you open Chrome, chances are that your system is infected by adware. However, to be sure, you can uninstall the McAfee Chrome extension. If necessary, you can always reinstall it later from the Chrome Web Store.

1. Launch the Chrome app. Click the three dots in the top right corner.
   
2. Then select More Tools ⇢ Extensions.
   
3. Turn off the McAfee Extensions button.
   
4. Restart the Chrome app and make sure it’s not running. Or, click the “Remove” button on the McAfee extension to remove it from Chrome.

Scan Your System for Viruses

It is possible for malware to force the appearance of the McAfee pop-ups and the consequent Subscription Expired page. In particular, adware and browser hijackers are two malware types that do this nasty trick particularly often. They bring profit to their masters by throwing users of infected systems to unwanted websites, with the fake McAfee sites being just one of the examples. And to get rid of the malware, the anti-malware software scan is needed.

Download and install Anti-Malware by clicking the button below. After the installation, run a Full scan: this will check all the volumes present in the system, including hidden folders and system files. Scanning will take around 15 minutes.

After the scan, you will see the list of detected malicious and unwanted elements. It is possible to adjust the actions that the antimalware program does to each element: click "Advanced mode" and see the options in the drop-down menus. You can also see extended information about each detection - malware type, effects and potential source of infection.

Click "Clean Now" to start the removal process. Important: removal process may take several minutes when there are a lot of detections. Do not interrupt this process, and you will get your system as clean as new.

The post How To Stop McAfee Pop-ups appeared first on Gridinsoft Blog.

Also read our article: Signs You’re Dealing with an Online Scam.

According to researchers, with its help, hackers stole millions of dollars from tens of thousands of victims. It turned out that the attackers operate a in large network of more than 200 fake dating and customer support sites, and use these resources to debit other people’s bank cards bought on the dark web.

This campaign uses two types of domains: dating sites and customer support portals (list of addresses can be found in the company report). If you try to visit the websites of the companies that allegedly own these fake resources, you will find that they do not exist at all, or they use non-existent email addresses, such as mail@example.com.

Fake dating sites

At the same time, dating and customer support sites look viable, but receive almost no traffic, occupying low positions in Google search results. The fact is that they exist not to attract users, but to serve as channels for money laundering.

ReasonLabs analysts write that all sites have the same HTML structure and almost the same content, so it looks like they were created using automatic tools. At the same time, fake customer support portals often use the names of non-existent organizations, or try to resemble real brands such as McAfee, ReasonLabs and other firms.

It is also noted that the operators of this campaign seem to have gone to great lengths to hide all 75 fake support portals from being indexed by search engines using the anti-crawler instructions in Robots.txt.

But the biggest challenge for attackers is registering these sites with payment processors, who usually classify them as “high-risk” (even if it’s a legitimate resource) due to their high chargeback rates. In order not to be blacklisted, each site applies individually, as campaign operators are afraid of losing all resources at once if fraud is detected.

If resources need to prove their legitimacy, then all sites have a round-the-clock chat with support and a working phone, outsourced to a real call-center. In addition, all sites list a toll-free number in case users want to cancel a payment, which scammers usually do not offer.

Once the payment processor has approved the request, the hackers use millions of stolen payment cards purchased on the dark web and debit them through their fake websites. Most of the cards belong to residents of the United States, but it is also reported that hackers bought cards from French-speaking countries.

Site operators are very careful and try not to draw attention to themselves. They withdraw small amounts, use common names that can get lost among the victim’s other expenses, use recurring payments with the same amount, and avoid test transactions.

Payment page on one of the scam sites

What’s more, in some cases, the hackers even refund the victims, making their transactions more authentic and making the charge-back ratio seem low.

While many of the 275 bogus sites are still up and running, ReasonLabs experts have already notified payment processors and law enforcement of their findings.

You may also be interested in: 8 Best Practices How to Keep Your Windows 10 Computer Secure in 2022.

The post Scammers Use Fake Dating Sites to Steal Money appeared first on Gridinsoft Blog.

The death of the developer was reported by several major media resources, including Reuters, El Mundo, El País, with reference to the Department of Justice of Catalonia. McAfee’s lawyers confirmed his death to Reuters and the New York Times, and one of them said that it was “the result of a brutal system that had no reason to keep this man in prison for so long.”

Now the police are investigating the circumstances of the death of the American businessman, but local publications write that “everything points to suicide.” McAfee was arrested in Spain in October 2020, when he was detained at Barcelona airport at the request of the US Department of Justice with charges of tax evasion, cryptocurrency fraud and money laundering.

A few hours before the incident became known that the Spanish Supreme Court approved McAfee’s extradition to the United States, where the businessman faced up to 30 years in prison for the above charges.

McAfee considered that the accusations against him are political, and a year and a half before his death, the businessman claimed that the US government was threatening him with reprisals, urging not to believe the news of his suicide.

John McAfee is widely known not only for his business success (he went out of business in 1994), but also for his eccentric behaviour and several scandals. In 2016 and 2020, McAfee tried to run for the presidency of the United States from the Libertarian Party, in 2012, the businessman was suspected of killing neighbour Gregory Faull in Belize, and in 2016 he promised to eat his boot live in case of unsuccessful hacking of the iPhone of a terrorist from San Bernardino.

McAfee was bought by Intel in 2010 for $7.7 billion (the deal closed in 2011). But six years later, due to the scandalous reputation of the founder, the processor-producing giant withdrew McAfee from its structure by selling a controlling stake (51%) to TPG.

The post John McAfee, creator of McAfee antivirus, found dead in prison in Barcelona appeared first on Gridinsoft Blog.

In total, McAfee will stand trial in connection with ten charges. The US Securities and Exchange Commission (SEC) intends to sue him separately, claiming that he earned at least $ 23 million from various promotions related to cryptocurrencies and cryptocurrency transactions, violating various laws and regulations.

According to the indictment of the Justice Department, McAfee did not pay taxes on the funds he earned between 2014 and 2018. The government also claims that McAfee has long avoided meeting with tax inspectors and tried to hide his assets, including real estate and a yacht (usually by transferring ownership to other people).

According to prosecutors, McAfee has made tens of millions of dollars from his numerous Twitter followers advertising various cryptocurrencies, and has also not paid any taxes on this. It is also noted that in recent years, McAfee regularly received royalties for various performances and consultations, and also earned on transition of rights to film the story of his life.

“John McAfee made millions from promoting cryptocurrencies, consulting work, speaking and selling the rights to his story for a documentary. From 2014 to 2018, McAfee did not file tax returns, despite receiving significant income from these sources”, — reads a statement from law enforcement officers.

As a result, if found guilty, McAfee could face up to five years in prison for tax avoidance, as well as up to one year in prison on each of five charges of willful tax evasion.

In turn, representatives of the Securities and Exchange Commission write that McAfee earned by telling his subscribers about various cryptocurrencies.

“At the same time, the former head of McAfee did not tell people that he was paid to advertise certain altcoins, and in some cases he even had a stake in the companies in which he called for investments. For example, in one case, McAfee advertised an unnamed ICO for users and at the same time tried to sell his stake invested in this company”, – say the court documents.

In total, advertising for seven ICOs on Twitter brought John McAfee about $23 million, and experts emphasize that in all cases, “McAfee’s recommendations were false and misleading.”

The SEC does not face a jail sentence, but if McAfee is found guilty, he will have to deal with multimillion-dollar fines and penalties.

Jimmy Watson, who has been responsible for McAfee’s personal security in recent years, also appears in court documents. According to authorities, he often helped negotiate on behalf of McAfee and acquainted more than $300,000 in the process.

And for example, another IT legend Steve Wozniak sues YouTube over cryptocurrency scammers.

The post US authorities arrested legendary John McAfee for tax avoidance appeared first on Gridinsoft Blog.