How you can get scammed by buying Antivirus & Internet Security.

danger-security-threat-cyber-crime-scam-virus-hack

These days we all use laptops, tablets and mobile phones for everything. This includes online banking, buying from online websites and scrolling through social media. It has become the norm and many of us feel lost without these devices.

Two to three years ago, as a customer, you would go to your local shop to buy yourself a CD with Antivirus or Internet Security on it. Once you had put your CD into the drive and loaded it up onto your computer then you were good to go – Your device was protected.

In the past 2 years the industry has had a massive change. With the likes of Amazon Prime same day delivery, where people expect to be able to use the software almost immediately, partnered with the decline of people using CD drives, software companies have been keen to move over to digital downloads.

So how does it work?

Well – depending on where you buy it from, you get a license card in the post or maybe an email with the license code on it. You then go to the vendors download link and you download the product, you then activate your subscription by putting the license code in the relevant field and you are good to go.

For an example with some of the better-known brands such as McAfee, in order to download the software, you would go to Mcafee.com/activate or with Norton you would go to Norton.com/setup.

There is a benefit to this because discs can get scratched or even snap and not everyone has a CD drive nowadays. Another major benefit which many consumers may not be aware of is that a disc will only give the edition of software that was put onto the disc. On many occasions, this may not be the newest software because companies are regularly updating software. This does not mean that you are less protected as the latest protection against viruses are always automatically downloaded onto your device, however the interface itself (the way the software looks) may not be the most recent so you may lose out on extra features.

If you are downloading from the website you are always guaranteed to get the latest edition, which is always a safer and recommended by our security specialists at intersecure.co.uk

So what can go wrong?

Over the past 6 months, we at Intersecure have had many customers complain that after purchasing the licences, they proceeded to activate them on the official websites, but whilst doing so they were advised that there was an issue downloading the software.

They are then advised to call a standard UK number to have somebody talk them through the process to resolve the problem. However, after trying to help the customer download the software, the advisor tells the customer that there is an issue activating the product and that he can look into it for the customer by taking remote access.

Seeing as this seems to be the official website provided by McAfee or Norton or the official brand that they purchased the product from, they have no reason to suspect that anything is wrong, so they go ahead and allow the advisor to take remote access to resolve the issue.

The advisor then claims to attempt to load the software but advises that there is a serious virus on the computer and that to download the software, they need to first completely clean the computer from all viruses.

They offer to sort this out for the customer, but this comes at a cost. This could be £50-£100.

Whilst a lot of customers would smell a rat here, many customers panic, believing that they will lose all their work, photos and personal information if the viruses are not cleared.

Those who fall for the scam then provide their bank details to the advisor and almost immediately, the so-called advisor simply disappears with their bank details and the customer is left angry that the matter is still left unresolved.

At this point many customers become aware that this is a scam, however some are still none the wiser and believe that they have a virus on their computer and that they are unable to download the licence code. At this point they contact Intersecure and we must explain that they have been scammed and that there is no problem with the licence code that we have sold to them.

Ironically, despite having just been scammed, many of our customers ask us to take remote access of their computer to assist them in downloading the software.

So how are they doing it?

After doing a small amount of research we were surprised to learn how easily this scam is achieved. Many customers use search engines to find the relevant activation website.  For example, a typical search may be “Mcafee.com/activate” which would be the correct website if you went directly. However, to our surprise when you put in this search term into a search engine, there are a whole list of fake websites claiming to be the real vendors.

In fact, on our latest search, Mcafee’s official website only showed up fifth on the search page, and this was still not the activation page.

We also discovered that the same thing is happening with Microsoft products as customers are searching for “setup.office.com” in a search engine instead of going directly to the website, and they receive a list of numerous fake websites.

The most worrying part is that some of these fake websites are almost identical to the real website. In fact, the web address looks legitimate and looks very much like the official website too.

After making these discoveries we immediately contacted McAfee who advised that they would pass it onto their legal team, and we also attempted to contact Norton and Microsoft to advise of the issue at hand but were unable to get in touch with the relevant departments.

We have since noticed that some of these fake websites now have a warning from our Internet Provider advising that they are phishing. We are glad that Intersecure’s research helped, however there are still many out there that do not have warnings and are waiting for vulnerable customers to hand over their bank details.

In our opinion, search engines are simply not doing enough to protect the consumers from falling foul to phishing attempts and much more could and should be done.

At Intersecure we recommend that to find the official website, you should go directly to website by typing the full address into the browser address bar instead of using a search engine.

Leave a Reply