Scam

Rogue security software affiliates are sending emails that falsely tell recipients that their antivirus software is expiring and then prompt them to renew their license so that the affiliate can earn a commission from the sale.

A software affiliate is a third-party that refers visitors to a software company to earn a commission from the sale of their software.

All legitimate companies that offer an affiliate program have strict guidelines on how to promote their software and prohibit misleading and false advertising from tricking people into purchasing software.

Wiz

Scam emails state your antivirus software is expiring

Over the past week, BleepingComputer became aware of scam emails being sent that tell recipients that their Norton and McAfee antivirus software is expiring that day and prompting them to renew their license.

We became aware of this new scam after being told about it by two seniors who received the emails, with one of them falling for the scam and purchasing the software, thinking the email was legitimate.

The scam starts with emails containing a subject similar to "WARNING: Anti-Virus Can Expire " Sun, 26 Apr 2020"", which contains a link stating, "Your Protection Can Expire TODAY!".

When the link is clicked, the user will be redirected through the DigitalRiver affiliate network, which drops a tracking cookie on the browser, and then redirects the user to a purchase page for Norton or McAfee as shown below.

Affiliate scam: From email to purchase page
Affiliate scam: From email to purchase page

When a victim purchases the software, the affiliate will earn anywhere between a fixed $10 commission or 20% of the total sale. For the scam shown above, this would net the rogue affiliate approximately $10 per sale.

Affiliates who have large volumes of sales will typically earn a higher commission rate.

How to avoid falling prey to these scams

Most antivirus software will alert a customer that their license is expiring via notification from the software, but some companies do send emails as "reminders" about expiring licenses.

As email scammers tend to send their scams to large lists of email addresses without knowing what antivirus software a recipient is using, the first step is to make sure you have the mentioned antivirus software installed.

If it is installed, open the software and check when your license expires. 

If it is expiring, you should instead renew the license through your software or by going directly to the web site of your security software.

If you have mistakenly fallen for this scam and purchased a license, be sure to contact your credit card company and dispute the charge as fraud.

tines

Break down IAM silos like Bitpanda, KnowBe4, and PathAI

Broken IAM isn't just an IT problem - the impact ripples across your whole business.

This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.

Related Articles:

Avast Makes AI-Driven Scam Defense Available for Free Worldwide

US cybersecurity experts plead guilty to BlackCat ransomware attacks

Fake Grubhub emails promise tenfold return on sent cryptocurrency

Ukrainian hacker admits affiliate role in Nefilim ransomware gang

European authorities dismantle call center fraud ring in Ukraine