Scammers are using fake antivirus bills to hack your computer

News
By published

Email-run tech support scams are on the rise

Cybersecurity
(Image credit: Shutterstock / song_about_summer)

Email security firm Vade Secure uncovered an ongoing tech-support scam that uses fake antivirus invoices to trick users into enabling remote access to their computers.

The news is the latest in a surge in the number of tech-support scams that begin by circulating fake invoices for well-known security software, with Malwarebytes sharing details about one such incidient recently.

This new scam targets users with fake antivirus renewal invoices from popular vendors such as McAfee, Norton, and Microsoft, luring victims into handing over their personal details.

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

Push into panic

As usual the emails are designed to catch the attention of the potential victims by threatening to auto-charge their cards for the software renewals unless they call to cancel the subscription. 

When they do, the scamsters will sweet talk them into installing various remote access software to allow the threat actors to take over the victim’s computer to install malware or for other nefarious purposes.

Vade caught on to the new scam due to its sheer volume. Speaking with BleepingComputer, Vade’s Regional SOC Manager Nicolas Joffre shared that the company has filtered over a million emails of this new scam since it started targeting its customers in March.

BleepingComputer engaged with one of the scammers by pretending to have received one of the renewal invoices. They were walked through downloading AnyDesk remote access software and instructed to configure it for unattended access. 

The scammers then transferred a disguised batch script to scare them into thinking their computer was infected, while they collected personal information and continued to install additional software, such as TeamViewer in the background.

Joffre believes that the personal information is hawked to other threat actors, while the remote access software will help enlist the device into the threat actor's spam botnet.

Via: BleepingComputer

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
Phone scammer
Microsoft thinks it could stop this dangerous scam forever
An abstract image of a lock against a digital background, denoting cybersecurity.
This AI scam detector could save you thousands by stopping scammers before they reach you, but it's only free if you're a McAfee customer
Fraude en ligne phishing
Google forced to step up phishing defenses following ‘most sophisticated attack’ it has ever seen
Shopping scams
New wave of sextortion scams uses personal details and images to intimidate targets while bypassing traditional security measures
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
PayPal
This PayPal scam exploits new address feature to send out phishing scam emails
Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
More about security
cybersecurity

Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak

A major Keenetic router data leak could put a million households at risk
HDD

Seagate teams with Nvidia to build an NVMe hard drive proof of concept, more than 3 years after its last effort
See more latest
Most Popular
HDD
Seagate teams with Nvidia to build an NVMe hard drive proof of concept, more than 3 years after its last effort
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Sony WF-C710N in blue glass on beige background
Sony WF-C710 earbuds land, and I think they'll be the 2025 budget buds to beat
The RIG M2 Streamstar attached to a boom arm.
The RIG M2 Streamstar has the world's first Bluetooth audio gateway in a wired gaming microphone