Have you been the target of an antivirus protection scam?
If you’ve received an invoice for antivirus protection that you never asked for, then you have something in common with Rita Coomler, Marc Harris — and me.
Everyone wants to know if these emailed bills are legit or if they’re a scam.
“I have not seen this one before,” Coomler told me. “Thought this might be a scam.”
What’s the this to which she’s referring? It’s an invoice for “annual maintenance services” for antivirus software.
Thanks for being a part of Digitech Solutions for 24 months!
And we hope you are satisfied with our Annual Maintenance Services and out [sic] experts who have provided you the services.
As per the records, yyour [sic] Digitech Annual Maintenance Service for 24 month [sic] is going to expire.
The amount of $199.99 USD will be debited from your account automatically, due to auto-debit enabled in your account. You will be able to check the debited transaction amount in your account statement after 24 hours.
Please find the Invoice details as mentioned below.
You get the idea.
Actually, Digitech is a company that manufactures shift pedals for electric guitars. The company does not offer annual maintenance for antivirus protection.
But there’s more. The fraudulent pitch Coomler received exposes a darker underside of the internet where scammers have developed new ways of accessing your personal information and ripping you off. When I lifted the lid on this one, I could hardly believe what I found. But as always, there are ways to protect yourself from these cons. I also have an important update for 2023.
Is this antivirus protection invoice a scam?
But let’s get back to Coomler’s case. A closer look at the antivirus protection invoice she received suggested it was not legit.
- A quick search for “Digitech” shows that the company isn’t in the antivirus protection business.
- The typo in the invoice (“yyour”) was a dead giveaway.
- The wording in the invoice is highly suspicious. “due to auto-debit enabled in your account” suggests it was written by a non-native English speaker who isn’t familiar with American corporate-speak.
- The scammy bill also didn’t have any of her bank information.
Of course, Coomler could have reviewed her own records to determine if she had an agreement with Digitech for antivirus software.
But you’re probably wondering, so what? Coomler could just refuse to pay. End of story.
At the bottom, the scammy invoice says, “To modify or cancel the subscription please call us at [number redacted].” And it lists a U.S. phone number.
A reasonable person might skip the due diligence, overlook the typographical error, and call the number. That’s when the scam happens.
According to multiple reports, the scammers ask their victims to download remote access software. They configure the software for unattended access, which means they can get on your computer without your explicit permission. The fraudsters then upload software that makes their victims believe their computer has been infected, while at the same time harvesting personal information.
In other words, when you call, they getcha. But what happens when you call? To find out, let’s go over to Harris, who actually did phone the fraudsters.
The scammer called me a “son of a bitch” and hung up
Scammers are not nice people. They can be charming at first when they’re trying to extract information from you. But if you don’t do what they want — watch out. That’s what Harris discovered after he became the target of an antivirus protection scam.
“I called the number on the invoice,” he says. “No answer.”
Then he got a call back from a different number about the invoice.
“I told the caller I never ordered the service and don’t want it. He said I had already been charged. I said I would dispute any charge. He called me a ‘son of a bitch’ and hung up,” Harris says.
But seriously, look at that invoice. Read it carefully. Do you really think McAfee is sending invoices for anti-malware “software’s”? Do you really think it’s saying it’s “happy to have you” as a customer?
As a side note, I’ve found that scammers have been getting much more aggressive lately. They’re better organized, they have more resources, and when you push back, they can turn ornery.
I’ve received these fake invoices, too
I’ve also received a fair number of these invoices. These fake antivirus protection invoices have all gone to where scams like this should: to my spam folder. But I wanted to find out how bad the problem is, so I went where I seldom do.
I clicked on the spam folder. There, among offers from Nigerian princes to transfer millions and former Nazi doctors to enlarge my manhood, I found a total of 41 invoices. That’s more than one invoice per day! They came from bogus antivirus companies or those pretending to be legitimate companies, like Intuit or Fidelity.
Here’s one I got just a few days ago purporting to be from Geek Squad.
Thank you for your order on Geek Squad for your Antivirus Plus 1 year Subscription with Auto Renewal Plan for mac and Windows system.
We have Activated this product on your mail and account. Payment was made successfully deducted. Your Account will Show As “Geek Squad Antivirus Plus”. We have given the Product details for your refences [sic] given below .
Ah, that’s clever. There’s no “Geek Squad Antivirus Plus” product, but everyone recognizes Geek Squad. It almost could be legit. But it isn’t.
Are fake invoice scams a problem in 2023?
Unfortunately, since I wrote about these antivirus invoice scams in 2021, they’ve only multiplied. I just checked my spam folder and found 16 invoices for antivirus subscriptions.
They’ve gotten more clever, finding ways to bypass your spam filter and tightening up their language to sound more native English (they can’t quite pull it off most of the time).
Also new in 2023: The scammers are using PayPal to send fake invoices, and unfortunately, people are falling for it.
Bottom line: The threat is still with us.
What do all of these fake antivirus protection invoices have in common? How can you avoid falling for one?
- They’re written by non-native English speakers. No matter how hard they try, they eventually slip up and include an awkward phrasing or errors that you would never — repeat, never — find in a legitimate invoice. The spam algorithm is clever enough to filter these messages out; you can do it, too.
- They pressure you into calling immediately. Before you have a chance to reread the invoice, a little voice inside your head says, “Call now and clear this up! They can’t charge me.” Once you do that, they’ve got you. If you have a McAfee account, you can log in to see if you’re being billed again. If not, it’s safe to ignore the message.
- They steer you away from someone who could really help. If you have any doubts, call your credit card company. The best way to do that is on your computer. You can also log into your account to see which subscriptions are on auto-renew. Again, if you don’t see McAfee or Intuit on the list, it’s safe to push the “spam” button and send the invoice into the void.
SPECIAL NOTE: There’s a fake invoice variant that’s making the rounds involving DocuSign. If you see an invoice from DocuSign, make sure it’s from a trusted source. Otherwise, there’s someone on the other end trying to obtain your login credentials.
Remember, you can usually tell if a sender is fake without opening the email. Just hover your mouse pointer over the sender’s name. This will reveal the sender and domain name; if they don’t match the purported sender, it’s a scam.
I’m just shaking my head about this one. I’ve seen all kinds of scams, but this invoice for antivirus protection is next-level awful. It preys on our worst fears, which include being charged for a product we don’t want and having our computers infected by malware.
There’s a special place in hell for the fraudsters who are inflicting this pestilence upon consumers. And one day, they will pay for what they’ve done.