In recent weeks, scammers have increased efforts to target inboxes with dodgy emails impersonating AVG AntiVirus and McAfee.
Which? has seen an increase in reports of fake antivirus emails circulating. Members of our Scam Action and Alerts Facebook group and users of our scams reporting tool have shared examples of dodgy emails informing you that your antivirus software has run out and there are critical threats ready to spread malware to your device.
Read on to find out what these emails look like and how to avoid these scams.
Sign up for scam alerts
Our emails will alert you to scams doing the rounds, and provide practical advice to keep you one step ahead of fraudsters.
Sign up for scam alerts
AVG Antivirus emails
Emails claiming to be from AVG Antivirus tell you that your ‘AVG subscription has expired’ and that ‘you run the risk of viruses and malware.’ They also offer an 80% or 90% ‘renewal discount’ and give you a short deadline to claim this.
You’re then prompted to scan a QR code or follow a dodgy link labelled ‘renew now.’
After following the link, you’re taken to the official AVG website. While this might seem strange, it means that the emails were most likely created and sent by a rogue affiliate.
These are partner organisations that promote AVG’s products. Recently, we reported on a rogue affiliate impersonating McAfee and infecting devices with numerous pop-ups, making them unusable.
We shared these emails, as well as the links within them with AVG and it told us that AVG will only send emails from the AVG.com domain or, in some cases, GenDigital.com.
AVG said: ‘Based on the links provided, these were a mix of affiliate and potential other scams. The scams identified as affiliates have been noted by our team. Per our policy, they have been removed from the platform and any potential commissions will not be paid.
‘Unfortunately, cybercriminals sometimes leverage trusted names to send fake emails designed to trick consumers and steal their money and personal information.’
Emails impersonating McAfee
An email with an attached ‘invoice’ claiming to be from McAfee tells you that your purchase and registration of McAfee is complete and prompts you to review the ‘amended agreement.’
The fake invoice begins ‘your payment to McAfee has been confirmed’ and asks you to call a number if you didn’t authorise the £799.99 fee.
This number will put you through to a scammer who will try to get you to reveal your personal and financial details. They may also pressure you to download software to your device which will give them control of it.
A second email impersonating McAfee tells you to ‘protect your device from dangerous threats’ with an ‘exclusive’ ‘90% discount’ on your McAfee renewal. It prompts you to follow a QR code or link to take advantage of this ‘deal’, but this leads back to AVG’s official website.
Which? shared the emails with McAfee and it confirmed that the emails were not genuine.
Spotting, reducing and reporting scam emails
If you receive an email you’re suspicious about, don’t click on any links in it or reply to the message. Instead, look out for these signs:
- An unrecognisable or unusual sender’s email address.
- An impersonal greeting, such as ‘dear customer’.
- Links that are different to the brand or organisation the email claims to be from – hover your cursor over the links to see where they lead.
- Blurry or out-of-date branding.
- Requests for personal information or bank details.
- A tight deadline to take advantage of an offer.
- Poor spelling, grammar and presentation.
If you do receive an email from a company you have an account with, contact them directly on a trusted number or log into your online account to verify the information in the email.
It may not be possible to stop every spam email, but when you receive a dodgy email in your inbox, you should mark it as ‘spam’. Doing this should encourage more of these emails to divert straight to your junk folder.
You can report email scams by forwarding the email to report@phishing.gov.uk, and suspicious websites can be reported to the National Cyber Security Centre.
You can also report emails to your email provider – select the ‘report spam’ on Gmail, the ‘report phishing’ button on Hotmail and send scam emails to abuse@yahoo.com if you use a Yahoo account.
You can report fraudulent messages and scams impersonating McAfee to scam@mcafee.com.
If you lose any money to a scam, call your bank immediately using the number on the back of your bank card and report it to Action Fraud or call the police on 101 if you’re in Scotland.
Seen or been affected by a scam? Help us protect others