Home Guides Remove NortonLifeLock email scam virus

Remove NortonLifeLock email scam virus

4 min read
Remove NortonLifeLock email scam virus
A competently designed email scam is doing the rounds that spoofs NortonLifeLock orders and aims to install malware on recipients’ computers.
  1. What is the NortonLifeLock email scam?
  2. Automated removal of NortonLifeLock email scam virus
  3. Restore web browser settings to their original defaults

What is the NortonLifeLock email scam?

Social engineering hoaxes on the Internet are nothing new, but most of them are crude and have little chance to achieve their objectives. Spelling, punctuation, and grammar mistakes, combined with apparently fraudulent contact information, are common red flags that rarely fly under the radar. The NortonLifeLock email scam is different. It looks very much like genuine correspondence from the trusted cybersecurity services provider, its manipulation narrative revolves around pressure, and the scale of this campaign reaches hundreds of thousands of messages a day. Furthermore, its operators seek to spread dangerous software that provides them with backdoor access to devices.

NortonLifeLock email scam variant
NortonLifeLock email scam variant

A fake order is the pillar of the whole brainwash piggybacking on the NortonLifeLock brand. According to the scam email with the subject “Online Billings”, the user has been allegedly charged an amount that ranges between $349.99 and $499.99 for a Norton product subscription. Obviously, this news takes the person by surprise, to say the least, and encourages them to learn further details and cancel the order they never made. At this point, the bogus customer support phone number listed in several places across the message comes into play. Interestingly, the scammers advise against replying to the email and emphasize that the “mailbox is not monitored” and the user will not receive a response. This pushes the would-be victim closer towards the ambush.

Threat details:
Name NortonLifeLock email scam
Threat Category Phishing, tech support scam, remote access Trojan
Domains involved developedfuture.com, 1800support.weebly.com
Symptoms Fake order notification, instructions to contact pseudo-support, fraudulent permission requests
Distribution techniques Phishing emails
Severity Medium
Damage Malware promotion, data theft, Internet activity tracking
Removal Scan your PC with WiperSoft to detect all files related to NortonLifeLock email scam virus. Free scan determines if your system is infected. To get rid of the threat, you need to purchase the full version of the anti-malware tool.

When on the phone with a self-proclaimed support agent, the user will be asked to visit a knockoff NortonLifeLock web page and download the software hosted there. It turns out to be a remote desktop application such as AnyDesk or TeamViewer, which grants the impostor access to the computer. Next, the crook will remotely install a system scanner whose interface resembles the Windows command-line utility. By executing a random task in it, the fraudster will try to make it look like the machine is contaminated with very dangerous malware. This is supposed to become a strong stimulus for the user to agree to a paid cleanup service. The evil actor may also tell the victim to open the Notepad and enter their personal information such as the first and last name, address, and phone number so that the assistance continues.

Malicious macros in a Word document attached to NortonLifeLock scam email
Malicious macros in a Word document attached to NortonLifeLock scam email

In addition to wheedling out sensitive information straightforwardly, the NortonLifeLock email scam may have a more subtle flavor. In a more intricate campaign launched in early 2021, felons attempt to spread a remote access Trojan (RAT). This scenario hinges upon a booby-trapped Microsoft Word file attached to the message. When opened, it displays a NortonLifeLock logo and says, “You have received a protected document which contains personal information”. To be able to view the details, the recipient is told to click the “Enable Content” button.

This is an old trick aimed at duping the user into turning on Word macros. If it works out, malicious scripts will run in the background and install a RAT that allows the attacker to access the computer with virtually no limits. This can be a source of serious violations that run the gamut from installing more malware to quietly harvesting confidential data, including cryptocurrency wallets, chat messages, e-banking credentials, and passwords for social network accounts. If you have received one of these emails and followed recommendations in them, it is important to check your PC for threats that may undermine your security and privacy.

Use WiperSoft to remove NortonLifeLock email scam virus

The battle-tested security tool called WiperSoft can shore up the protection of your PC by identifying and removing all files associated with NortonLifeLock threat automatically. It gets regular updates of its malware database to ensure a high detection rate, even if you’ve been hit by the newest strain of ransomware, adware, spyware, or a stubborn browser hijacker.

The following point-by-point instructions will help you get your computer back on track using this incredibly effective application.

1. Download the latest version of WiperSoft.

WiperSoft scans your PC with no strings attached, but you’ll have to register its commercial version to immediately remove the threats it detects. Alternatively, you can use a one-time free cleaning service that will activate in 48 hours after you opt for it.

Download NortonLifeLock email scam virus remover

2. Run the installer. As part of the setup, you’ll be asked to specify your preferred language and accept the End User License Agreement.WiperSoft installation progress

3. Once the installation is through, you’ll see the app’s Home screen that says, “Computer state is unknown”. Click Scan Now to check your system for threats.Start a scan

4. The first scan might take a while to be completed. This is normal, given that the app has to check hundreds of thousands of files along the way. It will reflect the current progress and other details at the bottom part of the GUI.WiperSoft scan progress

5. If WiperSoft finds malicious files, it will let you know via an updated computer security status as illustrated below. Go ahead and click the Review & Clean button.‘Malicious items were found’ alert

6. Go over the detailed scan report that’s split into three categories: malware, potentially unwanted programs (PUPs), and privacy issues. Make sure all unwanted items are selected and click Remove Threats to disinfect your PC.Remove detected threats

Use Control Panel to get rid of NortonLifeLock email scam virus

• Open up the Control Panel from your Start menu in Windows. Depending on the OS build, select Uninstall a program (Windows 10, 7 and Vista) or Add or Remove Programs (Windows 8).Access program uninstall screen on Windows

• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find an unfamiliar, suspicious entry under the Name column, click Uninstall and follow further directions to get the removal done.Uninstall unwanted program

Restore web browser settings to their original defaults

In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by the NortonLifeLock email scam virus.

Reset Google Chrome

• Open Chrome, expand the Customize and control Google Chrome menu and choose Settings.Go to Settings in Chrome

• Click Advanced in the sidebar, scroll down to Reset and clean up, and select this option.Click Reset and clean up in the sidebar

• Click Restore settings to their original defaults.Restore Chrome settings to their original defaults

• Finally, confirm the restoration by clicking Reset settings on the warning message.Reset Chrome settings

• Restart Chrome.

Reset Mozilla Firefox

• Open Firefox, type about:support in the URL area and press Enter. Alternatively, you can click on the Open menu icon in the top right-hand part of the browser window, then select the Help option and proceed to Troubleshooting Information.Access Troubleshooting Information page in Firefox

• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it.Refresh Firefox button

• Follow subsequent directions to reset Firefox to its original settings.Complete refreshing Firefox

• Restart the browser.

Reset Internet Explorer

• Select Internet options under IE’s Tools (Alt+X).Open up Internet options in Internet Explorer

• Proceed by clicking on Advanced tab, then select Reset.Locate and click the Reset button in IE

• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled.IE reset confirmation

• Reboot the machine to fully implement the fix.

Reset Safari

• Go to the Safari menu and select Preferences.Go to Safari Preferences

• When on the Preferences screen, select the Privacy tab and hit the Manage Website Data button.Hit the Manage Website Data button

• Click the Remove All button to purge all website data. Be advised this will log you out of online services and undo personalized web browser settings such as saved passwords, etc. If you aren’t okay with this, proceed to the next step.Remove all website data in Safari

• Safari also allows deleting data for specific sites rather than all sites in general. To use this option, select the unwanted site in the ‘Manage Website Data’ list and click Remove. Then, click Done.Erase website data in Safari

• Click the Develop menu in the Finder bar and select Empty Caches.Safari: Empty Caches

• Finally, expand the History menu from the Finder bar and click Clear History.Safari: Clear History

• Make sure all history is selected on the dialog that will appear and click Clear History to get rid of cookies and other potentially unwanted data.Click the Clear History

• Restart Safari.

Revise your security status

Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.

Download NortonLifeLock email scam virus removal tool

Rate article

No rating result yet

Leave a Reply

Your email address will not be published. Required fields are marked *