A competently designed email scam is doing the rounds that spoofs NortonLifeLock orders and aims to install malware on recipients’ computers.
- What is the NortonLifeLock email scam?
- Automated removal of NortonLifeLock email scam virus
- Restore web browser settings to their original defaults
What is the NortonLifeLock email scam?
Social engineering hoaxes on the Internet are nothing new, but most of them are crude and have little chance to achieve their objectives. Spelling, punctuation, and grammar mistakes, combined with apparently fraudulent contact information, are common red flags that rarely fly under the radar. The NortonLifeLock email scam is different. It looks very much like genuine correspondence from the trusted cybersecurity services provider, its manipulation narrative revolves around pressure, and the scale of this campaign reaches hundreds of thousands of messages a day. Furthermore, its operators seek to spread dangerous software that provides them with backdoor access to devices.
A fake order is the pillar of the whole brainwash piggybacking on the NortonLifeLock brand. According to the scam email with the subject “Online Billings”, the user has been allegedly charged an amount that ranges between $349.99 and $499.99 for a Norton product subscription. Obviously, this news takes the person by surprise, to say the least, and encourages them to learn further details and cancel the order they never made. At this point, the bogus customer support phone number listed in several places across the message comes into play. Interestingly, the scammers advise against replying to the email and emphasize that the “mailbox is not monitored” and the user will not receive a response. This pushes the would-be victim closer towards the ambush.
|Name||NortonLifeLock email scam|
|Threat Category||Phishing, tech support scam, remote access Trojan|
|Domains involved||developedfuture.com, 1800support.weebly.com|
|Symptoms||Fake order notification, instructions to contact pseudo-support, fraudulent permission requests|
|Distribution techniques||Phishing emails|
|Damage||Malware promotion, data theft, Internet activity tracking|
|Removal||Scan your PC with Combo Cleaner for Windows to detect all files related to NortonLifeLock email scam virus. Free scan determines if your system is infected. To get rid of the threat, you need to purchase the full version of the anti-malware tool.
When on the phone with a self-proclaimed support agent, the user will be asked to visit a knockoff NortonLifeLock web page and download the software hosted there. It turns out to be a remote desktop application such as AnyDesk or TeamViewer, which grants the impostor access to the computer. Next, the crook will remotely install a system scanner whose interface resembles the Windows command-line utility. By executing a random task in it, the fraudster will try to make it look like the machine is contaminated with very dangerous malware. This is supposed to become a strong stimulus for the user to agree to a paid cleanup service. The evil actor may also tell the victim to open the Notepad and enter their personal information such as the first and last name, address, and phone number so that the assistance continues.
In addition to wheedling out sensitive information straightforwardly, the NortonLifeLock email scam may have a more subtle flavor. In a more intricate campaign launched in early 2021, felons attempt to spread a remote access Trojan (RAT). This scenario hinges upon a booby-trapped Microsoft Word file attached to the message. When opened, it displays a NortonLifeLock logo and says, “You have received a protected document which contains personal information”. To be able to view the details, the recipient is told to click the “Enable Content” button.
This is an old trick aimed at duping the user into turning on Word macros. If it works out, malicious scripts will run in the background and install a RAT that allows the attacker to access the computer with virtually no limits. This can be a source of serious violations that run the gamut from installing more malware to quietly harvesting confidential data, including cryptocurrency wallets, chat messages, e-banking credentials, and passwords for social network accounts. If you have received one of these emails and followed recommendations in them, it is important to check your PC for threats that may undermine your security and privacy.
Use Combo Cleaner for Windows to remove NortonLifeLock email scam virus
When faced with malware like NortonLifeLock, one of the best shortcuts in terms of removal is to use Combo Cleaner, a lightweight and incredibly effective application with PC security and optimization features under the hood. It detects and thoroughly deletes threats while giving you insights into the overall health of your computer.
This program’s protection power spans modules that forestall all known types of malware, including ransomware and browser hijackers, and take your online security to the next level by blocking phishing sites and other suspicious web pages. Follow these simple steps to eliminate the infection for good:
1. Download Combo Cleaner installer.
Combo Cleaner scans your PC with no strings attached, but you’ll have to buy its fully functional version to remove the threats it detects. The disk optimization tools that find large files and duplicates are free to use.
2. Open the CCSetup.exe file to get started. Several subsequent screens will allow you to make initial customizations so that the program works exactly as you need from the get-go.
3. The installation will be followed by an update of malware signatures. Once this process is through, click the Start Scan button in the left-hand sidebar.
4. Combo Cleaner will then check system locations that are most often polluted by Windows malware. The first scan can take a while to finish.
5. Combo Cleaner will display a system tray notification as soon as the scan is over. Click the Resolve found threats button to view the results.
6. The scan summary shows the names and types of the detected threats as well as their statuses and locations. Click the Remove all threats button and follow further on-screen prompts to get rid of these items.
Use Control Panel to get rid of NortonLifeLock email scam virus
• Open up the Control Panel from your Start menu in Windows. Depending on the OS build, select Uninstall a program (Windows 10, 7 and Vista) or Add or Remove Programs (Windows 8).
• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find an unfamiliar, suspicious entry under the Name column, click Uninstall and follow further directions to get the removal done.
Restore web browser settings to their original defaults
In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by the NortonLifeLock email scam virus.
Reset Google Chrome
• Open Chrome, expand the Customize and control Google Chrome menu and choose Settings.
• Click Advanced in the sidebar, scroll down to Reset and clean up, and select this option.
• Click Restore settings to their original defaults.
• Finally, confirm the restoration by clicking Reset settings on the warning message.
• Restart Chrome.
Reset Mozilla Firefox
• Open Firefox, type about:support in the URL area and press Enter. Alternatively, you can click on the Open menu icon in the top right-hand part of the browser window, then select the Help option and proceed to Troubleshooting Information.
• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it.
• Follow subsequent directions to reset Firefox to its original settings.
• Restart the browser.
Reset Internet Explorer
• Select Internet options under IE’s Tools (Alt+X).
• Proceed by clicking on Advanced tab, then select Reset.
• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled.
• Reboot the machine to fully implement the fix.
• Go to the Safari menu and select Preferences.
• When on the Preferences screen, select the Privacy tab and hit the Manage Website Data button.
• Click the Remove All button to purge all website data. Be advised this will log you out of online services and undo personalized web browser settings such as saved passwords, etc. If you aren’t okay with this, proceed to the next step.
• Safari also allows deleting data for specific sites rather than all sites in general. To use this option, select the unwanted site in the ‘Manage Website Data’ list and click Remove. Then, click Done.
• Click the Develop menu in the Finder bar and select Empty Caches.
• Finally, expand the History menu from the Finder bar and click Clear History.
• Make sure all history is selected on the dialog that will appear and click Clear History to get rid of cookies and other potentially unwanted data.
• Restart Safari.
Revise your security status
Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.