Federal Trade Commission: Spotting Scammy Emails

By  //  March 22, 2021

Never give your password to a stranger on the phone, even if they claim to be from a company you recognize

(FTC.gov) – Let’s say you get an email about a charge to your credit card for something you aren’t expecting or don’t want. Your first instinct may be to immediately call the company or respond to the email and to stop the payment.

Scammers know that, and are taking advantage of it in a new phishing scheme.

People tell us they’re getting emails that look like they’re from Norton, a company that sells antivirus and anti-malware software. (Tip: the emails are NOT from Norton.) The emails say you’ve been (or are about to be) charged for a Norton product — maybe an auto renewal or new order. If this is a mistake, the email says, you should call immediately. (Tip: don’t.)

 Scam Email, Not Really from Norton. Learn more: ftc.gov/imposter. Report tech support scams at: ReportFraud.ftc.gov. Image of an email. From: [redacted]. Date: Tue, Feb 9, 2021. Subject: BILLING DEPARTMENT. To: [redacted]. Body of email: "You have been charged $299.99 for your Norton auto renewal. If there has been a mistake, please call 1-999-999-9999 within one business day when you are in front of your computer. Thanks & Regards, Norton (TM) Billing Team." Image of Norton logo with yellow circle and black checkmark.

If you call, you’ll be connected to a scammer. Some scammers might ask you to “verify” your credit card information, while others might say they need your password to remote into your computer so they can remove the Norton program. But if you let them, they could install malware, block you from getting to your own files, and sell you worthless services.

If you get an email or text you’re not sure about:

■ Don’t click on any links.

■ Don’t use the number in the email or text. If you want to call the company that supposedly sent the message, look up their phone number online.


■ Never give your password to a stranger on the phone, even if they claim to be from a company you recognize.

■ If you did give out your password, change it right away, update your computer’s security software, run a scan, and delete anything it identifies as a problem.

■ Make your passwords long, strong, and complex.

■ Don’t give your bank account, credit card, or personal information over the phone to someone who contacts you out of the blue.

And if you do get a fake email like this, help your community by reporting it to the FTC at ReportFraud.ftc.gov.