Issue 132 - June 2012 (1st Edition) - Page 8
Norton 'Protection Notification' Email Account Phishing Scam
Email purporting to be an alert from Norton Anti-Virus claims that, due to detection of unusual email activity, the recipient must immediately follow a link to protect his or her email account.
The message is certainly not from Norton (or Symantec). The message is a crude attempt to trick users into divulging their email address and password to cybercriminals. Neither Symantec, nor any other legitimate computer security software provider is ever likely to send an unsolicited email that asks users to click a link and submit their email account password or other sensitive personal information.
Detailed analysis and references below example.
Last updated: 16th May 2012
First published: 16th May 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: Protection Notification
Dear Valued Customer,
Norton Anti-Virus detected an unusual activity on your e-mail account. In order to ensure you are not infected by a virus or malware, you will be required to immediately protect your account. Kindly click on the "Protect My Account" link provided below:
Protect My Account
We apologize for any inconveniences caused as your safety is important to us.
Norton Anti-Virus Group.
This message is intended for designated recipients only. If you have received this message in error, please delete the original and all copies, and notify the sender immediately. Federal law prohibits the disclosure or other use of this information.
According to this email, which purports to be from Norton Anti-Virus, unusual activity has been detected on the recipient's email account. The message claims that the recipient is required to immediately click a link in the email in order to protect his or her email account and ensure that there are no virus or malware infections.
However, the email is certainly not from Norton or from Symantec, the company that owns and sells Norton products. In fact, the message is a rather crude attempt to steal email account login details from unsuspecting recipients. Those who fall for the ruse and click on the link as instructed will be taken to a fraudulent web page (as shown in the following screenshot) and asked to enter their email address and email account password:
After they have entered the requested information and clicked the bogus "Protect Now" button, users will be automatically redirected to the genuine Norton website and therefore may fail to realize that they have just submitted their email account details to Internet criminals. At least until it is too late.
In many cases, the criminals can use this stolen information to login to the email accounts belonging to their victims via the service provider's webmail facility and use them to send further spam and scam emails. The criminals are able to use the hijacked account's contact list to send targeted scam
and spam messages that recipients will believe have been sent by someone they know.
The makers of Norton products are never likely to send their customers an unsolicited alert email claiming that unusual or suspicious activity has been detected. If a threat is detected, an alert may be displayed by the Norton security software installed on the recipient's computer but it will not be sent remotely via email from the company who provided the software. And the company would never ask users to click a link and supply their email account password.
The criminals behind this scam are apparently attempting to capitalize on the popularity of Norton products by sending out scam emails couched as Norton Anti-Virus alerts. If you receive one of these scam emails do not click on any links or open any attachments that it may contain.
Friend Stranded in Foreign Country Scam Emails
Pages in this issue:
- Spurious First Aid Advice Message - Eggs For Treatment of Burns
- ANZ Bonus Reward Points Phishing Scam
- London Olympics 2012 Lottery Scam
- Images Of Strange Mermaid Found On Beach
- Walmart '$75 Credit for Customers' Phishing Scam
- American Express 'Verify User ID' Malware Email
- Postcard Campaign for Charlie - Please DO NOT Send Any More Cards
- Norton 'Protection Notification' Email Account Phishing Scam
- Domain Name Application Scam
- Immigration Quote Wrongly Attributed to Sir Edmund Barton