In the heat of the moment, most people would not think to check their bank or credit card statement instead. The scammers are hoping victims will call them to dispute the automatic renewal. The amount usually is in the $300 to $500 range, which is a lot more than what we normally charge. The email includes an invoice renewal for the product stating that it has already been processed via credit card. It starts from an email using branding from a number of security companies, although in this blog we will focus on those that impersonate Malwarebytes. We’ve received a number of similar reports from people that have been scammed or simply wanted to alert us. In this blog, we follow the trail from victim to scammer and identify one group running this shady business practice. Before you know it your computer is locked and displaying random popups.
The second is letting strangers access your computer remotely for them to uninstall the product in order to avoid the charge. Feeling upset or annoyed you call the phone number provided to dispute the charge and ask for your money back. You receive an invoice for a product you may or may not have used in the past for an usually high amount. It came to our attention because the Malwarebytes brand as well as other popular names were being used to send fake invoices via email. We’ve been tracking a fraudulent scheme involving renewal notifications for several months now.
