Gmail and users of other popular email platforms are being warned to watch out for a new message that could fill their PC full of malware and steal personal data including bank details. What makes this attack so scary is the message that’s being sent out to inboxes across the world actually suggest it will protect people from such attacks.
This new threat, which was spotted by the team at ProPrivacy, claims to be from security firm McAfee with the message urging consumers to sign up and protect themselves from serious online threats.
However, it’s all a scam with those unlucky enough to be fooled actually taken to a fake website that then tries to extract personal information and even install vicious malware. What makes this threat scarier is that the message looks incredibly real with it even featuring official McAfee logos and corporate branding.
ProPrivacy is now warning email users to be on the lookout for scams and is advising consumers to always read the message carefully before clicking on any links. Scams often have tell-tale signs of a scam such as spelling mistakes and embedded links to random sites.
If you think you’ve received this fake email then the advice is to delete it without delay and not to hand over any personal information unless you are 100 percent certain that the message is real.
“These types of antivirus scams are an old yet efficient phishing tactic, however, the worrying aspect of this particular scam is that it uses official-looking imagery to make itself indiscernible, meaning everyone needs to be increasingly careful,” said Andreas Theodorou, Digital Privacy Expert at ProPrivacy.
“These emails, whilst offering to protect your computer will actually be linked to phishing sites that will attempt to rob you of your personal information, bank details, and may inject malicious software into your device. Remember, if in doubt contact the relevant company independently and don’t use the information provided in the suspected phishing email.”
Users can identify if the email is a scam by checking the sender’s address, if it doesn’t end with the companies web domain it’s most likely malicious. Other red flags to watch for are spelling errors and links that lead to random sites – which can be done by hovering the cursor over the URL.
If you suspect you’ve entered any financial information on a phishing site, notify your bank immediately or report your card as stolen so that it is cancelled. If you enter account login details instead, immediately update your passwords on the real site instead and confirm no changes were made to your contact information.