Threat Actors Stole $34,000 Using Fake Antivirus Subscription Renewal Emails

Court documents from the U.S. Secret Service reveal how threat actors weaponized antivirus subscription renewal emails in a new phishing campaign, netting them $34,000 from unsuspecting victims.

Perpetrators disguise phishing emails as legitimate antivirus subscription renewal messages, claiming the recipient might be charged for renewing an antivirus subscription plan unless they cancel.

The message urges the victims to call a phone number enclosed in the email to cancel the payment for the subscription renewal.

Scammers Aim for Remote Access

After calling the number, the recipients are tricked into giving the scammers more access to their devices and belongings.

For instance, perpetrators may tell their victims to grant them remote access to their computers, then install malicious software and access phishing websites where they’re asked to fill in their account credentials.

The documents describe how, after sending the rogue email, perpetrators gained access to compromised devices and bank accounts, stole the victim’s money and transferred it to a Chase bank account under the name of “Bingsong Zhou.”

Phishing Technique on the Rise

Although the phishing technique is far from novel, a now-executed seizure warrant submitted by Special Agent Iris Joliff of the US Secret Service (USSS) points out a recent increase in occurrences.

As BleepingComputer reported, one case presented in the court document describes how a victim of the malicious campaign was told he would be charged $349.95 for renewing an antivirus subscription plan unless he canceled.

The individual then called the scammers, as instructed by the rogue email, and gave them remote access to his laptop under the pretense of making sure that he’d be rightfully refunded for the fake charge.

Fraudsters then claimed that $34,000 was refunded by mistake and asked the victim to return the amount “to avoid legal trouble.” The victim complied, letting the perpetrators transfer the sum from his savings account to their checking balance.

Scammer Identified, Charged

After identifying the fraudulent activity, Zhou was denied access to the ill-gotten funds and now faces charges of wire fraud and involvement in a phishing scam. He might also be charged with conspiracy to commit wire fraud, bank fraud, and possible money laundering.

Specialized security software like Bitdefender Ultimate Security can keep you safe against even sophisticated phishing attacks. With relevant features, like anti-phishing modules, continuous detection and prevention for a broad range of digital threats, and web attack prevention technology, you’ll have the upper hand against threat actors and their cunning ways.