Remember this email (blog post) that from 2020? We recently talked about it again in a recent podcast.
Also, remember this email (blog post) from this past year?
Both have similarities, and now its getting worse it seems.
Komando.com has recently sent an email about AntiVirus renewals that have really no merit. This is because they send an email or even according to this article send it through the post telling you that you have just paid for some sort of renewal.
Below, please find such an email, noting the glaring spelling mistakes and other characters. I’m leaving this in place to show you what I’ve seen. It isn’t an antivirus renewal, but it is a renewal just the same. Note, all spelling mistakes need to be left in place in the quoted material as this needs to be shown as it is.
Order completed successfully #SRD2016805
Subject:
Order completed successfully #SRD2016805
From:
“Hugh” <>
Date:
8/17/2022, 10:22 AM
To:
“jared” <>?our In?oice ID # 10982522NVUC
We have received your order réquest to renew and re-activate the annual subscription plan as the last year pc services lapsed today (17 Aug 2022).
The sum amo?nt of $ 395.88 is being processed through your account funds against the device & netw?rk prôtection shìeld [ auto debit recurring charge ].
This charge will appear on your account statement in few hóurs and the same fee will be debited annually as you requested for a?to debit pa?ments last year.
In any circumstances you wish to change your updated payment preference or stop the automatic annual payments, please feel free to contact us within 24 hours.
For any kind of help/assistance – Call us – # +1 (818) 477 4686
Thank ?ou In Ad?ance !
Donald R. Robinson
O?line Customer ??pport
As part of recent articles, Kim has mentioned some of these signs like very interesting characters within the text, mainly to try and get around spam detection. You can see with this email I got this past month that there are a lot of different characters and the email itself is not even making sense.
I got two others telling me about some type of bank transfer, and another subscription, and all of these were sent to an address of mine that is not public but used for other things. All of the files were a .rar file, and inside were executables.
Running those files through Virus Total told me that a majority of products detected this, and the top result was Agent Tesla.
According to Check Point and other searches on this, it is a rat (Remote Access Trojan) that will do pretty big things to your device. It was the 6th most prevalent malware in 2021.
While I can’t pronise that the scams dealing with your antivirus will contain attachments for invoice remitance like another email I got, it all is pretty much the same. Click on the link or the attachment and you’re doomed.
Have you seen the article Got an email about your antivirus? It might be a scam from komando.com yet? Better get yourself ready for a read, because there could be some similarities. Make sure you’re as secure as possible. Thanks again for reading, learning and participating with us.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.