Whilst browsing the MSN website today and opening links which appeared interesting, I found one which claimed my McAfee Anti-virus subscription expired yesterday…
Most unusual as I have never used McAfee and for more than a decade, I have only used Windows Defender.
As I fully expected, Googling McAfee Scam brought up a number of results including the one below which contains the same image I received today.
It appears that the scum are aiming to obtain users credit crd details when they follow the renewal link.
Presumably it is being done with other anti-virus companies and many other businesses.
I have also had attempted malware attacks 4 times in the last couple of weeks via the MSN website which created a very loud continous tone accompanied by a message that Windows Firewall has detected that Windows 10 has been damaged, but simply closing the browser window (MS Edge 11) takes care of it.
I recently insatlled Adobe updates on both our PC and laptop but I missed unticking the MccAffee "free anti-virus trial’ for the laptop so it installed itself.
I have finally managed to remove it today using the McAffee MCPR Removal Tool after all other efforts proved futile.
The AV was not shown in the list of installed programs, did not appear under Program Files in C Drive, and did not appear in the Registry, at least in any recognisable form.
Every time an email arrived, a nag screen would appear, and it even claimed that there were 5 viruses detected. Yeah right. And I have this bridge for sale.
Who needs this rubbish when Windows Defender is free and does a great job.
Also why carefully reading the install information and un-ticking unneeded boxes is an important part of the process, it can help avoid a lot of unwanted “pain”. Missing it as happened to you can lead to hours of frustration.
I have noticed Gumtree has taken up this annoying practice when posting on their site…but its tick boxes are about signing up to what is essentially spam/advertising.
Sadly for all their purchased options they are now subscriber plans and not “lifetime” ownership. Free is still lifetime but will it last long that way??
The recommended Malwarebytes did not find anything so I then followed “STEP 3: Remove Bestdealfor32.life pop-up ads from your browser.”
I just loved how these bottom-feeding grubs managed to create simultaneous McAffee and Norton alerts with McAffee showing 3 viruses and Norton showing 5 viruses, followed by a fake Chrome warning.
These grubs and their fake viruses are even more disgusting then the coronavirus.
The only thing they received from me was a middle finger.
The other place Adware can be readily sourced is malicious websites. If you have clicked on advertisements which have taken you to another site (such as the Bitcoin ones you have been very good at reporting on the community), these can ‘infect’ your browser as well causing adware popups to occur. To remove these, Malwarebytes has some information:
This Tennessee State University document also goes through a step by step process as well (note: it may be for older versions of operating systems and browsers, but the function to remove should be the same):
Running Malwarebytes in normal mode is not always effective as a cleaning process or even identifying process. If you think you may have a difficult piece of malware then running Malwarebytes in the “Safe Mode” of Windows can be much more useful.
To get into Safe Mode from normal Windows requires a few steps.
From the Start Menu select Settings (it looks like a little cog on the left side of the menu),
Once in Settings choose Recovery from the left side.
Then choose Restart now under the Advanced startup heading.
The machine will restart and offer some choices, choose Troubleshoot from the list.
Then Startup settings then click the Restart option/button.
The machine will again restart and offer options, choose the one that offers Safe mode with networking.
The machine will restart in Safe Mode and will allow networking, if using a Wireless network it will need to be selected manually as it is not automatic in Safe Mode for Wireless devices.
Once in Safe Mode run the Malwarebytes scan.
PS I would so much prefer an easier method to get to Safe Mode, these days the need is very infrequent but it does still exist.
We get similar ones. Other mojos are Norton, Netflix, magazine etc subscriptions. We also get fake tax invoices from well known and lesser known companies.
A more sophisticated phishing scam where one rings up and gives credit card details to scammers for a refund…or allows access to their online banking.
They are persistent, I received another one today “Your premium account is now operational again”, but the phone number has changed.
This one from the very professional sounding Ch Sh instead of Cvv Jd!
If one wants to be scammed, all they have to call is +1 (888) 791-4827 or reply to the email it was sent from which today was Pay_billing-team @sxcmoutddbrtc@gmail.com
Seriously, if it hadn’t already been flagged as spam, those “names” alone are enough to automatically banish them to spam without any further investigation on my part.
Were the SMS actually from Telstra, or as commonly happens scammers sending mass texts in the hope of snaring someone not yet onto them? Sometimes the scammers’ SMS look very convincing as being from the company.
There are a few web sites describing how to filter spam/scam from legitimate SMS, this being one.
The gold standard when getting a suspect SMS (or email) is to contact the company using their details from one of your bills or their known official web site, not from anything in the SMS. Emails can be easier since they usually (but not always) come from obviously ‘not the company’ email address. SMS are increasingly spoofed to look like they came from the company number.