In today’s digitally-savvy everything, subscribing to services has become second nature for many of us. We pay for monthly Netflix accounts, ad-free music on Spotify, and digital magazines or newsletters.
Nothing quite beats the convenience of paying for service once and then allowing it to roll for as long as you wish.
Unfortunately, scammers have noticed this—and many across the country have fallen to their fraudulent antivirus and security service offers via email.
Scammers are getting more confident and creative, equipped with emails that look legitimate. Unsuspecting victims end up clicking on malicious links, allowing them easy access to the victim’s personal information.
Thankfully, some helpful methods exist to keep your inboxes safe from spoof emails. We’ve encountered some seemingly legit but scam emails, and if you’re unaware, it’s easy to fall for them.
So, we looked deeper into it and searched for the latest scam emails people should know about. We scoured the recent news and looked at discussions on forums like Reddit. We also sought cyber crime expert insights.
From everything, we’ve come up with this comprehensive guide. So, don’t miss any signs of fraud emails and the TOP tip that could keep your personal information 99% of the time.
Remember: any personal information falling into the wrong hands could lead to serious consequences like ID theft, scams, and fraud.
Subscription renewal scams: How do they happen?
Subscription renewal scams are methods of stealing your identity. It’s one of the many tactics criminals use online, but here they mainly use emails to extort personal data, reminiscent of how phishing scams work.
Criminals send unsuspecting victims seemingly legit auto-renewals for various subscription services, prompting one to click on links.
Subscription renewal scams can be challenging to keep track of, especially if you’re an avid subscription service user.
The content of these emails also looks legit, where scammers inform you that they’re renewing a certain subscription.
The emails then end with links to “summary details” of the renewal, and before you know it, you’ve clicked on it—and out comes malware, fake websites, and other harmful content criminals can use to steal your information.
Who are the usual victims of subscription renewal scams?
Criminals usually target email users, particularly those who use subscription services. The main goal is to lure you into using seemingly legitimate content so that you’d let your guard down and click on links that turn out to be malware and other tactics used to steal your information.
After successfully stealing your identity, they can use this for many crimes, including tax fraud, credit card purchases, and so on.
What tactics do the scammers use?
To dig a little deeper, we’ve learned that scammers usually rely on these tactics:
1. Fake subscription renewal alerts
Can you get scammed from clicking on an email link or attachment? Unfortunately, yes.
Fake subscription renewal alerts involve content that explicitly says you need to renew a subscription—even if you don’t.
This scam can pique your interest and warrant some emotional reaction, enough to make you click on links that will redirect you to fake websites or install malware on your computer.
These emails usually look like company emails, with branding, logos, and the right message. However, keep in mind that legitimate companies will never ask you to enter the following information:
- Credit card details
- Social security numbers
Some well-known instances of these scams are Geek Squad services subscription texts and Ninja Tech auto-renewal refund scams.
2. Requesting remote access
Besides fake alerts, scammers also use the remote access method. They ask victims to visit websites or download applications where experts or technicians can readily access their computers to complete the refund process successfully.
Unfortunately, their end goal is to install malicious software or lock you out of your computer. In other cases, the remote access doesn’t stop, meaning they can still use your computer to dig for personal information they can steal.
Common signs of a subscription renewal scam
You’ve received an email alerting you to renew your subscription or allow remote access. What do you do? It’s most likely a scam, but to be entirely sure, make sure to watch out for the following signs:
- The email you received comes from an unfamiliar brand or company, and you don’t recall ever applying for their subscription
- The email comes from a familiar brand or company, but you don’t remember applying for a subscription
- The email address comes from a generic Gmail or Yahoo account instead of an actual website or brand name
- It asks you to click on suspicious links or attachments
- It asks you to provide sensitive data
- The email contains grammatical and typographic errors
It’s also best to trust your gut—if it seems fishy, it’s better to err on the side of caution and ignore the email.
What to do when you get a subscription renewal scam email
So, what do you do with a phishing email or text? Here are some steps you should take:
- Step 1: Don’t open any links or download attachments. Ignore any threats that the sender may have sent. Don’t attempt to reply to them.
- Step 2: Report the fraud to the Federal Trade Commission (FTC) through the official website. If it’s an email from a trusted company like Best Buy’s Geek Squad, you may also report the Best Buy phishing email to the company’s hotline at 1-888-237-8289.
- Step 3: Mark the email as spam and block the user who sent it.
How to avoid subscription renewal scams
Ashley Simmons, the founder of avoidthehack, says that a key to avoiding email scams, in general, is to sniff out fake websites the content tells you to click on.
The goal with fake domains (or domain spoofing as it’s generally referred to) is to gain the implicit trust of the user. In other words, they’re betting that you won’t check the URL close enough before inputting sensitive information like login credentials.
“My number one trick for ‘sniffing out’ a fake website is to look at the address bar where the URL is. Domain names are unique. A malicious actor might register ‘avoidthehach.com’ and attempt to pass off as the correct domain name, ‘avoidthehack.com’ in an effort to trick users into inputting their information or download malware.”
When it comes to URLs or links, on the other hand, she further explains that hackers usually “substitute an i for an l; 1 for i; h for k; o for 0 and so on.”
If you wish to protect yourself further from subscription renewal scams in the future, keep these tips in mind:
- Learn the common signs of subscription renewal scam texts and emails.
- Never click on suspicious links or download attachments from unfamiliar senders.
- Hover over links that emails ask you to click. If it redirects to an unfamiliar or misspelled domain, ignore it.
You may also be wondering if you can dispute an auto-renewal if you accidentally renewed your legitimate subscription—and the answer is yes. You can contact your card issuer to file a claim.
If you want to learn more about avoiding email fraud, here’s a helpful video explaining the matter.
An increasingly digital world means an increasingly dangerous place for our information. We need to be vigilant more than ever, especially since scammers are becoming more sophisticated by the day.
The first step is education, so keep this guide in mind. Subscription renewal scams are real, so the next time you receive an alert for one, put on your vigilance cap and scrutinize the details. It’s better to be safe than sorry!