Understand the scam, what scammers will say, and how to protect yourself.

Understanding the Antivirus Scam

You receive emails that look like they’re from Norton, a company that sells antivirus and anti-malware software. (Tip: the emails are NOT from Norton.) The emails say you’ve been (or are about to be) charged for a Norton product — maybe an auto renewal or new order. If this is a mistake, the email says, you should call immediately. (Tip: don’t call the number provided in the email.)

An example of an antivirus scam email

What the Scammer will Say

If you call the phone number in the email, you’ll be connected to a scammer.

Some scammers might ask you to “verify” your credit card information, while others might say they need your password to remote into your computer so they can remove the Norton program.

If you let them, they could install malware, block you from getting to your own files, or sell you worthless services.

How to React to an Antivirus Scam

If you get an email or text message you’re not sure about:

  • Don’t click on any links.
  • Don’t use the number in the email or text. If you want to call the company that supposedly sent the message, look up their official phone number online.
  • Never give your password to a stranger on the phone, even if they claim to be from a company you recognize.
  • If you did give out your password, change it right away, update your computer’s security software, run a scan, and delete anything it identifies as a problem.
  • Make your passwords long, strong, and complex (mix of letters, numbers, and symbols.)
  • Don’t give your bank account, credit card, or personal information over the phone to someone who contacts you out of the blue.

It’s important to note that fraudsters can make these messages look very convincing. If you receive an email or text message from anyone that you aren’t expecting or don’t do business with, it is always a good idea to pause before taking action.

How to Protect Yourself

Stay safe by approaching unexpected messages with skepticism. Don’t click links or open attachments from unknown senders, no matter how urgent or exciting they sound. Instead, type official web addresses directly into your browser rather than trusting shortcuts. When in doubt, call the company using their real phone number and ask questions. Never share your personal information with pop-ups or forms that appear unexpectedly. Update your passwords regularly and turn on multi-factor authentication for extra security—think of it as adding a stronger lock to your digital doors.

Fraud prevention button, concept about cybersecurity, credit card and identity protection against cyberattack and online thieves

What to Do if You Suspect a Scam

If you see a suspicious message, resist the urge to respond and report it immediately to your IT department, email provider, or an official agency like the Federal Trade Commission (FTC). If you accidentally share sensitive information, quickly change your passwords. Watch your accounts for any odd activity, because once scammers gain access, they often act fast. If your bank account becomes compromised, don’t delay in reaching out to your bank. The sooner you inform your bank of the security breach, the sooner they can act to prevent damage.

Please Report Scams

If you spot a scam, please report it to the Federal Trade Commission.
• Go online: ReportFraud.ftc.gov
• Call the FTC at 1-877-FTC-HELP (1-877-382-4357) or TTY 1-866-653-4261

Find more fraud awareness resources on Mainstreet Bank’s fraud prevention hub.