US court documents reveal bogus antivirus renewal phishing

In a seizure warrant application, the US Secret Service reveals how threat actors obtained $34,000 by sending bogus antivirus renewal subscription emails.

Special Agent Jollif of the United States Secret Service (USSS) submitted the now-executed seizure warrant to recover cash taken in a fraudulent Norton subscription renewal email that allowed the threat actor to obtain access to a victim’s computer and bank account.

According to a court document presented by a Special Agent of the United States Secret Service, the stolen funds are held in a Chase bank account owned by “Bingsong Zhou,” who has been linked to phishing scams imitating Norton Antivirus renewal subscriptions.

These phishing emails suggest that the recipient is going to be paid for renewing an antivirus subscription license and should phone the number provided to cancel it.

The victim calls the phone number mentioned in the email, and the scammers instruct them to perform a variety of tasks, including installing remote access software on their computers, infecting themselves with malware, and entering their account credentials on a phishing page.

This type of scam has been occurring on for many years, but Jollif claims that activity has recently increased.