In years past, they’d display a webpage informing you that any McAfee products on your computer are out of date and provide a link to the company’s virtual storefront where you could renew.
Unbeknownst to the people clicking on those links, they were being redirected by an affiliate link, so any purchases made would generate a commission for the site owners.
It was an unscrupulous, underhanded tactic, but not an especially malicious one. Now though, they’re doing something a bit different and darker.
The same page pops up as before, notifying users that their products are out of date. This time, when a user clicks to renew their products, instead of being sent to the McAfee website, they’re simply presented with a capture box that asks for their credit card and personal information.
Assuming you enter that information in, it gets worse.
After “paying” for your purchase, you’re redirected to another webpage with a technical support phone number. The idea is, you call this number and the technician on the other end of the line will help you install your new software.
When you get someone on the phone, the “tech support representative” will ask to remotely connect to your computer.
Once they have access, they’ll tell you that your credit card information didn’t go through, and that you need to purchase the software again. They’d then helpfully open a browser and guide you to the McAfee website, via an affiliate link.
It’s a triple play. Not only are they earning a nice commission when you purchase the software via their affiliate link, but they also manage to get your credit card and personal information. That information will no doubt be put to use not long after you hang up the phone, and on top of that, they’ve got access to your device.
As ever, the best defense against scams like these is vigilance.