BleepingComputer reports that phishing attacks involving fraudulent antivirus subscription renewal emails have facilitated the theft of $34,000.
Attackers have been sending fake Norton Antivirus renewal emails purporting that recipients would be charged unless they contact the included phone number for cancellation, which would then be followed by lures to enable remote access to targeted devices, according to an already executed U.S. Secret Service seizure warrant application.
One instance of the scam involved the threat actor claiming to have mistakenly refunded $34,000 to the victim, who was only viewing a blue screen overlay that concealed the malicious activity. Funds sent to the victim were directed to the Chase bank account of Bingsong Zhou, who is long linked to such scams.
The stolen funds have already been transferred by Chase to a bank-controlled suspense account upon discovery of the malicious activity earlier last month, while Zhou has been indicted for wire fraud and phishing scam involvement, with other charges also in the cards.
