Probable scam

[catherine]

You know how sometimes you get bogus "order confirmations" from Amazon or PayPal or other well-known sites?

Well, I got one purportedly from Lifelock. I don't remember ever signing up for Lifelock, and this "invoice" is for over $300, but I can cancel if I call them within 24 hours. To my knowledge they do not have any credit card information from me, and they don't mention anything at all about anything on file.

The sender is a regular person's name with a gmail account.

I'm assuming this is a total scam and I should just ignore it. I truly don't believe I'll be charged tomorrow or ever. I think they just want to get me on the phone. Plus if it is connected to a card (highly improbable) I can contest the charge.

So-ignore it, right? I'm usually pretty good at just blowing by these scams, but this one is pretty good.



Here is the text of the email from XXXXXXXXX@gmail.com. (I don't want to provide the person's email ID for obvious reasons.

Hey [Catherine] !
Thank you for renewing LifeLock Security Guides
It may take a few moments for this transaction to appear in your account. If you did not authorize this transaction call us now on 1 (850) XXX-XXXX
Summary for [Catherine]:
Customer Information:
Renew on: April 25 2022
Order Number: XXXXXXXRR
Amount Paid: 329.5
[Catherine]
Email: [my email address]
User Id: XXXXXXX
Please Note:
You can cancel or modify the request within 24 hours of receiving this email. For any changes or cancellation, please call our award winning support team on 1 (850) XXX-XXXX
All Rights Reserved 2022
[Their number]
[Their address @ Winter Springs FL 32708

[ToomuchStuff]

Geek squad, antivirus software, electronics insurance, etc. are all used in this scam.

They use a lot of legitimate companies trademarks, images, etc. from those companies emails and websites to make these look actual.
They will keep your number if you call them and try other scams (look up the Zelle, Bank of America scam on Youtube), on you, if you call.

Best ignore, worst, check your cc statement next month, for unauthorized charges, and then deal with anything.

[Tybee]

it looks like a scam, I think. All I am going on is mandatory training in spotting them where I work and I would not reply.
This is the scam tipoff for me:
"The sender is a regular person's name with a gmail account."

[iris lilies]

Our friend fell for one of these from
Best Buy. He responded because he had just purchased something at Bestv
buy the day before.

The scam was something to do with a refund, that would somehow be credited back to him if he gave out sensitive bank info.

He had made step one,then realized he made an error, and sweated it for 48 hours until it was cleared up. Adding to the drama was the incorrect information from his bank about how it would be handled, so it looked to him as hough he was going to have his bank account cleaned out when really, there was no danger of that. But his bank didn’t follow the steps they told him they would.

ugh.

[iris lilies]

This reminds me that I have to investigate a PayPal charge of $30 that floated thru my email Well I was in New Mexico and couldn’t deal with it. Neither I nor DH ordered some thing, so I have to figure out what’s going on with that message, likely a scam.

[Alan]

I'd say the @gmail.com return address is a dead giveaway. No reputable company uses generic email addresses not associated with their brand.

I've received several such emails and have always ignored them without consequences.

[catherine]

Thanks-you confirmed my instincts. I'm ignoring and removing it from my mental space.

[herbgeek]

I would also report it to Lifelock here: lifelock.com/security

[jp1]

About a month ago I started getting these emails and texts, literally by the dozen, every day. Some of them clue me in that the criminals have gotten ahold of some democratic campaign supporter list since on one of those lists my email address is associated with a person named Wayne. So when I started getting emails from "Best Buy" telling Wayne about a refund I knew at least generally where the sender had gotten my "name". You can most definitely ignore them.

One of the weird things that has changed with the start of the Ukraine war is that we're seeing pretty much zero ransomware claims anymore at work after a year and half of them rapidly growing both in frequency and in the size of the ransom demand. Anecdotally I'm hearing that other cyber insurance carriers are experiencing the same. What we ARE seeing now is a decided uptick in cyber crime claims. (fake invoices or wire transfer requests sent to corporations). These emails/texts seem to be similar in concept, although lower quality than the stuff that trips up my insureds. I guess this is just the new big way that cyber criminals hope to make their fortunes.