Symantec ditches reseller guilty of scamming PC users

Silurian told people they had malware, then sold them Norton Antivirus for $249

Symantec is terminating its partnership with a reseller that stands accused of duping people into believing they were infected by malware, before charging them hundreds of dollars to remove' it.

Silurian, which was a member of the Symantec partner programme, scammed unwitting users by flagging up fake warnings on their PCs that were designed to look like Symantec's Norton Antivirus product.

The alert, hosted on a now-defunct webpage called quicklogin.us/norton, told users: "System Critically Infected. If you are not able to click on this button, immediately contact Support toll Free Helpline 1-855-637-1900."

Senior security researcher Jrme Segura at Malwarebytes, the security firm that uncovered the fraud, said: "This screen is completely fake, but combined with an alarming audio message playing in the background, it may be enough to dupe some users."

The security company phoned the number anyway to see what happened.

A technician advised them to go to a website that would allow him to take remote control of the computer, letting him perform a diagnostic.

Segura said: "This process is a core part of the scam because it allows crooks to tighten their hold on potential victims. With remote access, scammers can literally do whatever they want on the user's machine including stealing documents to installing (real) malware."

The technician quickly pointed to Windows EventViewer, the error reporting tool that tags applications with yellow and red warning lights for problems that are generally benign, but to an inexperienced user look worrying.

He then offered Norton Antivirus to the researchers at two different price options a one-off fix and installation for $199, or a one-year warranty for $249.

The tool can be purchased for 14.99 online, giving users one year of cover.

After discovering Silurian was a member of Symantec's partner programme, Malwarebytes raised the issue with Symantec, which promised to take immediate action.

A Symantec spokeswoman told IT Pro that it is terminating its reseller partnership with Silurian immediately. 

She added: "While we can't say conclusively who was behind this particular scam, we can confirm that this particular site has been taken down and that we are also in the process of terminating our partner agreement with Silurian.  

"After identifying any abuse of the Norton or Symantec brand, we pursue our rights and defend our intellectual property, and where necessary will work with law enforcement." 

Pictures courtesy of Malwarebytes

Featured Resources

Key considerations for implementing secure telework at scale

Identifying the security risks and advanced requirements of a remote workforce

Download now

The State of Salesforce 2020

Your guide to getting the most from Salesforce

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Rethink your cybersecurity strategy for the new world

5 steps to secure the enterprise and be fit for a flexible future

Download now

Recommended

Malware attacks using machine identities doubled in 2019
cyber security

Malware attacks using machine identities doubled in 2019

4 Aug 2020
Over two dozen Android apps found stealing user data
Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020
Best antivirus for Windows 10
antivirus

Best antivirus for Windows 10

30 Jun 2020
Searching for a new job? That LinkedIn job offer may be fake
hacking

Searching for a new job? That LinkedIn job offer may be fake

19 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
Police use of facial recognition ruled unlawful in the UK
privacy

Police use of facial recognition ruled unlawful in the UK

11 Aug 2020