Posted: 5 Min ReadFeature Stories

Keep an eye out for Norton email scams

Cyber criminals impersonate NortonLifeLock brands to trick consumers

Scammers take advantage of the busiest times of year, including holidays, when email inboxes are full of promotions, receipts, and other content. They hope that you are too distracted by all the activity to identify their tricks.

As a trusted name in consumer Cyber Safety, NortonLifeLock brands are unfortunately used by hackers and scammers to take advantage of the trust we have built. These criminals fraudulently use our brand names and branding to try to trick and defraud consumers. The bad guys don’t stop with our brands—they also use the names and brands of major banks, telecoms, retailers, and credit card companies. So it is smart to be skeptical about any unexpected contact you receive—no matter how trusted the brand.

We are continuously working to block, shut down, and otherwise prevent this abuse, but scammers are also continually innovating ways to avoid our detection and defraud people.

We urge you to protect yourself by being aware of these common scams, which start through email, phone, text, and sometimes even your browser.

Here are a few of the scams and tactics to watch for.

Phishing (or Email Fraud)

Emails and text messages that impersonate Norton often try to create a sense of urgency by threatening to charge your credit card unless you respond. They may also include warnings about expired antivirus settings or an infection on your computer. Most include an urgent request that you contact someone, asking the reader to sign on to a spoof site, open an attachment, call an 800 number, or respond with personal or account information.

Phishing emails often look like a renewal notice, stating your credit card will be billed unless you call the number listed. Many of the spam emails using Norton or LifeLock names include offers with fake links to buy or renew antivirus or other security services. Unfortunately, these links do not lead to legitimate websites, but instead to sites controlled by the scammer. Some links lead to installing malware on your computer.

Malware can do a variety of things. It may pop up fake virus warnings and try to get you to call an 800 number for support. Unfortunately, you’ll only reach fake tech support scammers, discussed more below. It can also allow scammers to place other malware on your machine that can be used to record your keystrokes, spy on you, or access your financial information.

While some of these phishing emails contain typos, misspellings, or poor formatting, others are impressively professional. To establish their credibility, scammers may represent that they know supposedly “personal” information about you, but a lot of this information can be gathered through easily found public information.

If you’re not sure if the email you’ve received is real, we have some tips to help out.

Account and Tech Support Fraud

Phishing emails that direct you to call and cancel a pending credit card charge or access tech support can lead to fraud as well. Scammers have claimed to be tech support from Norton or LifeLock to create trust and trick consumers into communicating with these fake tech support agents.

These criminals sometimes cold-call directly by phone. They also trick people into calling them by sending text messages or emails, or they use pop-up messages from your operating system or browser that can look quite legitimate. These messages use scare tactics with threats about the computer being infected with a virus or other problems and direct the user to call a specific phone number.

Once a potential victim calls back, the attacker convinces them that they need to access their machine remotely. The attacker might do a very good job on explaining why they need the remote access, such as to “check for viruses” or “to reverse a charge made in error.” After the cyber-criminal has obtained remote access to your computer, the story may change to something requiring the victim to share private banking information. They may demand payment for the “services” they are providing or install malware on your machine.

Be careful when using popular search engines to find support phone numbers. Scammers run advertising or create websites that result in fraudulent search engine results, which can also lead to fake tech support phone numbers. Always navigate directly to the Norton or LifeLock member portal to seek tech support. You will never receive an unsolicited call from Norton Support to fix issues with your computer for money.

Fraudulent requests for payment

Norton or LifeLock will never ask you to wire funds through services such as Western Union or send a cashier’s check. Most requests to do so are likely coming from a hacker or scammer. Similarly, our brands will never request payment using cryptocurrency or electronic gift cards. Finally, our brands will not ask you to send funds to a PayPal, Zelle, Venmo, CashApp, or other such payment service. Any communication of this type is a red flag that you are dealing with a scammer and not a real representative.

Protect yourself

Protect yourself by ignoring suspicious emails or texts claiming to be from Norton or LifeLock. If the message is using scare tactics or threats, or asks for personal or financial information, it is not from NortonLifeLock. If you receive a suspicious email or text message, don’t respond, click any links, or open attachments.

Don’t sign into your account from a link in a suspicious message. To sign on, go to or by typing the address into your browser directly.

Don’t use search engines to get customer support numbers. Log in directly to your account, and navigate from there to access support.

Install the latest antivirus software solutions on all your devices. Of course, we hope you select Norton, but even if you don’t, it’s important that you protect devices from this type of crime.

If Norton customers see a “Remote Connection Site” alert, think twice before granting access. Be certain it is a real support provider and not a scammer.

Norton or LifeLock will never ask you to wire money or pay through gift cards or money orders.

Hackers use a variety of tactics to trick consumers into the scams. Be suspicious of unsolicited emails and avoid clicking links in any email, text or pop-up that looks suspicious. Genuine emails will not include attachments.

When in doubt, type in your browser bar to get help.

If you've been a victim

If you’ve been tricked into clicking a suspicious link or opening a malicious file, you need to have your computer examined for malware. Once cybercriminals have remote access to your computer, the potential for identity theft and financial losses increase dramatically. If possible, use a separate device to locate a reputable source of technical support, as some malware will prevent you from browsing to a legitimate antivirus site.

NortonLifeLock is here to help.

Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2021 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Other names may be trademarks of their respective owners.

About the Author

Patrick Schwind

Head of Consumer Services and Inside Sales Gen

Patrick is passionate about maximizing the value of the product through education and great customer experiences. His team has won several awards and created new processes to expedite the restoration process for Cyber Safety.

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.