{"id":249960,"date":"2023-12-24T14:24:03","date_gmt":"2023-12-24T14:24:03","guid":{"rendered":"https:\/\/malwaretips.com\/blogs\/?p=249960"},"modified":"2023-12-24T14:24:04","modified_gmt":"2023-12-24T14:24:04","slug":"estimate-from-mcafee-paypal-scam","status":"publish","type":"post","link":"https:\/\/malwaretips.com\/blogs\/estimate-from-mcafee-paypal-scam\/","title":{"rendered":"Uncovering the &#8220;Estimate from McAfee&#8221; PayPal Scam Stealing Money"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">The \u201cEstimate from McAfee\u201d PayPal scam is a cunning scheme that combines elements of phishing, tech support scams, and bank fraud to steal money from victims. This dangerous scam starts with an email that looks like it\u2019s from McAfee, the popular antivirus software company. However, the email is a trick to lure victims into calling a scam phone number. From there, scammers use deception and social engineering to gain remote access to victims\u2019 devices. They then manipulate bank websites to make it appear as if the victim has accidentally transferred too much money. Ultimately, the scammers convince victims to willingly send them money or gift cards.<\/p><div id=\"mwtad1762107230\" class=\"gas_fallback-ad_309684--placement_360520\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"3957935887\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\">This scam can result in huge financial losses if victims are not aware of how it operates. By learning about the inner workings of this fraudulent scheme, you can protect yourself and your loved ones. This article will provide a detailed overview of how the \u201cEstimate from McAfee\u201d PayPal scam works, what you can do if you fall victim, and key things to keep in mind.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"594\" src=\"https:\/\/malwaretips.com\/blogs\/wp-content\/uploads\/2023\/12\/scam-1-5-1024x594.jpg\" alt=\"\" class=\"wp-image-249961\" title=\"\" srcset=\"https:\/\/malwaretips.com\/blogs\/wp-content\/uploads\/2023\/12\/scam-1-5-1024x594.jpg 1024w, https:\/\/malwaretips.com\/blogs\/wp-content\/uploads\/2023\/12\/scam-1-5-300x174.jpg 300w, https:\/\/malwaretips.com\/blogs\/wp-content\/uploads\/2023\/12\/scam-1-5.jpg 1280w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<div id=\"mwtad1719921312\" class=\"gas_fallback-ad_309746-ad_309691-placement_360521\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"4456629336\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><h2 class=\"wp-block-heading\">Overview of the \u201cEstimate from McAfee\u201d PayPal Scam<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The \u201cEstimate from McAfee\u201d scam starts when potential victims receive an email that appears to be from the well-known cybersecurity company, McAfee. The subject line says something like \u201cEstimate from McAfee\u201d and the sender email uses McAfee\u2019s name.<\/p><div id=\"mwtad1335553399\" class=\"gas_fallback-ad_381396-ad_309691-placement_360566\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"1471373341\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\">The body of the email claims that McAfee has sent an estimate for antivirus software renewal via PayPal Credit. It states that a charge of around $450 has already been debited from the victim\u2019s PayPal Credit account.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The email urges victims to call a phone number to cancel the order and get a refund. However, the phone number leads to a scam call center rather than the real McAfee company.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If victims call the number, the scammers posing as McAfee representatives will say there has been suspicious activity on the victim\u2019s computer. They\u2019ll claim that hackers have likely infected their device and offer to run a diagnostic test.<\/p><div id=\"mwtad2165781535\" class=\"gas_fallback-ad_309686-ad_309691-placement_360569\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"6935453015\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Through various social engineering techniques, the scammers will convince victims to grant them remote access to their computer. From there, the scammers can manipulate what victims see on their screens.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The scammers then open the victim\u2019s bank website and alter the HTML code to make it look like the victim accidentally transferred large sums of money to the scammers. They\u2019ll claim the victim needs to reverse those transfers by sending the \u201crefunded\u201d money via wire transfer, gift cards, cryptocurrency or other methods.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This extremely clever scam takes advantage of hacked McAfee email accounts, fake call centers, remote access tricks, and website manipulation to steal huge sums from unsuspecting victims. Awareness is key to avoiding financial loss.<\/p><div id=\"mwtad2823193928\" class=\"gas_fallback-ad_381401-ad_309691-placement_360573\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"5315249587\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n\n\n\n<h3 class=\"wp-block-heading\">Breakdown of the Scam Email<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Let\u2019s break down the anatomy of the scam email:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Sender email:<\/strong> The sender email address appears to be from McAfee or uses the McAfee name. However, the email address is fake.<\/li>\n\n\n\n<li><strong>Subject line:<\/strong> The subject line says something like \u201cEstimate from McAfee\u201d followed by some numbers. The subject makes it look official.<\/li>\n\n\n\n<li><strong>Message formatting:<\/strong> The text formatting looks legitimate as if it\u2019s an official invoice or receipt from McAfee.<\/li>\n\n\n\n<li><strong>Claim of charges:<\/strong> The email states you\u2019ve been charged around $450 by McAfee for antivirus software renewal through your PayPal Credit account.<\/li>\n\n\n\n<li><strong>Urgency to call:<\/strong> The email urges you to call a phone number to cancel the order and get a refund. This tricks victims into calling scammers disguised as McAfee.<\/li>\n\n\n\n<li><strong>Scam phone number:<\/strong> The phone number in the email leads to a fraudulent call center, not the real McAfee company.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Here is how the email might look:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">Subject: Estimate from McAfee (0096)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Hello,<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Call Support +\ud835\udfcf-\ud835\udfd6\ud835\udfd6\ud835\udfd6-\ud835\udfd1\ud835\udfce\ud835\udfd7-\ud835\udfd1\ud835\udfd2\ud835\udfce\ud835\udfd3 to cancel &amp; refund your order.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Here&#8217;s your estimate<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">McAfee sent you an estimate for $449.99 USD.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">View Your Estimate<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Seller note to customer<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Thank you for renewing your McAfee antivirus via PayPal Credit. Your amount worth of $449. 99 has been debited from your PayPal Credit account. Call Support +\ud835\udfcf-\ud835\udfd6\ud835\udfd6\ud835\udfd6-\ud835\udfd1\ud835\udfce\ud835\udfd7-\ud835\udfd1\ud835\udfd2\ud835\udfce\ud835\udfd3 to cancel &amp; refund your order.<\/p>\n<\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">This email is carefully crafted to appear real. But all the elements work together to initiate an advanced scam designed to steal money.<\/p><div id=\"mwtad1537703058\" class=\"gas_fallback-ad_381404-ad_309691-placement_381406\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"8735619847\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n\n\n\n<h3 class=\"wp-block-heading\">Who is Targeted by This Scam?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">This scam casts a wide net, trying to trap any vulnerable individuals. The victims tend to fall into a few main categories:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>McAfee customers:<\/strong> Current and past customers of McAfee are likely to trust an email purportedly from the company. The scam takes advantage of brand recognition.<\/li>\n\n\n\n<li><strong>PayPal users:<\/strong> Those with PayPal accounts are more likely to think the email is legitimate if it mentions PayPal.<\/li>\n\n\n\n<li><strong>PayPal Credit users:<\/strong> People who use PayPal Credit may be concerned about fraudulent charges and quick to call about unauthorized billing.<\/li>\n\n\n\n<li><strong>Senior citizens:<\/strong> Older adults who may not be tech-savvy fall for tech support scams at high rates. Scammers exploit lack of cybersecurity awareness.<\/li>\n\n\n\n<li><strong>Any vulnerable individual:<\/strong> Even savvy internet users can be tricked. The social engineering manipulates psychological tendencies to obey authority, reciprocate, be polite, and trust others.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Basically, the scam casts a wide net by mentioning brands people know. Technical jargon about malware infections also intimidates people who aren\u2019t cyber-educated. And practiced social engineering maneuvers allow scammers to persuade all types of people.<\/p>\n\n\n\n<div id=\"mwtad2375915462\" class=\"gas_fallback-ad_309747-ad_309691-placement_360587\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"9589536513\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><h2 class=\"wp-block-heading\">How the \u201cEstimate from McAfee\u201d PayPal Scam Works Step-by-Step<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Now let\u2019s dive into a play-by-play overview of how this scam unfolds:<\/p><div id=\"mwtad415531417\" class=\"gas_fallback-ad_360582-ad_309691-placement_360581\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"9971336976\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n\n\n\n<h3 class=\"wp-block-heading\">Step 1: Victims Receive a Phishing Email<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The scam begins when victims receive an unsolicited email designed to mimic a message from McAfee. The sender email and subject line are crafted to persuade recipients the email is legitimate.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">But the message is sent from a compromised email account. Scammers likely hacked into McAfee employee emails and mass blasted phishing emails to their contact lists.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">When recipients get this scam email, it instills a false sense of trust and urgency. The victims don\u2019t realize it\u2019s from scammer imposters plotting to steal their money.<\/p><div id=\"mwtad3408298820\" class=\"gas_fallback-ad_360567-ad_309691-placement_360771\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"6224621518\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n\n\n\n<h3 class=\"wp-block-heading\">Step 2: Victims Call the Scam Call Center<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The fake McAfee email urges potential victims to call a phone number to supposedly cancel a charge and get a refund. This tricks people into phoning the scam call center to clear up what they assume is an error.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">But in reality, the phone number routes to criminals impersonating McAfee support reps. These smooth-talking scammers have one goal: to access the victim&#8217;s computer remotely.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">When victims call, the fake support rep \u201cverifies\u201d some info to further gain trust. They then say hackers likely compromised the computer based on the questionable charges and urge remote access to run a \u201cdiagnostic.\u201d<\/p><div id=\"mwtad3143631939\" class=\"gas_fallback-ad_360571-ad_309691-placement_360772\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"5867729999\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n\n\n\n<h3 class=\"wp-block-heading\">Step 3: Scammers Remotely Access the Victim\u2019s Computer<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The con artists scare victims by claiming hackers have completely corrupted their computer. They say they urgently need remote access to remove the viruses and malware.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The criminals will guide victims step-by-step how to download screensharing software like AnyDesk. Or they\u2019ll ask victims to open built-in Windows utilities like Quick Assist.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Either way, the scammers now have full remote control over the victims\u2019 computers. The victims are tricked into willingly granting access, not realizing it gives scammers complete power to manipulate their devices.<\/p><div id=\"mwtad1450296579\" class=\"gas_fallback-ad_360576-ad_309691-placement_360773\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"6594472392\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n\n\n\n<h3 class=\"wp-block-heading\">Step 4: Scammers Manipulate and Control the Victims\u2019 Screens<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">With remote access, the criminals can now control the victims\u2019 screens to display whatever they want.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The scammers pretend to run in-depth diagnostics and make a big show of pointing out dangerous infections and security threats. This helps solidify in the victim&#8217;s mind that hackers have hijacked their device.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In reality, the scammers are just using remote access software tricks to fake diagnostic results and error messages. But victims are led to believe only the scammer imposters can remove the non-existent infections.<\/p><div id=\"mwtad1679078763\" class=\"gas_fallback-ad_360583-ad_309691-placement_360774\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"8849826992\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n\n\n\n<h3 class=\"wp-block-heading\">Step 5: Scammers Falsify Banking Website Activity<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Here\u2019s where things get extremely sneaky. The scammers open the victim\u2019s bank website and manipulate the HTML to change what\u2019s displayed.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">They know most modern banking sites use single page apps that can have the DOM modified without reloading the page. So they tweak the HTML to make it look like the victim accidentally sent huge sums to the scammer.<\/p>\n\n\n\n<div id=\"mwtad938747369\" class=\"gas_fallback-ad_360584-ad_309691-placement_360775\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"3952847241\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><p class=\"wp-block-paragraph\">For example, they\u2019ll alter the page to show an extra $50,000 wire transfer out of the account to a name matching the scammer\u2019s alias. The victims now think they mistakenly wired all their money to the criminals.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 6: Victims Are Tricked Into Sending Money<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The scammers now have full control of the banking website displayed on the victim&#8217;s screen. They can pretend to call the bank and \u201cverify&#8221; the accidental transfer occurred.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">They then pressure the shaken victim to reverse the transfer by sending that amount of money directly to the scammers.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The criminals may provide wire transfer details, request gift card numbers, or give a Bitcoin address. They often pretend the victim needs to send payments to access a refund account.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Sadly, victims already convinced hackers stole their money will scramble to send tens of thousands of dollars via irreversible means to the criminals.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Once the scammers receive the money, they disable the remote access software and disappear &#8211; along with the victim\u2019s stolen funds.<\/p>\n\n\n\n<div id=\"mwtad171402895\" class=\"gas_fallback-ad_309748-ad_309691-placement_360588\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"3906789406\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><h2 class=\"wp-block-heading\">What To Do If You Already Fell Victim to This Scam<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">If you already succumbed to this scam, don&#8217;t panic. Here are important steps to take right away:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 1: Contact Your Bank Immediately<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Time is of the essence. Contact your bank and explain you already authorized transfers due to a scam. Ask them to halt any pending wire transfers right away.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Also, watch for further unauthorized charges. Dispute any scam-related deductions by filing a fraud claim with your bank. Freeze your account if needed to prevent more money from being stolen.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 2: Call Your Gift Card Provider<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">If you revealed gift card numbers, call the merchant and ask them to deauthorize the cards immediately so the scammers can&#8217;t redeem them. Act fast before the criminals use the funds.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For example, if you bought iTunes cards for the scam, call Apple Support right away. Ask them to cancel the codes since they were obtained under fraudulent pretenses.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 3: Report the Fraud to Authorities<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Contact authorities about the financial fraud you experienced:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>File a report with the FBI\u2019s Internet Crime Complaint Center at ic3.gov. This helps authorities track and prosecute scammers.<\/li>\n\n\n\n<li>Report it to the Federal Trade Commission on their website or by calling 1-877-FTC-HELP.<\/li>\n\n\n\n<li>Contact your state attorney general\u2019s office and local police department too. Give them details to aid investigations.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Reporting the scam helps prevent others from being victimized. The authorities rely on complaints to build cases against scammers and bring them to justice.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 4: Notify Companies Impersonated in the Scam<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Make sure to contact any companies whose name the scammers used as part of the ruse, such as McAfee and PayPal in this example scam.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Report to them that their business name is being used in a phishing scam. They may be able to shut down scam phone numbers spoofing their call centers.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 5: Monitor Accounts Closely<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Carefully scrutinize all your financial accounts and credit reports for signs of any further misuse of your information. Scammers who gained remote access to your device may have stolen data to commit additional identity theft.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Enable two-factor authentication everywhere possible and change all passwords from a clean computer. Sign up for credit monitoring alerts to catch any new scam activity quickly.<\/p>\n\n\n\n<div id=\"mwtad3116528210\" class=\"gas_fallback-ad_318930-ad_309691-placement_360589\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"3818335085\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><h2 class=\"wp-block-heading\">Protecting Yourself from the \u201cEstimate from McAfee\u201d Scam<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Here are key tips to avoid becoming a victim of this insidious scam:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Be Wary of Unsolicited Emails and Calls<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The scam starts with an unexpected email or phone call purporting to be from McAfee. Always be suspicious of any surprise contacts demanding payment or asking you to call a number.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Real McAfee renewal invoices are sent directly to paying account holders. McAfee does not cold call people demanding remote access to their computers. Hang up on any shady calls.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Verify the Sender\u2019s Email Address<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Don\u2019t trust any emails that look like they\u2019re from McAfee or other companies. Gmail addresses can be forged.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Carefully check that the address exactly matches the real McAfee domain. Watch for extra letters or characters that indicate it\u2019s fake.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Hover over links to check the URLs too. And never call phone numbers or click links in suspicious emails claiming you owe money.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Never Give Unknowns Remote Computer Access<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">No legitimate tech support reps will ever cold call you and demand immediate remote access to your computer. This is always a huge red flag for tech support scams.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Never download software like AnyDesk or TeamViewer just because someone who called you insists you must. Refuse to click on remote access links too. And don\u2019t trust your bank website if someone already remoted into your computer &#8211; scammers can manipulate what you see.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Learn to Spot Fake Banking Screens<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Educate yourself on the tricks scammers use to alter what you see on your bank\u2019s website by manipulating the HTML.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Know the real site well so you can detect if anything looks different or odd. Never send money just because someone claims your account was hacked based on weird things you see on your screen.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Use Strong Passwords and 2FA<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Make all your passwords long and complex so hackers can\u2019t break into your accounts. Enable two-factor authentication everywhere feasible as an added layer of security.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This prevents scammers from being able to access your accounts even if they phish for your login info.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Keep Software Updated<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Always update your operating system, browsers, antivirus software and apps. The latest security patches fix vulnerabilities that scammers exploit to remotely access devices and steal data.<\/p>\n\n\n\n<div id=\"mwtad583866061\" class=\"gas_fallback-ad_381388-ad_309691-placement_381390\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"3191649120\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><h2 class=\"wp-block-heading\">Frequently Asked Questions About the \u201cEstimate from McAfee\u201d PayPal Scam<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">What is the \u201cEstimate from McAfee\u201d PayPal scam?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">This is a dangerous tech support scam that starts with an email claiming you owe McAfee money for antivirus software renewal through PayPal Credit. The email tells you to call a number to cancel the charges. However, the number actually connects you to skilled scammers who trick you into giving them remote access to your computer. They then manipulate your screen to show fake bank transfers and get you to pay them money.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How does the scam email look?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The scam email is made to look like an official receipt or invoice from McAfee. The sender email and subject line appear to be from McAfee. The body says McAfee has charged you around $450 through PayPal Credit for antivirus renewal. It provides a phone number to call to supposedly cancel the charge.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Is the email really from McAfee?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">No, the email is not really from McAfee even though it looks like it is. Scammers fake the sender address and use the McAfee name to add legitimacy. They likely hacked into real McAfee employee email accounts to access contact lists to blast out the phishing scam messages.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">What happens if I call the phone number in the email?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The phone number in the scam email goes to a fraudulent call center, not the real McAfee. Criminals posing as McAfee support reps answer the call. They pretend to help you while actually plotting to access your computer remotely.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How do the scammers gain remote access to my computer?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The fake support rep will say hackers likely infected your device based on the questionable charges. They insist on a remote session to diagnose the issue. They guide you through downloading screensharing software or opening built-in Windows remote tools. Victims are tricked into willingly allowing scammer access.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">What do the scammers do once they have remote access?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Having remote control over your computer allows the criminals to manipulate what you see on your screen. They pretend to run security scans but are really just showing fake diagnostic results they fabricated to convince you that your device is infected.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How do the scammers fake bank transfers?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The scammers use their remote access to open your real bank website. They then alter the HTML code to make it appear as if you accidentally sent them large sums of money. For example, they can add a fake wire transfer to their alias. You then think you mistakenly wired them all your money.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How do the scammers get your money?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The scammers pressure you to reverse the fake accidental bank transfer by sending that amount of money to them through wire transfers, gift cards, cryptocurrency, etc. They provide details for you to send funds to under the guise it&#8217;s for a refund account. Victims scramble to send money, not realizing it\u2019s all a scam.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">What should I do if I already fell for this scam?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">If you fell victim already, immediately contact your bank to halt any pending wire transfers. Report the fraud to your bank and authorities like the FBI IC3, FTC, and state attorney general. Notify companies impersonated like McAfee. And monitor your accounts closely for any further misuse of your information.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How can I avoid this scam?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Be wary of surprise calls\/emails demanding money. Verify senders are real. Never give remote access to strangers. Learn to spot fake bank screens. Use strong unique passwords and two-factor authentication everywhere. Keep software updated. And never pay anyone who contacts you out of the blue claiming you owe money.<\/p>\n\n\n\n<div id=\"mwtad414602602\" class=\"gas_fallback-ad_381392-ad_309691-placement_381395\" style=\"margin-top: 30px;margin-bottom: 30px;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7750719144850257\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-7750719144850257\" \ndata-ad-slot=\"2944237110\" \ndata-ad-format=\"auto\" data-full-width-responsive=\"true\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><h2 class=\"wp-block-heading\">The Bottom Line on the \u201cEstimate from McAfee\u201d Scam<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The \u201cEstimate from McAfee\u201d scam is a frightening fraud that can lead to massive financial loss through slick social engineering and technical tricks. Scammers rely on tricking victims into calling them and then gaining remote control of their devices.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If you receive a suspicious call or email asking you to pay money, hang up and notify the real companies being impersonated. Never provide remote access or send payments to strangers who contact you out of the blue.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">With awareness of how this scam unfolds plus smart security habits, you can ensure you don\u2019t fall victim. Be vigilant against unsolicited contacts, verify senders, use strong passwords, and keep software updated.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Protect yourself and help warn others about this scam. The more prepared people are, the less power these criminals have to carry out their deceitful schemes.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The \u201cEstimate from McAfee\u201d PayPal scam is a cunning scheme that combines elements of phishing, tech support scams, and bank fraud to steal money from victims. This dangerous scam starts with an email that looks &#8230; <\/p>\n<p class=\"read-more-container\"><a title=\"Uncovering the &#8220;Estimate from McAfee&#8221; PayPal Scam Stealing Money\" class=\"read-more button\" href=\"https:\/\/malwaretips.com\/blogs\/estimate-from-mcafee-paypal-scam\/#more-249960\" aria-label=\"Read more about Uncovering the &#8220;Estimate from McAfee&#8221; PayPal Scam Stealing Money\">Read more<\/a><\/p>\n","protected":false},"author":50,"featured_media":249961,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[49],"tags":[],"class_list":["post-249960","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-scam-reports","masonry-post","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","resize-featured-image"],"_links":{"self":[{"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/posts\/249960","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/users\/50"}],"replies":[{"embeddable":true,"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/comments?post=249960"}],"version-history":[{"count":0,"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/posts\/249960\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/media\/249961"}],"wp:attachment":[{"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/media?parent=249960"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/categories?post=249960"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/malwaretips.com\/blogs\/wp-json\/wp\/v2\/tags?post=249960"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}