What is "Norton Antivirus 2021 Update"?
"Norton Antivirus 2021 Update" refers to a scam run on various untrusted web pages. The scheme is presented an alert concerning a new update to the Norton anti-virus, which users are urged to install.
Note that "Norton Antivirus 2021 Update" is not a genuine message from NortonLifeLock, the software developers of Norton AntiVirus. The "small print" even states that it is an "Advertisement by an independent affiliate of Norton", though the claim of affiliation is untrue.
The purpose of these schemes is to endorse various products. It is especially rare for scams to promote legitimate tools, they are mostly used to distribute untrusted and possibly malicious software, most notably scams like "Norton Antivirus 2021 Update" promote fake anti-viruses, adware, browser hijackers, and other Potentially Unwanted Applications (PUAs). In some cases, schemes of this kind have been observed being used to proliferate malware (e.g., trojans, ransomware, cryptocurrency miners, etc.).
Deceptive sites are typically accessed inadvertently via mistyped URLs, redirects caused by intrusive advertisements, and installed PUAs.
The "Norton Antivirus 2021 Update" scam claims that Norton has released an update in response to recent malware/virus reports. The scheme alerts users that devices without installed protection tools are at risk of system infections and poor performance.
The scam urges users to clean and improve their computer system operation immediately. To install the update supposedly does not require a system restart. The "small print" on the page states that it is not a security warning but an advertisement.
The scheme falsely claims that it is an ad from an "independent affiliate of Norton". Note that "Norton Antivirus 2021 Update" cannot be trusted. You are strongly advised against downloading/installing and/or purchasing content endorsed through this scam.
As mentioned, PUAs are often promoted through scams. These applications may seem legitimate and offer "useful" features, which are seldom operational. Fake anti-virus tools are prime examples of this - they require activation (i.e., purchase) to perform the advertised functions, yet following activation, they remain nonoperational.
Furthermore, unwanted apps can have harmful capabilities. Some can force-open misleading, deceptive/scam, and malicious websites (e.g., ones running "Norton Antivirus 2021 Update"). Other PUAs classified as adware operate by running intrusive advertisement campaigns.
The delivered ads diminish the browsing experience and are dangerous. When clicked, intrusive ads redirect to dubious/malicious sites, and some can stealthily download/install software.
Browser hijackers are PUAs that modify browser settings and restrict/deny access to them in order to promote bogus search engines. The promoted web searchers usually cannot provide search results, and so they redirect to Google, Bing, Yahoo, and other genuine search engines.
Furthermore, most PUAs can track data. They monitor browsing activity (URLs visited, pages viewed, search queries typed, etc.) and collect vulnerable information derived from it (IP addresses, geolocations, and even personally identifiable details). PUA developers monetize the collected data by sharing it with and/or selling it to third-parties (potentially, cyber criminals).
In summary, the presence of unwanted software on devices can lead to system infections, serious privacy issues, financial loss, and identity theft.
To ensure device integrity and user privacy, all suspicious applications and browser extensions/plug-ins must be eliminated immediately upon detection.
|Name||Norton Antivirus 2021 Update pop-up|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Fake Claim||Scam urges users to update the Norton anti-virus.|
|Disguise||Scam is presented as an alert from Norton/advertisement from an independent affiliate of Norton.|
|Detection Names (secure.protect-pc-plus[.]xyz)||Forcepoint ThreatSeeker (Suspicious), Full List Of Detections (VirusTotal)|
|Serving IP Address (secure.protect-pc-plus[.]xyz)||126.96.36.199|
|Distributed Unwanted Apps||Various dubious applications|
|Symptoms||Fake error messages, fake system warnings, pop-up errors, hoax computer scan.|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
The internet is rife with misleading and deceptive websites/content.
Popular scam models include: alerts that an essential piece of software is outdated or missing, warnings that the system is infected or at risk, fake prize giveaways and raffles, "unbelievable" deals and offers, etc. "Instagram Copyright Infringement", "Your System Detected Some Unusual Activity", "Chrome search contest 2021", "Your ANTIVIRUS subscription has expired", and "Spin The Wheel" are some examples of online scams.
The sole purpose of these schemes is to generate revenue at users' expense. Due to the widespread nature of these scams, exercise caution when browsing.
How did potentially unwanted applications install on my computer?
PUAs are distributed via download/installation set-ups of other products. This deceptive marketing tactic of packing regular software with unwanted or malicious additions is called "bundling".
Rushing download/installation processes (e.g. ignoring terms, skipping steps and settings, etc.) increases the risk of inadvertently allowing bundled content into the system.
Some PUAs have "official" download sites. Intrusive advertisements proliferate these applications as well. Once clicked, they can execute scripts to download/install PUAs without users' consent.
How to avoid installation of potentially unwanted applications
You are advised to research all software before download/installation or purchase. All downloads must be done from official and verified sources, since dubious channels such as unofficial and free file-hosting websites, Peer-to-Peer sharing networks and other third party downloaders commonly offer deceptive or bundled content.
When downloading/installing, read the terms, explore all possible options, use the "Custom/Advanced" settings and opt-out of supplementary apps, tools, features, etc. Intrusive ads may seem normal and harmless, however, they can redirect to various dubious web pages (e.g. gambling, pornography, adult-dating, and many others).
If you encounter ads or redirects of this kind, inspect the system and remove any suspicious applications and browser extensions/plug-ins immediately.
If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.
Text presented in the "Norton Antivirus 2021 Update" scam:
Norton Antivirus 2021 Update
Due to recent reports of Malware and Viruses, Norton has released an Antivirus update.
Computers without the Antivirus, could be exposed to viruses and slower performance.
Clean and improve the performance of your Computer now. No computer restart is required.
Click Here to Enable Now
Advertisement by an independent affiliate of Norton
PROTECT YOUR COMPUTER
Instantly identify harmful threats
Speedup overall performance
Delete redundant files
Secure internet connection
The appearance of "Norton Antivirus 2021 Update" pop-up scam (GIF):
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is Norton Antivirus 2021 Update pop-up?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.