Avoid getting scammed by "McAfee - Your Card Payment Has Failed!" sites
Written by Tomas Meskauskas on (updated)
What is "McAfee - Your Card Payment Has Failed!"?
While inspecting sites that use rogue advertising networks, our researchers discovered the "McAfee - Your Card Payment Has Failed!" scam. It claims that the McAfee anti-virus has expired due to a failed reoccurring payment. Users are encouraged to rectify this issue and protect the vulnerable devices.
In most cases, this scam model is used to trick users into downloading/installing and/or purchasing (likely dubious) products. It must be stressed that both the McAfee anti-virus and its developers McAfee Corp. are not associated with this scam.
"McAfee - Your Card Payment Has Failed!" scam overview
The scam's first words inform the website's visitors that their card payment has failed. It goes on to detail that the supposed reoccurring payment for the McAfee anti-virus subscription has expired. This claim will be made by the scam regardless of whether the users have ever purchased this anti-virus.
Visitors are then told that their devices are vulnerable to virus and malware infections without an active anti-virus, which - while factually correct - does not make the scam's other claims less false.
Users are urged to complete the payment that will allegedly be discounted by 50% since they are repeat customers. The page also contains a timer counting down until the offer becomes void.
Typically, scams using this model promote untrustworthy, fraudulent, and malicious software, e.g., fake anti-virus tools, adware, browser hijackers, and various PUAs (Potentially Unwanted Applications). In rare cases, deceptive content of this kind proliferates trojans, ransomware, and other malware.
When we inspected "McAfee - Your Card Payment Has Failed!", it redirected us to the official payment webpage of McAfee. However, that does not mean that this promotion is approved by McAfee Corp. Scammers often abuse affiliate programs of genuine content in order to obtain illegitimate commissions for the promotion.
The promise of a discount is likely bait to lure users into following the link provided by "McAfee - Your Card Payment Has Failed!". It is crucial to mention that there are no guarantees that the scam will continue to redirect to McAfee's website. It could redirect to a phishing or malware-spreading webpage, which could be competently disguised as McAfee's site.
It must also be noted that no website can detect threats or issues on visitors' devices - hence, any that proclaim such are scams.
In summary, by trusting scams like "McAfee - Your Card Payment Has Failed!" - users can experience system infections, serious privacy issues, financial losses, and even identity theft.
|Name||"McAfee - Your Card Payment Has Failed!" scam website|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Fake Claim||Reoccurring payment for McAfee anti-virus has failed and the subscription has expired.|
|Detection Names (catus[.]click)||alphaMountain.ai (Suspicious), Full List Of Detections (VirusTotal)|
|Serving IP Address (catus[.]click)||22.214.171.124|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
Similar scam examples
We have analyzed thousands of online scams; "Your Computer May Be At Risk With An Expired McAfee License", "Your antivirus protection has expired", "McAfee Total Protection has expired", and "Your Antivirus Has Expired" are just a few examples of ones claiming that the McAfee anti-virus has expired.
The Internet is rife with deceptive content making a wide variety of fake claims in order to gain and subsequently abuse users' trust. Scams can attempt to deceive victims into downloading/installing apps, purchasing products/services, disclosing private information, making monetary transactions, and so on.
Due to how widespread this content is on the Web, we strongly recommend exercising caution when browsing.
How did I open a scam website?
Scam sites can be accessed via webpages that use rogue advertising networks. The deceptive page can be force-opened the moment a rogue website is entered or when hosted content is interacted with (e.g., buttons, links, text input fields, ads, etc.).
Intrusive advertisements and spam browser notifications promote online scams as well. Misspelling a website's domain (URL) can also result in a redirect to a scam website. Additionally, adware can promote this content through ads or by force-opening webpages that run it.
How to avoid visiting scam websites?
We advise against using sites offering pirated content or other questionable services (e.g., illegal streaming/downloading, Torrenting, etc.), as these websites are typically monetized using rogue advertising networks.
To avoid receiving dubious/harmful browser notifications - do not permit suspicious webpages to deliver them (i.e., do not click "Allow", "Allow Notifications", etc.). Instead, ignore or deny notification requests (i.e., press "Block", "Block Notifications", etc.).
We recommend paying attention to URLs and entering them with care. And to prevent unwanted/malicious software from infiltrating the system, download only from official/verified channels and approach installation with caution (e.g., by reading terms, studying possible options, opting-out of additions, etc.).
We also advise being vigilant when browsing since fake and dangerous online content usually appears legitimate and harmless. For example, intrusive ads may look ordinary yet redirect to highly questionable websites (e.g., gambling, pornography, phishing, scam-promoting, etc.).
If your computer is already infected, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate all threats.
Text presented in "McAfee - Your Card Payment Has Failed!" scam:
Your card payment has failed!
Recurring payment has failed and your antivirus subscription of McAfee Total Protection has expired on December 3, 2022.
After the expiry date has passed your computer will become susceptible to many different virus threats and hackers attacks.
Your antivirus is not active. PC is unprotected and exposed to viruses and other malwares.
Please continue to next page and finish your payment
As a previous customer, you are eligible for discount: 50% OFF
This offer will expire in:
3 mins 43 secs
Windows® | macOS® | Android™ | iOS®
The appearance of "McAfee - Your Card Payment Has Failed!" pop-up scam (GIF):
Another appearance of "McAfee - Your Card Payment Has Failed!" pop-up scam:
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is "McAfee - Your Card Payment Has Failed!" scam website?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.
Frequently Asked Questions (FAQ)
What is a pop-up scam?
Pop-up scams are designed to trick users into performing specific actions with the use of various deceptive claims. Victims can be deceived into making monetary transactions, purchasing products or services, downloading/installing services, calling fake support lines, disclosing private data, and so on.
What is the purpose of a pop-up scam?
Pop-up scams have the sole goal of generating revenue at victims' expense. The primary methods of profiting include: receiving funds through deception, promoting software/products/services, abusing or selling vulnerable information, and spreading malware.
Why do I encounter fake pop-ups?
Pop-up scams are promoted on rogue websites. Most users access such sites via redirects caused by mistyped URLs, pages that use rogue advertising networks, spam browser notifications, intrusive advertisements, or installed adware.
Will Combo Cleaner protect me from pop-up scams?
Combo Cleaner can scan every single website that you visit and inform you if they are suspicious, deceptive, or malicious (this includes those that promote scams). Should you enter a suspect webpage - you will be immediately warned, and further access to the site will be blocked.
▼ Show Discussion