13-09-2020 12:53 PM in
I’m wondering if anyone else has had this experience with Samsung S9.
I’d been looking into getting some anti virus software previously, mainly for my laptop but the cost didn’t seem to vary too much to just buy a package that covered all my devices.
Meanwhile I’m in Device Care on my Samsung S9, clicked on security to run a scan and it was here I seen 2 blue boxes underneath the ‘scan phone’ button,
-one offering special offers for multiple protection on all devices
-see award winning products that meet your security needs.
I decide to click the top one and it took me through to Mcafee (or so I thought) and was offered unlimited protection including VPN on an unlimited number of devices for a year - all for £15.. I should of know then - but as it was an offer shown in the phones settings (and the webpage saying it was a special offer for Samsung users.. I took the bait).
i realised quickly afterwards what had happened but not before I opened up the email they sent and clicked the link to download the Security app, they was ever so kind to send a link to my IPad where I also downloaded this app, thankfully I didn’t get round to doing the laptop. I knew something was really wrong when it had finished downloading but was no where to be found in either device. Then the webpages etc started acting up, log in boxes covering up the screen and I was receiving bogus texts/emails with verification codes from Microsoft, Google and Apple when I was trying to reset my passwords. The only thing what’s fixed both devices was a factory reset and I’ve obviously cancelled my bank card.
These links are still showing up after the factory reset, they’re offering it even cheaper today at £10 😅 I’m usually quite up on not clicking unfamiliar links and keeping safe online but this ones stumped me, it was in the phone’s settings! How did it get there, does anyone else have these options? I was going to forward the emails & texts onto Samsung for review but the messages have since totally disappeared despite backing up which has freaked me out even more, how is this even possible?! - All I have now proof wise is a screen shot of the ‘receipt’ and another of the webpage after I’d made the payment with the ‘serial number’ for activation of the product - oh and a transaction on my banking - hard to tell which Mcafee page is legitimate on Google to report it to Mcafee although I’m pretty sure this is a scam directed at a Samsung users.
If anyone could shed some light and educate me on how these links got into the phone settings in the first place it would be much appreciated.
13-09-2020 03:52 PM in
13-09-2020 05:31 PM in
JohnW27 I do believe that Mcafee work in partnership with Knox to deliver the security to the devices, my browser also shown it to be a safe site and I didn’t suspect a thing until the moment the payment had been taken and THEN you had to tick to accept T&Cs for the subscription and upon doing so a validation code popped up. There was a download button there too which I didn’t press because by this point the page didn’t look quite right - waited for the confirmation email and downloaded through the link in that, which is when the dodgy stuff started happening in my web browser. I’m still unsure whether the problem is totally fixed. E.g logging into my email account before with a new password (reset from a totally different unaffected device) and as I was typing the password in the box it was not being censored as usual - also I have an authentication for this particular email account so it should have been verified through this but I didn’t get an option for that. I cancelled the log in tried again and this time got a legitimate alert through my authenticator. Maybe I’m just thinking into it too much now but it did seem strange.
13-09-2020 05:32 PM in
usbst3 I also noticed that Mcafee had full admin rights when I was searching through trying to find the ‘app’ I’d just downloaded, denied access straight away and hasn’t effected the way the phone scans for security issues or any other functions so unsure why it had access in the first place!