A new scam is impersonating the popular antivirus company Avast to trick French-speaking users into revealing their credit card details. The fraudulent website claims that users are entitled to a €499.99 refund, a charge that was never made. The site uses familiar branding and urgency-driven messages to pressure victims into submitting their payment information.
The scam page closely mimics Avast’s legitimate website, even loading the Avast logo from its own content delivery network to appear convincing. Users are shown a transaction record with a charge of €499.99, which is actually a fixed amount, designed to provoke immediate concern. The page includes false information about a limited time to cancel the charge, creating a sense of urgency.
The scam then asks victims for their personal details, including full names, email addresses, and phone numbers. Once these details are submitted, the site requests credit card information to “process the refund.” The website even uses the Luhn algorithm to validate the card number, ensuring only valid data is submitted. Once the details are sent, the scammer receives the data and the victim is redirected to a fake confirmation page.
What makes this scam even more dangerous is the inclusion of a live chat feature, powered by a legitimate support platform, Tawk.to. This allows the scammers to interact with victims in real time, convincing them to proceed with providing their payment information.
The scam targets a variety of victims:
- Avast customers who feel they have been wrongly charged for a renewal.
- Forgotten subscribers who don’t remember signing up for Avast services.
- Alarmed individuals who fear their credit card information has been stolen.
- Opportunists who believe they can claim the refund and lose their own card details.
How to Spot a Refund Scam
| Red Flags to Identify a Refund Scam | Description |
|---|---|
| Unfamiliar charge showing as “today” | Scammers often use the current date to make the charge look urgent and authentic. |
| Urgent cancellation deadlines | Messages that create a false sense of urgency to rush you into taking immediate action. |
| Requesting full credit card information for a refund | Legitimate refunds never require re-entering your full card details and CVV on an unverified page. |
| No account login or purchase verification required | Real companies confirm your account before processing refunds, but scam sites bypass this step. |
| Live chat pushing you to act quickly | A live “support agent” encouraging you to proceed could be part of the scam, not legitimate assistance. |
| Request to uninstall security software | Genuine refund processes never ask you to remove your antivirus or security protection. |
| Suspiciously similar website domain | Watch for slight changes in domain names; always type the official website URL directly into your browser. |
What to Do if You’ve Entered Your Details
If you’ve been a victim of this scam, contact your bank immediately, cancel your card, and dispute any unauthorized charges. It’s also important to change passwords for any accounts linked to your email address and run a full scan with a trusted security product.
No Comment! Be the first one.