No link to click. Just a phone number, a fake charge, and a friendly voice that wants onto your screen. Here is the trick, and how to shut your own doors first.
Save My Seat →Thursday, July 9, 2 PM ET. No charge, no pitch.
The problem: A fake "your antivirus is about to auto-renew for $349" email lands in a business inbox. There is no bad link to spot, just a phone number. Someone on your team calls, and a friendly "agent" talks them into handing over a card and remote control of a work computer.
The solution: One office rule stops the whole con, and the fewer open doors on your machines, the less anyone can do even if they sweet-talk their way in. I will show you both, live, in plain English.
In this article
A reader who runs a small office forwarded me one that is hitting business inboxes hard. The email says the company's antivirus subscription, Norton in this case, is about to auto-renew for three hundred and forty-nine dollars. Did not authorize it? Call this number to cancel.
There is the trick. Just a phone number, nothing for a spam filter to catch. Whoever calls is in a hurry about a charge nobody recognizes, and a calm "agent" offers to process the refund. They ask for a card number to "send the money back," and then comes the real prize. They talk your employee into letting them onto the computer. Once they are in, every open door on that machine, and the network behind it, is theirs.
The whole con runs on a charge that was never real. It does not need a real subscription, a bad link, or any technical skill. It needs one person in a hurry and a phone. In a business, that person might be the office manager, the bookkeeper, or you on a busy afternoon.
And the payoff is bigger at a company than at home. A home machine is one machine. A work computer is a doorway to the shared drives, the email, and the other computers on the network. That is why the crooks love a business target.
No honest company refunds you by getting onto your screen. So make it a standing rule at the office: nobody gives remote control of a work computer to someone who called or emailed first, and no "renewal" gets paid or canceled using a number from the message. Check the real card statement instead.
The other half is the doors on your machines. These scams want remote control because that is where the open doors are. The fewer you leave open, the less a crook can do even if they talk their way in.
These calls are scripted to sound helpful and to move fast, and they are aimed at good people trying to fix a problem. Blaming the person who fell for it misses the point. The fix is a clear rule and fewer open doors, not sharper instincts.
I have spent fifty years in this, FBI InfraGard, zero ransomware on any client I have worked with. And the scammers still got to my own father. He let them onto his computer, and I stopped them remotely just before they reached the spreadsheet with all his bank passwords. We were lucky. That night is the whole reason I made seeing your open doors simple.
No guesswork. Here is exactly what happens, three steps.
Thursday, July 9, 2 PM ET. Send the email and you are in.
✅ No charge, and nothing to buy on the call.
✅ It is not a pitch-fest. You will leave with real steps whether or not you ever buy a thing.
✅ Plain English. No jargon, and no talking down to you.
✅ Come live if you can, that is where I answer your questions. Saved a seat but can't make it? I'll send you the replay.
✅ If your setup is in good shape, I will tell you so. No scare tactics.
✅ Straight talk. I will show you what is "open" and "at risk," never "guaranteed."
Maybe. But it only takes one busy afternoon and one person trying to do the right thing about a charge they did not recognize. The scam is built for exactly that moment, and remote access to a single work computer can reach your whole network.
An hour now gives your team the one rule and shows you which doors are already open. If you are buttoned up, you will walk away knowing it.
These scams want into your computer. The fewer open doors you leave, the less they can do. Spend one hour with me, walk away knowing exactly what to close first, and get back to running your business instead of guessing.
Save My Seat →Thursday, July 9, 2 PM ET. No charge, no pitch.
Want this kind of plain-English security news every week? Sign up for Craig's Insider Notes at CraigPeterson.com.
Join thousands of security professionals who receive Craig Peterson's Insider Show Notes and cybersecurity updates.
Join 10,000+ cybersecurity professionals