A convincing new phishing scam has been recently observed, targeting French-speaking users by impersonating the well-known antivirus firm, Avast. This isn’t your typical messy scam; the attackers have built a near-perfect replica of the official Avast portal to trick people into handing over their full credit card details.
The ‘Today Only’ Panic Tactic
Scammers love to create a sense of urgency, and this scam is no different. When a victim lands on this fake site, they are met with a professional-looking orange notification claiming they have been charged €499.99 for a subscription. The date on this “receipt” isn’t fixed; the site uses a simple bit of code to pull the time from your own computer. This means that no matter when you visit, the charge looks like it happened ‘today.’
To put further pressure, the site claims you only have 72 hours to cancel. Interestingly, it also mentions that transactions older than 48 hours cannot be reversed. This contradiction is a classic psychological trick designed to make you panic and rush through the form without thinking.
High-Tech Deception
Further probing by the research firm Malwarebytes revealed just how deep the deception goes. The site doesn’t just look the part but acts like a real banking portal too. When users are prompted to enter their card number, expiry date, and CVV for a refund, the site uses the Luhn algorithm. For your information, this is a standard mathematical formula banks use to verify if a credit card number is valid. By using this, the scammers ensure they aren’t wasting time with fake or mistyped numbers.
Perhaps the boldest part of the scam is the inclusion of a live chat widget. Using a legitimate service called Tawk.to (specifically ID: 689773de2f0f7c192611b3bf), the fraudsters can actually watch you on the page in real-time. If you hesitate, a support agent might even message you to offer a friendly nudge to complete the form.
How to Protect Yourself
This scam targets everyone, from loyal Avast customers and people who don’t even own the software to those looking for a quick “bonus” refund. The site never asks for a login or a license key because it doesn’t care about your account; it only wants your bank details.
If you ever see a surprise charge like this, never click the links provided and just type the company’s web address directly into your browser. If you have already entered your details on a site like this, you should contact your bank immediately to cancel your card and dispute the transaction.
