Warning - Live Chat Compromised!

This is worth reading. It highlights a threat from using Norton Live Chat and the conflicting advice given by help agents!

 

Wed 18:48

You sent

My subscription expires in two days so I contacted Norton about renewal prices. I didn't expect the assistant who called me to get me to allow him to access my computer to run a scan remotely. Now I've been told this was a scam and I may have given him information that allows him access my computer when he wants to. Is this normal? He got me to install something called Supremo.

Norton

Hello Paul, We appreciate your initiative in communicating with us. We would like to collect some more details to investigate further on the issue you have cited. Could you please confirm your Norton registered email address so that I can help you further with your issue. -Neha

Norton

Thank you for sharing the requested information. May I know if the Norton support agent provided you any case number? -Neha

You sent

No he didn't

Norton

Paul, I request you to run Norton Power Eraser in your device to remove threats and prevent usage of any third party tools that are not owned by Norton. To run Norton Power Eraser please go through support article: https://support.norton.com/sp/en/us/home/current/solutions/v129164633 and let us know if you face any issue following the steps. -Neha

You sent

Was this a proper Norton agent? I first used the chat bot which asked me for a contact number, then I received a call back on that number, so I thought it would be okay.

Norton

Paul, I would like to inform you that Norton never calls you unless you request a callback. -Neha

Also, upon checking your account records, I can see that you contacted our team 2 hours ago, however, no remote session was taken to run scan. 

You sent

This is very bad. It looks like by logging into My Account, at Norton and using the online help, I may have been hacked! Can you see the online communication we had two hours ago? It asked me for a contact number.

Norton

Paul, as I can check, the last agent informed you about the subscription details and assured you that you can you can merge your subscriptions. -Neha

You sent

So are you telling me this was a genuine agent - you told me agents don't call unless I request a call back, which I didn't do.

Norton

Paul, may I know if Norton agent called you in order to provide you the information? -Neha

You sent

The Norton agent called me after the chatbot asked for a contact number. He then got me to install Supremo so he could scan my computer. Since then, I've been told that it was likely to be a scam.

Norton

May I know the name of agent, you got connected to over the call? -Neha

You sent

If he gave it, I didn't make a note of it. I just trusted the Norton site to provide a service without threat of being hacked.

Norton

Paul, if you have contacted the legitimate Norton support website, in that case we can assure you that your device is protected and threat free. -Neha

You sent

Okay thanks. Is there any need then to Norton Power Eraser?

Norton

Most welcome. You can always run Norton Power Eraser in order to ensure the safety and protection. -Neha

Sun 02:05

Norton

Hello Paul! We are following up regarding your concern whether it is resolved or not. If you need any further assistance, please let us know. - Adity

Sun 10:38

You sent

It's not resolved. The more I thought about it, the more concerned and annoyed I am about the call. I put the following on Norton Community to see if anyone else has been asked to let the advisor scan their computer before discussing renewal prices, "the call I received was after logging in to the official Norton website, used their official chatbot which asked me for my contact number (I thought for verification purposes)".

My concern was really, when wanting to discuss renewal prices, why I should let the assistant who called me scan my computer after telling me it was the only way he could help me? I'm beginning to believe it was a genuine Norton adviser who called me and that it might have been a very long marketing ploy to get me to buy additional Anti-scam software. If so. that's despicable." If the call was genuine, why was it necessary and why don't Norton have a record of it?

Norton

We apologize for the inconvenience caused to you. As I can check, the last agent has informed you about the subscription merger.

Sun 11:47

You sent

Sorry, but you also have missed the point and not resolved my query - why did I have to have my laptop scanned before a renewal price could be discussed? It took over half an hour on the phone on a call I didn't request and left me very concerned about whether I'd been scammed. Was this just a hard sell trying to get me to buy more software?

Norton

Paul, I would like to clarify here that Norton support does not call you unless you have an active case with us regarding some issue. The call you received was not from Norton and we do not ask for a remote session in case of renewals. -Falak

You sent

You might then appreciate my concern when I entrust Norton with my online security, use the official Norton site and Live Chat service which leads to me to being hacked! Also, I'm now getting conflicting advice on here. If you read the previous advice on this thread, you'd have seen I was told, "Paul, if you have contacted the legitimate Norton support website, in that case we can assure you that your device is protected and threat free. -Neha" Who's correct? Looks like Norton allows in hackers and some advisors give wrong advice. Very disappointing!

Norton

We apologize for the inconvenience caused to you. As I can see the the last agent has suggested for the subscription merger. - Pooja

You sent

Completely skirts around the problems I've identified!!

Norton

Paul, also I would like to inform you that Norton never ask for the remote control in case of renewals. - Pooja

You sent

Well Norton need to look at their own security systems because it was the live chat on their official site that lead to my being contacted and starting the remote access.

Norton

We do understand your concern but as I have checked there is no callback has been schedule on your case. Also, if you have initiated the chat from our website you must have received a case number. Could you please help me with the case number so that I can check and assist you further. - Pooja

You sent

Sorry Pooja, but as I have explained a few times, I logged into My Account and contacted Norton via the Chat service. A few automatic questions were asked, one of which was to ask me for a contact number which I provided. The chat informed me that I would receive a call in a few minutes. I then received a call from "an advisor" who asked me to activate a remote session using a site called "Supremo". He said he needed this access before he could help me. If this wasn't from Norton, then Norton has been compromised.

You sent

I'll be posting this thread on "Community" as a warning to others using the Norton chat bot.

Norton

Paul, we apologize for the hassle caused to you. Could you please help me with the screenshot of the chat which you have initiated in which you have received the callback from our team? - Pooja

You sent

I don't have a screenshot or a an email showing the chat content. Doesn't Norton have a record of the chat? Chat took place about 16:15 last Thursday (4th May)

Norton

Paul, as I have checked the agent has suggested you for the subscription merger and there is no callback schedule on your case. - Pooja

You sent

I give in!

 

Just be careful when using Live Chat especially if you then receive a call from them which you didn't ask for. Also, take screenshots or copies of any chat, although with this standard of help I've received, not sure it would make much difference.

 

Hi Gregory,

Your experience with Norton is certainly very similar to mine. It looks like an organised group have found ways to hijack what maybe starts as a genuine secure contact with Norton, but then turns it to their own illegal activities. Norton need to thoroughly investigate this major concern and I'm very pleased that Tomas from Norton dealing with this. He is also investigating my problem.

Cheers,

Paul

Hello @Gregory B.,

Your incident description falls under the standard overpayment scam and I hope your bank will recover your funds as they usually do if you have transferred money to someone because of a scam and it's reported early enough. I'd also like to investigate your suspicion on how this all started and I will contact you via the private message here on the forum as I need an additional personal information to proceed.

I think Norton may have a big problem in this regard.  I had an experience not unlike that of Paul A C last week while setting up a new laptop.  I was having difficulty trying to download the software to the new device under my subscription when I posted a search question on the official support page.  A woman jumped in by live chat, asked for my contact number, and told me a tech named "Harry" would call me shortly, which he did.  "Harry" then requested remote access (which I stupidly granted).  He said that my version of Windows 10 was not compatible with Norton and that I was owed a refund.  I went along since he already knew the last four digits of the charge card I had used for my subscription (making me think he must have had some access to my Norton account).  To make a long story short for purposes of this thread, he and another individual named "James" (who was purportedly from "billing") managed to access my bank account online, pretend that they had accidently transferred a refund in the tens of thousands to me (boy, I wish I had taken a screenshot of what they allowed me to see), and then transfer a sizable sum out of my account as a purported recover of the over-refund before I wised up and cut them off.

Fortunately, it appears that my bank will be able to recover the amount since I informed them quickly (it was wired to a reputable domestic bank and they're working together on it).  Also, since the laptop is brand new, it was no big deal to rescreen it back to factory to remove the junk the scammers had loaded on it.  Either way, the bottom line is that imposters (or perhaps even rogue Norton employees) may be using the live chat feature for fraudulent purposes.   

Very kind of you - thank you.

I'll post on here any assistance or comment they may make.

My documented experience with Norton should be of great concern to them given the way it's their "secure" website to which I was connected which caused my concerns.

Cheers.

I have made Norton aware of your issue so. Please, allow the Norton team to respond to this thread, that is the best means to get the appropriate action. They will converse with you privately in doing so vice in open forums.

SA

Thank you for your comment.

I'm usually very careful when receiving unsolicited calls, but I received this call after logging into Norton's "Live Chat"  where it asked me for a contact number. My guard was down. Hence my warning that Norton have been compromised.

I'm not familiar with how to convey this to a Norton team member, and if the value of doing so produces anything like the service the Facebook team provided (copied in my original post) it's hardly worth doing. But I've expended so much time on this so far, if you could let me know how to "bump it up", I'd be grateful for advice.

Cheers,

Paul

Related: https://answers.microsoft.com/en-us/windows/forum/all/supremo-scam/a038089e-fffd-4f05-a0f7-bf0c2d0e5797

This was indeed a scam targeting you via most likely a web browser entry. More info is needed to determine what actually happened. Please do not post any personal info here. Lets bump this to the Norton team for them to research and take the appropriate actions. A Norton Admin may want to confer with you via private message here on the forums, please watch your messages inbox for that. Norton will NEVER call you nor enlist a session UNLESS, you are specifically asking for that in regards to a previous session where you are expecting it.

SA