Archive for Norton

Norton Password Manager Accounts Have Been Pwned…. Change ALL Your Passwords ASAP

Posted in Commentary with tags , on January 15, 2023 by itnerd

Bleeping Computer is reporting that Norton LifeLock’s Password Manager accounts has been pwned:

According to a letter sample shared with the Office of the Vermont Attorney General, the attacks did not result from a breach on the company but from account compromise on other platforms.

“Our own systems were not compromised. However, we strongly believe that an unauthorized third party knows and has utilized your username and password for your account,” NortonLifeLock said.

This username and password combination may potentially also be known to others.”

More specifically, the notice explains that around December 1, 2022, an attacker used username and password pairs they bought from the dark web to attempt to log in to Norton customer accounts.

The firm detected “an unusually large volume” of failed login attempts on December 12, 2022, indicating credential stuffing attacks where threat actors try out credentials in bulk.

By December 22, 2022, the company had completed its internal investigation, which revealed that the credential stuffing attacks had successfully compromised an undisclosed number of customer accounts.

Norton has since reset passwords on impacted accounts, introduced additional measures to fend off attacks, and advises customers to enable two-factor authentication on their accounts. It also offers the use of a credit monitoring service. But if you want my opinion, given this and the LastPass gong show, using an online password manager now seems to be a really bad idea. And if you’re a user of one of these services, you might want to reconsider that decision.

Three New And Dangerous Versions Of A Norton Billing #Scam Are Making The Rounds…. Let Me Tell You About Them [UPDATED]

Posted in Commentary with tags , on June 29, 2022 by itnerd

In the last few days I have become aware of three versions of a scam involving Norton products that you need to be aware of. All of them have the same theme. You’ve renewed your subscription for some Norton product and if you need further information or you want to dispute it, it provides a number to call. It will look something like this:

Now I took out the email header to preserve my client’s privacy, but there are three things that you should be aware if. The most important thing to be aware of is if you do not have an active subscription to a Norton product, do not call the number in the email. Beyond that, if you look at who sent it, you’ll likely see that it was sent from an email account other than That’s a big hint that this is a scam. The third thing that you should note is if you look at the quality of the English used in the email, it’s poor. And on top of that it creates a sense of urgency to get you to call the number. Which you should not do. In short, this is likely a phishing attempt to get your credit card details at the very least. Or further to that, create the conditions to access your computer to do who knows what to it.

The second version of this scam is something that I came across over the weekend when a older couple phoned me in a panic after getting an email with a PDF attached that looked like this:

Now I suspect that the scammers behind this one have moved to using a PDF because it is less likely to be picked up by an ISP’s spam filter. But other than that, it’s the same scam. And in the case of this older couple, it almost cost them $13,000 Canadian and caused them all sorts of grief when the scammer got hostile with them. I am working on a write up about this and that will be out in the coming days. But I will say that this illustrates how dangerous these sorts of scams can be.

The final version of this scam is extremely dangerous. Let’s start with the email that you will get:

You’ll note that like the second scam, you’ll get an email with an attachment. In this case an ISO file which is a disk image file that is commonly used to burn CD, DVDs or act as a container for software. It’s the latter that the scammer is using this for because if you open the ISO file (which by the way I absolutely do not recommend that you do), you will see this:

The first file that ends in .DLL is something that should set off alarm bells. Further investigation on my part shows that this is designed to deliver a virus payload to a Windows computer. And what sort of payload is it? Well, I will get to that in a moment. But let me get to the part about what happens when you use VirusTotal which is a website that analyze suspicious files, domains, IPs and URLs to detect malware and other breaches and automatically share them with the security community:

In this case, the payload was only detected by 6 of 66 virus scanners. Which is bad as that implies that this virus payload is ether new or new and improved. I am guessing the latter, but in either case, this underlines why you should never, ever click on anything in a suspicious email.

But what is the payload? This based on this write up suggests that this is a trojan that in short is designed to steal user account data relating to online banking systems, e-payment systems and plastic card systems. The data is then transmitted to the malicious user controlling the Trojan. But because I could not identify the exact trojan in use here, it may do other things that are even more dangerous.

The other thing that I will note is that there’s a phone number in the email. That suggest to me that the the person behind this will also act in the same manner as the first two Norton scams. Something that I briefly looked into by phoning the number and getting a supposed employee of Norton with an Indian accent.

That covers these Norton billing scams that you should be aware of. In the coming days, I will be doing a write up about the second scam in detail so that you can see what the scumbags behind these scams will do to you if you fall for these scams. And I will also be doing a more detailed investigation of the third scam to see if I can get any additional details that I will share with you in hopes of keeping you safe. So stay tuned for all of that. But in the meantime, be careful out there folks.

UPDATE: Well, investigating the third scam didn’t last long.

I phoned the number that was listed in the third scam (which for the record you should never ever do) using a phone that doesn’t allow the caller ID to be shown at their end and the phone was answered by someone with an Indian accent claiming to be working for the “Norton LifeLock Cancellation Department”. I then pretended to be someone who had gotten the email and asked the guy why I have got charged. He then proceeded to try and supposedly help me to cancel the subscription to Norton LifeLock which of course I didn’t have a subscription to said product. I guess it was at that point he noticed that I was calling from a blocked number and hung up the phone. I tried two more times and got two more people with Indian accents and got the same results. I am guessing that their playbook involves grabbing the phone number so that they can call back if they have to, or to use it to perpetrate future scams, or both. I am also guessing that if they see that the number is blocked, they see it as a threat and they hang up the phone.

So my take away is that they don’t get you with the virus, they’re going to get you if you call the number. Thus don’t fall into either of those traps by not opening any attachment that you get in any email that might be suspicious, or phoning any number that is associated with an email like this.

Norton 360 Installs A Crypto Miner When You Install The Product…. WTF??

Posted in Commentary with tags on January 9, 2022 by itnerd

Norton 360, one of the most popular antivirus products on the market today, has been caught installing a cryptocurrency mining program on its customers’ computers reports security researcher Brian Krebs:

Norton’s parent firm says the cloud-based service that activates the program and allows customers to profit from the scheme — in which the company keeps 15 percent of any currencies mined — is “opt-in,” meaning users have to agree to enable it. But many Norton users complain the mining program is difficult to remove, and reactions from longtime customers have ranged from unease and disbelief to, “Dude, where’s my crypto?”

So the product installs a crypto miner and takes a commission? That’s beyond low. An antivirus program should be trying to find and kill crypto miners. Not install them. And the fact that it is opt-in is irrelevant. Norton should be ashamed. The best way to deal with this is for everyone not to ever by another Norton product as that will send a strong message that this is unacceptable.

NortonLifeLock To Merge With Avast

Posted in Commentary with tags , on August 12, 2021 by itnerd

Antivirus vendor NortonLifeLock has said it will merge with Britain’s Avast PLC in a transaction combining cash and stock in two different options, totaling between $8.1 billion and $8.6 billion in stock:

That value is roughly equivalent to the value in U.S. dollars of Avast’s enterprise value, which takes into account its cash and debt, of 6.5 billion pounds, based on the closing price of Avast stock Tuesday of 5.68 pounds on the London Stock Exchange. The two companies said in the joint press release that their respective boards of directors see an opportunity to “create a new, industry-leading consumer Cyber Safety business, leveraging the established brands, technology and innovation of both groups to deliver substantial benefits to consumers, shareholders, and other stakeholders.” 

The two companies said the deal will bring together product lines that are broadly complementary, while giving the combined company a user base of over half a billion customers. The deal will broaden the geographic market coverage of the combined company. In addition, the two expect to realize “$280 million of annual gross cost synergies.” Under terms of the deal, “Avast shareholders will be entitled to receive a combination of cash consideration and newly issued shares in NortonLifeLock with alternative consideration elections available.”

I’m interested to see how this merger goes and if things are better or worse with these products. Because at the end of the day, the only thing that matters if these products perform and do their jobs well. If not, these products will be footnotes in history.

Norton By Symantec Research Finds Most Canadians Feel Invincible on Public Wi-Fi

Posted in Commentary with tags on July 10, 2017 by itnerd

For a second year, Norton by Symantec surveyed consumers around the world about their public Wi-Fi behaviors and perceptions – finding consumers continue to willingly put their personal information at risk despite security gaps in public Wi-Fi networks.

Yet, what’s astonishing is the false sense of security consumers feel while using public Wi-Fi – the 2017 Norton Wi-Fi Risk Report found 64 per cent of Canadians feel safe when using public Wi-Fi, yet only 16 per cent of people use a VPN to secure their Wi-Fi connection. And while online, Canadians admit to some questionable behaviors:

  • 12 per cent of Canadians admit to viewing adult content on public Wi-Fi.
    • Of those who admit to using public Wi-Fi to watch adult content, the top five locations where they’ve done so were:
      • Hotel/Airbnb (48 per cent)
      • At a friend’s place (31 per cent)
      • Café/Restaurant (28 per cent)
      • Work (23 per cent)
      • Airport (17 per cent)
    • Eighty-eight per cent of Canadians have taken actions on public Wi-Fi that potentially put their information at risk:
      • Sixty-six per cent of Canadians have logged into a personal email account over public Wi-Fi.
      • Thirty-one per cent of Canadians have checked banking or financial information over public Wi-Fi.

Here’s are some things that you can do to protect yourself:

  • Take Protective Measures: One of the best ways to protect your information online is to use a Virtual Private Network (VPN) from a trusted vendor. VPNs provide a “secure tunnel” that encrypts data being sent and received between your device and the internet.
  • Do HTTPS: Many companies use secure websites — HTTPS (Hypertext Transfer Protocol Secure) — to provide online security. You can tell if a website is secure if it has “https” in its URL and has a small lock symbol next to it. However, even though the website itself might be safe, your personal information could still be vulnerable if your network connection isn’t secure.
  • Sharing Less Is Best: Think twice before entering any type of personal information – from passwords, to financial details and photos – over public networks. Even if you’re not actively sharing the information, your device may be doing so for you. Many devices are programmed to automatically seek connections to other devices on the same network, which could cause your files to be vulnerable. Be sure to disable sharing on your devices to ensure what’s yours stays yours.

For Canadian specific insights, you can read the Norton WiFi Risk Report on Canada [Warning: PDF].

Online crime costs Canadian consumers $20.3 Billion: Norton

Posted in Commentary with tags on November 17, 2016 by itnerd

Canadian consumers have grown complacent about cybercrime and even past victims of cybercrime continue to practice risky online behavior online like sharing passwords and falling for phishing attacks.

This is particularly notable given the recent DDoS attack powered by connected devices that shut down many popular websites. As we saw from coverage of the attack, a good amount of consumers never changed the default user names and passwords for their connected devices, making it easy for bad guys to orchestrate this type of attack again. 

Norton by Symantec has released the Norton Cyber Security Insights Report, a global study that sheds light on consumer attitudes regarding cybercrime, including identity theft and phishing attacks. A few interesting Canadian findings:

  • Phishing scams are still commonly used by cybercriminals – 92 per cent of Canadians said they may have experienced a phishing incident.
  • One in 4 Canadians cannot detect a phishing attack with confidence, while another 15% have to guess between a real message and a phishing email, meaning 4 in 10 are vulnerable.
  • Consumers believe they are more at risk when entering financial information over public Wi-Fi than reading their credit card details aloud.
  • 26% of Canadians personally experienced cybercrime within the past year, compared to 31% of people globally. The most commonly experienced cybercrime in the Canada is credit card fraud.

Given the rampant rates of cybercrime the complacency in consumer behavior is concerning. Within the past year, 689 million people in 21 countries were victims of cybercrime, an increase of 10 per cent across the 17 countries that were measured in 2015.

Overconfidence in Connected Devices Leaves Consumers Vulnerable

With every connected home device purchase, consumers are unknowingly giving hackers a new avenue to launch attacks. In some instances, poor consumer security habits and vulnerabilities in connected devices are letting hackers into consumers’ homes.

  • One in five connected home device users don’t have any protective measures in place for their devices.
  • Over one third of Canadians (36 per cent) surveyed don’t believe there are enough connected device users for them to be a worthwhile target for hackers. Yet, just as hackers learned to benefit from targeting social media and financial accounts, they are on their way to learning how access to connected home devices can be lucrative.
  • Nearly six in 10 (57 per cent) consumers said they believe connected home devices were designed with online security in mind. However, according to Symantec research, in 2015, criminals compromised TVs, toys, refrigerators, doorbells and even medical devices. Symantec researchers also identified security vulnerabilities in 50 different connected home devices ranging from smart thermostats to smart energy management devices, and even security cameras.

Consumers Admit the Risks Are Real

The prevalence of cybercrime has merged with peoples’ perception of real-world risks. Many now see cybercrime dangers as equivalent to risks in the real world.

  • More than half of Canadians (54 per cent) said that over the past five years, it’s become harder to stay safe online than in the real world.
  • Six in ten (60 per cent) said they believe entering financial information online when connected to public Wi-Fi is riskier than reading their credit or debit card number aloud in a public place.
  • More than half of parents (54 per cent) believe their children are more likely to be bullied online than on a playground.

Bad Habits Are Hard to Break – Online or Otherwise

Experiencing cybercrime is a potential consequence of living in a connected world, but consumers still remain complacent when it comes to protecting their personal information online.

  • Millennials exhibit surprisingly slack online security habits, and are happy to share passwords that compromise their online safety (45 per cent). This is likely why they remain the most common victims of cybercrime, representing 32 per cent of Canadians who experienced cybercrime in the past year
  • More than half (54 per cent) of Canadians never connect to a Wi-Fi network using VPN, which can potentially allow a hacker to steal data as it travels on the network.
  • Consumers are still willing to click on links from senders they don’t know or open malicious attachments. Nearly one in four people cannot detect a phishing attack, and another 15 have to guess between a real message and a phishing email.
  • Thinking about cyber security doesn’t mean you’re secure. Canadians who experienced cybercrime within the past year were more likely to be concerned about the security of their home Wi-Fi (51% vs. 40% non-victims), but are just as likely as non-victims to not password protect their home Wi-Fi network (11% for both victims and non-victims).

To learn more about the real impact of cybercrime and how you can protect your digital information, please go here for more information.

Norton Releases New Documentary On How Privacy Laws Protect Cybercriminals

Posted in Commentary with tags on March 12, 2016 by itnerd

Norton is releasing a new documentary today called “Where Cybercrime Goes to Hide,” exposing hacker hideouts. It explores the implications of legitimate data havens and the cybercriminals seeking refuge within them.

Every day, nameless and faceless cybercriminals are carrying out large-scale attacks, and getting away with it by covering their tracks. Privacy measures such as cyberbunkers and bulletproof hosters help cybercriminals stay anonymous, but we know the impact on the consumer is significant.

Quick Facts about “Where Cybercrime Goes to Hide”:

  • The new documentary was directed by Academy Award-winner Daniel Junge and is approximately 24 minutes long.
  • In June 2015, Norton released the first episode called “In Search of The Most Dangerous Town On the Internet” – you can find it here.
  • The film was shot in 6 countries and 7 data centers.
  • Interviewees include large-scale hackers, cyber-crime authorities, bulletproof hosters and more.
  • Bulletproof hosting can be secure bunkers which provide connectivity and physically store your data to hosters that continue to ignore abuse complaints and claims of illegal activity. Whether you’re a legitimate business or a criminal, you pick the hoster that best suits your needs.
  • Criminals need bulletproof hosting because they need to be able to keep their website operational.

This is an eye opening documentary that you should look at. I’ve posted it below:


Mobile Security Risks Not Slowing Down IoT Device Usage: Norton

Posted in Commentary with tags on February 29, 2016 by itnerd

With the boom of the Internet of Things, mobile devices have become vaults for all personal information – but how would people feel if their Internet of Things “control centre” was compromised?

Norton by Symantec just released new research that explores perceptions of mobile security with a focus on the mobile device as the epicenter of the Internet of Things.

Here are some key findings:

  • 60 per cent of Canadian consumers use at least one mobile app to manage connected devices.
  • Canadians are mostly using mobile apps to control their personal finances, but are also most weary of getting these apps hacked – 59 per cent of Canadians would be more upset if their financial information was compromised, as opposed to only 10 per cent if their pictures and videos were hacked.
  • Canadians feel insecure about app-controlled home entry, which is aligned with global findings. In fact, Canadians are 12 per cent more comfortable using personal finance apps than home entry apps.

You can find further details about the study here which includes how to protect yourself.

Norton Study Shows That Consumers Now More Worried About Their Virtual Versus Physical Security

Posted in Commentary with tags on November 23, 2015 by itnerd

Norton has released its findings from the Norton Cyber Security Insights Report, which sheds light on the ugly truths of online crime and the personal impact it has on consumers.

The report found that globally, consumers’ fear of online crime outpaces their physical-world fears with 62 per cent of consumers more worried about their credit card information being stolen online than 38 per cent concerned about the loss of credit card information from their wallets. Additionally, 47 per cent reported they have been a victim of cybercrime. In Canada:

  • More than 7 million people have been victims of online crime in Canada in the past year
  • Seven in 10 believe identity theft is more likely than ever before
  • More than half of parents believe online bullying is more likely for their children than physical bullying at school

There’s more. You’d think that Baby Boomers wouldn’t be as savvy when it comes to being safe online. But you’d be wrong. The report highlights safer online habits for Baby Boomers versus Millennials who show they throw caution to the wind with 35 per cent of Canadian respondents admitting to sharing passwords and other risky online behaviour.

Across the 17 countries surveyed, consumers lost an average of 21 hours over the past year dealing with the fallout of online crime and nearly $358 per person – totaling roughly $150B. On top of this loss, cybercrime takes a true emotional toll with 40 per cent of consumer cybercrime victims in Canada reporting feeling furious after becoming a victim. Further, in Canada:

  • 85 per cent of respondents said they’d feel devastated if their personal financial information was compromised
  • Seven in 10 consumers would rather cancel dinner plans with a best friend than have to cancel their debit or credit card due to cybercrime
  • 60 per cent would rather go on a bad date than have to deal with customer service after a security breach

Despite concern and awareness of cybercrime, consumers are overconfident in their online security behaviours. When asked to grade their security practices, they consistently award themselves a solid “A.” But in reality, most are not passing the most basic requirement of online security: password use.

  • More than one in four Canadians do not have a password on any device
    • Of those using passwords, one quarter (24 per cent) have shared them
  • Canadians are sharing passwords to sensitive accounts. Of those sharing passwords, more than one quarter shared the password to their banking account, and more than half (52 per cent) shared their email password.
  • Ironically, seven in 10 believe it is riskier to share their email password with a friend than lend them their car, yet half of those sharing passwords do just that.

To learn more about the real impact of cybercrime and how consumers can protect their digital information, go here for more information.

If You Think That Cybercrime Shouldn’t Be A Top Of Mind Concern For You…. Watch This Documentary

Posted in Commentary with tags , on November 13, 2015 by itnerd

Cybercrime is a threat to everyone, thus you need to take it seriously. If you don’t think so, this documentary will change your mind in a hurry. Titled “In Search of The Most Dangerous Town On the Internet” which is directed by Sean Dunne on behalf of Norton, you will take a visit to the Romanian town nicknamed “Hackerville” or “Most Dangerous Town on the Internet.” You’ll get to meet people like Guccifer who hacked Hilary Clinton’s e-mail, along with a variety of others who will show you that unless you take your online security seriously, chances are, you will get pwned by one of these people or their friends. The documentary is 20 minutes long, and I guarantee you that it will be the most eye opening 20 minutes that you’ll have all day.

If you want more info, pay a visit to as you’ll get additional background information as well as tips to keep you safe.