Don’t Get Hooked! How I Dodged a McAfee Phishing Email Scam (7 Warning Signs)

We all know that cybersecurity is crucial, but sometimes even the most cautious among us can get a phishing email. That’s exactly what happened to me a few days ago when I received a supposed McAfee invoice.

Spoiler alert: It was a phishing scam.

This was clearly a phishing scam, and I wanted to share the seven glaring red flags that tipped me off so you can stay safe too.

Red Flag 1: It Landed in My Spam Folder

Let’s be real, most of us rarely check our spam folders. While sometimes legitimate emails end up there, it’s often a sign that something’s fishy. If you haven’t signed up for a service and their email lands in spam, that’s your first warning.

By the way, legitimate companies usually have measures in place to prevent their emails from being marked as spam.

Phishing email, McAfee Phishing Scam

Red Flag 2: The Sender’s Email Was Dodgy

Take a look at this: “***** Perry <thankfulk**uy@gmail.com>”. Does that look like an official McAfee email address to you? Nope, didn’t think so.

Note: I intentionally removed some parts of the email address.

Red Flag 3: A French Greeting… But I Don’t Speak French!

This one was just bizarre. The email started with “Bonjour [My Name].”

Now, while they got my name right, I don’t speak French! A legitimate company would know their customer’s language preferences.

It’s a clear sign someone didn’t do their homework.

Have you encountered phishing emails? Share your experiences and tips in the comments below. For more cybersecurity advice and updates, subscribe to our blog!

Red Flag 4: The Message Was Clearly Suspicious

The subject line screamed “Invoice” and “Payment Confirmation.” Except, I hadn’t ordered anything from McAfee.

The email even mentioned a shipment on the way – which I definitely didn’t order!

Are you passionate about cybersecurity and have valuable insights to share? We invite you to explore our cybersecurity writing opportunities and help us make the digital world a safer place.

Red Flag 5: A Tempting (But Dangerous) Attachment

email attachment file

The email included an attachment, supposedly a receipt. A quick glance showed the word “PayPal” – a classic phishing trick to lure you into clicking. I didn’t click on it (and you shouldn’t either!).

Phishing attachments are often riddled with malware, ransomware, or other nasty surprises. Remember, never click on attachments from suspicious emails!

Red Flag 6: Sketchy Contact Details

The email provided a phone number to “assist” me. But why would I call a random number when I could easily contact McAfee through their official channels?

This is a common tactic to get you on the phone and try to trick you.

Red Flag 7: No McAfee Branding

Where’s the McAfee logo? Their official contact information? Legitimate emails from companies almost always have some kind of branding. This one had none.

Cybersecurity tips poster

The Bottom Line:

Always be skeptical of unsolicited emails, even if they seem to come from companies you know. Look for these red flags, trust your gut, and don’t hesitate to report phishing scams to protect yourself and others.


What to Do If You Receive a Phishing Email

If you suspect an email is a phishing scam, DON’T click on any links or attachments. Here’s what you should do instead:

1. Report it to your organization’s IT or cybersecurity team

If you receive suspicious emails, then report to the respective team. In my case, I can report to McAfee. To report phishing scams imitating McAfee, forward suspicious emails to: scam@mcafee.com.

Find McAfee legitimate addresses in this article.

Have you encountered phishing emails? Share your experiences and tips in the comments below. For more cybersecurity advice and updates, subscribe to our blog!

2. Use the “Report Phishing” option in your email client (like Gmail or Outlook)

In Gmail (on Desktop):

Click the three dots (More) on the right of address section. Click Report Phishing.

Gmail Report Phishing

A pop message appears:

“Phishing is a form of fraud in which a message sender attempts to trick the recipient into divulging important personal information like a password or bank account number, transferring money, or installing malicious software.

“Usually the sender pretends to be a representative of a legitimate organization.”

If you believe this message is a phishing attack, you can report it to our abuse team and help us thwart this attack and others like it. Reporting this message as an attack will send the entire message to our team for review.

Gmail Report Phishing

If you’re sure proceed and confirm reporting of the phishing email.

You’ll be greeted with this pop up info: Message Reported as a Phishing Attack.

Done!

Remember, you can also block emails from the sender.

3. Forward the email to anti-phishing agencies

If you receive a phishing email, then you may consider forwarding to anti-phishing agencies such as the Anti-Phishing Working Group (APWG) at reportphishing@apwg.org.

Have you encountered phishing emails? Share your experiences and tips in the comments below. For more cybersecurity advice and updates, subscribe to our blog!

4. Report it to government agencies

  • US: The Federal Trade Commission (FTC) at spam@uce.gov
  • UK: National Cyber Security Centre (NCSC) at report@phishing.gov.uk
  • Australia: Australian Cyber Security Centre (ACSC) via their website

5. Report to your bank or financial institution

If the email appears to be from a bank or financial institution, report it directly to them.

Phishing Email in Summary

Phishing emails are designed to trick you into giving away sensitive information. By recognizing the red flags and knowing how to respond, you can protect yourself from these malicious attempts.

Stay vigilant, and always verify before you trust any unsolicited communication.

Bonface Juma
Bonface Juma

Writer and Instructor

Articles: 110

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.