{"id":43996,"date":"2026-02-27T10:13:07","date_gmt":"2026-02-27T02:13:07","guid":{"rendered":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/2026\/02\/27\/fake-avast-website-targets-users-with-e499-phishing-refund-scam\/"},"modified":"2026-02-27T10:13:07","modified_gmt":"2026-02-27T02:13:07","slug":"fake-avast-website-targets-users-with-e499-phishing-refund-scam","status":"publish","type":"post","link":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/2026\/02\/27\/fake-avast-website-targets-users-with-e499-phishing-refund-scam\/","title":{"rendered":"Fake Avast Website Targets Users With \u20ac499 Phishing Refund Scam"},"content":{"rendered":"\n

A convincing new phishing scam has been recently observed, targeting French-speaking users by impersonating the well-known antivirus firm, Avast<\/a>. This isn’t your typical messy scam; the attackers have built a near-perfect replica of the official Avast portal to trick people into handing over their full credit card details.<\/p>\n

The \u2018Today Only\u2019 Panic Tactic<\/strong><\/h3>\n

Scammers love to create a sense of urgency, and this scam is no different. When a victim lands on this fake site, they are met with a professional-looking orange notification claiming they have been charged \u20ac499.99 for a subscription. The date on this “receipt” isn’t fixed; the site uses a simple bit of code to pull the time from your own computer. This means that no matter when you visit, the charge looks like it happened \u2018today.\u2019<\/p>\n

To put further pressure, the site claims you only have 72 hours to cancel. Interestingly, it also mentions that transactions older than 48 hours cannot be reversed. This contradiction is a classic psychological trick designed to make you panic and rush through the form without thinking.<\/p>\n

High-Tech Deception<\/strong><\/h3>\n

Further probing<\/a> by the research firm Malwarebytes revealed just how deep the deception goes. The site doesn’t just look the part but acts like a real banking portal too. When users are prompted to enter their card number, expiry date, and CVV for a refund, the site uses the Luhn algorithm. For your information, this is a standard mathematical formula banks use to verify if a credit card number is valid. By using this, the scammers ensure they aren’t wasting time with fake or mistyped numbers.<\/p>\n

Perhaps the boldest part of the scam is the inclusion of a live chat widget<\/a>. Using a legitimate service called Tawk.to<\/code> (specifically ID: 689773de2f0f7c192611b3bf<\/code>), the fraudsters can actually watch you on the page in real-time. If you hesitate, a support agent might even message you to offer a friendly nudge to complete the form.<\/p>\n

\n
\"Fake<\/a>
Fake Avast site asking for the victim\u2019s financial information (Source: Malwarebytes)<\/figcaption><\/figure>\n<\/p><\/div>\n

How to Protect Yourself<\/strong><\/h3>\n

This scam targets everyone, from loyal Avast customers and people who don’t even own the software to those looking for a quick “bonus” refund. The site never asks for a login or a license key because it doesn’t care about your account; it only wants your bank details.<\/p>\n

If you ever see a surprise charge like this, never click the links provided and just type the company\u2019s web address directly into your browser. If you have already entered your details on a site like this, you should contact your bank immediately to cancel your card and dispute the transaction.<\/p>\n

\n
\n
\n
\n
\t\t\t\t\t\t \t\t\t\t\t\t\tDeeba Ahmed\t\t\t\t\t\t<\/a> \t\t\t\t\t<\/h5>\n
\t\t\t\t\t\t\t \t\t\t\t\t\t\t\t\"Fake\t\t\t\t\t\t\t<\/a> \t\t\t\t\t\t<\/div>\n
\n
\t\t\t\t\t\t\t\tDeeba is a veteran cybersecurity reporter at Hackread.com with over a decade of experience covering cybercrime, vulnerabilities, and security events. Her expertise and in-depth analysis make her a key contributor to the platform\u2019s trusted coverage.\t\t\t\t\t\t\t<\/div>\n
\n
\t\t \t\t\tView Posts\t\t<\/a> \t<\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"

A convincing new phishing scam has been recently observ […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-43996","post","type-post","status-publish","format-standard","hentry","category-hackread"],"_links":{"self":[{"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/posts\/43996","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/comments?post=43996"}],"version-history":[{"count":0,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/posts\/43996\/revisions"}],"wp:attachment":[{"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/media?parent=43996"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/categories?post=43996"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/tags?post=43996"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}