Listen to the episode
TLDR
Fake subscription renewal notices impersonating Malwarebytes are circulating widely. Because targets are often existing customers, the messages feel more trustworthy — but they are phishing scams designed to steal payment details or push...
How it works
Fake subscription renewal notices impersonating Malwarebytes are circulating widely. Because targets are often existing customers, the messages feel more trustworthy — but they are phishing scams designed to steal payment details or push...
Red flags
- : Sender email address does not match the official Malwarebytes domain (lookalike or compromised account). An unsolicited invoice charges several hundred dollars and urges you to call a phone number or click a link to dispute it. The caller demands personal data, PINs, passwords, or verification codes — legitimate companies never ask for these by phone. What to do: Do not click links or call numbers in unexpected renewal emails
- verify directly via the official Malwarebytes website. Never share payment details, passwords, or 2FA codes during an unsolicited call, and never grant remote access to your device. Report and delete the message, then monitor your bank and card accounts for unauthorized charges
What to do
- 1The caller demands personal data, PINs, passwords, or verification codes — legitimate companies never ask for these by phone.
- 2What to do: Do not click links or call numbers in unexpected renewal emails; verify directly via the official Malwarebytes website.
- 3Never share payment details, passwords, or 2FA codes during an unsolicited call, and never grant remote access to your device.
Source
malwarebytes
Source reviewed by Mythos Forensic Team
https://www.malwarebytes.com/blog/scams/2026/06/watch-out-for-renewal-scams-pretending-to-be-malwarebytesFAQ
Is Watch out for fake Malwarebytes subscription renewal scam emails a real scam pattern?
Yes. Treat the message, call, or payment request as suspicious until you verify it through an official channel.
What are the first warning signs?
: Sender email address does not match the official Malwarebytes domain (lookalike or compromised account). An unsolicited invoice charges several hundred dollars and urges you to call a phone number or click a link to dispute it. The caller demands personal data, PINs, passwords, or verification codes — legitimate companies never ask for these by phone. What to do: Do not click links or call numbers in unexpected renewal emails; verify directly via the official Malwarebytes website. Never share payment details, passwords, or 2FA codes during an unsolicited call, and never grant remote access to your device. Report and delete the message, then monitor your bank and card accounts for unauthorized charges
What should I do first?
The caller demands personal data, PINs, passwords, or verification codes — legitimate companies never ask for these by phone.; What to do: Do not click links or call numbers in unexpected renewal emails; verify directly via the official Malwarebytes website.; Never share payment details, passwords, or 2FA codes during an unsolicited call, and never grant remote access to your device.
Can LegalAudit check my case?
Yes. Start a free chat and paste the message, link, sender, or payment details for triage.