It’s the time of the season for… subscription scams!

Photo (c) West End 61 – Getty Images

In the lead-up to New Year’s, subscription scams are landing in people’s email boxes at a frightening rate. With the goal of making off with someone’s identity, cybercriminals are betting they can scam their share of the more than 40% of consumers who click on a link in a phishing email. 

Subscription scams are a favorite of malicious actors because they know how to write an email so that it escapes an email server’s spam filters. You’ve probably received some of these “auto-renewal” emails yourself from companies masquerading as Norton, McAfee, Best Buy/Geek Squad, or Microsoft.

And, having received some ourselves, ConsumerAffairs can attest to how authentic they look. But not everyone may be as suspicious as we are and not be able to detect a real one from a fake one. Since much of the phishing action is tied to Norton-related emails, here are some telltale signs you can look for and things you can do to keep from getting fleeced.

Look for these mentions: “Annual Product Membership,” “Norton Total All Round Security,” “URGENT: Your Norton Subscription Expired,” and “Your Order Has Been Received.” When fact-checking website Snopes dug into the situation to find out if the Norton emails it received were fake or real, those subject lines or text in the emails were all found to be from fakers. 

In its warning, Norton (the real one) emphasizes that use of the word “urgent” is a sign that the email is a scam. If the email sounds threatening in any way, that, too, is a red flag.

Look for “official” Norton email addresses:According to Norton, the only email addresses that should be trusted as being officials are:

Before you do anything, confirm the email is legitimate. Never, ever click on any link in an email until you’ve confirmed that it’s legitimate, the Identity Theft Resource Center (ITRC) suggests. And if in fact, the email is a spoof report it as spam, block the sender and delete the email.

Norton suggests the best way to authenticate whether an email is the…