I recently had a customer which fell for a 'pay for placement' deceptive scheme.

My customer received a phishing email indicating that her McAfee subscription had been renewed and her credit card had been charged for the renewal.

She knew that her McFee subscription was up for annual renewal, so she searched the Internet for a number to call McAfee to verify her renewal date and credit card on record.

Unfortunately, her search turned up a phone number of a McAfee reseller. A reseller is generally a company that is authorized to sell software from a brand-name company. A reseller can buy large quantities of software licenses at a discount then re-sell them below, at, or above, the manufacturer's published price.

When she called, she asked about her current McAfee subscription and the representative confirmed that he could help her with that. This is when the upsell began as my customer relayed the information about the phishing email. Along with verifying and extending her McAfee subscription, he suggested that she subscribe to a support plan. Once she subscribed, the representative would connect to her computer to ensure that her computer hadn't been infected with a virus which led to the phishing email.

My customer agreed to and paid for the extension of her current McAfee subscription and the multi-year support plan. The representative then connected to her computer and scanned for viruses and unwanted programs. He also asked which browser my customer uses and convinced her that Firefox, Chrome, and Edge browsers are susceptible to viruses and hacking and that he would install the 'qikfox' browser. qikfox is billed as "The browser that keeps you safe". The representative said that she should use this browser from that point on.

When my customer had time to reflect what she had been through, she decided to give me a call to see if she had been 'scammed' and whether her computer was safe to use.

I ran multiple scans for viruses and look for unwanted browser extensions in Firefox, Chrome, and Edge, and also looked for unwanted programs. I found none, except for 'qikfox' and a 'Qikbay live expert', which is a branded version of 'LogMeIn' remote support software. I uninstalled the qikfox browser and the remote support software.

The end result is that my customer had a legitimate copy of McAfee that had been extended for two years and a remote support contract from qikbay.com for the same period.

So this is a quick overview of what I found. Her invoice for the above services came from a company called 'Jinigram LLC' with support technicians listed as 'Qikbay Support' - support@qikbay.com. Qikbay.com is a subsidiary of Jinigram LLC. Qikbay is a reseller of brand-name software and computers. I didn't dig any deeper to find if there is any relationship between Jinigram LLC (Qikbay.com) and the people behind qikfox browser.

I found quite a few posts on the web referencing the two phone numbers listed on my customer's invoice from Jinigram LLC and how other people have been duped into their 'scheme' of McAfee support and upselling a technical support subscription.

This is my opinion of the 'scheme' (which may be deceptive, but not a total scam):

Jinigram pays money (to Google, Microsoft) to have their phone number(s) placed 'at the top' (pay for placement advertising) when someone searches the Internet using certain key words when looking for McAfee subscription renewal/support (or derivations of that search).  People call the number listed, expecting McAfee support, but instead get directed to qikbay support (remember, qikbay is a reseller of McAfee software).  The phone representative says that they can help you with your McAfee subscription renewal and then proceed to upsell a long McAfee subscription (probably at a higher price than McAfee sells it) with technical support included.  They install qikfox browser sort of as a ruse to convince customers that they are helping you (and that their support is valuable and worthwhile) by telling you that Chrome and Firefox and Edge are unsafe browsers.

In my research, some of the people who posted online gave the same scenario as my customer told me and there was one instance where their bank contacted them to ask if the charge from Jinigram was a legitimate charge.  There were several posts that indicated that they called the company and asked for a refund, or they disputed the charge with their bank and the company complied by reversing the charge.

Personally, I think the company is following deceptive business practices. However, it refunds money of customers who ask to reverse the charge, so the company stays under the radar of law enforcement and can continue with their current business model (which I think is mostly legitimate, but highly deceptive).

So, my advice is that when you want to contact a company's customer support, check to see if you have a printed copy of your receipt or user manual in your analog or digital files. You could also open the software on your computer and look for a 'support' or 'contact us' menu item. If you are an email saver (hoarder) like me, you could search your emails for the name of the company. Remember that when searching for a company's support number on the Internet, make sure the word "official" is in the webiste's name, or listed with the phone number. To verify that it is a legitimate number, copy the number and do a search for that number to see if it is really the number for the company that you are trying to contact.

Stay safe; be well,

Phil