One of the first things you will notice about these fake “anti virus” protection emails is the odd font in the subject line. A small font, sized at half the height of normal fonts, it looks…odd. This is red flag #1. If you bother to open the email and hover on any of the links, you will notice they do NOT go to either a Norton site or a Symantec (the owner of Norton) site. This is red flag #2. Closely related to this is red flag #3…the email did not come from an address of either company.
The email does contain an image, shown below, which purports that this email came from an “affiliate” of Norton, but does provide a name. All links in the email go to the same domain, flagged as a phishing domain by security company Kaspersky – red flag #4.
You should just delete these emails. If you have opened one and clicked on a link, please let me know so we can discuss the potential impact of this action and what steps you may need to take next. You can email me at email@example.com.