Feedback: ID Protection renewal not working - and a word about the renewal reminder emails

Havoc
Havoc Posts: 4 Explorer
edited May 2023 in Password Vault

So the first issue is, I'm unable to renew my subscription for ID Protection, the button on the reminder is not working due to a javascript error



Second: The renewal reminder emails seem a bit suspicious, I'm still not sure if it's a phising email or a real email. The reminder sender is: (F-Secure <no-reply@email.f-secure.com>)

When I clicked the link (wasn't logged in), it took me to a payment page with a very different layout, the f-secure logo was in black and white instead of color, and the whole page looked weird to me, so I skipped the bank payment.

Then I got an open invoice, the sender being (Cleverbridge / F-Secure <no-reply@cleverbridge.com> Using cleverbridge 3.12.0.0)

Also why is there a mention of the management team, and a court of law ? Is this actually a legit invoice?

Footer attached below


Is it just me or is this highly suspicious, particulary during these times we live in.

Accepted Answer

  • Ukko
    Ukko Posts: 3,668 Superuser
    Answer ✓

    Hello,

    Sorry for my reply. I am only an F-Secure user.

    Only my thoughts about points without too much digging (good if there will be an official response or if someone will check it on his own experience).

    the button on the reminder is not working due to a javascript error

    I am a bit confused where the reminder was (because ID Protection design is a rather unknown to me) and where the page or button was rendered (browser or application).

    Is it email letter (based on further description)? I mean, maybe mail-client with restriction about loading some resources and so on (what I usually do to prevent any external scripts, 'css'-stuff, pictures being loaded automatically). If yes, then this may be somewhat of an expected situation.

    Or since you got scripts logs, maybe HTML opened page was with restricted area (or something); anyway, it sounds like it could be investigated by the F-Secure team (maybe it's more of a vue.js bug; or can be fixed by more securely using functionality).

    The renewal reminder emails seem a bit suspicious, I'm still not sure if it's a phising email or a real email. The reminder sender is: (F-Secure <no-reply@email.f-secure.com>)

    So, mentioned sender is a valid one. But always good to be sure that 'shown' sender is actual sender (I mean, double check email headers). But, usually, it is only trick against "reply-to". If you already got 'sender' - then I assume it is a real sender.

    At least, it is discussed there: About F-Secure email address for customer newsletters — F-Secure Community (where legit state was confirmed)

    and as for me - 'subdomain' looks OK for such a use. And 'no-reply' is also mostly expected for reminders.

    When I clicked the link (wasn't logged in), it took me to a payment page with a very different layout, the f-secure logo was in black and white instead of color, and the whole page looked weird to me, so I skipped the bank payment.

    They probably have guide books for various uses of the "brand" and context of uses. where one or another way of using the logo (and color scheme) is explained, and so on.

    So, I think the page that was opened was Cleverbridge (their official payment(?) partner) landing. So, it could be weird.

    About F-Secure official (style) is possible to get there: Logos | F-Secure Press Room

    Then I got an open invoice, the sender being (Cleverbridge / F-Secure <no-reply@cleverbridge.com> Using cleverbridge 3.12.0.0)

    As such, all should be okay. I mean, if you canceled the bank transfer and everything is fine with the money.

    Because the fact - that trying to renew the subscription (from an email sent by F-Secure), the page of their official payment partner (Cleverbridge) was opened, and the invoice was with a mention of them - is normal.

    Also why is there a mention of the management team, and a court of law ? Is this actually a legit invoice?

    Perhaps any mentions are dictated by their "rulers". Or simply as protection from something (to protect against claims from someone). Since this company (Cleverbridge) is relatively "famous". It is possible that this is a legit invoice. Although I don't think they are perfectly alright about everything.

    Is it just me or is this highly suspicious, particulary during these times we live in.

    I don't think it's highly suspicious.

    But if you still need to renew your subscription, it's better to try it through steps that are more convenient and stress-free for you.

    Perhaps, it is via My F-Secure Portal. There (Renewing your subscription | ID PROTECTION | Latest | F-Secure User Guides) explained way for iOS-based(?) subscription or device.

    Another option is to contact their official Support channel (for example, web-chat): Contact support | F-Secure

    So they can guide you about.

    In general, I think that if you try renewing subscription in any legit way - it will be very similar to what you described (since, most likely, the described one was the designed way).

    Thanks!

Answers

  • Havoc
    Havoc Posts: 4 Explorer

    Thank you for your comment Ukko. I was able to renew the subscription now, using the direct link in the email.

    Reading my post again, it wasn't too clear where the button is, the button in question is found when logging in to My F-secure, an overlay appears with the option to renew the sub. That button is not working. I tried Chrome and Edge. Edge is vanilla with no configuration changes (Win 10).

    My whole point was that the current UX/UI needs cleaning up, it should be easier to renew the subscription on the website, instead of relying on links sent by email, which are not the best security practice these days. Logging in you need 2FA, but email is just a static link.

    Also you know, shouldn't companies make it as easy as possible to... buy stuff? xD

  • Ukko
    Ukko Posts: 3,668 Superuser

    Hello,

    Thanks for your clarifications.

    Also you know, shouldn't companies make it as easy as possible to... buy stuff? xD

    Perhaps. :)

    the button in question is found when logging in to My F-secure, an overlay appears with the option to renew the sub. That button is not working. I tried Chrome and Edge. Edge is vanilla with no configuration changes (Win 10).

    I see. Looks like that if I try to create a trial account and then log in, there will be exactly that look too. From my attempt, "Buy now"-button was accessible and working. At least, redirected to onlineshop.f-secure.com.

    Or something wrong with 'renewal' prompt. Or it is not clear why you are faced with such a problem. In any case, maybe the F-Secure teams will pick it up and double-check it after reading your thread.

    Thanks!

This discussion has been closed.
Pricing & Product Info