FreshRSS

🔒
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
△ 🔃
There are new available articles, click to refresh the page.
Before yesterdayMcAfee Blogs

The Most Impersonated Brands in Holiday Shopping, Ranked

By: Brooke Seipel

Scammers aren’t worried about ending up on the naughty listIf anything, they’re doubling down in 2025.  

This year, scammers are impersonating major brands with startling accuracy, from fake delivery updates to cloned checkout pages.

Our McAfee Labs researchers analyzed real scam texts, emails, and URLs from October through early November, along with consumer survey data, to identify the patterns shaping this season’s fraud.

Here’s what shoppers need to know, what’s trending upward, and how to spot the fakes before they reach your cart.

What Is a Holiday Brand-Impersonation Scam?

A brand-impersonation scam is when criminals copy a real brand, like a retailer, tech company, bank, or delivery service, to make fake emails, texts, ads, or websites that look legitimate.

Their goal is to trick shoppers into clicking, entering account details, or making a payment.

McAfee Labs’ brand impersonation analysis shows criminals focusing on the items people shop for most — tech gifts, luxury goods, and high-demand drops.

Fake versions of these brands typically include:

  • Copied product photos
  • Familiar layouts
  • Holiday sale graphics
  • Support pages designed to capture logins
An example of a phishing attempt this holiday season.
An example of a phishing attempt this holiday season. THIS IS A FAKE PHISHING EMAIL!

Which Brands Are Being Faked the Most This Holiday Season?

Top 5 most impersonated luxury brands

  1. Coach
  2. Dior
  3. Ralph Lauren
  4. Rolex
  5. Gucci
Top 5 most impersonated mainstream consumer brands
  1. Apple
  2. Nintendo
  3. Samsung
  4. Disney
  5. Steam

Other Key Research Takeaways:

  • Email scams are exploding, up ~50% in retail and ~85% in tech as the holidays approach.
  • Fake storefronts are rising, with technology URL scams up nearly 50% and consumer URL scams up ~5%.
  • Trusted brands are the most impersonated, including Amazon, Microsoft, Apple, Walmart, and Costco.
  • 96% plan to shop online
  • 91% see ads from unfamiliar retailers
  • 37% may buy from brands they don’t recognize
  • AI is reshaping scams, with 46% of Americans encountering fake celebrity or influencer endorsements.

How to Stay Safe While Brands Are Being Faked This Season

Scammers are getting better at copying the brands you trust, but avoiding the fakes gets much easier when you slow down, verify what you see, and use tools that check links and messages before you click.

Here’s what actually helps during a season when realistic-looking scams are everywhere:

1. Go straight to the source

If you get a message about an order, refund, delivery issue, or account lockout, don’t click the link.

Go directly to the retailer’s app or type the URL manually.

This single habit eliminates most holiday scams.

This may look exactly like the Netflix login page... but it's not. This scam landing page is meant to steal your username and password.
This may look exactly like the Netflix login page… but it’s not. This scam landing page is meant to steal your username and password.

2. Inspect the sender, not the graphics

Scammers can recreate logos, colors, and templates perfectly.

What they can’t easily mimic:

  • A legitimate domain
  • A verified phone number
  • A support email that matches the company’s format

If the sender looks off, the message is off.

3. Let security tools check the link for you

McAfee’s online protection adds a critical layer of holiday safety, especially when scammers imitate retailers with near-perfect accuracy.

Key protections include:

Web Protection
Blocks malicious or suspicious websites before they load — including fake checkout pages, login portals, and support sites.

Scam Detector
Built into all core McAfee plans. It flags scam texts, emails, and even deepfake-style video promotions, letting you know a link or message is unsafe before you interact with it.

Password Manager
Creates and stores strong, unique passwords so a stolen login from one retailer doesn’t unlock your whole digital life.

Identity & Financial Monitoring
Transaction Monitoring and Credit Monitoring can alert you to unusual activity — a crucial safety net when stolen logins, card numbers, or personal details circulate quickly during the holidays.

These tools help counter the exact tactics scammers rely on: cloned websites, fake brand emails, and phishing links disguised as legitimate retailers.

This shows a SMishing text from a fake Amazon. Companies won't text you like this.
This shows a SMishing text from a fake Amazon. Companies won’t text you like this.

4. Turn on two-factor authentication everywhere you shop

Even if a scammer gets your password, they can’t get in without your one-time code.

5. Treat urgency as a red flag

Legitimate companies don’t ask you to “act in minutes,” pay fees to “unlock” an account, or claim you must stay on the line.

Pressure is a tactic — not customer service.

6. Keep an eye on your accounts

Check your banking and shopping accounts weekly.

Small unauthorized charges often appear before large ones.

The post The Most Impersonated Brands in Holiday Shopping, Ranked appeared first on McAfee Blog.

Protect the Whole Family with McAfee+ Ultimate Family Plan

By: McAfee

Many content creators highlight the differences between today’s most prominent generations: the Silent Generation, baby boomers, Generation X, millennials, and Generations Z and Alpha. No generation seems to have much in common with the others. In truth, there is something that people can agree on: identity and online privacy protection. Young or old, cybercriminals don’t discriminate against who they target. In fact, some generations are more prone to certain scams than others.

Educating yourself and your family members on current cyberthreats is the first step to defending against them. In this guide, we’ll take a look at how to protect every age group from online threats.

Family protection matters

Your family faces an onslaught of online threats that didn’t exist just a decade ago, and growing. The FBI’s 2024 Internet Crime Report shows that Americans alone lost over $18 billion to cybercrime since 2020.

That’s why protecting your family entails more than just antivirus software. Digital protection now encompasses safeguarding your household’s online privacy, monitoring for identity threats, and securing every family device that connects to the internet.

This is how risks impact different family members differently:

  • Your children and teens, 97% of whom own a smartphone, face vulnerabilities through social media platforms, gaming networks, and school devices. They’re naturally curious and trusting, making them prime targets for social engineering scams disguised as friend requests or free game downloads.
  • Adults in your household juggle multiple online responsibilities—banking, shopping, work communications, and managing family accounts. The rush of daily life can make you more susceptible to phishing emails that look legitimate or malicious links embedded in seemingly innocent messages.
  • Senior family members often become targets because they may be less familiar with evolving online scams. In 2024, the FTC received 147,127 complaints from adults aged 60 years and above, resulting in $4.8 billion in losses. But since many of these incidents go unreported, that figure may actually go as high as $61.5 billion.

Depending on the age group, criminals adapt their tactics based on who they’re targeting. With the right protection, you can expand your family’s digital life with confidence. When you have the right safeguards in place, your family can fully embrace the incredible opportunities that technology offers. Your kids can safely research school projects, your teens can connect with friends responsibly, and you can manage your household efficiently online.

The most effective digital safety approach is to create a safety net with layered protection, one that works across all your devices and considers each family member’s technology usage—whether that’s helping your teenager safely explore career interests online, ensuring your online banking stays secure, or giving grandparents peace of mind when video chatting with distant relatives. This means combining real-time threat detection, safe browsing tools, identity monitoring, and secure connections through a virtual private network.

Distinct protections per age group

No two generations use technology the same way—and cybercriminals know it. Children, teens, adults, and seniors each face unique digital risks shaped by their habits, confidence levels, and online environments. That’s why effective cybersecurity isn’t one-size-fits-all. Tailoring protection to each age group ensures that everyone—from curious kids to tech-savvy adults—can navigate the digital world safely and confidently.

Safeguard childhood

Cybercriminals can buy Social Security Numbers (SSNs) of minors on the dark web or gather them through medical records or school system breaches. SSNs are valuable to a cybercriminal because the theft can go undetected for years since children aren’t yet opening credit cards or applying for mortgages. It’s never too early to start identity monitoring.

For the same reason, you might consider putting a credit freeze on behalf of your child since they won’t be needing it for several years. A credit freeze makes your child’s credit inaccessible to everyone, including criminals, and won’t negatively affect their credit score.

Digital safety with tween and teen independence

Once your child becomes a teenager, they can be allowed to open their first email addresses and social media profiles independently. It’s an important life lesson in organization, responsibility, and digital literacy. However, these platforms could open them to risks such as cyberbullying, fake news, and social engineering.

The best way to avoid being cyberbullied is through education. Ensure that your tweens and teens who spend unsupervised time on their devices know what to do if they encounter cyberbullying. The best course of action is to report the incident to an adult and, in the meantime, to suspend their accounts.

Prepare the seniors

Cybercriminals often seek out seniors as easy targets for online scams because they are typically less digitally savvy. They may not realize that some emails in their inbox could be sent by someone with bad intentions. What can start out as a friendly email pal can quickly spiral into divulging sensitive personal information or sending huge sums of money to a criminal.

The best way to prepare the seniors in your life for online safety is to impart a few, easy-to-follow absolutes. Start with these three rules:

  • Never tell anyone your password. Your bank, tax filing service, nor the IRS will ever need it.
  • Never divulge your SSN over email.
  • Never send money to a stranger, no matter how much their “sob story” tugs at your heartstrings.

Manage what’s right for your family online

Creating a safer digital environment for your children doesn’t require you to become a tech expert. With the right approach and tools, you can establish healthy digital boundaries that protect your children while allowing them to enjoy the benefits of our connected world.

Start with open conversation

Before implementing any technical measures, have honest discussions with your family about online safety to build trust and help you recognize each family member’s digital journey. Explain that protective measures will not restrict freedom, but reduce risks such as phishing attempts, malware infections, and exposure to inappropriate content.

Create a family technology agreement

A family tech agreement serves as your household’s digital constitution. Work together to establish rules about screen time, appropriate websites, social media use, and consequences for breaking agreements, including guidelines about sharing personal information, downloading apps, and what to do if they encounter something concerning online.

Enable parental controls

Most devices and platforms offer robust parental control features. iOS devices’ Screen Time and Android’s Family Link allow you to set app limits and content restrictions, while Windows and macOS can filter content and set time limits. The Federal Communications Commission recommends router-level filtering as the first line of defense because it automatically protects all devices connected to your network.

Set up app and content filters

Configure age-appropriate content filters on streaming services, gaming platforms, and app stores. Netflix, Disney+, and other services allow you to create child-friendly profiles with content restrictions, while gaming consoles like PlayStation, Xbox, and Nintendo Switch include comprehensive parental controls for game ratings, online interactions, and spending limits. For web browsing, enable SafeSearch on Google, Bing, and other search engines to create clarity and keep harmful content from appearing in search results.

Optimize privacy settings across platforms

Because social media platforms often favor data collection over privacy, it is critical that you adjust privacy settings on all social media accounts and apps your family uses. Turn off location sharing and disable targeted advertising when possible, and limit who can contact your children online. To reduce younger children’s exposure to social engineering attempts and inappropriate contact from strangers, make their profiles private by default and require approval for new followers or friend requests.

Deploy safe browsing tools

Your teen could be so focused on downloading a “free” TV or video game that they may not recognize the signs of malicious sites such as typos, blurry logos, or incredible offers. Trustworthy safe browsing extensions and software could protect your teen from these unsafe downloads, as well as from risky websites, hidden malware, phishing, and social media bots. Safe browsing extensions could teach your family members to develop better security instincts when they see warnings about suspicious URLs, poor website design, and too-fantastic offers.

Make protection age-appropriate

Tailor your approach to each family member’s age, digital maturity, and comfort level with technology. Younger children will need more restrictive settings and closer supervision, while teenagers are more open when they understand the reason behind the rules and can have some autonomy with clear consequences for misuse.

Regular check-ins and updates

As technology evolves, ongoing conversation about responsible usage will allow you to address new apps, games, or websites your family wants to explore. Set a monthly family meeting to discuss online experiences, review your technology agreement, and adjust settings as needed.

When you implement these strategies consistently, your family will experience fewer security incidents, reduced exposure to inappropriate content, and better digital habits overall. These tools and strategies work best when combined with ongoing communication and a family culture that prioritizes both digital exploration and safety. In addition, children who grow up with these protections develop stronger security awareness and are less likely to fall victim to online scams as they become more independent digital users.

Mindfulness is safety

As an adult, you typically have better street smarts than teens. However, the daily rush of juggling work, social obligations, and running a household could leave you without much time to spare, even for romance. As a result, living life in the fast lane makes you more susceptible to scams, phishing, malware, and computer viruses. The best way to prevent falling for these digital threats is this: slow down! Take your time when you receive any message from someone you don’t know or have never met in person. If you feel even an iota of suspicion, don’t engage with the sender. Delete the message. If it’s important, the person or organization will follow up.

To fully protect your connected devices and the personally identifiable information they store, consider investing in safe browsing, antivirus software, and identity monitoring and restoration services to catch any threats that may have passed under your watchful eye.

Modern antivirus for today’s cyberthreats

While you might think your devices are already secure, modern cyberthreats have evolved to become more virulent, far beyond what traditional built-in protections can handle. In response, antivirus solutions have transformed into intelligent security systems that provide comprehensive, real-time protection using behavioral analysis, machine learning, and cloud-based threat detection. These advanced technologies actively identify and block phishing attacks, malware, ransomware, and malicious websites that traditional security measures often miss.

While operating systems such as Windows and macOS include basic security features, they’re designed as general safeguards rather than comprehensive family protection solutions. Built-in protections typically focus on known threats, but do not detect zero-day attacks, sophisticated phishing schemes, or emerging malware variants that cybercriminals specifically design to evade standard defenses.

Consider these daily family scenarios where your teenager brings home their school laptop. It may have been exposed to threats through shared networks or downloads from classmates. That family tablet everyone uses for streaming and games becomes a potential entry point for malicious apps or compromised websites. When you connect to public Wi-Fi at the coffee shop, airport, or hotel during family travel, you’re exposing your devices to network-based attacks that built-in protections weren’t designed to handle.

Your modern family needs a comprehensive antivirus solution that monitors all your family’s devices continuously, learns each member’s online behavior patterns, and adapts its protection accordingly. This means blocking that suspicious email before your spouse clicks on it, preventing your child from accidentally downloading malware disguised as a game, and ensuring your smart home devices remain secure.

The best value comes from bundled services that address your family’s complete digital life. Identity monitoring services watch for signs that your family members’ personal information has been compromised in data breaches. A family VPN service encrypts your internet connection, protecting sensitive information when family members use public Wi-Fi networks for school projects, work calls, or entertainment. This integrated protection works seamlessly not just to protect individual devices, but to safeguard your entire family’s digital ecosystem.

With cybercrime damages projected to continue growing significantly each year, investing in comprehensive family protection is one of the smartest decisions you can make for your household’s digital well-being.

The ultimate protection plan

Get the whole family committed to safer and more private online lives with the help of McAfee+ Ultimate Family Plan. This plan covers up to six individuals in your family with an entire suite of comprehensive privacy, identity, and device security features. The plan also includes preventive measures to fight online crime, such as safe browsing tools, an advanced firewall, unlimited VPN, and antivirus software for unlimited devices. Your family can also receive up to $2 million in identity theft recovery and $50,000 in ransomware coverage.

With the McAfee+ Ultimate Family Plan, device security extends across unlimited computers, smartphones, and tablets, while its advanced antivirus software automatically updates to defend you against the latest threats. Safe browsing tools block malicious websites before they can cause harm, and the unlimited VPN encrypts internet connections on public networks, while the built-in firewall monitors incoming and outgoing traffic.

All your family’s login credentials on all devices will be secure with password management, while secure cloud storage protects important documents and family photos. Real-time alerts notify you immediately when scams are detected or suspicious activity occurs.

Protection tailored for every family member

Every family member faces different online risks, shaped by their age, habits, and digital experience. Children need safeguards against identity theft and unsafe content, while teens require protection that balances independence with security. Adults juggle multiple connected accounts that demand advanced monitoring, and seniors benefit from simplified defenses against scams and fraud. A one-size-fits-all approach no longer works. The McAfee+ Ultimate Family Plan effectively adapts to each person’s unique digital life, ensuring that everyone stays safe, confident, and connected online:

  • Your young children’s Social Security Numbers will be monitored for misuse, while your teens will be protected from risky downloads and phishing attempts and still maintain their online autonomy.
  • The adults in your family will benefit from comprehensive identity theft protection that monitors credit reports, bank accounts, and personal information across the dark web. Meanwhile, your email and social media accounts will be continuously surveilled for unauthorized access.
  • Seniors will receive simplified alerts and protection specifically designed for common online scams and be supported by top-notch identity restoration specialists to resolve any issues that arise.

Quick start checklist

Getting started with the McAfee+ Ultimate Family Plan takes only minutes. Simply follow this short list to start protecting your family’s digital life:

  • Account creation: Create a master account at mcafee.com using the primary family email address. This account becomes your central dashboard for managing all family members’ protection.
  • Add family profiles: Add family profiles by entering each member’s basic information. You can include up to six family members with personalized settings—spouses, children, and other household members. Each person receives their own unique protection settings based on their age and device usage patterns.
  • Install on devices: Download the McAfee app on every family device—computers, phones, and tablets. The software automatically synchronizes with your primary family account and begins protecting all devices immediately. The installation process typically completes in under five minutes per device.
  • Enable key protections: Once installation is done, you can start activating identity monitoring, VPN, and safe browsing for each member.
  • Turn on alerts: You will also need to configure notification preferences for each device to activate alerts when security events and threats occur.
  • Test your setup: To see if the installation works, run initial antivirus scans on all devices. You can also test the VPN to ensure that the connection works.

Essential tips to protect your family online

A comprehensive online security solution combined with best digital practices can go a long way in protecting your loved ones from identity theft, scams, and online risks. These essential tips will help you strengthen your family’s digital defenses, build safer online routines, and give everyone the confidence to explore the internet securely.

  • Use unique passwords and multi-factor authentication: Doing this prevents hackers from accessing multiple accounts even if one password is compromised. Enable MFA on all critical accounts.
  • Enable automatic updates on all devices: Configure automatic security updates to keep your family’s devices protected against the latest security threats without requiring constant manual action from you.
  • Turn on safe browsing and firewall protection: Enabling safe browsing features blocks malicious websites and unauthorized network access before they can harm your family’s devices and data.
  • Use a VPN on public Wi-Fi networks: A VPN protects your data on public networks by encrypting your family’s internet connection in hotel, coffee shop, or airport Wi-Fi to prevent data theft.
  • Set device-level parental controls: Configure age-appropriate content filters to protect children from inappropriate content while teaching responsible digital habits.
  • Consider freezing minors’ credit reports: Credit freezing will prevent identity thieves from opening fraudulent accounts in your children’s names, as they won’t need credit yet.
  • Teach family members to recognize phishing red flags: Educating your family to identify common phishing tactics empowers them to spot red flags in suspicious emails, texts, and websites that try to steal personal information.
  • Back up important family files regularly: Create a comprehensive backup strategy to ensure precious photos, documents, and memories are safe even if devices are lost, stolen, or infected with ransomware.
  • Monitor identities for the whole family: Use family plans to catch suspicious activity early, allowing you to respond quickly if someone’s personal information is compromised.

Final thoughts

Protecting your family’s digital life doesn’t have to be overwhelming. With the right knowledge, best digital practices, and a comprehensive security solution like McAfee+ Ultimate Family Plan, you can safeguard everyone against today’s online threats.

A comprehensive family plan will help you enable safe browsing tools, monitor your family members’ identities, educate each family member about their unique risks, and build a strong foundation of online security. Start implementing these protective measures today, and stay informed about emerging threats and security best practices to keep your loved ones safe in our connected world.

The post Protect the Whole Family with McAfee+ Ultimate Family Plan appeared first on McAfee Blog.

This Week in Scams: DoorDash Breach and Fake Flight Cancellation Texts

By: McAfee

Leading off our news on scams this week, a heads-up for DoorDash users, merchants, and Dashers too. A data breach of an undisclosed size may have impacted you.

Per an email sent by the company to “affected DoorDash users where required,” a third party gained access to data that may have included a mix of the following:

  • First and last name
  • Physical address
  • Phone number
  • Email address

You might have got the email too. And even if you didn’t, anyone who’s used DoorDash should take note.

As to the potential scope of the breach, DoorDash made no comment in its email or a post on their help site. Of note, though, is that one of the help lines cited in their post mentions a French-language number—implying that the breach might affect Canadian users as well. Any reach beyond the U.S. and Canada remains unclear.

Per the company’s Q2 financial report this year, “hundreds of thousands of merchants, tens of millions of consumers, and millions of Dashers across over 30 countries every month.” Stats published elsewhere put the user base at more than 40 million people, which includes some 600,000 merchants.

The company underscored that no “sensitive” info like Social Security Numbers (and potentially Canadian Social Insurance Numbers) were involved in the breach. This marks the third notable breach by the well-known delivery service, with incidents in 2019 and 2022

Image of DoorDash email about data breach.
Image of DoorDash email about data breach.

What to do if you think you got caught up in the DoorDash breach

While the types of info involved here appear to be limited, any time there’s a breach, we suggest the following:

Protect your credit and identity. Checking your credit and getting identity theft protection can help keep you safer in the aftermath of a breach. Further, a security freeze can help prevent identity theft if you spot any unusual activity. You can get all three in place with our McAfee+ Advanced or Ultimate plans.

Keep an eye out for phishing attacks. With some personal info in hand, bad actors might seek out more. They might follow up a breach with rounds of phishing attacks that direct you to bogus sites designed to steal your personal info. As with any text or email you get from a company, make sure it’s legitimate before clicking or tapping on any links. Instead, go straight to the appropriate website or contact them by phone directly. Also, protections like our Scam Detector and Web Protection can alert you to scams and sketchy links before they take you somewhere you don’t want to go.

Update your passwords and use two-factor authentication. Changing your password is a strong preventive measure. Strong and unique passwords are best, which means never reusing your passwords across different sites and platforms. Using a password manager helps you stay on top of it all while also storing your passwords securely.

Attention travelers: Now boarding, a rise in flight cancellation scams

Even as the FAA lifted recent flight restrictions on Monday morning, scammers are still taking advantage of lingering uncertainty, and upcoming holiday travel, with a spate of flight cancellation scams.

How the scam works

Fake cancellation texts

The first comes via a text message saying that your flight has been cancelled and you must call or rebook quickly to avoid losing your seat—usually in 30 minutes. It’s a typical scammer trick, where they hook you with a combination of bad news and urgency. Of course, the phone number and the site don’t connect you with your airline. They connect you to a scammer, who walks away with your money and your card info to potentially rip you off again.

Fake airline sites in search results

The second uses paid search results. We’ve talked about this trick in our blogs before. Because paid search results appear ahead of organic results, scammers spin up bogus sites that mirror legitimate ones and promote them in paid search. In this way, they can look like a certain well-known airline and appear in search before the real airline’s listing. With that, people often mistakenly click the first link they see. From there, the scam plays out just as above as the scammer comes away with your money and card info.

How to avoid flight cancellation scams

Q: How can I confirm whether my flight is really canceled?
A: Check directly in your airline’s official app or website. Never click links in texts or emails.

Q: How can I spot a fake airline search result?
A: Look for “Ad”/“Sponsored,” confirm the URL, and check that the site uses HTTPS, not HTTP.

Q: Is there a tool that flags fake booking sites?
A: Scam-spotting tools like Scam Detector and Web Protection can identify sketchy links before you click.

In search, first isn’t always best.

Look closely to see if your top results are tagged with “Sponsored” or “Ad” in some way, realizing it might be in fine print. Further, look at the web address. Does it start with “https” (the “s” means secure), because many scam sites simply use an unsecured “http” site. Also, does the link look right? For example, if you’re searching for “Generic Airlines,” is the link the expected “genericairlines dot-com” or something else? Scammers often try to spoof it in some way by adding to the name or by creating a subdomain like this: “genericairlines.rebookyourflight dot-com.”

Get a scam detector to spot bogus links for you.

Even with these tips and tools, spotting bogus links with the naked eye can get tricky. Some look “close enough” to a legitimate link that you might overlook it. Yet a combination of features in our McAfee+ plans can help do that work for you.  Our Scam Detector helps you stay safer with advanced scam detection technology built to spot and stop scams across text messages, emails, and videos. Likewise, our Web Protection will alert you if a link might take you to a sketchy site. It’ll also block those sites if you accidentally tap or click on a bad link.

Scammers Hijack a Trusted Mass Texting Provider

You’ve probably seen plenty of messages sent by short code numbers. They’re the five- or six-digit codes used to send texts instead of by a phone number. For example, your cable company might use one to send a text for resetting a streaming password, the same goes for your pharmacy to let you know a prescription is ready or your state’s DoT to issue a winter travel alert, and so on.

According to NBC News, scammers sent hundreds of thousands of texts using codes used by the state of New York, a charity, and a political organizing group. The article also cites an email sent to messaging providers by the U.S. Short Code Registry, an industry nonprofit that maintains those codes in the U.S. In the email, the registry said attempted attacks on messaging providers are on the rise.

What this means for the rest of us is that just about any text from an unknown number, and now short codes, might contain malicious links and content. It’s one more reason to arm yourself with the one-two punch of our Scam Detector and Web Protection.

What are short codes?
Short codes are 5–6 digit numbers used by pharmacies, utilities, banks, and government agencies to send official alerts.

Why this attack is unusual
Scammers didn’t spoof short codes—they gained access to real ones used by:

  • The State of New York
  • A charity
  • A political organizing group

Why this matters
Even texts from legitimate short-code numbers can no longer be trusted at face value.

What to do now

  • Treat any unexpected text—even from a short code—as suspicious.
  • Don’t tap links.
  • Verify by going directly to the official website or app.

Quick Scam Roundup

Consumers warned over AI chatbots giving inaccurate financial advice 

  • Our advice: Always verify recommendations with trusted financial sources

Why our own clicks are often cybercrime’s greatest allies

  • Our advice: Many attacks rely on rushed or emotional decisions, slow down before clicking

TikTok malware scam uses fake software activation guides to steal data

  • Our advice: Download software only from official sources

 

We’ll be back after the Thanksgiving weekend with more updates, scam news, and ways to stay cyber safe.

The post This Week in Scams: DoorDash Breach and Fake Flight Cancellation Texts appeared first on McAfee Blog.

How to Follow McAfee on Google News in One Simple Step

By: McAfee

Want McAfee’s latest scam alerts, cybersecurity tips, and safety updates to show up automatically in your Google News feed? You can follow McAfee directly on Google News with a single tap.

Google News now gives every official publisher a dedicated page — and McAfee has one. Once you follow us, our newest articles will appear in your Following tab and throughout your personalized news feed whenever they’re relevant to you.

Here’s how to do it in seconds.

Follow McAfee on Google News

Step 1: Go to our official Google News page

Tap or click this link:

McAfee Official Google News Source Page

This opens McAfee’s verified publisher page inside Google News.

Image shows McAfee's Google News source page.
Image shows McAfee’s Google News source page.

Step 2: Tap the ⭐ “Follow” button

You’ll see a star icon at the top of the page.

Tap Follow and you’re done.

That’s it — McAfee is now part of your personalized news feed.

What happens after you follow McAfee

When you tap the star:

  • McAfee appears under Following → Sources in Google News
  • Our stories show up more often when you search for cybersecurity topics
  • You’ll see McAfee alerts, safety tips, and threat updates sooner
  • Google prioritizes McAfee when we publish on topics you care about (AI scams, malware, identity theft, etc.)

No settings menus. No advanced search. Just one tap.

How to Unfollow or Manage Your Sources

If you ever want to update your feed:

  1. Open Google News

  2. Go to Following → Sources

  3. Tap the star again to unfollow

  4. Or rearrange which sources matter most to you

 

Image shows how to find your preferred sources in Google News

FAQs

Do I need the Google News app?

No. Following works in both browsers and the app.

Will this make McAfee show up first for every search?

Not automatically — but Google does prioritize publishers you follow when the content is relevant.

Can I follow McAfee on multiple devices?

Yes. It’s tied to your Google account, not your phone or laptop.

Is the follow button safe?

Absolutely. This is Google’s built-in publisher follow system.

Stay Updated, Stay Safer

Cyber threats move fast — following McAfee on Google News makes it easier to stay ahead of scams, breaches, and emerging AI risks.

The post How to Follow McAfee on Google News in One Simple Step appeared first on McAfee Blog.

Ghost Tapping: What It Is, How It Works, and How to Stay Safe

By: McAfee

Contactless payments make everyday purchases fast and easy. Yet with that convenience comes a risk: ghost tapping.

In crowded spaces or rushed moments, a scammer could trigger a small tap-to-pay charge or push through a higher amount without your clear consent. Understanding what ghost tapping is, how it happens, and what to do next helps you keep your money and identity secure.

What Is Ghost Tapping?

Ghost tapping is a form of contactless fraud where someone attempts to initiate a tap-to-pay transaction without your approval.

Tap-to-pay cards and mobile wallets on phones use a technology called “near-field communication,” or NFC. That lets them communicate with things like a point-of-sale device for payment at a very close range. It’s generally quite safe, particularly because of the “near” part. You have to get very close to make the connection.

Even so, proximity and distraction can be exploited. Attackers may try to skim limited details from RFID (Radio Frequency Identification technology) cards or NFC cards, or nudge you into approving a payment you didn’t intend. If you’ve ever wondered what ghost tapping is, think of it as an opportunistic, in-person scam that abuses the tap-to-pay moment rather than a remote hack.

How Ghost Tapping Happens

Most schemes rely on getting close and catching you off guard. A criminal might carry a portable reader, press into a pocket or bag, and attempt a low-value charge. Others set up tampered terminals, rushing you so you don’t check the amount.

Consider These Two Scenarios:

You’re at a busy farmer’s market. A scammer with a phone equipped with a point-of-sale app stumbles into you and gets close enough to your card to trigger a transaction. It’s almost like a modern-day pickpocket move, where the bump distracts the victim from the theft as it happens.

In another case, you might come across a phony vendor. Maybe someone’s selling cheap hats outside a football game or someone’s going around your neighborhood selling candy, supposedly to support a charity. In scenarios like these, you tap to pay with your phone just as you’d expect… but with one exception: the “vendor” jacks up the purchase price. They hurry you through the transaction, so quickly that you don’t review the screen before you confirm payment.

We’ve also seen reports of people getting Apple Pay scammed by impostor merchants who exploit quick taps and small screens. While mobile wallets add strong safeguards, poor visibility and social pressure can still lead to losses.

The Better Business Bureau on Ghost Tapping:

A report posted on the Scam Tracker at the Better Business Bureau (BBB) shows how the phony vendor version of this scam allegedly played out:

“An individual is going door to door in [location redacted] claiming to be selling chocolate on behalf of [redacted] to support special needs students. He says that he can only accept tap-to-pay to get people to pay with a card. He then charges large amounts to the card without the cardholder being able to see the amount. He got my mother for $537… Another victim for $1100… He changes neighborhoods frequently to avoid getting caught.”

Signs of Ghost Tapping and Common Myths

Early ghost detecting starts with vigilance. Watch for unfamiliar small charges, especially after crowded events, and alerts tied to contactless transactions. If you see odd activity tied to RFID cards or NFC cards, act quickly.

Common myths persist. Attackers can’t drain accounts from far away, clone full cards via a tap, or bypass wallet protections easily. Most successful cases hinge on proximity, distraction, and human error. Meanwhile, Apple Pay scam stories often involve rushed taps and unverified totals.

Effective ghost detecting focuses on timely alerts, careful review, and immediate response.

How to Protect Yourself from Ghost Tapping Scams

The BBB, which recently broke the story of these scams, offers several pieces of advice. We have some advice we can add as well.

From the BBB…

  • Store your cards securely. An RFID-blocking wallet or sleeve can help stop wireless skimming.
  • Always confirm payment details. Before tapping your card or phone, check the merchant’s name and amount on the terminal screen.
  • Set up transaction alerts. Many banks allow real-time notifications for every charge.
  • Keep an eye on your accounts. Daily checks help you spot fraud faster.
  • Limit tap-to-pay use in high-risk areas. Consider swiping or inserting your card instead.

From us at McAfee…

Monitor your identity and your credit.

The problem with many card scams is that they can lead to further identity theft and fraud, which you only find out about once the damage is done. Actively monitoring your identity and credit goes beyond single transaction alerts from your bank and can spot an emerging problem before it becomes an even bigger one. You can take care of both easily with timely notifications from our credit monitoring and identity monitoring features, all as part of our McAfee+ plans.

When you’re out and about, consider what you’re carrying—and where you carry it.

The physical safety of your phone and cards counts as well. While ghost tapping scams are new, old-school physical pickpocketing attempts persist. When it comes to devices and things like debit cards, credit cards, and even cash, keep what you bring with you to the bare minimum when you go out. This can cut your losses if the unfortunate happens. If you have a credit card and ID holder attached to the back of your phone, you may want to remove your cards from it. That way, if your phone gets snatched, those important cards don’t get snatched as well.

When in doubt, shop with a credit card.

In the U.S., credit cards offer you additional protection that debit cards don’t. That’s thanks to the Fair Credit Billing Act (FCBA). It limits your liability to $50 for fraudulent charges on a credit card if you report the loss to your issuer within 60 days.

The post Ghost Tapping: What It Is, How It Works, and How to Stay Safe appeared first on McAfee Blog.

Venmo 101: Making Safer Payments with the App

By: McAfee

As the holiday season ramps up, so do group dinners, shared travel costs, gift exchanges, and all the little moments where someone says, “Just Venmo me.”

With more people sending and splitting money this time of year, scammers know it’s prime time to target payment apps. Here’s how to keep your Venmo transactions safe during one of the busiest — and riskiest — payment seasons.

What kind of scams are on Venmo?

Venmo scams come in all shapes, and many of them look like variations of email phishing and text scams. The scammers behind them will pose as Venmo customer service reps who ask for your login credentials. Other scammers offer bogus cash prizes and pyramid schemes that lure in victims with the promise of quick cash. Some scammers will use the app itself to impersonate friends and family to steal money.

Venmo has a dedicated web page on the topic of scams, and lists the following as the top Venmo scams out there:

·       Fake Prize or Cash Reward

·       Call from Venmo

·       Call from Tech Support

·       Fake Payment Confirmation

·       Pre-payment for Goods and Services

 ·       Stranger Posing as a Friend

·       Payments from Strangers

·       Offers to Make Money Fast

·       Paper Check Scam

·       Romance Scam

 

Venmo has thorough instructions to combat these scams and breaks them down in detail on its site. They also provide preventative tips and steps to take if you unfortunately fall victim to one of these scams. Broadly speaking, though, avoiding Venmo scams breaks down into a few straightforward steps.

How to avoid getting scammed on Venmo

1) Never share private details.

Scammers often pose as customer service reps to pump info out of their victims. They’ll ask for things like bank account info, debit card or credit card numbers, or even passwords and authentication codes sent to your phone. Never share this info. Legitimate reps from legitimate companies like Venmo won’t request it.

2) Know when Venmo might ask for your Social Security number.

In the U.S., Venmo is regulated by the Treasury Department. As such, Venmo might require your SSN in certain circumstances. Venmo details the cases where they might need your SSN for reporting, here on their website. Note that this is an exception to what we say about sharing SSNs and tax ID numbers. As a payment app, Venmo might have legitimate reasons to request it. However, don’t send this info by email or text (any email or text that asks you to do that is a scam). Instead, always use the mobile app by going to Settings  –> Identity Verification.

3) Keep an eye out for scam emails and texts.

Venmo always sends communications through its official “venmo.com” domain name. If you receive an email that claims to be from Venmo but that doesn’t use “venmo.com,” it’s a scam. Never click or tap on links in emails or texts supposedly sent by Venmo.

4) Be suspicious of the messages you get. Imposters are afoot.

Another broad category of scams includes people who aren’t who they say they are. In the case of Venmo, scammers will create imposter accounts that look like they might be a friend or family member but aren’t. If you receive an unexpected and likely urgent-sounding request for payment, contact that person outside the app. See if it’s really them.

5) When sending money, keep an eye open for alerts from the app.

Just recently, Venmo added a new feature, dynamic alerts, which helps protect people when sending money via the “Friends and Family” option. It pops up an alert if the app detects a potentially fraudulent transaction and includes info that describes the level of risk involved. In the cases of highly risky payments, Venmo might decline the transaction altogether. This adds another level of protection to Friends and Family payments, which are non-refundable in cases of fraud. Further, this underscores another important point about using Venmo: only pay people you absolutely know and trust.

More ways to stay safe on Venmo

Keep your transactions private. Venmo has a social component that can display a transaction between two people and allow others to comment on it. Payment amounts are always secret. Yet you have control over who sees what by adjusting your privacy settings:

  • Public – Everyone on the internet can see and comment on the transaction.
  • Friends – Only your Venmo friends and the other participant’s friends can see and comment on the transaction. (Note that the friends of the other participant might be strangers to you, so “friends and friends of friends” is more accurate here.)
  • Private – Here, only the participants can view and comment on the transaction.

This brings up the question, what if the participants in the transaction have different privacy settings? Venmo uses the most restrictive one. So, if you’re paying someone who has their privacy set to “Public” and you have yours set to “Private,” the transaction will indeed be private.

We suggest going private with your account. The less financial information you share, the better. You can set your transactions to private by heading into the Settings of the Venmo app, tapping on Privacy, and then selecting Private.

In short, just because something is designed to be social doesn’t mean it should become a treasure trove of personal data about your spending habits.

Add extra layers of security. Take extra precautions that make it difficult for others to access your Venmo app.

  • First off, lock your phone. Whether with a PIN or other form of protection, locking your phone prevents access to everything you keep on it, which is important in the case of loss or theft. Our own research found that only 58% of adults take the vital step of locking their phones. If you fall into the 42% of people who don’t, strongly consider changing that.
  • Within the Venmo app, you can also enable Face ID and a PIN (on iOS) or a PIN and biometric unlock (Android). These add a further layer of security by asking for identification each time you open the app. That way, even if someone gets access to your phone, they’ll still have to leap through that security hurdle to access your Venmo app.
  • Use a strong, unique password for your account. That’s a password with at least 13 characters using a mix of cases, numbers, and symbols that you don’t use anywhere else. You can also have a password manager do that work for you across all your accounts.

Keep your online finances even more secure with the right tools

Online protection software like ours offers several additional layers of security when it comes to your safety and finances online.

For starters, it includes Web Protection and Scam Detector that can block malicious and questionable links that might lead you down the road to malware or a phishing scam, such as a phony Venmo link designed to steal your login credentials. It also includes a password manager that creates and stores strong, unique passwords for each of your accounts.

Moreover, it further protects you by locking down your identity online. Transaction Monitoring and Credit Monitoring help you spot any questionable financial activity quickly. And if identity theft unfortunately happens to you, up to $2 million in ID theft coverage & restoration can help you recover quickly.

The post Venmo 101: Making Safer Payments with the App appeared first on McAfee Blog.

This Week in Scams: New Alerts for iPhone and Android Users and a Major Google Crackdown

By: McAfee

Welcome back to another This Week in Scams.

This week,  have attacks that take over Androids and iPhones, plus news that Google has gone on the offensive against phishing websites.

First up, a heads-up for iPhone owners.

The “We found your iPhone” scam

In the hands of a scammer, “Find My” can quickly turn into “Scam Me.”

Switzerland’s National Cyber Security Center (NCSC) shared word this week of a new scam that turns the otherwise helpful “Find My” iOS feature into an avenue of attack.

Now, the thought of losing your phone, along with all the important and precious things you have on it, is enough to give you goosebumps. Luckily, the “Find My” can help you track it down and even post a personalized message on the lock screen to help with its return. And that’s where the scam kicks in.

From the NCSC:

When a device is marked as lost, the owner can display a message on the lock screen containing contact details, such as a phone number or email address. This can be very helpful if the finder is honest – but in dishonest hands, the same information can be used to launch a targeted phishing attack.

With that, scammers send a targeted phishing text, as seen in the sample provided by the NCSC below …

A smartphone screenshot showing a fraudulent text message claiming a lost iPhone 14 has been located and instructing the recipient to click a link. A large red diagonal stamp reading “Betrug / Fraud” overlays the message, indicating it is a scam.
Source: NCSC, Switzerland

What do the scammers want once you tap that link? They request your Apple ID and password, which effectively hands your phone over to them—along with everything on it and everything else that’s associated with your Apple ID.

It’s a scam you can easily avoid. So even if you’re still stuck with a lost phone that’s likely in the hands of a scammer the point of consolation is that, without your ID, the phone is useless to them.

Here’s what the NCSC suggests:

Ignore such messages. The most important rule is Apple will never contact you by text message or email to inform you that a lost device has been found.

Never click on links in unsolicited messages or enter your Apple ID credentials on a linked website.

If you lose your device, act immediately. Enable Lost Mode straight away via the Find My app on another device or at iCloud.com/find. This will lock the device.

Be careful about which contact details you show on your lost device’s lock screen. For example, use a dedicated email address created specifically for this purpose. Never remove the device from your Apple account, as this would disable the Activation Lock.

Make sure your SIM card is protected with a PIN. This simple yet effective measure prevents criminals from gaining access to your phone number.

Android phone takeover scam

Now, a different attack aimed at Android owners …

A story shared on Fox this week breaks down how a combination of paid search ads, remote access tools, and social engineering have led to hijacked Android phones.

It starts with a search, where an Android owner looks up a bank, a tech support company, or what have you. Instead of getting a legitimate result, they get a link to a bogus site via paid search results that appear above organic search results. The link, and the page it takes them to, look quite convincing, given the ease with which scammers can spin up ads and sites today. (More on that next.)

Once there, they call a support number and get connected to a phony agent. The agent convinces the victim to download an app that will help the “agent” solve their issue with their account or phone. In fact, the app is a remote access tool that gives control of the phone, and everything on it, to the scammer. That means they can steal passwords, send messages to friends, family, or anyone at all, and even go so far as to lock you out.

Basically, this scam hands over one of your most precious possessions to a scammer.

Here’s how you can avoid that:

Skip paid search results for extra security. That’s particularly true when contacting your bank or other companies you’re doing business with. Look for their official website in the organic search results below paid ads. Better yet, contact places like your bank or credit card company by calling the number on the back of your card.

Get a scam detector. A combination of our Scam Detector and Web Protection can call out sketchy links, like the bogus paid links here. They’ll even block malicious sites if you accidentally tap a bad link.

Never download apps from third-party sites outside of the Google Play Store. Google has checks in place to spot malicious apps in its store.

Lastly, never give anyone access to your phone. No bank rep needs it. So if someone on a call asks you to download an app like TeamViewer, AnyDesk, or AirDroid, it’s a scam. Hang up.

Beyond that, you can protect yourself further by installing an app like our McAfee Security: Antivirus VPN. You can pick it up in the Google Play store, which also includes our Scam Detector and Identity Monitoring. You can also get it as part of your McAfee+ protection.

Google takes aim at phishing scams with a lawsuit against an alleged criminal organization

Just Wednesday, Google took a first step toward making the internet safer from bogus sites, per a story filed by National Public Radio.

A lawsuit alleges that a China-based company called “Lighthouse” runs a “Phishing-as-a-Service” operation that outfits scammers with quick and easy tools and templates for creating convincing-looking websites. According to Google’s general counsel, these sites could “compromise between 12.7 and 115 million credit cards in the U.S. alone.

The suit was filed in the U.S. District Court in the Southern District of New York, which, of course, has no jurisdiction over a China-based company. The aim, per Google’s counsel, is deterrence. From the article:

“It allows us a legal basis on which to go to other platforms and services and ask for their assistance in taking down different components of this particular illegal infrastructure,” she said, without naming which platforms or services Google might focus on. “Even if we can’t get to the individuals, the idea is to deter the overall infrastructure in some cases.”

We’ll keep an eye on this case as it progresses. And in the meantime, it’s a good reminder to get Scam Detector and Web Protection on all your devices so you don’t get hoodwinked by these increasingly convincing-looking scam sites.

Again, scammers can roll them out so quickly and easily today.

And now for a quick roundup …

Here’s a quick list of a few stories that caught our eye this week:

Alarmingly realistic deepfake threats now target banks in South Africa

Nearly 80% of parents fear their kids will fall for an AI scam, but they aren’t sure how to talk about it

Hyundai data breach exposes 2.7 million Social Security numbers

 

And that’s it for this week! We’ll see you next Friday with more updates, scam news, and ways you can stay safer out there.

The post This Week in Scams: New Alerts for iPhone and Android Users and a Major Google Crackdown appeared first on McAfee Blog.

The Stars Scammers Love Most: McAfee Reveals World’s Most Deepfaked Celebs

By: Brooke Seipel
A deepfaked image of Taylor Swift from a scam video that has since been taken down.

You’ve seen the videos: a too-perfect Taylor Swift promoting free cookware. A fake Tom Hanks offering dental insurance.

They look real—but they’re not.

New research from McAfee Labs shows just how common these scams have become.

Our 2025 Most Dangerous Celebrity: Deepfake Deception List ranks the stars and influencers whose likenesses are most hijacked by scammers, and reveals a growing market for AI-powered fake endorsements.

At the top of the list? Taylor Swift, followed by Scarlett Johansson, Jenna Ortega, and Sydney Sweeney. Globally, names like Brad Pitt, Billie Eilish, and Emma Watson also appear among the most exploited.

McAfee also released its first-ever Influencer Deepfake Deception List, led by gamer and streamer Pokimane, showing that scammers are now targeting social platforms just as aggressively as Hollywood.

Top 10 Most Dangerous Celebrities (2025): U.S 

List of the top 10 celebrities most exploited by scammers in 2025 according to McAfee, led by Taylor Swift.
McAfee’s 2025 report reveals the most impersonated celebrities in online scams, with Taylor Swift ranking number one in the U.S.

Top 10 Most Dangerous Celebrities (2025): Global

McAfee’s 2025 global ranking of the most exploited celebrity names used in online scams.
Taylor Swift tops McAfee’s global list of celebrities most hijacked by scammers in 2025, followed by Scarlett Johansson and Jenna Ortega.

Top 10 Most Dangerous Influencers  (2025): Global 

 

Top 10 influencers most impersonated by scammers online in 2025, according to McAfee, with Pokimane ranking first.
From Pokimane to MrBeast, McAfee’s 2025 list shows which influencers’ likenesses are most exploited in scams.

Why Scammers Love Famous Faces

The formula is simple: use someone people trust to sell something that doesn’t exist.

Criminals clone celebrity voices and faces with AI to promote fake giveaways, skincare products, crypto investments, or “exclusive” deals that lead straight to malware or payment fraud.

According to McAfee’s survey of 8,600 people worldwide:

  • 72% of Americans have seen fake celebrity or influencer endorsements.
  • 39% have clicked on one.
  • 1 in 10 lost money or personal data, an average of $525 per victim.

Scammers exploit trust. When you see a familiar face, your brain automatically lowers its guard. And that’s exactly what they count on.

How Deepfakes Are Making Headlines

AI has made these scams look frighteningly real.

Modern deepfake generators can mimic voices, facial movements, and even micro-expressions with uncanny precision. Only 29% of people feel confident identifying a fake, and 21% admit to having low confidence spotting deepfakes.

That’s how fake endorsements and AI romance scams have exploded online.

  • A woman in France lost nearly $900,000 to a scammer posing as Brad Pitt, complete with AI-generated images and voice messages.
  • TV host Al Roker was recently targeted by a fake deepfake video claiming he’d suffered heart attacks.
  • Tom Hanks, Oprah, and Scarlett Johansson have all been used in fraudulent ads for products they never touched.

“Seeing is believing” doesn’t apply anymore, and scammers know it.

The Psychology of The Scam

Deepfake scams don’t just rely on technology; they prey on parasocial relationships, the one-sided emotional bonds fans form with public figures.

When a “celebrity” DMs you, it doesn’t always feel strange. It feels personal. That sense of intimacy makes people act before thinking.

It’s the same psychological playbook behind romance scams, now supercharged by AI tools that make fake videos and voice messages sound heartbreakingly real.

How to Protect Yourself

  1. Pause before you click. If an ad or post seems out of character or “too good to be true,” it probably is.
  2. Verify at the source. Check the celebrity’s verified account on social media. Scammers often copy profile photos and bios but miss subtle details like posting style or engagement patterns.
  3. Look for signs of AI manipulation. Watch for off-sync lip movements, robotic tone, or lighting that looks inconsistent.
  4. Never share personal or payment details via messages, even if the sender appears to be verified.
  5. Use McAfee’s Scam Detector, included in all core plans, to automatically analyze texts, emails, and videos for signs of fraud or deepfake manipulation.

Key Takeaways

Celebrity and influencer culture has always shaped what we buy, but now it’s shaping how scammers deceive. These deepfakes don’t just steal money; they chip away at our trust in what we see, hear, and share online.

The celebrities at the center of these scams aren’t accomplices, they’re victims, too, as criminals hijack their likenesses to exploit the bond between fans and the people they admire. And as deepfake tools become easier to use, the line between real and fake is vanishing fast.

The next viral “giveaway” might not be an ad at all…it could be bait.

You can’t stop scammers from cloning famous faces, but you can stop them from fooling you. Use McAfee’s Scam Detector to scan links, messages, and videos before you click.

The post The Stars Scammers Love Most: McAfee Reveals World’s Most Deepfaked Celebs appeared first on McAfee Blog.

How to Remove Your Personal Information From the Internet

By: Jasdev Dhaliwal

Chances are, you have more personal information posted online than you think.

In 2024, the U.S. Federal Trade Commission (FTC) reported that 1.1 million identity theft complaints were filed, where $12.5 billion was lost to identity theft and fraud overall—a 25% increase over the year prior.

What fuels all this theft and fraud? Easy access to personal information.

Here’s one way you can reduce your chances of identity theft: remove your personal information from the internet.

Scammers and thieves can get a hold of your personal information in several ways, such as information leaked in data breaches, phishing attacks that lure you into handing it over, malware that steals it from your devices, or by purchasing your information on dark web marketplaces, just to name a few.

However, scammers and thieves have other resources and connections to help them commit theft and fraud—data broker sites, places where personal information is posted online for practically anyone to see. This makes removing your info from these sites so important, from both an identity and privacy standpoint.

Data brokers: Collectors and aggregators of your information

Data broker sites are massive repositories of personal information that also buy information from other data brokers. As a result, some data brokers have thousands of pieces of data on billions of individuals worldwide.

What kind of data could they have on you? A broker may know how much you paid for your home, your education level, where you’ve lived over the years, who you’ve lived with, your driving record, and possibly your political leanings. A broker could even know your favorite flavor of ice cream and your preferred over-the-counter allergy medicine thanks to information from loyalty cards. They may also have health-related information from fitness apps. The amount of personal information can run that broadly, and that deeply.

With information at this level of detail, it’s no wonder that data brokers rake in an estimated $200 billion worldwide every year.

Sources of your information

Your personal information reaches the internet through six main methods, most of which are initiated by activities you perform every day. Understanding these channels can help you make more informed choices about your digital footprint.

Digitized public records

When you buy a home, register to vote, get married, or start a business, government agencies create public records that contain your personal details. These records, once stored in filing cabinets, are now digitized, accessible online, and searchable by anyone with an internet connection.

Social media sharing and privacy gaps

Every photo you post, location you tag, and profile detail you share contributes to your digital presence. Even with privacy settings enabled, social media platforms collect extensive data about your behavior, relationships, and preferences. You may not realize it, but every time you share details with your network, you are training algorithms that analyze and categorize your information.

Data breaches

You create accounts with retailers, healthcare providers, employers, and service companies, trusting them to protect your information. However, when hackers breach these systems, your personal information often ends up for sale on dark web marketplaces, where data brokers can purchase it. The Identity Theft Research Center Annual Data Breach Report revealed that 2024 saw the second-highest number of data compromises in the U.S. since the organization began recording incidents in 2005.

Apps and ad trackers

When you browse, shop, or use apps, your online behavior is recorded by tracking pixels, cookies, and software development kits. The data collected—such as your location, device usage, and interests—is packaged and sold to data brokers who combine it with other sources to build a profile of you.

Loyalty programs

Grocery store cards, coffee shop apps, and airline miles programs offer discounts in exchange for detailed purchasing information. Every transaction gets recorded, analyzed, and often shared with third-party data brokers, who then create detailed lifestyle profiles that are sold to marketing companies.

Data broker aggregators

Data brokers act as the hubs that collect information from the various sources to create comprehensive profiles that may include over 5,000 data points per person. Seemingly separate pieces of information become a detailed digital dossier that reveals intimate details about your life, relationships, health, and financial situation.

The users of your information

Legally, your aggregated information from data brokers is used by advertisers to create targeted ad campaigns. In addition, law enforcement, journalists, and employers may use data brokers because the time-consuming pre-work of assembling your data has largely been done.

Currently, the U.S. has no federal laws that regulate data brokers or require them to remove personal information if requested. Only a few states, such as Nevada, Vermont, and California, have legislation that protects consumers. In the European Union, the General Data Protection Regulation (GDPR) has stricter rules about what information can be collected and what can be done with it.

On the darker side, scammers and thieves use personal information for identity theft and fraud. With enough information, they can create a high-fidelity profile of their victims to open new accounts in their name. For this reason, cleaning up your personal information online makes a great deal of sense.

Types of personal details to remove online

Understanding which data types pose the greatest threat can help you prioritize your removal efforts. Here are the high-risk personal details you should target first, ranked by their potential for harm.

Highest priority: Identity theft goldmines

  • Social Security Number (SSN) with full name and address: This combination provides everything criminals need for identity theft, leading to fraudulent credit accounts, tax refund theft, and employment fraud that may take years to resolve, according to the FTC.
  • Financial account information: Bank account numbers, credit card details, and investment account information enable direct financial theft. Even partial account numbers can be valuable when combined with other personal details from data breaches.
  • Driver’s license and government-issued ID information: These serve as primary identity verification for many services and can be used to bypass security measures at financial institutions and government agencies.

High priority: Personal identifiers

  • Full name combined with home address: This pairing makes you vulnerable to targeted scams and physical threats, while enabling criminals to gather additional information about your household and family members.
  • Date of birth: Often used as a security verification method, your DOB combined with other identifiers can unlock accounts and enable age-related targeting for scams.
  • Phone numbers: This information enables SIM swapping, where criminals take control of your phone number to bypass two-factor authentication and access your accounts.

Medium-high priority: Digital and health data

  • Email addresses: Your primary email serves as the master key to password resets across multiple accounts, while secondary emails can reveal personal interests and connections that criminals exploit in social engineering.
  • Medical and health app data: This is highly sensitive information that can be used for insurance discrimination, employment issues, or targeted health-related scams.
  • Location data and photos with metadata: Reveals your daily patterns, workplace, home address, and frequented locations. Photos with embedded GPS coordinates can expose your exact whereabouts and enable stalking or burglary.

Medium priority: Account access points

  • Usernames and account handles: These help criminals map your digital footprint across platforms to discover your personal interests, connections, and even potential security questions answers. They also enable account impersonation and social engineering against your contacts.

When prioritizing your personal information removal efforts, focus on combinations of data rather than individual pieces. For example, your name alone poses minimal risk, but your name combined with your address, phone number, and date of birth creates a comprehensive profile that criminals can exploit. Tools such as McAfee Personal Data Cleanup can help you identify and remove these high-risk combinations from data broker sites systematically.

Step-by-step guide to finding your personal data online

  1. Targeted search queries: Search for your full name in quotes (“John Smith”), then combine it with your city, phone number, or email address. Try variations like “John Smith” + “123 Main Street” or “John Smith” + “555-0123”. Don’t forget to search for old usernames, maiden names, or nicknames you’ve used online. Aside from Google, you can also check Bing, DuckDuckGo, and people search engines.
  2. Major data broker and people search sites: Search for yourself in common data aggregators: Whitepages, Spokeo, BeenVerified, Intelius, PeopleFinder, and Radaris. Take screenshots of what you find as documentation. To make this process manageable, McAfee Personal Data Cleanup scans some of the riskiest data broker sites and shows you which ones are selling your personal info.
  3. Social media platforms and old accounts: Review your Facebook, Instagram, LinkedIn, Twitter, and other platforms for publicly visible personal details. Check old accounts—dating sites, forums, gaming platforms, or professional networks. Look for biographical information, location data, contact details, photos, and even comment sections where you may have shared details.
  4. Breach and dark web monitoring tools: Have I Been Pwned and other identity monitoring services can help you scan the dark web and discover if your email addresses or phone numbers appear in data breaches.
  5. Ongoing monitoring alerts: Create weekly Google Alerts for your and your family member’s full name, address combinations, and phone number. Some specialized monitoring services can track once your information appears on new data broker sites or gets updated on existing ones.
  6. Document everything in a tracker: Create a spreadsheet or document to systematically track your findings. Include the website name and URL, the specific data shown, contact information for removal requests, date of your opt-out request, and follow-up dates. Many sites require multiple follow-ups, so having this organized record is essential for successful removal.

This process takes time and persistence, but services such as McAfee Personal Data Cleanup can continuously monitor for new exposures and manage opt-out requests on your behalf. The key is to first understand the full scope of your online presence before beginning the removal process.

Remove your personal information from the internet

Let’s review some ways you can remove your personal information from data brokers and other sources on the internet.

Request to remove data from data broker sites

Once you have found the sites that have your information, the next step is to request to have it removed. You can do this yourself or employ services such as McAfee’s Personal Data Cleanup, which can help manage the removal for you depending on your subscription. ​It also monitors those sites, so if your info gets posted again, you can request its removal again.

Limit the data Google collects

You can request to remove your name from Google search to limit your information from turning up in searches. You can also turn on “Auto Delete” in your privacy settings to ensure your data is deleted regularly. Occasionally deleting your cookies or browsing in incognito mode prevents websites from tracking you. If Google denies your initial request, you can appeal using the same tool, providing more context, documentation, or legal grounds for removal. Google’s troubleshooter tool may explain why your request was denied—either legitimate public interest or newsworthiness—and how to improve your appeal.

It’s important to know that the original content remains on the source website. You’ll still need to contact website owners directly to have your actual content removed. Additionally, the information may still appear in other search engines.

Delete old social media accounts

If you have old, inactive accounts that have gone by the wayside such as Myspace or Tumblr, you may want to deactivate or delete them entirely. For social media platforms that you use regularly, such as Facebook and Instagram, consider adjusting your privacy settings to keep your personal information to the bare minimum.

Remove personal info from websites and blogs

If you’ve ever published articles, written blogs, or created any content online, it is a good time to consider taking them down if they no longer serve a purpose. If you were mentioned or tagged by other people, it is worth requesting them to take down posts with sensitive information.

Delete unused apps and restrict permissions in those you use

Another way to tidy up your digital footprint is to delete phone apps you no longer use as hackers are able to track personal information on these and sell it. As a rule, share as little information with apps as possible using your phone’s settings.

Remove your info from other search engines

  • Bing: Submit removal requests through Bing’s Content Removal tool for specific personal information like addresses, phone numbers, or sensitive data. Note that Bing primarily crawls and caches content from other websites, so removing the original source content first will prevent re-indexing.
  • Yahoo: Yahoo Search results are powered by Bing, so use the same Bing Content Removal process. For Yahoo-specific services, contact their support team to request removal of cached pages and personal information from search results.
  • DuckDuckGo and other privacy-focused engines: These search engines don’t store personal data or create profiles, but pull results from multiple sources. We suggest that you focus on removing content from the original source websites, then request the search engines to update their cache to prevent your information from reappearing in future crawls.

Escalate if needed

After sending your removal request, give the search engine or source website 7 to 10 business days to respond initially, then follow up weekly if needed. If a website owner doesn’t respond within 30 days or refuses your request, you have several escalation options:

  • Contact the hosting provider: Web hosts often have policies against sites that violate privacy laws
  • File complaints: Report to your state attorney general’s office or the Federal Trade Commission
  • Seek legal guidance: For persistent cases involving sensitive information, consult with a privacy attorney

For comprehensive guidance on website takedown procedures and your legal rights, visit the FTC’s privacy and security guidance for the most current information on consumer data protection. Direct website contact can be time-consuming, but it’s often effective for removing information from smaller sites that don’t appear on major data broker opt-out lists. Stay persistent, document everything, and remember that you have legal rights to protect your privacy online.

Remove your information from browsers

After you’ve cleaned up your data from websites and social platforms, your web browsers may still save personal information such as your browsing history, cookies, autofill data, saved passwords, and even payment methods. Clearing this information and adjusting your privacy settings helps prevent tracking, reduces targeted ads, and limits how much personal data websites can collect about you.

  • Clear your cache: Clearing your browsing data is usually done by going to Settings and looking for the Privacy and Security section, depending on the specific browser. This is applicable in Google Chrome, Safari, Firefox, Microsoft Edge, as well as mobile phone operating systems such as Android and iOS.
  • Disable autofill: Autofill gives you the convenience of not having to type your information every time you accomplish a form. That convenience has a risk, though—autofill saves addresses, phone numbers, and even payment methods. To prevent websites from automatically populating forms with your sensitive data, disable the autofill settings independently. For better security, consider using a dedicated password manager instead of browser-based password storage.
  • Set up automatic privacy protection: Set up your browsers to automatically clear cookies, cache, and site data when you close them. This ensures your browsing sessions don’t leave permanent traces of your personal information on your device.
  • Use privacy-focused search engines: Evaluate the possibility of using privacy-focused search engines like DuckDuckGo as your default. These proactive steps significantly reduce how much personal information browsers collect and store about your online activities.

Get your address off the internet

When your home address is publicly available, it can expose you to risks like identity theft, stalking, or targeted scams. Taking steps to remove or mask your address across data broker sites, public records, and even old social media profiles helps protect your privacy, reduce unwanted contact, and keep your personal life more secure.

  1. Opt out of major data broker sites: The biggest address exposers are Whitepages, Spokeo, and BeenVerified. Visit their opt-out pages and submit removal requests using your full name and current address. Most sites require email verification and process removals within 7-14 business days.
  2. Contact public records offices about address redaction: Many county and state databases allow address redaction for safety reasons. File requests with your local clerk’s office, voter registration office, and property records department. Complete removal isn’t always possible, but some jurisdictions offer partial address masking.
  3. Enable WHOIS privacy protection on domain registrations: If you own any websites or domains, request your domain registrar to add privacy protection services to replace your personal address with the registrar’s information.
  4. Review old forum and social media profiles: Check your profiles on forums, professional networks, and social platforms where you may have shared your address years ago. Delete or edit posts containing location details, and update bio sections to remove specific address information.
  5. Verify removal progress: Every month, do a search of your name and address variations on different search engines. You also can set up Google Alerts to monitor and alert you when new listings appear. Most data broker removals need to be renewed every 6-12 months as information gets re-aggregated.

The cost to delete your information from the internet

The cost to remove your personal information from the internet varies, depending on whether you do it yourself or use a professional service. Read the guide below to help you make an informed decision:

DIY approach

Removing your information on your own primarily requires time investment. Expect to spend 20 to 40 hours looking for your information online and submitting removal requests. In terms of financial costs, most data brokers may not charge for opting out, but other expenses could include certified mail fees for formal removal requests—about $3-$8 per letter—and possibly notarization fees for legal documents. In total, this effort can be substantial when dealing with dozens of sites.

Professional removal services

Depending on which paid removal and monitoring service you employ, basic plans typically range from $8 to $25 monthly while annual plans, which often provide better value, range from $100 to $600. Premium services that monitor hundreds of data broker sites and provide ongoing removal can cost $1,200-$2,400 annually.

The difference in pricing is driven by several factors. This includes the number of data broker sites to be monitored, which could cover more than 200 sites, and the scope of removal requests which may include basic personal information or comprehensive family protection. The monitoring frequency and additional features such as dark web monitoring, credit protection, and identity restoration support and insurance coverage typically command higher prices.

The value of continuous monitoring

The upfront cost may seem significant, but continuous monitoring provides essential value. A McAfee survey revealed that 95% of consumers’ personal information ends up on data broker sites without their consent. It is possible that after the successful removal of your information, it may reappear on data broker sites without ongoing monitoring. This makes continuous protection far more cost-effective than repeated one-time cleanups.

Services such as McAfee Personal Data Cleanup can prove invaluable, as it handles the initial removal process, as well as ongoing monitoring to catch when your information resurfaces, saving you time and effort while offering long-term privacy protection.

Aside from the services above, comprehensive protection software can help safeguard your privacy and minimize your exposure to cybercrime with these offerings such as:

  • An unlimited virtual private network to make your personal information much more difficult to collect and track
  • Identity monitoring that tracks and alerts you if your specific personal information is found on the dark web
  • Identity theft coverage and restoration helps you pay for legal fees and travel expenses, and further assistance from a licensed recovery pro to repair your identity and credit
  • Other features such as safe browsing to help you avoid dangerous links, bad downloads, malicious websites, and more online threats when you’re online

So while it may seem like all this rampant collecting and selling of personal information is out of your hands, there’s plenty you can do to take control. With the steps outlined above and strong online protection software at your back, you can keep your personal information more private and secure.

Essential steps if your information is found on the dark web

Unlike legitimate data broker sites, the dark web operates outside legal boundaries where takedown requests don’t apply. Rather than trying to remove information that’s already circulating, you can take immediate steps to reduce the potential harm and focus on preventing future exposure. A more effective approach is to treat data breaches as ongoing security issues rather than one-time events.

Both the FTC and Cybersecurity and Infrastructure Security Agency have released guidelines on proactive controls and continuous monitoring. Here are key steps of those recommendations:

  1. Change your passwords immediately and enable multi-factor authentication. Start with your most critical accounts—banking, email, and any services linked to financial information. Create unique, strong passwords for each account and enable MFA where possible for an extra layer of protection.
  2. Monitor your financial accounts and credit reports closely. Check your bank statements, credit card accounts, and investment accounts for any unauthorized activity. Request your free annual credit reports from all three major bureaus and carefully review them for accounts you didn’t open or activities you don’t recognize.
  3. Place fraud alerts or credit freezes. Contact Equifax, Experian, and TransUnion to place fraud alerts, which require creditors to verify your identity before approving new accounts. Better yet, consider a credit freeze to block access to your credit report entirely until you lift it.
  4. Replace compromised identification documents if necessary. If your Social Security number, driver’s license, or passport information was exposed, contact the appropriate agencies to report the breach and request new documents. IdentityTheft.gov provides step-by-step guidance for replacing compromised documents.
  5. Set up ongoing identity monitoring and protection. Consider using identity monitoring services that scan the dark web and alert you to new exposures of your personal information.
  6. Document everything and report the incident. Keep detailed records of any suspicious activities you discover and all steps you’ve taken. File a report with the FTC and police, especially if you’ve experienced financial losses. This documentation will be crucial for disputing fraudulent charges or accounts.

Legal and practical roadblocks

As you go about removing your information for the internet, it is important to set realistic expectations. Several factors may limit how completely you can remove personal data from internet sources:

  • The United States lacks comprehensive federal privacy laws requiring companies to delete personal information upon request.
  • Public records, court documents, and news articles often have legal protections that prevent removal.
  • International websites may not comply with U.S. deletion requests.
  • Cached copies could remain on search engines and archival sites for years.
  • Data brokers frequently repopulate their databases from new sources even after opt-outs.

While some states like California have stronger consumer privacy rights, most data removal still depends on voluntary compliance from companies.

Final thoughts

Removing your personal information from the internet takes effort, but it’s one of the most effective ways to protect yourself from identity theft and privacy violations. The steps outlined above provide you with a clear roadmap to systematically reduce your online exposure, from opting out of data brokers to tightening your social media privacy settings.

This isn’t a one-time task but an ongoing process that requires regular attention, as new data appears online constantly. Rather than attempting to complete digital erasure, focus on reducing your exposure to the most harmful uses of your personal information. Services like McAfee Personal Data Cleanup can help automate the most time-consuming parts of this process, monitoring high-risk data broker sites and managing removal requests for you.

The post How to Remove Your Personal Information From the Internet appeared first on McAfee Blog.

Best Ways to Check for a Trojan on Your PC

By: McAfee

Trojan horse malware was recently in the news after researchers discovered that an email contained an innocent-looking .pdf file attachment. CSO Online magazine reported that when the attachment was clicked, a permission request popped up and the email recipient clicked “allow,” initiating the document download and save, and executing the malware.

Trojans continue to be one of the most widespread cyberthreats globally, accounting for 58% of all malware as reported by Dataprot.net, as criminals adapt their methods to bypass advancing security measures. But all is not lost. In this guide, we will take a closer look at how you can detect Trojans on your computer, and share ways to detect and remove them.

What is a Trojan?

A Trojan, often called a Trojan horse, is a type of malicious software that disguises itself as a legitimate program to deceive you into installing it on your device. Its name is taken from the story of Odysseus who hid his Greek soldiers inside a wooden gift horse to infiltrate the city of Troy.

While the term “Trojan virus” is commonly used, a Trojan is not technically a virus. Both are types of malware, but they behave differently. A virus is a piece of code that attaches itself to other programs and, when run, replicates itself to spread to other files and systems. A Trojan, however, is a standalone program that cannot self-replicate. It relies entirely on tricking the user into downloading and executing it.

From their beginnings in the 1980s as simple social engineering tricks with limited technical sophistication, modern Trojans have dramatically transformed to become multi-stage campaigns that use legitimate-looking emails, fake software updates, and compromised websites to deliver malware that can remain undetected for months. Recently, Trojan attacks have exploited the supply chain to target software vendors directly, allowing criminals to distribute the malware through channels that consumers trust.

The dangers that Trojans bring

The dangers of a Trojan are extensive, ranging from direct financial loss to a complete invasion of your privacy. Once a Trojan enters your PC, cybercriminals can steal sensitive credentials for your banking and credit card accounts, leading directly to theft. They can also access and exfiltrate personal files, photos, and documents, creating a serious privacy exposure.

Beyond theft, an attacker can use this access to take complete control of your device. They might install other types of malware like ransomware or spyware, use your computer as part of a botnet to attack others, or simply monitor your every keystroke. This total loss of device control and privacy is one of the biggest dangers. However, these risks are manageable if caught early. This demonstrates the importance of layered protection with real-time monitoring and community intelligence. As cybercrime attack methods evolve, your security needs to adapt, too.

Methods of spreading Trojans

  • Phishing emails: These legitimate-looking emails contain malicious attachments or links that, when opened, install the Trojan. To avoid getting infected, never open attachments from unsolicited sources.
  • Cracked software: Websites offering free versions of paid software often bundle Trojans with the download. That “free” software could cost you everything. View such offers with a healthy dose of skepticism. Always use legitimate, official software.
  • Fake updates: Pop-ups pretending to be legitimate updates for software like Adobe Flash Player can trick you. If you wish to update your software, it is best to go directly to the official website.
  • Malvertising: Malicious ads on legitimate websites can redirect you to pages that automatically download malware. When these online ads pop-up, be cautious about clicking them.

The Trojan invasion process

A Trojan infection follows a stealthy, multi-stage process. The delivery stage begins with a lure, where social engineering tactics, such as a convincing email or a free software offer, trick you into downloading and opening a malicious file. In the execution stage, you run the seemingly harmless program and unknowingly trigger the Trojan’s installation. The malware then often embeds itself into your system’s startup processes to ensure it persistently runs every time you turn on your PC. From there, it connects to a remote command-and-control server operated by the attacker, awaiting instructions for its malicious actions, such as stealing your credentials or monitoring your activity.

Types of Trojan malware

Trojans come in different forms, each with their own process of attack. Here are some of them:

  • Backdoor Trojans: These create a hidden backdoor, bypassing normal authentication measures. These backdoors often remain hidden for long periods, allowing attackers to steal files, or install additional malware without your knowledge.
  • Keylogger Trojans: Once installed, these Trojans remotely control your PC persistently, recording your keyboard strokes to capture passwords, accessing your files, and taking screen captures.
  • Banker Trojans: As the name suggests, these Trojans are designed to steal your login credentials for online banking, payment systems, and credit card accounts. They work by hijacking browser sessions, injecting fake login pages, or capturing keystrokes to steal your credentials and manipulate your transactions.
  • Downloader Trojans: These Trojans act as delivery mechanisms for other malware. One type—downloaders—connect to remote servers to fetch additional malicious payloads after initial infection. Another type known as droppers carry other malware within their code and deploy it directly upon execution.
  • DDoS Trojans: They turn infected computers into zombie-like “bots” that participate in Distributed Denial-of-Service attacks that overwhelm and crash websites, servers, and online services, causing outages or financial damage.
  • Scareware or fake antivirus Trojans: This type of malware mimics legitimate security software, showing fake virus alerts to scare you into paying for a “premium” but useless version or further compromise the device.

Real-life Trojan attacks

  • Banking credential theft: The Zeus Trojan family spread through fake banking emails with links to infected websites. Once installed, it secretly captured online banking passwords and credit card details as users typed them. This led to millions of dollars in stolen funds and compromised accounts worldwide, forcing banks to implement stronger authentication measures.
  • Corporate data exfiltration: Emotet initially appeared as urgent invoice attachments and shipping notifications in business emails. After infection, it silently collected email contacts, login credentials, and sensitive documents from corporate networks. Companies faced significant data breaches, regulatory fines, and damaged customer trust as their confidential information was sold on criminal marketplaces.
  • Botnet recruitment: The Mirai Trojan targeted smart home devices by exploiting default login credentials on routers and security cameras. Infected devices became part of massive botnets used to launch devastating attacks that temporarily shut down major websites and services, while users were oblivious that their gadgets were being used for cyberattacks.
  • Multi-stage attacks: TrickBot masqueraded as software updates and legitimate business documents. Aside from stealing banking information, it installed ransomware that encrypted entire networks. Organizations faced operational shutdowns, hefty ransom demands, and costly recovery efforts that sometimes took months to complete.

By understanding the signs of a Trojan virus presence on your computer and using comprehensive security software, you dramatically reduce the danger and protect your digital life.

Signs of Trojan presence on your PC

A Trojan attack isn’t just a single event; it’s the entire process a cybercriminal uses to trick you into running malicious software. Recognizing the early warning signs is key. Here are some of the most common cues that can help you know if you have a Trojan virus attack in progress.

  • Slower than usual computer performance: Trojans tend to install additional malware that consumes computer processing units and memory resources. This can significantly slow your computer down and cause your operating system to become unstable and sluggish.
  • Unauthorized apps appear: A common symptom of Trojan infection is the sudden appearance of apps you don’t recall downloading or installing. If you notice an unfamiliar app from an unverified developer in your Windows Task Manager, there’s a good chance that it is malicious software installed by a Trojan.
  • Operating system crashes and freezes: Trojans can overwhelm your system and cause recurring crashes and freezes. An example of this is the Blue Screen of Death, a Windows error screen that means the system can no longer operate due to hardware failure or the termination of an important process.
  • Frequent browser redirects: A Trojan can manipulate your browser or modify domain name system settings to redirect the user to malicious websites. Frequent redirects are a red flag, so you should scan your computer the moment you notice an uptick in these redirect patterns.
  • Aggressive popups: If you’re noticing more pop-up ads than usual, especially those claiming your web browser or a media player is out of date, there’s a strong possibility that a Trojan has installed a malicious adware program on your PC. These fake alerts trick you into installing the Trojan instead of a real update.
  • Disabled security and other software. Trojans can interfere with applications and prevent them from running. A common mid-attack behavior is the Trojan deactivating your browser, apps such as word processing and spreadsheet software, or your antivirus or firewall, it’s a major red flag.
  • Unexpected password requests: The Trojan may display a fake system prompt asking you to re-enter your computer password or credentials for an online account, which it then captures.
  • Constant, unexplained network activity: Your computer’s internet connection may seem unusually busy even when you’re not using it. This could be the Trojan communicating with a remote server.

Recognizing these signs early allows you to act quickly. If something feels off, trusting your instinct and running a scan can help you find and contain a threat before it does significant harm.

4 best ways to check for a Trojan on your PC

If you’re noticing any of the symptoms above, it’s time to investigate further using automated tools and manual checks. A layered approach is the best way to find and confirm a Trojan infection. To get started, follow the steps below:

1. Scan your PC

The first step is to scan your PC using an antivirus software. Plenty of scan options are available on the market offering real-time protection from all types of malicious software threats, including viruses, rootkits, spyware, adware, ransomware, and Trojans. Some even feature on-demand and scheduled scanning of files and apps, advanced firewall for home network security, and compatibility with Windows, macOS, Android, and iOS devices.

2. Search for Trojans while in safe mode

The next step is to search for Trojans while your computer is in safe mode. In this phase, your device will run only the basic programs needed for Microsoft Windows operation, making it easy to spot any unfamiliar or suspicious programs. Here’s how to do it:

  1. Type “MSCONFIG.” in the search bar from the Start menu.
  2. Click on the “Boot” tab in the System Configuration box.
  3. Tick “Safe Mode” and click “Apply,” then “OK.”
  4. After the system restarts, re-open the configuration box.
  5. Click on “Startup.”
  6. Examine the list and see if there are any suspicious files.
  7. Disable any you deem suspicious.

3. Check processes in Windows Task Manager

Another effective way to detect if Trojans are in your system is to check the processes running in Windows Task Manager. This will allow you to see if there are any unfamiliar and unauthorized malicious programs or suspicious activity.

To go to the Task manager, press Ctrl+Alt+Del and click on the “Processes” tab. Review the list of active applications and disable the apps without verified publishers or ones you don’t remember downloading and installing.

4. Scan with Windows security

You can also scan your PC using built-in Windows virus and threat protection tools. Microsoft Defender (called Windows Defender Security Center in older versions of Windows 10) can perform virus scans and detect various types of malware. These are the parts to note:

Windows’ built-in security, known as Microsoft Defender, is a capable tool that can detect and remove many common Trojans. For basic protection, it provides a solid first line of defense and is far better than having no security at all. It handles known threats well and is constantly updated by Microsoft.

However, a dedicated security suite offers more comprehensive, layered protection. This goes beyond simple malware removal to include advanced features like a robust firewall, real-time phishing protection that blocks malicious websites before they load, identity safeguards, and a VPN for secure browsing. These layers work together to stop threats *before* they can infect your PC, which is always better than removing them after the fact.

Think of it as the difference between a standard lock on your door and a full home security system. For everyday, low-risk browsing, the built-in tool may be enough. But for anyone who banks, shops, or shares personal information online, the added protection of a full security suite provides essential peace of mind against a wider range of threats.

Remember to check your network

Most Trojans communicate with a remote command-and-control server to receive instructions or send stolen data through your internet connection. By monitoring your network activity, you can spot these hidden connections early. Unusual outbound traffic, unfamiliar IP addresses, or constant background data transfers are all red flags that something malicious might be operating behind the scenes.

  • Monitor active connections: Use the Resource Monitor tool in Windows (resmon.exe) to see which applications are using your network. Look for any unfamiliar processes making outbound connections.
  • Verify DNS and proxy settings: In your Windows network settings, check that your DNS server and proxy settings haven’t been changed. Trojans often alter these to redirect your traffic through malicious servers.
  • Firewall logs: Firewall logs can show repeated attempts by a specific program to connect to the internet, which is a strong indicator of a Trojan trying to communicate with its operator.

Choose the best Trojan scanner & removal tool

If you’re in the market for a tool that scans and removes Trojans, you have the option of free or premium tools. Whichever you choose, the key is to act quickly but carefully before the Trojan can cause any lasting damage.

Free tools are a great step

A free scan is the perfect first step to determine if you have a Trojan virus on your system. These no-cost tools provide an immediate way to detect potential threats and give you peace of mind about your PC’s security status.

Free Trojan scanners work by examining your system files, running processes, and common hiding spots where malware typically lurks. They check for known Trojan signatures, suspicious file behaviors, and registry modifications that indicate a possible infection. While they may not catch every advanced threat, they’re excellent for identifying common Trojans and giving you a clear starting point.

Simple steps to run your free scan

  1. Choose your scanner: Download a reputable free scanning tool from a trusted security provider’s official website. Ensure your scanner has the latest threat definitions for maximum effectiveness.
  2. Close other programs: Restart your PC in Safe Mode and close any unnecessary applications to improve scan performance and accuracy.
  3. Run a full system scan: Make sure you select the free tool’s comprehensive scan option to check all files, not just a quick scan.
  4. Review the results: Carefully examine any detected threats, noting their names and file locations. When threats are found, most free scanners will categorize them by risk level and provide recommended actions.
  5. Take action on findings: Quarantine or delete identified threats as recommended by the scanner. High-risk items should be immediately quarantined or deleted, while suspicious files may need further analysis. Be careful as some legitimate files can occasionally trigger false positives.
  6. Restart and rescan: Reboot your PC and run another scan to confirm that the Trojan or any threat was completely removed.

Free scanning tools give you valuable insight into your system’s health and serve as an excellent diagnostic tool to check Trojan presence. However, they typically offer detection and removal only, without the real-time protection needed to prevent future infections.

Comprehensive scanning with McAfee antivirus

For comprehensive security that stops threats before they can infect your system, consider upgrading to a complete security solution that provides continuous monitoring and advanced threat protection. Modern antivirus suites like McAfee Total Protection are expertly designed to detect and block Trojans. They use a layered security model that includes signature detection to identify known malware, behavioral analysis to spot suspicious activities characteristic of a Trojan, and artificial intelligence to protect against the very latest threats. Real-time protection actively scans files as you access them, while scheduled and manual scans allow you to thoroughly check your entire system for any hidden malware.

McAfee software is especially effective when it comes to scanning for Trojans and other types of malware and removing them before they can cause any damage to your computer system. With real-time, on-demand, and scheduled scanning of files and applications at your disposal, we’ll help you detect and eliminate any emerging threat in a timely manner.

Remove the Trojan from any platform

In any computer platform—Windows or macOS—the process of scanning and removing a Trojan with McAfee software is similar and absolutely achievable. These steps will help you regain control of your device:

  1. Disconnect your PC: Unplug your ethernet cable or turn off Wi-Fi to stop the Trojan from communicating online.
  2. Reboot in Safe Mode: Restart your computer in Safe Mode to prevent most malware from loading.
  3. Run a full antivirus scan: Use a trusted tool like McAfee to run a complete scan and quarantine or delete any threats it finds.
  4. For Mac: Run a full system scan with trusted security software designed for this device.
  5. Reset your browsers: Return your web browsers to their default settings to remove any malicious or unfamiliar extensions or changes. Update macOS to the latest version to patch security vulnerabilities.
  6. Reboot and rescan: Restart your PC normally and run another full scan to confirm the Trojan is completely gone.
  7. Change all your passwords: Once your computer is clean, immediately change passwords for your email, banking, and other important accounts.

Once you’ve completed the removal process, strengthen your defenses by enabling automatic updates, using reputable security software, and being cautious about downloads and email attachments. Regular system scans and keeping your software current are your best protection against future infections. With these steps, you can confidently clean your devices and prevent repeat attacks.

Quick tips to prevent a Trojan virus invasion

  • Keep software updated: Enable automatic updates for your operating system, web browser, and applications to patch security vulnerabilities.
  • Scrutinize emails: Do not open attachments or click links from unknown or suspicious senders. Verify requests for information.
  • Use strong, unique passwords: Employ a password manager to create and store complex passwords for each of your online accounts.
  • Enable a firewall: Ensure your network firewall is active to monitor and control incoming and outgoing network traffic.
  • Backup data regularly: Keep regular backups of your important files so you can restore them in case of a ransomware attack or data corruption.
  • Avoid risky downloads: Only download applications from official websites and trusted app stores.
  • Enable multi-factor authentication (MFA): Add this extra security layer to your important online accounts.
  • Use real-time protection: Ensure a comprehensive security suite like McAfee is always running to detect threats instantly.

FAQs about Trojans

What is a Trojan horse?

A Trojan is malware that disguises itself as a legitimate file or program. Once you run it, it can perform malicious actions such as stealing data or giving an attacker remote control of your PC.

How does a Trojan spread?

Trojans don’t spread on their own. They rely on you to download and run them. This often happens through phishing emails with fake attachments, malicious ads, or downloads of cracked software.

Can Macs and phones get infected by Trojans?

Yes. While less common than on Windows PCs, Trojans exist for all major operating systems, including macOS, Android, and iOS. It’s crucial to only install apps from official app stores to stay safe.

What is the quickest way to check for a Trojan?

The fastest and most reliable method to check for a Trojan in your computer is to run a full system scan with a trusted antivirus program. This will check all files and running processes for known threats.

How long does it take to remove a Trojan?

Removal time can vary. A good antivirus scan might find and remove it in under an hour. However, some complex Trojans may require more steps, like booting into Safe Mode, which can take longer.

What should I do immediately after removing a Trojan?

Once your system is clean, the first thing you should do is change the passwords for all your important accounts, especially email, banking, and social media, as the Trojan may have stolen them.

Final thoughts

Wondering if your computer has been infected by a Trojan can be worrying, but it’s a manageable issue with the right approach. By understanding the signs of a Trojan virus and using the detection methods outlined, you can take back control of your device’s security. To prevent getting infected by a Trojan, proactive measures such as safe online habits and the layered defense of a trusted security suite like McAfee are your best defenses. Stay vigilant and keep your software updated, so you can confidently navigate the digital world.

The post Best Ways to Check for a Trojan on Your PC appeared first on McAfee Blog.

Holiday Shopping Scams: What to Watch as Black Friday & Cyber Monday Approach

By: Brooke Seipel

It’s an all-too-familiar trap. You’re scrolling TikTok when an ad for your favorite shoe brand pops up. Black Friday and Cyber Monday sales are everywhere, and this one—buy one, get one free—looks completely legit.

The site it links to looks real too. The logo, the product pages, even the checkout cart all match what you’d expect from the brand. You place your order and move on.

A few days later, you notice the charge on your bank statement. It’s the right amount—but the payment didn’t go to the store you thought. Instead, there’s a company name you don’t recognize.

That’s when it hits you: the site wasn’t real at all. You’ve been scammed.

Peak shopping season is peak scam season, with fake deals and ads making up one major tactic used to deceive shoppers.

Nearly all U.S. adults plan to shop online this season, with about half planning to do so daily or more. Scammers know that when people are rushing to buy gifts and click “checkout,” they’re also less likely to slow down and verify what they’re seeing.

That’s when fraudsters strike, often using artificial intelligence to make their fake messages and websites look authentic.

McAfee’s 2025 holiday shopping research revealed that almost half of Americans (46%) say they’ve already encountered these AI-powered scams while shopping.

How AI is Powering Holiday Scammers

The era of “obvious scams” is over.

Generative AI tools have made it simple to clone brand websites, copy influencer voices, and even create realistic video ads promoting fake sales. And our recent State of the Scamiverse research found  people struggle identifying deepfakes, with 39% of people saying deepfake video scams are getting more sophisticated and harder to spot.

That’s why deepfake-driven scams utilizing advanced tactics are multiplying across platforms like TikTok and Instagram. Scammers are impersonating celebrity likenesses, or well-known brands, to advertise “exclusive” promotions or fake giveaways. For holiday shoppers, the line between what is authentic and fraudulent continues to blur.

By the Numbers

  • 1 in 5 Americans say they’ve been scammed during a past holiday season
  • The average loss per victim is $840
  • 57% of those surveyed are more concerned about AI scams this year than last
  • 38% of those surveyed believe they can spot scams, yet 22% have fallen for one
  • Detected deepfakes surged 1,740% in North America last year

 

What to Watch For in 2025

1. Fake Retail Sites and Counterfeit “Deal” Pages

These scams mimic major brand websites down to the logo, product photography, and even customer service pages. The only difference is the URL—a single extra letter or misplaced period (“target-sale.com” instead of “target.com”).

When shoppers enter their payment details or passwords on these fraudulent websites, that information goes directly to criminals. According to McAfee research, this fear of scams while shopping has stopped 40% of consumers from completing a holiday purchase.

How to spot it: Always check the full web address, look for “https,” and avoid clicking through from an ad or social post. It’s best to just type the retailer’s name directly into your browser instead to reach the official site.

2. TikTok and Social Media Scams

Even cybercriminals follow trends, and short-form videos are scam hotspots. Scammers use deepfakes or stolen influencer content to make “exclusive” deals look legitimate.

For example, a TikTok clip may show a celebrity promoting a discount code that redirects to a counterfeit store.

According to McAfee research, 1 in 5 people (20%) say they or someone they know has fallen victim to a deepfake scam in the past year. And overwhelmingly, respondents said they came across deepfakes on social media.

How to spot it: Check if the creator’s account is verified. Look at past posts and engagement patterns. Real brands rarely share one-off videos with unfamiliar links.

3. Delivery and Shipping Text Scams

You’ll receive a text saying a package can’t be delivered or that a small fee is needed to confirm your address.

McAfee found that 43% of people have encountered fake delivery notifications, and many victims say they entered credit card information thinking they were resolving a legitimate issue.

How to spot it: Real shipping companies rarely send texts with clickable payment links. Visit the carrier’s official website or app to verify any delivery problems.

4. Gift Card and Account Verification Scams

These scams pressure you to “verify” your account or make an urgent payment. Messages may claim your PayPal or Amazon account is locked and request you to confirm details. Others ask for gift cards to “resolve” a billing issue.

Scammers count on urgency—once you send a code or card number, the funds are gone instantly.

How to spot it: No legitimate company will ask for payment in gift cards or ask you to share one-time codes over text. Always log in to your account directly, never through a link sent via message.

How to Shop Safely This Holiday Season

Go straight to the source. If you see an offer on social media, type the retailer’s URL yourself instead of clicking through the post. Fraudulent ads often lead to look-alike domains.

Pause before you click. Take a moment to verify emails and DMs. Check the sender’s address, look for misspellings, and hover over links to preview where they lead.

Use AI to fight AI. McAfee’s Scam Detector can identify suspicious messages, fake websites, and deepfake content before harm occurs.

Keep your software up to date. Many scams exploit outdated browsers or apps. Regular updates patch vulnerabilities before criminals can use them.

Avoid public Wi-Fi while shopping. Public networks are easy for hackers to monitor. Use a secure or mobile connection instead. Check out McAfee’s VPN to stay protected while browsing and shopping.

Never pay with gift cards: Legitimate companies and businesses will never ask for you to pay or verify a purchase in exchange for gift cards.

Be suspicious of requests to pay with crypto: A legitimate company will not force you to pay in crypto or other specific crypto assets.

How McAfee Can Help

McAfee’s Scam Detector uses advanced artificial intelligence to automatically detect scams across text, email, and video. It blocks dangerous links, identifies deepfakes, and stops harm before it happens.

McAfee’s identity protection tools also monitor for signs that your personal information may have been exposed and guide you through recovery steps.

You can sign in to your McAfee account to scan for recent breaches linked to your email, or try a free trial of McAfee antivirus to keep your devices secure throughout the shopping season.

The post Holiday Shopping Scams: What to Watch as Black Friday & Cyber Monday Approach appeared first on McAfee Blog.

Holiday Shopping 2025: US Fact Sheet 

By: McAfee

The holidays are supposed to be about joy and generosity — but this year, they’re also peak season for AI-powered scams. New research from McAfee, a global leader in online protection, shows how fraudsters are using artificial intelligence to create more convincing lures — from deepfake endorsements to cloned delivery messages — as Americans head online to shop.

US – Holiday Shopping 2025 Fact Sheet 

The post Holiday Shopping 2025: US Fact Sheet  appeared first on McAfee Blog.

This Week in Scams: Fake Steaks and Debit Card Porch Pirates

By: McAfee

We’re back with a new edition of “This Week in Scams,” a roundup of what’s current and trending in all things sketchy online.

This week, we have fake steaks, why you should shop online with a credit card, and a new and utterly brash form of debit card fraud.

Fake steaks from “0maha Steaks”

Yes, the letter “O” for Omaha in the subject line of this email scam is actually a zero. And that’s not the only thing that’s off with this email, it’s a total scam.

An image of a scam 0maha Steaks email.

 

If you like your choice cuts, the name Omaha Steaks might be a familiar one. They’ve been around for almost 110 years, and since 1953 they’ve been in the mail order meat business. Today, they sell, well, just about anything you can picture in the butcher or seafood case. With that, the company enjoys a premium reputation, so it’s little surprise scammers have latched onto it and built a phishing attack around the brand—one they garnish with a nod to concerns over rising food prices.

A few things can quickly tip you off to this scam. For starters, the scammers oddly spell Omaha with a zero in the subject line, as mentioned. From there, the sender’s email address is a straight ref flag. In this case, it’s the curiously spelled “steaksamplnext” followed by a (redacted) domain name that isn’t the legitimate omahasteaks dot-com address. Also curious is the lack of an actual price for the bogus “Gourmet Box.” And lastly, you might think that a premium foods brand would showcase some pictures of their famous fare in the email. Not so here.

Rounding it out, you’ll see the classic scammer tactics of scarcity and urgency, which scammers hope will pressure people to act immediately. In this case, only 500 of these supposed boxes are available, and the offer “concludes tomorrow.”

How to avoid Omaha Steak scams and phishing scams like them

Even as this scam makes the rounds, it’s easy to spot if you give it a closer look and a little thought—giving it a sort of old-school feel to it. However, more and more of today’s phishing emails look increasingly legit, thanks to AI tools, which might get you to click.

As for phishing attacks like this in general, you can protect yourself by:

Always checking the email address of the sender. If it doesn’t match the proper address of the company or brand that’s supposedly sending the email, it’s a scam. In this case, from the people at Omaha Steaks themselves, “If it doesn’t show OmahaSteaks.com and @OmahaSteaks, it’s not us!”

Looking for addresses and links that look like they’ve been slightly altered so that they seem “close enough” to the real thing. In this case, the scammer didn’t even bother to try. However, you could expect an alteration like “omahasteakofferforyou.com” to try and look legit.

Getting a scam detector. Our Scam Detector, found in all core McAfee plans, helps you stay safer with advanced scam detection technology built to spot and stop scams across text messages, emails, and videos. It’ll also block those sites if you accidentally tap or click on a bad link.

One good reason for using your credit card when shopping online.

What’s the most common kind of fraud? If you said, “credit card,” you’ll find it number five on the list. The top form is debit cards, according to 2025 findings from the U.S. Federal Reserve.

As reported by financial institutions, the Fed found that attempts at debit card fraud rose to 73% with 52% of those attempts being successful.

There’s a good reason for that debit card fraud ranks highest for attempts and success rate. It’s the same reason that credit card fraud is relatively low. Debit cards don’t have the same fraud protections in place that credit cards do.

As you might have read in our blogs before, credit cards offer additional protection thanks to the Fair Credit Billing Act (FCBA). Your maximum liability is $50 for fraudulent charges on a lost or stolen card if you report the loss to your issuer within 60 days. In the case of relatively unprotected debit cards, those losses often go unrecovered.

Keep this in mind as you sit down for your online shopping for the holidays: use a credit card instead of a debit card. That gives you the protection of the FCBA if your shopping session gets hacked or if the retailer experiences a data breach somewhere down the road. Also think about making it even safer by shopping with a VPN. Our VPN creates an encrypted “tunnel” that protects your data from crooks and prying eyes, so your card info stays private.

A new debit card scam with a porch pirate twist

First reported by the FBI last year, we’re seeing continued reports of a brash and bold form of debit card scam—people physically handing over their cards to scammers.

The scam starts like many card scams do, with a phone call. Scammers spoof the caller ID of the victim’s bank or credit union, ring them up, and tell them there’s a “problem” with their account. From there, scammers direct victims to cut up their current card—but with a twist. They tell victims to keep the little EMV chip for tap-and-go payments intact.

Why? Victims get instructed to leave the cut-up card and intact chip in the mailbox for a “courier” to pick up for “security purposes.” Once in hand, scammers get access to the bank account associated with the chip. Even if the scammers don’t wrangle a PIN number out of their victims with a little social engineering trickery, they can still make purchases with the chip as some points of sale don’t require a PIN number when tapping to pay.

Here’s how you can avoid the “porch pirate” debit card scam

Shred your old cards in a paper shredder. Then, take the next step. Grab the shredded pieces and throw them away in separate batches. This will all make it fantastically tough for a scammer to piece together your card and steal your info.

Call back your bank yourself. If you get a call, voicemail, or text saying there’s an issue with your account, you can verify any possible issue yourself by calling the number on the back of your card.

Know that banks won’t send “couriers” for cards. And they’ll simply never ask you to leave your card in your mailbox.

Other scam and cybersecurity headlines this week

That’s our roundup for this week. We’ll catch you next Friday with more updates, scam news, and ways you can stay safer out there.

The post This Week in Scams: Fake Steaks and Debit Card Porch Pirates appeared first on McAfee Blog.

The Louvre Used Its Own Name as a Password. Here’s What to Learn From It

By: Brooke Seipel
The Louvre at night

If you’ve been watching the news, you’ve probably seen the headlines out of Paris: one of the most audacious heists in decades took place at the Louvre, where thieves made off with centuries-old crown jewels worth tens of millions of dollars.

But amid the cinematic drama, a quieter detail emerged that’s almost harder to believe—according to French newspaper Libération (via PC Gamer), auditors discovered that the password protecting the museum’s video surveillance system was simply “Louvre.”

While it’s not yet confirmed whether this played a direct role in the robbery, cybersecurity experts point out that weak or reused passwords remain one of the easiest ways for criminals—digital or otherwise—to get inside.

Safety Lessons You Can Learn from The Louvre

The Louvre’s cybersecurity audits, dating back to 2014, reportedly revealed a pattern of outdated software and simple passwords that hadn’t been updated in years. Subsequent reviews noted “serious shortcomings,” including security systems running on decades-old software no longer supported by developers.

That situation mirrors one of the most common security issues individuals face at home. Whether it’s an email account, a social media login, or your home Wi-Fi router, using an easy or repeated password is like leaving the front door open. Hackers don’t need to break in when they can just walk through.

As experts here at McAfee have explained, cybercriminals routinely rely on “credential stuffing” attacks, in which they test stolen passwords from one breach against other sites to see what else they can access. If you’ve used the same password for your streaming account and your online banking, it’s not hard to imagine what could go wrong.

What’s A Bad Password?

  • Obvious or guessable: Anything like “password,” “123456,” or even the name of the service (“Louvre,” “Netflix,” “Chase”) can be cracked in seconds.
  • Dictionary words: Real words or phrases are easier for hacking programs to guess, even when combined creatively.
  • Repeated passwords: Reusing a password across multiple sites means one breach can expose everything.
  • Personal details: Pet names, birthdays, and favorite bands can all be scraped from social media—making them the first thing a hacker will try.

What Makes A Strong Password

A strong password is long, complex, and unique. Cybersecurity experts recommend at least 12–16 characters that mix uppercase and lowercase letters, numbers, and symbols. A short password can be guessed in minutes; a long one can take decades to crack.

If that sounds like a lot to juggle, you’re not alone. That’s why password managers exist.

Why A Password Manager Is Your Best Guard

A password manager takes the work—and the guesswork—out of creating and remembering complex passwords. It generates random combinations that are nearly impossible to crack, then stores them securely using advanced encryption.

The added bonus? You’ll never have to reuse a password again. Even if one account is theoretically compromised in a breach, your others remain protected because each password is unique.

McAfee’s password manager also uses multi-factor authentication (MFA), meaning you’ll need at least two forms of verification before signing in—like a code sent to your phone. That extra step can stop hackers cold, even if they somehow get your password.

How to protect yourself

To keep your digital treasures safer than the Louvre’s jewels:

  • Use strong, unique passwords for every account. Longer is better.
  • Change passwords regularly and especially after any breach or suspicious activity.
  • Turn on MFA wherever possible—it’s one of the simplest and most effective protections.
  • Avoid public Wi-Fi for sensitive logins, or use a secure VPN.
  • Store passwords safely with a reputable password manager instead of your browser or a notepad.

The bottom line

Reports of the Louvre’s weak password might make for an easy punchline, but the truth is that millions of people make the same mistake every day—reusing simple passwords across dozens of accounts. Strong, unique passwords (and the right tools to manage them) are still one of the most powerful defenses against data theft and identity fraud.

As scams and breaches continue to evolve, your best defense is awareness and protection that adapts just as fast. McAfee’s built-in Scam Detector, included in all core plans, automatically detects scams across text, email, and video, blocks dangerous links, and identifies deepfakes—stopping harm before it happens.

The post The Louvre Used Its Own Name as a Password. Here’s What to Learn From It appeared first on McAfee Blog.

Kickoffs and Rip-offs—Watch Out for Online Betting Scams This Football Season

By: McAfee

Football season is in full swing — tailgates, rivalries, fantasy leagues, and Sunday afternoons glued to the screen. Alongside the highlights and heartbreaks, there’s another game playing out online: the rush to place bets.

Every break in the action brings another sportsbook promo — risk-free wagers, bonus bets, exclusive odds — flooding your feed and inbox. But what you don’t see between the ads and sponsorships is how much money is really in play, or how scammers have joined the lineup.

Last year, legally licensed online and retail sportsbooks took nearly $150 billion in bets, a 22.2% jump from 2023 according to the American Gaming Association. And with so much of that money flowing through apps and websites, scammers are finding creative new ways to cash in.

They’re setting up fake betting sites, phishing for logins, and spinning up unlicensed offshore platforms that operate without oversight. Even self-proclaimed “insider tipsters” are pitching guaranteed wins that never exist.

If sports betting is legal in your state and you’re planning to make some wagers this season, here’s how to keep your money — and your data — safe.

Is online sports betting legal in my state?

Since a U.S. Supreme Court ruling in 2018, individual states can determine their own laws for sports betting. Soon after, sports betting became legal in waves. In all, 39 states and Washington D.C. currently offer sports betting through licensed retail locations. Of them, 31 further offer legal sports betting through licensed online apps and websites. The map below offers a quick view as to how all that plays out.

Map of US states that have legalized sports betting.

Image from https://sportsdata.usatoday.com/legality-map 

Even as online sportsbooks must be licensed to operate legally, be aware that the terms and conditions they operate under vary from service to service. Per the Better Business Bureau (BBB), that calls for closely reading their fine print. For one, you might come across language that says the company can “restrict a user’s activity,” meaning that they can freeze accounts and the funds associated with them based on their terms and conditions. Also, the BBB cautions people about those promo offers that are often heavily advertised, because “like any sales pitch, these can be deceptive.”

What do online betting scams look like?

Fake betting sites

This form of scam follows the same playbook scammers use for all kinds of bogus sites in general. They cook up a copycat site that looks like a legitimate betting site, create a web address that looks like it could be legitimate, and then flood the web with sponsored search results, ads, and social media posts to drive traffic to them. From there, scammers capture payment info and take bogus bets that they never pay out on. Once the site gets discovered as a scam, they pull it down and spin up other scam sites. With the aid of AI tools to help with the process, scammers can turn around scam sites quickly.

Sports app phishing scams

Scammers piggyback on legitimate betting apps and sites another way. They’ll create phony customer support sites that they promote online, with the addition of scam texts and emails to lure in victims. Under the guise of support, they gain a victim’s login info, hack the account, and clean out the victim’s cash.

Unlicensed offshore platforms

These form a gray area when it comes to scams. Some of these offshore platforms, while unlicensed, are legitimate to varying degrees. What makes them dangerous is that they have no regulatory oversight, which means they can do things like charge hidden costs, lock accounts, and refuse payment without users having any way to dispute those actions. Some of these platforms might have suspect security measures as well, which could lead to account hacks. And of course, some of these offshore platforms are simply fake betting sites, as mentioned above.

Handicapper scams

Earlier this year, the BBB shared word of a growing scam where self-proclaimed experts with “insider information to place sure-thing bets” reach out to victims via email and social media posts. Per the BBB, “A handicapper’s goal isn’t to win bets for their members, it’s to get people to buy their picks. Once you’ve purchased their picks, the handicapper has already won. It doesn’t matter if the pick wins or loses, the handicapper keeps the payment.”

Of course, that “insider info” is entirely fake. It’s all just a smokescreen to draw in victims.

Ready to place your bet online? Keep these things in mind.

1) Stick with legitimate betting sites and apps. Use only legal, regulated sportsbooks when you place a bet.

If you’re a sports fan, you probably know the names, like BetMGM, DraftKings, FanDuel, bet365 and Fanatics Sportsbook. In addition, check out the organization’s BBB listing at BBB.org. Here you can get a snapshot of customer ratings, complaints registered against the organization, and the organization’s response to the complaints, along with its BBB rating, if it has one.

2) Use a secure payment method other than your debit card. Credit cards are a good way to go when buying, or betting, online.

One reason why is the Fair Credit Billing Act, which offers protection against fraudulent charges on credit cards by giving you the right to dispute charges over $50 for goods and services that were never delivered or otherwise billed incorrectly. Your credit card companies may have its own policies that improve upon the Fair Credit Billing Act as well. Debit cards don’t get the same protection under the Act.

3) Protect yourself from fake betting sites and bogus offers.

You can steer clear from all kinds of fake sites and bogus offers with the combination of our Web Protection and Scam Detector, found in our McAfee+ plans. They’ll alert you if a link might take you to a sketchy site, and they’ll block those sites if you accidentally tap or click on a bad link.

In addition to the latest virus, malware, spyware, and ransomware protection, it also includes strong password protection by generating and automatically storing complex passwords to keep your winnings and payment info safer from hackers and crooks.

 

Editor’s Note:

If gambling is a problem for you or someone you know, you can seek assistance from a qualified service or professional. Several states have their own helplines, and nationally you can reach out to resources like http://www.gamblersanonymous.org/ or https://www.ncpgambling.org/help-treatment/.

The post Kickoffs and Rip-offs—Watch Out for Online Betting Scams This Football Season appeared first on McAfee Blog.

Frankenstein Data: How Data Brokers Stitch Together—and Sell—Your Digital Self

By: Brooke Seipel

Your digital life is being stitched together—one purchase, one search, one swipe at a time.

Data brokers collect and combine fragments of your personal information to build detailed profiles they can sell to advertisers, employers, and anyone willing to pay.

While you can request that these brokers delete your data, many make it almost impossible to do so.

A joint investigation by CalMatters and The Markup found that 35 data brokers had intentionally hidden their opt-out pages from search results, making it harder for people to remove their information.

The result: a patchwork version of you exists online—a Frankenstein of your data, stitched together without your consent.

Moreover, practically anyone can purchase this sensitive info. That ranges from advertisers to law enforcement and from employers to anyone on the street who wants to know a lot more about you.

Here’s what’s happening, and what you can do about it.

Data brokers making it tougher to remove personal data from their sites

As part of the article, reporters analyzed 499 data broker sites registered in the state of California. Of them, 35 had search-blocking code. Additionally per the article, many opt out pages “required scrolling multiple screens, dismissing pop-ups for cookie permissions, and newsletter sign-ups and then finding a link that was a fraction the size of other text on the page.”[i]

Once the publications contacted the data brokers in question, multiple companies halted the practice, some responding that they were unaware their site had search-blocking code. Several others didn’t respond by the time the article was published and kept their practices in place.

Where do data brokers get such personal info?

There are several ways information brokers can get your info about you …

Sources available to the public: Some of your personal records are easily available to the public. Data brokers can collect public records like your voter registration records, birth certificate, criminal record, and even bankruptcy records. By rounding them up from multiple sources and gathering them in one place, it takes someone seconds to find out all these things about you, rather than spending hours poring over public records.

Search, browsing, and app usage: Through a combination of data collected from internet service providers (ISPs), websites, and apps, data brokers can get access to all kinds of activity. They can see what content you’re interested in, how much time you spend on certain sites, and even your daily travels thanks to location data. They also use web scraping tools (software that pulls info from the web), to gather yet more. All this data collecting makes up a multi-billion-dollar industry where personal data is gathered, analyzed, sold, and then sold again and again—all without a person’s knowledge.

Online agreements: As it is with smartphone apps, you’ll usually have to sign an agreement when signing up for a new online service. Many of these agreements have disclosures in the fine print that give the company the right to collect and distribute your personal info.

Purchase history: Data brokers want to know what products or services you’ve purchased, how you paid for them (credit card, debit card, or coupon), and when and where you purchased them. In some cases, they get this info from loyalty programs at places like supermarkets, drugstores, and other retailers. Kroger, one of the largest grocery chains, is a good example of how purchasing insights end up in the hands of others. According to Consumer Reports, the company draws 35% of its net income from selling customer data to other companies.

What can I do about companies collecting my data?

For starters, there aren’t any data privacy laws on the federal level. That, so far, has fallen to individual states to enact. As such, data privacy laws vary from state-to-state, with California having some of the earliest and strongest protections on record, via the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

In all, 20 states currently have comprehensive privacy laws in place, with five others that have put narrower privacy protections in place, covering data brokers, internet service providers, and medical/biometric data.

States with Comprehensive Data Privacy Laws

·       California

·       Virginia

·       Colorado

·       Connecticut

·       Utah

·       Iowa

·       Indiana

·       Tennessee

·       Texas

 ·       Florida

·       Montana

·       Oregon

·       Delaware

·       New Hampshire

·       New Jersey

·       Kentucky

·       Nebraska

·       Rhode Island

 

For specific laws in your state and how they can protect you, we suggest doing a search for “data privacy laws [your state]” for more info.

Even if your state has no or narrow data privacy laws in place, you still have several ways you can take back your privacy.

How to protect your data from data brokers.

The first thing you can do is keep a lower profile online. That can limit the amount of personal info they can get their hands on:

  • Be selective about what you share online.Don’t overshare personal info on social media. Avoid things like online quizzes and sweepstakes. And be aware that some data brokers indeed scour the web with scraping tools that gather up info from things like forum posts.
  • Go private. Even better, lock down your privacy on social media. Social media platforms like Facebook, Instagram, and others have several settings that keep your profile from being scraped in the ways mentioned above. Features like our
  • Use a virtual private network (VPN) whenever possible.A VPN hides your IP address and encrypts your data while you surf the web. McAfee’s Secure VPN protects your personal data and credit card information so you can browse, bank, and shop online without worrying about prying eyes, like data brokers and internet service providers (ISPs) that collect info about what you do online.

Remove your info from data brokers quickly with McAfee.

The list of data brokers is long. Cleaning up your personal data online can quickly eat up your time, as it requires you to reach out to multiple data brokers and opt out.

Rather than removing yourself one-by-one from the host of data broker sites out there, you have a solution: our Personal Data Cleanup.

Personal Data Cleanup scans data broker and people search sites and shows you which ones are selling your personal info. It also provides guidance on how you can remove your data from those sites. And if you want to save time on manually removing that info, you have options. Our McAfee+ Advanced and Ultimate plans come with full-service Personal Data Cleanup, which sends requests to remove your data automatically.

If the thought of your personal info getting bought and sold in such a public way bothers you, our Personal Data Cleanup can put you back in charge of it.

The post Frankenstein Data: How Data Brokers Stitch Together—and Sell—Your Digital Self appeared first on McAfee Blog.

Vampire Wifi: How Public Wi-Fi Traps Travelers in Cyber Attacks

By: Brooke Seipel

They’re not hiding in dark alleys—they’re hiding in plain sight. Airports, cafés, hotels, even libraries can harbor dangerous Vampire Wi-Fi networks.

These vampires pass themselves off as legitimate public Wi-Fi hotspots, using names that look innocent enough, such as “FREE_WIFI” and “AT&T_FREE_WIFI”.  These can potentially be “evil twin networks,” they often mimic the name of the airport you’re in, or the place where you’re grabbing a quick coffee and some laptop time while you’re on the road. In fact, when you connect to a vampire or evil twin network, you’re connecting to a hacker.

These networks are relatively easy to set up. With just a few hundred dollars of gear, attackers can set up these digital bloodsuckers anywhere. The moment you log on, they begin feeding on your data, using tools called packet sniffers to capture and analyze every bit you send.

So say you’re on the road and log into one of these networks, a hacker on the network can see what you’re connecting to and what data you’re passing along. Your credit card number while you shop. Your password when you bank. That confidential contract you just sent to a client. And your email password when your app regularly checks for mail every few minutes or so.

What tools let hackers snoop? Network analyzers, or packet sniffers as many call them. A bad actor can gather up data with a packet sniffer, analyze it, and pluck out the sensitive bits of info that are of value. Before you know it, you’re a victim of identity theft.

Another common vampire Wi-Fi ploy is to set up a phony login screen that asks for a username and password, often for popular online services like Google and Apple. In this case, the hacker gets the keys to all the personal info, apps, files, and financial info connected to them.

How to spot phony evil twin public Wi-Fi networks

Hackers typically take lengths to make these networks look legitimate, but they may give off signs:

  • The Wi-Fi network has no password.
  • The Wi-Fi network is not set up with Wi-Fi protected access (WPA) on the router.
  • The Wi-Fi network is open to Secure Sockets Layer (SSL) attacks. (An SSL is a digital certificate that authenticates a website’s identity and allows for secure, encrypted connections to banking, shopping, and financial sites, to name a few.)

Still, even with some of these flags, they can be tough to spot. And that’s a reason why our mobile security apps for iOS and Android analyze Wi-Fi networks before you connect to them—letting you know if a connection is Safe, Risky, or altogether Unsafe.

How to stay safe from evil twin networks when using public Wi-Fi

Your best bet when using any public Wi-Fi at all is to use a VPN.

A VPN is an app that you install on your device to help keep your data safe as you browse the internet. With your VPN on, your device makes a secure connection to a VPN server that routes internet traffic through an encrypted “tunnel.” This keeps your online activity private on any network, shielding it from prying eyes.

While you’re on a VPN, you can browse and bank with the confidence that your passwords, credentials, and financial info are secure. If a hacker attempts to intercept your web traffic, they’ll only see garbled content, thanks to your VPN’s encryption functionality.

With that, choosing a secure and trustworthy VPN provider is a must. A VPN like ours has both your security and privacy in mind. In a VPN, look for:

  • The same encryption strength that banks use.
  • One that doesn’t log or track what you do online, so your online activity remains private. ​
  • A VPN that’s independently audited for security and privacy.
  • One that covers plenty of devices and that offers unlimited data.
  • Automatically connects when you connect to public Wi-Fi.

Not every VPN offers these features. Selecting one that does gives you the protection you want paired with the privacy you want. You’ll find them all in our VPN, which is also included as part of our McAfee+ plans.

More ways you can stay safe on public Wi-Fi

Several other straightforward steps can keep you safer from vampire and evil twin Wi-Fi—and safer while using public Wi-Fi in general:

  • Double-check the network name: If you’re at a café, hotel, or airport, check with an employee for the exact name of their official Wi-Fi network before connecting. Don’t automatically trust a network just because its name looks right or has a particularly strong signal. (In fact, some hackers boost their phony Wi-Fi signals to make them look more attractive.)
  • Disable auto-join: Turn off the auto-join feature for Wi-Fi on your devices. This prevents your phone or laptop from connecting to malicious networks automatically.
  • See if it can wait: If you can wait to bank, shop, check email, or do anything that involves passwords or sensitive info, do it on a secure connection at home. If it absolutely can’t wait, use your VPN or cellular connection.
  • Use your own hotspot: Another secure option is to use a personal hotspot from your phone’s cellular data. This gives you a private connection that is much harder for attackers to exploit. That might leave you with a slower connection and possibly eat into your data plan, but those are small concerns compared to the major headache of identity theft.

 

Vampire Wi-Fi networks aren’t going anywhere. Hackers will keep setting up these traps because they work. People see “free Wi-Fi” and click without thinking twice. But now you know better. You’ve got the tools to spot the red flags, the habits to stay protected, and most importantly, you understand why a quality VPN isn’t optional anymore—it’s essential.

McAfee+ gives you everything we’ve talked about: bank-level encryption, zero-logging policies, independent security audits, and that smart auto-connect feature that kicks in when you need it most. Plus, unlimited data across all your devices, because who has time to ration their security?

Your personal information is worth protecting. Your financial data, your work files, your private conversations, they’re all valuable to the wrong people. Don’t hand them over just because someone dangled “free Wi-Fi” in front of you.

Ready to stop gambling with your data? Get comprehensive protection with McAfee+ and never worry about vampire networks again.

The post Vampire Wifi: How Public Wi-Fi Traps Travelers in Cyber Attacks appeared first on McAfee Blog.

Ghost Accounts: How Old, Forgotten Logins Put You at Risk for Identity Theft

By: Brooke Seipel

Remember that website where you bought a T-shirt in 2013? No?

Hackers do. And it’s one way they can steal your personal info. 

Consider this website, and other forgotten sites like it, an example of a “Ghost Account,” a place where one of your long-unused logins lives on and puts your identity at risk. 

Ghosts aside, old accounts like these are very real.

Think of all the times you’ve created a one-off account to make a single purchase, take an online quiz, or get more information about an event or a sale. For all the accounts you remember, there are plenty more you’ve probably completely forgotten about.

Even as estimates vary, it’s likely the average person has somewhere between 100 to 200 online accounts, where varying degrees of their personal and financial info are stored. 

And all those accounts add up to plenty of exposure. Those companies still have your address, payment information, and other personal details in their system. 

In a time where data breaches of varying sizes hack 3.5 million accounts on average each day, the odds of an old account of yours getting compromised are higher than you may realize. The more places your info resides, the more exposure to risk you have, namely data breaches, which can quickly lead to identity theft and fraud.

Compounding the problem is human nature. People tend to reuse passwords, or use highly similar passwords, all in an effort to maintain some degree of sanity across all the accounts they’re juggling. Hackers love that too. With one password in hand, they potentially get the keys to several other accounts, also with varying levels of personal and financial info, which (again) can lead to identity theft and fraud.

How to track down and close old accounts

Our Online Account Cleanup can do the work for you, which you can find in all our McAfee+ plans

It finds and deletes old accounts to reduce your risk of data exposure. In our McAfee+ Ultimate plans, you get full-service Online Account Cleanup, which sends the data deletion requests for you.

With each scan, you get an all-up view of accounts in your name. From there, it shows which are riskiest to keep, along with a look at what personal info is typically included in those accounts, which helps you decide what you’d like to keep and what you’d like to delete. Again, with McAfee+ Ultimate, you can request to delete accounts with a single click.

And because you add accounts and passwords from time to time, Online Account Cleanup gives you a monthly report. That way, you can keep tabs on your ever-evolving list of accounts and delete any you don’t want over time.

And while you’re at it, don’t forget your passwords.

Yes, with all those accounts come passwords. While you’re cleaning up your old accounts, you can better protect the ones you keep with our Password Manager. It’s a simple and highly secure way you can create strong, unique passwords for each and every one of your accounts. That offers you yet one more line of defense against data breaches, because hackers know so many people reuse their passwords.

Lastly, it’s convenient. You only need to remember one password. Our password manager securely stores all your passwords, where one primary password grants access to them all.

Removing unused ghost accounts can make you far safer from identity crimes

Whether it’s for an old online gaming account, a streaming service you never use anymore, or a login for a doctor’s office you don’t visit anymore, delete it. The less personal and financial info you have sitting in a database somewhere is less info a hacker can steal and use to commit identity theft or fraud.

We all have our “ghosts” floating around online, and today you have an easy way to get rid of them for good.

The post Ghost Accounts: How Old, Forgotten Logins Put You at Risk for Identity Theft appeared first on McAfee Blog.

This New “Verification” Trick Fools You Into Installing Malware

By: Brooke Seipel

Cybercriminals are turning to TikTok to spread new scams that promise “free upgrades” or access to premium versions of popular apps.

According to Bleeping Computer, scammers are posting videos that look like tech tutorials, offering so-called activation hacks for software like Windows, Adobe Premiere, or Photoshop, and even fake “premium” services for Netflix and Spotify.

But instead of unlocking anything, these videos trick people into running hidden malware on their devices. Once that happens, attackers can steal passwords, cryptocurrency wallet details, or access to social media and bank accounts.

These “ClickFix” scams, as researchers call them, are spreading quickly because they rely on trust and curiosity. The videos look legitimate. Many use the same tone and layout as real how-to tech content, but behind the scenes, they’re designed to take control of your device and your data.

How the scam works

  • A TikTok creator posts a short “activation” video claiming to unlock expensive software for free.
  • The video includes a simple “step-by-step” guide that encourages viewers to follow along on their own computer.
  • Once viewers download or click what they think is a harmless tool, malware silently installs in the background, giving hackers access to saved passwords, private accounts, and even payment information.

The scam works because it blends the look and feel of ordinary TikTok tutorials with social proof, think comments, hashtags, and even fake success stories, that make it seem credible.

Security researchers say the same technique has been spotted in similar scams spreading via fake CAPTCHA pages and cracked game downloads. The goal is always the same: convince users to “verify,” “activate,” or “fix” something, when in reality, they’re opening the door to attackers.

What McAfee’s Researchers Have Found

McAfee Labs has been tracking a related wave of attacks using fake CAPTCHA pages and cracked download sites to deliver info-stealing malware. In both campaigns, scammers prey on everyday habits such as downloading software, clicking “I’m not a robot,” or following quick tech fixes that seem safe.

Our researchers found that these scams spread through multiple channels, including phishing emails and fake support sites, all designed to look familiar. The end result is the same: stolen credentials, compromised devices, and exposed personal information.

These patterns mirror the rise of TikTok-based scams reported by Bleeping Computer. The methods may evolve, but the psychology is the same: social engineering that turns trust into a weapon.

How to Protect Yourself

  1. If it sounds too good to be true, it is. There are no free unlocks for paid apps or streaming services.
  2. Don’t follow tech “hacks” from unknown creators. Even if they have thousands of views, scammers can fake credibility.
  3. Use official download sources. Only get software and updates directly from verified developer sites.
  4. Watch for red flags. Phrases like “free activation,” “pro version unlock,” or “verify you’re human” are often scam signals.
  5. Use trusted security protection. Security software that spots scams before they spread can help block malicious links and videos automatically.

The bigger picture

Scammers are getting smarter about how they reach people. They’re blending into everyday content like short-form videos, social challenges, and viral tips. Then they’re using those moments of distraction to plant malware.

Tools like McAfee’s built-in Scam Detector, included in all core plans, are designed to spot this new kind of threat early. It automatically detects scams across text, email, and video, blocks dangerous links, and even identifies AI-manipulated content like deepfakes, helping stop harm before it happens.

As scammers adapt, your best defense is awareness and technology that adapts just as fast.

The post This New “Verification” Trick Fools You Into Installing Malware appeared first on McAfee Blog.

AWS Outage Disrupts Major Apps Like Reddit and Snapchat—What Happened and How to Stay Safe

By: Brooke Seipel

Amazon Web Services (AWS), one of the world’s largest cloud providers, recently experienced a major outage that disrupted popular websites and apps across the globe—including Snapchat, Reddit, Fortnite, Ring, and Coinbase, according to reports from CNN and CNBC.

The disruption began out of Northern Virginia, where many of the internet’s most-used applications are hosted.

AWS said the problem originated within its EC2 internal network, impacting more than 70 of its own services, and was tied to DNS issues, the system that tells browsers how to find the right servers online.

A few hours after the initial reports of outages, AWS said the problem had been “fully mitigated,” though it took several more hours for all users to see their systems stabilized, according to CNBC.

There is no indication the outage was caused by a cyberattack, and Amazon continues to investigate the root cause.

Why So Many Apps Went Down

When Amazon Web Services falters, the ripple effects reach far beyond businesses. Millions of consumers suddenly lose access to everyday apps and tools, including everything from banking and airline systems to gaming platforms and smart home devices.

“In the past, companies ran their own servers—if one failed, only that company’s customers felt it,” said Steve Grobman, McAfee’s Chief Technology Officer. “Today, much of the internet runs on shared backends like Amazon Web Services or Google Cloud. That interconnectedness makes the web faster and more efficient, but it also means one glitch can impact dozens of services at once.”

Grobman noted the issue was related to a capability called DNS within AWS, he described DNS as providing the directions on how systems find each other and even if those systems are operational, it can be detrimental.. It’s analogous to  “tearing up a map or turning off your GPS before driving to the store.” The store might still be open and stocked, he explained, but if you can’t find your way there, it doesn’t matter.

“Even with rigorous safeguards in place, events like this remind us just how complex and intertwined our digital world has become,” Grobman added. “It highlights why resilience and layered protection matter more than ever.”

Outages Create Confusion—And Opportunity for Scammers

Events like this sow uncertainty for consumers. When apps fail to load, people may wonder: Is my account hacked? Is my data at risk? Is it just me?

Cybercriminals exploit that confusion. After past outages, McAfee researchers have seen phishing campaigns, fake refund emails, and malicious links promising “fixes” or “status updates” appear within hours.

Scammers often mimic legitimate service alerts—complete with logos and urgent wording—to trick users into entering passwords or payment information. Others push fake customer-support numbers or send direct messages claiming to “restore access.”

How to Protect Yourself During a Major Outage

Here’s how to stay secure when the :

  1. Pause before you click. Be skeptical of any unsolicited message about outages, refunds, or account verification.
  2. Go straight to the source. Check the official app or website status pages—don’t follow links in emails or texts.
  3. Ignore urgent “fix” offers. Legitimate companies won’t ask you to download tools or send payment to restore access.
  4. Watch for red flags. Requests for money via gift cards, crypto, or wire transfers are almost always scams.
  5. If you clicked a suspicious link:
    1. Change your password immediately (and for any accounts using the same one).
    2. Turn on or refresh two-factor authentication (2FA).
    3. Monitor recent transactions and set up alerts.
    4. Run a trusted security scan to remove any unwanted apps or remote-access tools.

How McAfee Can Help

Using advanced artificial intelligence, McAfee’s Scam Detector automatically detects scams across text, email, and video, blocks dangerous links, and identifies deepfakes, stopping harm before it happens.

McAfee’s identity protection tools also monitor for signs that your personal information may have been exposed and guide you through steps to recover quickly.

Sign in to your McAfee account to scan for recent breaches linked to your email. You can also sign up for a free trial of McAfee antivirus to protect your devices.

The post AWS Outage Disrupts Major Apps Like Reddit and Snapchat—What Happened and How to Stay Safe appeared first on McAfee Blog.

Hackers Trick Staff Into Exposing Major Companies’ Salesforce Data–Find Out if You’re Safe

By: Brooke Seipel

Cybercriminals tricked employees at major global companies into handing over Salesforce access and used that access to steal millions of customer records. 

Here’s the McAfee breakdown on what happened, what information was leaked, and what you need to know to keep your data and identity safe: 

What’s Happening 

Hackers claim they’ve stolen customer data from multiple major companies, including household names like Adidas, Cisco, Disney, Google, IKEA, Pandora, Toyota, and Vietnam Airlines. Security Week has reported throughout 2025 on a wave of social-engineering attacks exploiting human – rather than platform – vulnerabilities. 

According to The Wall Street Journal, the hacking group has already released millions of Qantas Airlines customer records and is threatening to expose information from other companies next.  

The data reportedly includes names, email addresses, phone numbers, dates of birth, and loyalty program details. While it doesn’t appear that financial data was included, this kind of personal information can still be exploited in phishing and scam campaigns. 

Salesforce has issued multiple advisories stressing that these attacks stem from credential theft and malicious connected apps – not from a breach of its infrastructure. 

Unfortunately, incidents like this aren’t rare, and they’re not limited to any one platform or industry. Even the most sophisticated companies can fall victim when hackers rely on social engineering and manipulation to breach secure systems. 

How the Hackers Did it 

Hackers reportedly called various companies’ employees pretending to be IT support staff—a tactic known as “vishing”—and convinced them to share login credentials or connect fake third-party tools, essentially handing the criminals the keys to their accounts. Once inside, they accessed customer databases and stole the information stored there. 

Think of it less like a burglar breaking a lock, and more like someone being tricked into opening the door. 

What data was leaked 

So far, leaked data appears to include: 

  • Names and email addresses 
  • Phone numbers 
  • Dates of birth 
  • Home or mailing addresses 
  • Loyalty or frequent-flyer numbers 

There’s no indication of credit card or banking data in the confirmed leaks, but that doesn’t mean you’re in the clear.  

Why this matters to you 

Even if your financial information isn’t exposed in a data breach, personal details like name and address can still be used for targeted scams and phishing.  When that information is stolen and sold online, scammers use it to: 

  • Send realistic phishing emails or texts that reference real details about you. 
  • Try to log into your other accounts if you reuse passwords. 
  • Launch “refund” or “account verification” scams tied to brands you trust. 

Even if your data isn’t part of this specific leak, these attacks highlight how often your information moves through third-party systems you don’t control. 

How to find out if you’ve been affected 

  • Check your email: If you’re a member or customer of one of the named companies, watch for official notifications.  
  • Avoid “dark web lookup” services: Some of these are scams themselves. Stick to legitimate sources. 

What to do now 

1) Change your passwords—today.
Use strong, unique passwords for every account. McAfee’s password manager can help. Try our random password generator here. 

2) Turn on two-factor authentication (2FA).
Even if a hacker has your password, they can’t get in without your code. 

3) Monitor your financial and loyalty accounts.
Watch for strange charges, redemptions, or password reset emails you didn’t request. 

4) Freeze your credit.
It’s free and prevents new accounts from being opened in your name. You can unfreeze it anytime. McAfee users can employ a “security freeze” for extra protection. 

5) Be extra cautious with “breach” emails or calls.
Scammers often pretend to be from affected companies to “help you secure your account.” Don’t click links or give information over the phone. Go directly to the company’s website or app or your own IT team if a breach happens at your workplace. 

6) Consider identity protection.
McAfee’s built-in identity monitoring can monitor your personal info across the dark web, send alerts if your data appears in a breach, and include up to $1 million in coverage for identity recovery expenses. 

 

What scams to expect next 

  • Fake refund or compensation offers. “We noticed your account was impacted. Claim your refund here.” Don’t click. 
  • Loyalty-point phishing. Emails that look like they’re from an airline or retailer asking you to log in to “protect your rewards.” 
  • MFA fatigue scams. Attackers repeatedly send login codes to wear you down, then call pretending to be support asking you to read one aloud. Don’t. 

 

Need ongoing protection? 

Your data could already be out there, but you don’t have to leave it there. 

McAfee helps you take back control. Using advanced artificial intelligence, McAfee’s Scam Detector automatically detects scams across text, email, and video, blocks dangerous links, and identifies deepfakes, stopping harm before it happens. 

And McAfee’s Personal Data Cleanup can help you check which data brokers have your private details and request to have it removed on your behalf. 

Stay ahead of scammers. Check your exposure, clean up your data, and protect your identity, all with McAfee. 

Learn more about McAfee and McAfee Scam Detector 

 

More reading: 

What to do if you’re caught up in a data breach 

How to delete yourself from the internet 

How to spot phishing emails and scams  

The post Hackers Trick Staff Into Exposing Major Companies’ Salesforce Data–Find Out if You’re Safe appeared first on McAfee Blog.

McAfee Wins “Best Use of AI in Cybersecurity” for Scam Detector

By: Brooke Seipel
Graphic announcing that McAfee has won the 2025 Best Use of AI in Cybersecurity Award for McAfee Scam Detector. The image shows a crystal trophy labeled 'The A.I. Awards Winner 2025' on a red gradient background with McAfee’s logo and text celebrating the honor

We’re proud to share that McAfee has won “Best Use of AI in Cybersecurity” at The 2025 A.I. Awards for our groundbreaking work on McAfee’s Scam Detector, which automatically identifies risky texts and emails, and also includes the world’s first automated deepfake detection. 

Scams Are Growing 

Online scams have reached an all-time high, with 1 in 3 Americans reporting they’ve fallen victim, losing an average of $1,500 each. From fake job offers and text messages to AI-generated deepfakes, these threats are evolving faster than ever. 

Using Good AI to Fight Bad AI 

That’s where McAfee’s Scam Detector comes in. Using advanced artificial intelligence, it automatically detects scams across text, email, and video, blocks dangerous links, and identifies deepfakes, stopping harm before it happens. 

Scam Detector is also included with every core McAfee plan, and is available on PC, mobile, and web. In just its first few months, Scam Detector crossed the million-user milestone, underscoring the urgent need for smarter, faster protection in the AI-powered world. 

Industry Recognition 

As one of the judges, Rakesh Datta, noted: 

“McAfee’s Scam Detector is leading the fight against digital deception, harnessing advanced AI to identify scams, deepfakes, and fraud in real time. By combining exceptional accuracy with proactive protection, it restores confidence and redefines trust in the modern digital era. The A.I. Awards is proud to recognize McAfee’s innovation in safeguarding users worldwide.” 

This recognition highlights McAfee’s commitment to building responsible, consumer-first AI that empowers people to live safer, more confident lives on and offline. 

Looking Ahead 

We’re honored to be recognized alongside other global innovators, and we’re even more motivated to keep pushing forward, creating technology that helps people stay one step ahead of online threats. 

Check out all The 2025 A.I. Awards winners and learn more about McAfee Scam Detector. 

The post McAfee Wins “Best Use of AI in Cybersecurity” for Scam Detector appeared first on McAfee Blog.

Astaroth: Banking Trojan Abusing GitHub for Resilience

By: McAfee Labs

by Harshil Patel and Prabudh Chakravorty

*EDITOR’S NOTE: Special thank you to the GitHub team for working with us on this research. All malicious GitHub repositories mentioned in the following research have been reported to GitHub and taken down.

Digital banking has made our lives easier, but it’s also handed cybercriminals a golden opportunity. Banking trojans are the invisible pickpockets of the digital age, silently stealing credentials while you browse your bank account or check your crypto wallet. Today, we’re breaking down a particularly nasty variant called Astaroth, and it’s doing something clever: abusing GitHub to stay resilient.

McAfee’s Threat Research team recently uncovered a new Astaroth campaign that’s taken infrastructure abuse to a new level. Instead of relying solely on traditional command-and-control (C2) servers that can be taken down, these attackers are leveraging GitHub repositories to host malware configurations. When law enforcement or security researchers shut down their C2 infrastructure, Astaroth simply pulls fresh configurations from GitHub and keeps running. Think of it like a criminal who keeps backup keys to your house hidden around the neighborhood. Even if you change your locks, they’ve got another way in.

Key Findings 

  • McAfee recently discovered a new Astaroth campaign abusing GitHub to host malware configurations. 
  • Infection begins with a phishing email containing a link that downloads a zipped Windows shortcut (.lnk) file. When executed, it installs Astaroth malware on the system. 
  • Astaroth detects when users access a banking/cryptocurrency website and steals the credentials using keylogging.  
  • It sends the stolen information to the attacker using the Ngrok reverse proxy. 
  • Astaroth uses GitHub to update its configuration when the C2 servers become inaccessible, by hosting images on GitHub which uses steganography to hide this information in plain sight. 
  • The GitHub repositories were reported to GitHub and are taken down. 

Key Takeaways  

  • Don’t open attachments and links in emails from unknown sources. 
  • Use 2 factor authentication (2FA) on banking websites where possible. 
  • Keep your antivirus up to date. 

Geographical Prevalence 

Astaroth is capable of targeting many South American countries like Brazil, Mexico, Uruguay, Argentina, Paraguay, Chile, Bolivia, Peru, Ecuador, Colombia, Venezuela, and Panama. It can also target Portugal and Italy. 

But in the recent campaign, it seems to be largely focused on Brazil. 

Figure 1: Geographical Prevalence 

 

Conclusion 

Astaroth is a password-stealing malware family that targets South America. The malware leverages GitHub to host configuration files, treating the platform as resilient backup infrastructure when primary C2 servers become inaccessible. McAfee reported the findings to GitHub and worked with their security research team to remove the malicious repositories, temporarily disrupting operations. 

 

Technical Analysis 

Figure 2 : Infection chain 

 

Phishing Email 

The attack starts with an e-mail to the victim which contains a link to a site that downloads a zip file. Emails with themes such as DocuSign and resumes are used to lure the victims into downloading a zip file. 

Figure 3: Phishing Email

Figure 4: Phishing Email

Figure 5: Phishing Email

 

JavaScript Downloader 

The downloaded zip file contains a LNK file, which has obfuscated javascript command run using mshta.exe. 

 

This command simply fetches more javascript code from the following URL: 

 

To impede analysis, all the links are geo-restricted, such that they can only be accessed from the targeted geography. 

The downloaded javascript then downloads a set of files in ProgramData from a randomly selected server: 

Figure 6: Downloaded Files

Here,  

”Corsair.Yoga.06342.8476.366.log” is  AutoIT compiled script, “Corsair.Yoga.06342.8476.366.exe” is AutoIT interpreter, 

“stack.tmp” is an encrypted payload (Astaroth), 

 and “dump.log” is an encrypted malware configuration. 

AutoIt script is executed by javascript, which builds and loads a shellcode in the memory of AutoIT process. 

 

Shellcode Analysis 

Figure 7: AutoIt script building shellcode

The shellcode has 3 entrypoints and $LOADOFFSET is the one using which it loads a DLL in memory. 

To run the shellcode the script hooks Kernel32: LocalCompact, and makes it jump to the entrypoint. 

Figure 8: Hooking LocalCompact API 

 
Shellcode’s $LOADOFFSET starts by resolving a set of APIs that are used for loading a DLL in memory. The API addresses are stored in a jump table at the very beginning of the shellcode memory. 

Figure 9: APIs resolved by shellcode 

 

Here shellcode is made to load a DLL file(Delphi) and this DLL decrypts and injects the final payload into newly created RegSvc.exe process. 

 

Payload Analysis 

The payload, Astaroth malware is written in Delphi and uses various anti-analysis techniques and shuts down the system if it detects that it is being analyzed. 

It checks for the following tools in the system: 

Figure 10: List of analysis tools 

 

It also makes sure that system locale is not related to the United States or English. 

Every second it checks for program windows like browsers, if that window is in foreground and has a banking related site opened then it hooks keyboard events to get keystrokes. 

Figure 11: Hooking keyboard events 

Programs are targeted if they have a window class name containing chrome, ieframe, mozilla, xoff, xdesk, xtrava or sunawtframe.

Many banking-related sites are targeted, some of which are mentioned below:
caixa.gov.br 

safra.com.br 

Itau.com.br 

bancooriginal.com.br 

santandernet.com.br 

btgpactual.com 

 

We also observed some cryptocurrency-related sites being targeted: 

etherscan.io 

binance.com 

bitcointrade.com.br 

metamask.io 

foxbit.com.br 

localbitcoins.com 

 

C2 Communication & Infrastructure 

The stolen banking credentials and other information are sent to C2 server using a custom binary protocol. 

Figure 12: C2 communication  

 

Astaroth’s C2 infrastructure and malware configuration are depicted below. 

Figure 13: C2 infrastructure 

Malware config is stored in dump.log encrypted, following is the information stored in it: 

Figure 14: Malware configuration 

 

Every 2 hours the configuration is updated by fetching an image file from config update URLs and extracting the hidden configuration from the image. 

hxxps://bit[.]ly/4gf4E7H —> hxxps://raw.githubusercontent[.]com//dridex2024//razeronline//refs/heads/main/razerlimpa[.]png 

Image file keeps the configuration hidden by storing it in the following format:

We found more such GitHub repositories having image files with above pattern and reported them to GitHub, which they have taken down. 

Persistence Mechanism  

For persistence, Astaroth drops a LNK file in startup folder which runs the AutoIT script to launch the malware when the system starts.  

McAfee Coverage 

McAfee has extensive coverage for Astaroth: 

Trojan:Shortcut/SuspiciousLNK.OSRT 

Trojan:Shortcut/Astaroth.OJS 

Trojan:Script/Astaroth.DL 

Trojan:Script/Astaroth.AI 

Trojan:Script/AutoITLoader.LC!2 

Trojan:Shortcut/Astaroth.STUP 

Indicator Of Compromise(s) 

IOC  Hash / URL 
Email  7418ffa31f8a51a04274fc8f610fa4d5aa5758746617020ee57493546ae35b70
7609973939b46fe13266eacd1f06b533f8991337d6334c15ab78e28fa3b320be
11f0d7e18f9a2913d2480b6a6955ebc92e40434ad11bed62d1ff81ddd3dda945 
ZIP URL  https://91.220.167.72.host.secureserver[.]net/peHg4yDUYgzNeAvm5.zip 
LNK  34207fbffcb38ed51cd469d082c0c518b696bac4eb61e5b191a141b5459669df 
JS Downloader  28515ea1ed7befb39f428f046ba034d92d44a075cc7a6f252d6faf681bdba39c 
Download server  clafenval.medicarium[.]help
sprudiz.medicinatramp[.]click
frecil.medicinatramp[.]beauty
stroal.medicoassocidos[.]beauty
strosonvaz.medicoassocidos[.]help
gluminal188.trovaodoceara[.]sbs
scrivinlinfer.medicinatramp[.]icu
trisinsil.medicesterium[.]help
brusar.trovaodoceara[.]autos
gramgunvel.medicoassocidos[.]beauty
blojannindor0.trovaodoceara[.]motorcycles 
AutoIT compiled script  a235d2e44ea87e5764c66247e80a1c518c38a7395291ce7037f877a968c7b42b 
Injector dll  db9d00f30e7df4d0cf10cee8c49ee59a6b2e518107fd6504475e99bbcf6cce34 
payload  251cde68c30c7d303221207370c314362f4adccdd5db4533a67bedc2dc1e6195 
Startup LNK  049849998f2d4dd1e629d46446699f15332daa54530a5dad5f35cc8904adea43 
C2 server  1.tcp.sa.ngrok[.]io:20262
1.tcp.us-cal-1.ngrok[.]io:24521
5.tcp.ngrok[.]io:22934
7.tcp.ngrok[.]io:22426
9.tcp.ngrok[.]io:23955
9.tcp.ngrok[.]io:24080 
Config update URL  https://bit[.]ly/49mKne9
https://bit[.]ly/4gf4E7H https://raw.githubusercontent[.]com/dridex2024/razeronline/refs/heads/main/razerlimpa.png 
GitHub Repositories hosting config images  https://github[.]com/dridex2024/razeronline 

https://github[.]com/Config2023/01atk-83567z 

https://github[.]com/S20x/m25 

https://github[.]com/Tami1010/base 

https://github[.]com/balancinho1/balaco 

https://github[.]com/fernandolopes201/675878fvfsv2231im2 

https://github[.]com/polarbearfish/fishbom 

https://github[.]com/polarbearultra/amendointorrado 

https://github[.]com/projetonovo52/master 

https://github[.]com/vaicurintha/gol 

 

The post Astaroth: Banking Trojan Abusing GitHub for Resilience appeared first on McAfee Blog.

McAfee Again Certified as “TOP PRODUCT” by AV-TEST

By: Brooke Seipel

McAfee Total Protection has once again been named a TOP PRODUCT by the independent test lab AV-TEST, earning perfect scores in all three categories for the July–August 2025 test cycle.

This marks the 31st consecutive TOP PRODUCT certification for McAfee since June 2020, proof that our consumer protection consistently meets the highest independent standards.

While many security tools can slow your computer or trigger false alarms, McAfee keeps impact minimal and alerts meaningful, giving you reliable protection without getting in your way.

What the Scores Mean for You

  • Protection efficacy (100%): Stops the latest and most dangerous threats, including zero-day attacks and widespread malware, before they can infect your PC.
  • Performance impact (below industry average): Runs quietly in the background so your computer stays fast while you work, stream, and game. Many of our competitors’ security tools can slow things down, but McAfee keeps impact minimal.
  • Usability (no false positives): Alerts you only when it matters, avoiding annoying or confusing warnings about safe files and programs.

Together, these results mean you’re getting lab-verified security that beats industry averages and stays ahead of major competitors, without sacrificing speed or ease of use.

You can read the full AV-TEST report here.

The post McAfee Again Certified as “TOP PRODUCT” by AV-TEST appeared first on McAfee Blog.

Scam Alert: The Alarming Reality Behind 2025’s Explosion in Digital Fraud 

By: Abhishek Karnik

Latest research from McAfee Labs just announced and the numbers are staggering. If you think you’re immune to scams because you’re “too smart” or “too careful,” you might want to think again. Scammers have stepped up their game in 2025, and they’re coming for everyone. 

The Job Scam Tsunami That’s Crushing Dreams

Let’s start with the most shocking stat: job-related scams exploded by over 1,000% from May through late July 2025. Yes, you read that right. One thousand percent. 

Think about that for a moment. In a world where finding decent work feels harder than ever, scammers are weaponizing our most basic need for employment. They’re not just sending random “work from home” nonsense anymore. These criminals are getting sophisticated, using terms like “resume,” “recruit,” “maternity,” and “paternity” to exploit our hopes around benefits and career opportunities. 

Here’s the brutal reality: Nearly 1 in 3 Americans have received a job offer scam by text message. That means if you’re in a group of three people, at least one of you has been targeted. Even more disturbing? 45% of Americans have either experienced a job search scam personally or know someone who has. This isn’t some distant threat anymore, it’s hitting close to home. 

Shopping Scams Are Playing the Long Game

Amazon Prime Day was a goldmine for scammers. Text scams in the shopping category jumped 250% from May to late July, with much of that spike happening right around Prime Day. Coincidence? Absolutely not. 

Scammers know exactly when we’re most vulnerable. They know we’re hunting for deals, expecting delivery notifications, and clicking faster than we’re thinking. Amazon and Apple are the top brand names being impersonated because, let’s face it, we all interact with these companies constantly. 

Shopping email scams climbed 60% during this same period, with Amazon holding the top spot, Target moving into second place, and Apple rounding out the top three. The fact that Target surged into the number two spot tells us something important: scammers are diversifying their approach and studying our shopping habits more carefully than we might be studying theirs. 

Your Money Is Under Siege

Personal finance scams aren’t just growing, they’re surging nearly 150% from May to late July. Email scams in this category literally doubled between June and July. The top bait words? “Loan” and “money.” Because nothing says desperation like targeting people who are already financially stressed. 

Credit cards topped the list of email scam keywords, which makes perfect sense. In an economy where everyone’s feeling pinched, the promise of easy credit or debt relief hits different. URL-based finance scams rose 10% in July alone, proving that scammers are hitting us from every digital angle. 

Tech Scams Are Getting Personal

Here’s what’s really clever (in a completely evil way): technology scams grew 40% in text messages and saw a staggering 160% increase in email scams across June and July. Apple dominated the scam landscape, but here’s the kicker: Nvidia drove much of the late-July growth. 

Think about why that matters. Nvidia isn’t just any tech company; it’s the company behind the AI revolution everyone’s talking about. Scammers are literally using our fascination with AI and cutting-edge tech against us. They’re banking on our FOMO around technology trends. 

The Psychology Behind the Surge

Let’s step back and think critically about what’s really happening here. These aren’t random increases. Scammers are becoming more sophisticated, more targeted, and more successful because they’re exploiting fundamental human psychology: 

Economic anxiety: With inflation concerns and job market uncertainty, financial scams hit when people are most vulnerable. 

Technology overwhelm: As tech evolves rapidly, scammers exploit our confusion and excitement about new developments. 

Social proof manipulation: Using trusted brand names like Apple, Amazon, and Target because we’ve been conditioned to trust these companies. 

Timing exploitation: Hitting during Prime Day, benefit enrollment periods, and job hunting seasons when our guard is down. 

But there’s another layer we need to call out, the long-term impact of falling for a fake job. When you’re unemployed, every lead matters. Chasing a fraudulent one doesn’t just waste time; it effectively pauses your real job search. Many people say job hunting is a full-time job in itself, so losing that time can feel like being pushed back to square one. That setback compounds stress and deepens the economic anxiety you were already feeling. It’s not just about losing money, it’s about losing momentum, confidence, and critical opportunities in a competitive market. 

What This Means for You Right Now

Advice like “just be careful” doesn’t cut it anymore. Scammers have leveled up, and their tactics are sophisticated enough to fool even the smartest of people. That’s why having the right tools and awareness matters more than ever. Staying informed isn’t about fear, it’s about empowerment. The more you know, the harder it is for scammers to win. 

For job seekers: If someone contacts you about a job you didn’t apply for, especially mentioning benefits or asking for personal information upfront, pump the brakes. Real recruiters don’t typically lead with benefit details or ask for sensitive data in initial communications. 

For online shoppers: Those delivery notifications and deal alerts you’re getting? Slow down before clicking. Go directly to the retailer’s official website or app instead of clicking links in texts or emails. 

For anyone with financial concerns: If an offer sounds too good to be true (instant loans, credit repair miracles, investment opportunities), it probably is. When you’re stressed about money, that’s exactly when scammers strike hardest. 

For tech enthusiasts: Being excited about new technology is great, but scammers are counting on that excitement to make you click faster than you think. Always verify tech-related communications through official channels. 

The Bottom Line

The data is crystal clear: scams aren’t just increasing, they’re exploding across every category that matters to everyday people. Job hunting, shopping, managing money, staying current with technology. These criminals are systematically targeting the most essential aspects of modern life. 

But here’s what the scammers don’t want you to know: awareness is your best defense. They rely on speed, emotion, and distraction. The moment you slow down, verify independently, and think critically, their whole game falls apart. 

The 2025 scam landscape isn’t just more dangerous, it’s more personal. These aren’t random attempts anymore. They’re calculated attacks designed to hit you exactly when and where you’re most likely to let your guard down. To help job hunters and others, McAfee has launched Scam Detector, an all-in-one protection solution to help keep you safer across text, email and video. McAfee’s Scam Detector runs continuously in the background across all your devices, analyzing incoming emails, texts, and videos to detect potential scams in real-time. When it detects something suspicious, you get an instant alert that explains what raised the red flag and walks you through the specific tactics scammers use, so you can spot similar attempts on your own. For job seekers, Scam Detector can be an invaluable tool to help prevent fraudulent scams.

Stay sharp out there. Your financial security, career prospects, and digital safety depend on it. 

 

The post Scam Alert: The Alarming Reality Behind 2025’s Explosion in Digital Fraud  appeared first on McAfee Blog.

How Fraudsters Are Exploiting the Taylor Swift and Travis Kelce Engagement

By: Charles McFarland

When news of Taylor Swift and Travis Kelce’s engagement broke recently, fans around the world celebrated this real-life love story. Unfortunately, cybercriminals saw something else entirely: a golden opportunity to exploit millions of devoted Swifties and NFL fans through sophisticated scams that blend AI technology with classic fraud tactics.

The Perfect Storm for Scammers

The engagement of two mega-celebrities creates an ideal environment for scammers. With millions of fans eager for content, merchandise, and insider information about their favorite stars, fraudsters have crafted elaborate schemes that prey on this enthusiasm. What makes these recent scams particularly dangerous is their use of cutting-edge AI technology that makes fake content increasingly difficult to detect.

Deepfakes Flood Social Media

McAfee threat researchers have identified a deepfake video circulating across social media platforms, all capitalizing on the engagement buzz. These AI-generated videos, some featuring a likeness of Selena Gomez, are commenting on the engagement, overlayed on video clips of Taylor Swift, but they’re entirely fabricated.

Figure 1 – Examples of deepfakes on social media

The sophistication of these deepfakes is concerning. They feature realistic facial movements and convincing audio that can fool even discerning viewers. Fortunately, McAfee’s Scam Detector technology has been successfully identifying these fraudulent videos, alerting users with notifications that read “Deepfake detected” and advising viewers to “take a moment to double-check if the video is real and accurate.”

Deepfake videos can serve several malicious purposes:

  • Spreading misinformation about the engagement or the celebrities involved
  • Generating ad revenue through increased views and engagement
  • Building credibility for other scam operations by creating fake celebrity endorsements

The Fake Merchandise Gold Rush

Perhaps even more concerning than the deepfakes is the explosion of fraudulent merchandise capitalizing on the engagement. Scammers have quickly pivoted to creating fake commemorative items, with one of the most prominent examples being counterfeit “Taylor Swift Funko Style Collectible Engagement Edition Dolls.”

 

 

Figure 2 – AI-Generated Funko Style Doll with AI-Generated Text

McAfee threat researchers recently investigated a website selling unauthorized Taylor Swift and Travis Kelce Funko Pop-style dolls. At first glance, the site appears legitimate, complete with professional product photography and detailed descriptions. However, closer inspection reveals several red flags:

AI-Generated Product Image: The most telling sign of fraud lies in the product images themselves. Researchers discovered that the Funko doll boxes contained misspelled words and incorrect text placement – classic indicators that the images were generated by AI rather than photographed from real products. These imperfections are common in AI-generated content, where text rendering often fails to produce accurate spelling or realistic placement. However, AI image generation tools are rapidly improving and are getting better at generating text.

Fraudulent Security Badges: The website goes to extraordinary lengths to appear legitimate, even displaying a fake “McAfee Secure” badge. This is particularly brazen, as scammers are literally using McAfee’s trusted brand to legitimize their fraudulent operation. Consumers should always verify security badges by clicking on them to ensure they lead to official verification pages. The McAfee SECURE seal was replaced by TrustedSite in 2013.

Too-Good-To-Be-True Pricing: The dolls are priced at $26.98, marked down from $49.99 – a classic pricing strategy designed to create urgency and the perception of a great deal.

The Broader Impact of Celebrity Exploitation

These scams represent more than just financial fraud; they’re part of a larger ecosystem of misinformation and exploitation that damages both fans and the celebrities themselves. When deepfakes spread false information or when unauthorized merchandise floods the market, it can:

  • Confuse fans about authentic vs. fake content
  • Damage celebrity reputations through false associations
  • Undermine legitimate businesses selling official merchandise
  • Erode trust in social media content generally

Protecting Yourself from Engagement-Related Scams

As these scams continue to evolve, consumers need to stay vigilant. Here are key steps to protect yourself:

For Social Media Content:

  • Look for verification indicators: Many platforms now include deepfake detection warnings
  • Check the source: Verify that celebrity content comes from official, verified accounts
  • Be skeptical of sensational claims: If content seems designed purely for shock value or clicks, question its authenticity
  • Cross-reference information: Check multiple reliable news sources before believing or sharing celebrity news

For Merchandise Purchases:

  • Buy only from official sources: Stick to verified celebrity merchandise stores or authorized retailers
  • Examine product images carefully: Look for spelling errors, misaligned text, or other signs of AI generation
  • Verify security badges: Click on security indicators to ensure they’re legitimate
  • Research the website: Check domain registration dates, customer reviews, and business information
  • Be wary of limited-time offers: Scammers often create artificial urgency to pressure quick purchases

The Technology Arms Race

The Taylor Swift and Travis Kelce engagement scams highlight a broader trend in cybercrime: the democratization of sophisticated fraud tools. AI technology that once required significant technical expertise is now accessible to everyday scammers, making it easier than ever to create convincing fake content.

However, the same technology enabling these scams is also being used to combat them. Detection tools like McAfee’s Scam Detector are becoming more sophisticated at identifying AI-generated content, providing crucial protection for consumers.

The Taylor Swift and Travis Kelce engagement should be a celebration of love and happiness. Instead, it’s become another reminder of how quickly scammers adapt to exploit major news events and celebrity culture. By staying informed about these tactics and maintaining healthy skepticism about online content, fans can protect themselves while still enjoying legitimate coverage of their favorite celebrities.

Remember: if something seems too good to be true – whether it’s exclusive celebrity content or amazing merchandise deals, it probably is. In the age of AI-generated scams, a moment of caution can save you from becoming the next victim in this digital love story gone wrong. The best way to show love for Taylor Swift and Travis Kelce isn’t by clicking on suspicious links or buying questionable merchandise – it’s by being smart, careful consumers who don’t give scammers the attention and money they’re seeking.

The post How Fraudsters Are Exploiting the Taylor Swift and Travis Kelce Engagement appeared first on McAfee Blog.

Can Apple Macs get Viruses?

By: McAfee

While Apple goes to great lengths to keep all its devices safe, this doesn’t mean your Mac is immune to all computer viruses. What does Apple provide in terms of antivirus protection? In this article, we will discuss some signs that your Mac may be infected with a virus or malware, the built-in protections that Apple provides, and how you can protect your computer and yourself from threats beyond viruses.

What is a Mac virus?

A computer virus is a piece of code that inserts itself into an application or operating system and spreads when that program is run. While viruses exist, most modern threats to macOS come in the form of other malicious software, also known as malware. While technically different from viruses, malware impacts your Mac computers similarly: it compromises your device, data, and privacy.

Macs are not invulnerable to being hacked

While Apple’s macOS has robust security features, it’s not impenetrable. Cybercriminals can compromise a Mac through several methods that bypass traditional virus signatures. Common attack vectors include software vulnerabilities, phishing attacks that steal passwords, drive-by downloads from compromised websites, malicious browser extensions that seem harmless, or remote access Trojans disguised as legitimate software.

Common types of viruses and malware

Understanding the common types of viruses and malware that target macOS can help you better protect your device and data. Here’s a closer look at the most prevalent forms of malware that Mac users should watch out for.

  • Adware and potentially unwanted programs (PUPs): These programs hijack your browser, alter your search engine, and bombard you with pop-up ads, severely impacting performance and privacy.
  • Trojans: Disguised as legitimate software, such as fake Adobe Flash Player installers or system optimization tools, trojans create a backdoor on your Mac for attackers to steal data, install other malware, or take control of your device.
  • Spyware and keyloggers: This malicious software operates silently in the background, recording your keystrokes, capturing login credentials, and monitoring your activity to steal sensitive personal and financial information.
  • Ransomware: A particularly damaging threat, ransomware encrypts your personal files, photos, and documents, making them inaccessible. Attackers then demand a hefty ransom payment for the decryption key.
  • Cryptominers: This malware hijacks your Mac’s processing power to mine for cryptocurrencies like Bitcoin. It doesn’t steal data but can cause extreme slowdowns, overheating, and increased electricity usage.

Signs that your Mac may be hacked

Whether hackers physically sneak it onto your device or by tricking you into installing it via a phony app, a sketchy website, or a phishing attack, viruses and malware can create problems for you in a couple of ways:

Performance issues

Is your device operating slower, are web pages and apps harder to load, or does your battery never seem to keep a charge? These are all signs that you could have a virus or malware running in the background, zapping your device’s resources.

Your computer heats up

Malware or mining apps running in the background can burn extra computing power and data, causing your computer to operate at a high temperature or overheat.

Mystery apps or data

If you find unfamiliar apps you didn’t download, along with messages and emails that you didn’t send, that’s a red flag. A hacker may have hijacked your computer to send messages or to spread malware to your contacts. Similarly, if you see spikes in your data usage, that could be a sign of a hack as well.

Pop-ups or changes to your screen

Malware can also be behind spammy pop-ups, unauthorized changes to your home screen, or bookmarks to suspicious websites. In fact, if you see any configuration changes you didn’t personally make, this is another big clue that your computer has been hacked.

Browser redirects

Your browser’s homepage or default search engine changes without your permission, and searches are redirected to unfamiliar sites. Check your browser’s settings and extensions for anything you don’t recognize.

Disabled security features

Your antivirus software or macOS firewall is disabled without your action. Some viruses or malware are capable of turning off your security software to allow them to perform their criminal activities.

Check your Mac for viruses and malware

Fortunately, there are easy-to-use tools and key steps to help you validate for viruses and malware so you can take action before any real damage is done.

  1. Check activity monitor: Navigate to Applications > Utilities > Activity Monitor and look for any unknown processes using a disproportionate amount of CPU or memory. A quick web search can help identify if a suspicious process is malicious.
  2. Review login items: Go to System Settings > General > Login Items. Check the “Open at Login” and “Allow in the Background” sections for any apps you don’t recognize and disable them.
  3. Inspect system profiles: In System Settings > Privacy & Security, scroll down to “Profiles.” If you see any profiles you did not intentionally install, aside from those for work or school, remove them.
  4. Audit browser extensions: Open your web browsers and review installed extensions. Remove any that you did not add or no longer use.
  5. Run a security scan: The most reliable method is to use a dedicated security application. Run a full system scan with a trusted program to detect and remove any malware that manual checks may have missed.
  6. Update everything: Ensure your macOS and all installed applications are up to date. Updates frequently contain critical security patches that protect against known vulnerabilities exploited by hackers.

Built-in antivirus solution

Macs contain several built-in features that help protect them from viruses:

  • XProtect and quarantine: XProtect is Apple’s proprietary antivirus software built into all Macs since 2009. It works the same as any other antivirus, scanning suspicious files and apps for malware, then quarantining or limiting their access to the Mac’s operating system and other key functions. XProtect relies on up-to-date information to spot malicious files. However, this information may be outdated, and may not always protect Mac users from the latest threats.
  • Malware removal tool: To further keep Apple users protected, the malware removal tool scans Macs to spot and catch any malware that may have slipped past XProtect. Similar to XProtect, it relies on a set of constantly updated definitions to identify potential malware, removes malware upon receiving updated information, and continues to check for infections on restart and login.
  • Notarization and Gatekeeper: Apps for Apple devices go through a review before they are distributed and sold outside the App Store. When this review turns up no instances of malware, Apple issues a notarization ticket. That ticket is recognized in the macOS Gatekeeper, which verifies the ticket and allows the app to launch. If a previously approved app is later found to be malicious, Apple revokes its notarization and prevents it from running.
  • App Store review: All apps that wish to be sold on the Apple App Store must go through Apple’s App Store review. While not strictly a review for malware, security matters are considered in this process to ensure that all apps posted on the App Store are “reliable, perform as expected, respect user privacy, and are free of objectionable content.”
  • Other features: In addition to the above, Apple includes technologies that prevent malware from doing more harm, such as preventing damage to critical system files.

Do I need an antivirus for my Mac?

There are a couple of reasons why Mac users may want to consider additional protection on top of the built-in antivirus safeguards:

  1. Apple’s antivirus may not recognize the latest threats. These tools primarily rely on known virus definitions, which may lag behind the latest cyberthreats including “zero-day” incidents. This leaves Mac owners susceptible to attack if they solely rely on XProtect and other features.
  2. The Mac’s built-in security measures largely focus on viruses and malware. While protecting yourself from viruses and malware is of utmost importance, the reality is that antivirus is not enough. They don’t block other forms of harmful activity, such as phishing attacks, malicious apps downloaded outside of the App Store, suspicious links, prying eyes on public Wi-Fi, data breaches, and identity theft, among others.

Macs are like any other connected device. They’re also susceptible to the wider world of threats and vulnerabilities on the internet. For this reason, Mac users should think about bolstering their defenses further with online protection software.

Your guide to removing a Mac virus

If you suspect your Mac has been infected with a virus or other malware, acting quickly is essential to protect your personal data and stop the threat from spreading. Fortunately, this can be effectively done with a combination of manual steps and trusted security software:

  1. Disconnect from the internet: Immediately disconnect from Wi-Fi or unplug the ethernet cable to prevent the malware from communicating with its server or spreading.
  2. Remove suspicious apps: Open your Applications folder. Drag any unfamiliar or recently installed suspicious applications to the Trash and then empty it.
  3. Delete malicious files: Malware often hides files in your Library folders. Navigate to Finder > Go > Go to Folder and check paths like ~/Library/LaunchAgents and /Library/LaunchDaemons for suspicious files. Be cautious when deleting system files.
  4. Clean up browsers: Remove any unknown extensions from your web browsers and reset your homepage and search engine settings if they were altered.
  5. Run a security scan: The safest and most effective method is to run a full scan with a trusted security solution. This will automatically identify, quarantine, and remove all traces of the infection.
  6. Restore from a clean backup: If the infection is severe and persistent, your best option may be to erase your Mac and cautiously restore from a Time Machine backup created *before* you noticed signs of the virus. If you restore from a backup version that was already infected, you will re-introduce the malware to your clean system.

Last resort: Reinstalling your macOS

In the most extreme cases, erasing your hard drive and reinstalling a fresh copy of macOS is a very effective way to eliminate viruses and malware. This process wipes out all data, including the malicious software. This, however, is considered the last resort for deep-rooted infections that are difficult to remove manually.

Future-proof your Mac from viruses

As cyber threats grow more sophisticated, taking proactive steps now can protect your device, your data, and your identity in the long run. Here are simple but powerful ways to future-proof your Mac, and help ensure your device stays protected against tomorrow’s threats before they reach you:

  • Keep everything updated: Enable automatic updates for macOS and your applications. This is the single most important step to protect against vulnerabilities.
  • Download from trusted sources only: Stick to the Apple App Store or the official websites of reputable developers. Avoid downloading software from unvetted third-party aggregators or torrent sites.
  • Use strong passwords and multi-factor authentication (MFA): Protect your Apple ID and other accounts with long, complex, and unique passwords and enable MFA to prevent unauthorized access.
  • Be skeptical of unsolicited messages: Do not click on links or download attachments in suspicious emails or texts. These are primary methods for delivering malware and conducting phishing attacks.
  • Install comprehensive security software: Use a trusted security suite like McAfee+ for real-time protection that goes beyond Apple’s built-in tools, offering features like web protection, a firewall, and anti-phishing technology.
  • Back up your data regularly: Maintain regular backups of your important files using Time Machine or a cloud service. This ensures you can recover your data without paying a ransom in a ransomware attack.
  • Stay informed: Be aware of the threats out there and take a proactive stance to fill the gaps in protection. Comprehensive security suites like McAfee+ can take care of it for you. Our exclusive Protection Score checks your online safety, identifies any gaps, and offers personalized guidance to seal those cracks.

Best digital habits to practice

Staying safe online isn’t just about having the right software—it’s about making smart choices every day. Adopting strong digital habits can drastically reduce your risk of falling victim to viruses, scams, or data breaches.

  • Browse safely: Be wary of unsolicited links, pop-up windows, and urgent warnings. Use a web protection tool to block known malicious websites before they can load.
  • Scrutinize downloads: Never install software from an untrusted source. Read installation prompts carefully to deselect any bundled optional software or PUPs.
  • Improve email hygiene: Treat emails with attachments or links with caution, even from known senders, as their accounts could be compromised. Verify any unusual requests through a separate communication channel.
  • Review app permissions: When an application asks for permission to access your contacts, location, or other data, consider if it truly needs that access to function. Deny any unnecessary requests.
  • Enable your firewall: Ensure the macOS firewall is turned on in System Settings > Network > Firewall. This provides a basic but important barrier against unsolicited incoming network connections.

It’s about protecting yourself

An important part of a McAfee’s Protection Score involves protecting your identity and privacy beyond the antivirus solution. While online threats have evolved, McAfee has elevated its online protection software to thwart hackers, scammers, and cyberthieves who aim to steal your personal info, online banking accounts, financial info, and even your social media accounts to commit identity theft and fraud in your name. As you go about your day online, online protection suites help you do it more privately and safely. Comprehensive security solutions like McAfee+ include:

  • Personal data cleanup reveals which high-risk data brokers and search sites are collecting and selling your personal information. It then requests the removal of your information, confirms completion, and conducts ongoing scans as your data continues to be collected.
  • Unlimited secure VPN automatically connects to public Wi-Fi to protect your online privacy and safeguards personal data while you bank, shop, or browse online.
  • Identity theft and stolen funds coverage reimburses up to $1 million in lost funds or expenses, including losses to 401(k) accounts, while restoring your identity.
  • Ransomware coverage reimburses up to $25,000 for losses and ransom fees.
  • Licensed restoration experts who help repair identity and credit issues, including assistance with the identity fraud of a deceased family member.
  • Credit monitoring promptly alerts you about changes to your credit score, report, and accounts and guides you on actions needed to tackle identity theft.
  • Credit Score and Report help you stay on top of daily changes to your credit score and report, from a single location.
  • Security freeze prevents unauthorized access to existing accounts or new ones being set up in your name with a credit, bank, or utility account freeze.
  • Identity monitoring scans for up to 60 unique pieces of personal information on the dark web with timely alerts up to 10 months sooner than competitive products.

FAQs about Mac viruses

Can Macs get viruses from Safari?

Yes. While Safari has built-in security features, you can still get a Mac virus by visiting a compromised website that initiates a drive-by download or by being tricked into downloading and running a malicious file.

Do pop-ups mean my Mac is infected?

Not necessarily. Many websites use aggressive pop-up advertising. However, if you see persistent pop-ups that are difficult to close, or fake virus warnings, it’s a strong sign of an adware infection.

Is adware a type of malware?

Yes. While some consider it less harmful than a trojan, adware is a form of malware. It compromises your browsing experience, tracks your activity, slows down your computer, and can serve as a gateway for more dangerous infections.

How often should you scan for viruses?

If you have a security suite with real-time protection, your Mac is continuously monitored. It is still good practice to run a full system scan at least once a week for peace of mind.

Can iPhones spread malware to Macs?

Direct infection via a cable is extremely unlikely due to the security architecture of both operating systems. The greater risk comes from shared accounts. A malicious link or file opened on one device and synced via iCloud, or a compromised Apple ID, could affect your other devices.

Final thoughts

Current trends show a rise in sophisticated adware and PUPs that are often bundled with legitimate-looking software. Cybercriminals are also focusing on malicious browser extensions that steal data and credentials, injecting malicious code into legitimate software updates, or devising clever ways to bypass Apple’s notarization process. Given these developments, Macs can and do get viruses and are subject to threats just like any other computer. While Apple provides a strong security foundation, their operating systems may not offer the full breadth of protection you need, particularly against online identity theft and the latest malware threats. Combining an updated system, smart online habits, and a comprehensive protection solution helps you stay well ahead of emerging threats. Regularly reviewing your Mac’s security posture and following the tips outlined here will also enable you to use your device with confidence and peace of mind.

The post Can Apple Macs get Viruses? appeared first on McAfee Blog.

Bitcoin Security: Mining Threats You Need to Know

By: Jasdev Dhaliwal
Working from home

The value of Bitcoin has had its ups and downs since its inception in 2013, but its recent skyrocket in value has created renewed interest in this virtual currency. The rapid growth of this alternative currency has dominated headlines and ignited a cryptocurrency boom that has consumers everywhere wondering how to get a slice of the Bitcoin pie. For those who want to join the craze without trading traditional currencies like U.S. dollars (i.e., fiat currency), a process called Bitcoin mining is an entry point. However, Bitcoin mining poses a number of security risks that you need to know.

What Is Bitcoin Mining?

Mining for Bitcoin is like mining for gold—you put in the work and you get your reward. But instead of back-breaking labor, you earn the currency with your time and computer processing power. Miners, as they are called, essentially maintain and secure Bitcoin’s decentralized accounting system. Bitcoin transactions are recorded in a digital ledger called a blockchain. Bitcoin miners update the ledger by downloading a special piece of software that allows them to verify and collect new transactions. Then, they must solve a mathematical puzzle to secure access to add a block of transactions to the chain. In return, they earn Bitcoins, as well as a transaction fee.

What Are Bitcoin Security Risks?

As the digital currency has matured, Bitcoin mining has become more challenging. In the beginning, a Bitcoin user could mine on their home computer and earn a good amount of the digital currency, but these days the math problems have become so complicated that it requires a lot of expensive computing power. This is where the risks come in. Since miners need an increasing amount of computer power to earn Bitcoin, some have started compromising public Wi-Fi networks so they can access users’ devices.

One example of this security breach happened at a coffee shop in Buenos Aires, which was infected with malware that caused a 10-second delay when logging in to the cafe’s Wi-Fi network. The malware authors used this time delay to access the users’ laptops for mining. In addition to public Wi-Fi networks, millions of websites are being compromised to access users’ devices for mining. When an attacker loads mining software onto devices without the owner’s permission, it’s called a cryptocurrency mining encounter or cryptojacking.

It’s estimated that 50 out of every 100,000 devices have encountered a cryptocurrency miner. Cryptojacking is a widespread problem and can slow down your device; though, that’s not the worst that can happen. Utility costs are also likely to go through the roof. A device that is cryptojacked could have 100 percent of its resources used for mining, causing the device to overheat, essentially destroying it.

What Are Some Bitcoin Privacy Tips?

Now that you know a little about mining and the Bitcoin security risks associated with it, here are some tips to keep your devices safe as you monitor the cryptocurrency market:

  • Avoid public Wi-Fi networks: These networks often aren’t secured, opening your device and information up to a number of threats.
  • Use a VPN: If you’re away from your secure home or work network, consider using a virtual private network (VPN). A VPN is a piece of software that gives you a secure connection to the Internet, so that third parties cannot intercept or read your data. A product like McAfee+ can help safeguard your online privacy no matter where you go.
  • Secure your devices: New Bitcoin threats, security concerns, and malware are emerging all of the time. Protect your devices and information with comprehensive security software

The post Bitcoin Security: Mining Threats You Need to Know appeared first on McAfee Blog.

From Cyberbullying to AI-Generated Content – McAfee’s Research Reveals the Shocking Risks

By: Amy Bunn

The landscape of online threats targeting children has evolved into a complex web of dangers that extend far beyond simple scams. New research from McAfee reveals that parents now rank cyberbullying as their single highest concern, with nearly one in four families (22%) reporting their child has already been targeted by some form of online threat. The risks spike dramatically during the middle school years and peak around age 13, precisely when children gain digital independence but may lack the knowledge and tools to protect themselves.

The findings paint a troubling picture of digital childhood, where traditional dangers like cyberbullying persist alongside emerging threats like AI-generated deepfakes, “nudify” technology, and sophisticated manipulation tactics that can devastate young people’s mental health and safety.

Cyberbullying is Parents’ Top Concern

Cyberbullying and harassment are devastating to young people’s digital experiences. The research shows that 43% of children who have encountered online threats experienced cyberbullying, making it the most common threat families face. The impact disproportionately affects girls, with more than half of targeted girls (51%) experiencing cyberbullying compared to 39% of boys.

The peak vulnerability occurs during early adolescence, with 62% of targeted girls and 52% of targeted boys aged 13-15 facing harassment online. For parents of teen daughters aged 13-15, cyberbullying ranks as the top concern for 17% of families, reflecting the real-world impact these digital attacks have on young people’s well-being.

AI-Generated Content Creates New Dangers

The emergence of AI-powered manipulation tools has introduced unprecedented risks to children’s online safety. Nearly one in five targeted kids (19%) have faced deepfake and “nudify” app misuse, with rates doubling to 38% among girls aged 13-15. These statistics become even more alarming when considering that 18% of parents overall list AI-generated deepfakes and nudify technology among their top three concerns, rising to one in three parents (33%) under age 35.

The broader landscape of AI-generated content exposure is widespread, with significant implications for how children understand truth and authenticity online. The research underscores the challenge parents face in preparing their children to navigate an environment where sophisticated forgeries can be created and distributed with relative ease.

“Today’s online threats aren’t abstract risks — families are facing them every day,” said Abhishek Karnik, head of threat research for McAfee. “Parents’ top concerns are the toll harmful content, particularly cyberbullying and AI-generated deepfakes, takes on their children’s mental health, self-image, and safety. That’s why it’s critical to pair AI-powered online protection with open, ongoing conversations about what kids encounter online. When children know how to recognize risks and misinformation and feel safe talking about these issues with loved ones, they’re better prepared to navigate the digital world with confidence.”

The Growing Confidence Gap

As digital threats become more sophisticated, parents find themselves increasingly outpaced by both technology and their children’s technical abilities. The research reveals that nearly half of parents (48%) admit their child knows more about technology than they do, while 42% say it’s challenging to keep up with the pace of evolving risks.

This knowledge disparity creates real vulnerabilities in family digital safety strategies. Only 34% of parents feel very confident their child can distinguish between real and fake content online, particularly when it comes to AI-generated material or misinformation. The confidence crisis deepens as children age and gain more independence online, precisely when threats become most complex and potentially harmful.

The monitoring habits of families reflect these growing challenges. While parents identify late at night (56%) and after school (41%) as the times when children face the greatest online risks, monitoring practices don’t align with these danger windows. Only about a third of parents (33%) check devices daily, and 41% review them weekly, creating significant gaps in oversight during high-risk periods.

Age-Related Patterns Reveal Critical Vulnerabilities

The research uncovers troubling patterns in how online safety behaviors change as children mature. While 95% of parents report discussing online safety with their children, the frequency and effectiveness of these conversations decline as kids enter their teen years. Regular safety discussions drop from 63% with younger children to just 54% with teenagers, even as threats become more severe and complex.

Daily device monitoring shows even sharper declines, plummeting to just 20% for boys aged 16-18 and dropping as low as 6-9% for girls aged 17-18. This reduction in oversight occurs precisely when older teens face heightened risks of blackmail, “scamtortion,” and other sophisticated threats. The research shows that more than half of targeted boys aged 16-18 (53%) have experienced threats to release fake or real content, representing one of the most psychologically damaging forms of online exploitation.

Gaming and Financial Exploitation

Online gaming platforms have become significant vectors for exploitation, particularly targeting boys. The research shows that 30% of children who have been targeted experienced online gaming scams or manipulation, with the rate climbing to 43% among targeted boys aged 13-15. These platforms often combine social interaction with financial incentives, creating opportunities for bad actors to manipulate young users through false friendships, fake rewards, and pressure tactics.

Real-World Consequences Extend Beyond Screens

The emotional and social impact of online threats creates lasting effects that extend well into children’s offline lives. Among families whose children have been targeted, the consequences reach far beyond momentary embarrassment or frustration. The research shows that 42% of affected families report their children experienced anxiety, felt unsafe, or were embarrassed after online incidents.

The social ramifications prove equally significant, with 37% of families dealing with issues that spilled over into school performance or friendships. Perhaps most concerning, 31% of affected children withdrew from technology altogether after negative experiences, potentially limiting their ability to develop healthy digital literacy skills and participate fully in an increasingly connected world.

The severity of these impacts has driven many families to seek professional support, with 26% requiring therapy or counseling to help their children cope with online harms. This statistic underscores that digital threats can create trauma requiring the same level of professional intervention as offline dangers.

Building Trust Through Technology Agreements

Creating a foundation for open dialogue about digital safety starts with establishing clear expectations and boundaries. McAfee’s Family Tech Pledge provides parents with a structured framework to initiate these crucial conversations with their children about responsible device use. Currently, few families have implemented formal agreements about technology use, representing a significant opportunity for improving digital safety through collaborative rule-setting.

A technology pledge serves as more than just a set of rules, it becomes a collaborative tool that helps parents and children discuss the reasoning behind safe online practices. By involving children in the creation of these agreements, families can address age-appropriate concerns while building trust and understanding. The process naturally opens doors to conversations about the threats identified in the research, from predators and cyberbullying to AI-generated content and manipulation attempts.

These agreements work best when they evolve alongside children’s digital maturity. What starts as basic screen time limits for younger children can expand to include discussions about social media interactions, sharing personal information, and recognizing suspicious content as they enter their teen years. The key is making the technology pledge a living document that adapts to new platforms, emerging threats, and changing family circumstances.

Advanced Protection Through AI-Powered Detection

While conversations and agreements form the foundation of digital safety, today’s threat landscape requires technological solutions that can keep pace with rapidly evolving risks. McAfee’s Scam Detector represents a crucial additional layer of defense, using artificial intelligence to identify and flag suspicious links, manipulated content, and potential threats before they can cause harm.

The tool’s AI-powered approach is particularly valuable given the research findings about manipulated media and deepfake content. With AI-generated content becoming weapons used against children, especially teenage girls, automated detection becomes essential for catching threats that might bypass both parental oversight and children’s developing digital literacy skills.

For parents who feel overwhelmed by the pace of technological change, 42% report struggling to keep up with the risk landscape, Scam Detector provides professional-grade protection without requiring extensive technical knowledge. It offers families a way to maintain security while fostering the trust and communication that the research shows is essential for long-term digital safety.

The technology is especially crucial during the high-risk periods identified in the research. Since 56% of parents recognize that late-night hours present the greatest danger, and monitoring naturally decreases during these times, automated protection tools can provide continuous vigilance when human oversight is most difficult to maintain.

A Path Forward for Families

The research reveals that addressing online threats requires a comprehensive approach combining technology, communication, and ongoing education. Parents need practical tools and strategies that can evolve with both the threat landscape and their children’s developing digital independence.

Effective protection starts with pairing parental controls with regular, judgment-free conversations about harmful content, coercion, and bullying, ensuring children know they can seek help without fear of punishment or restrictions. Teaching children to “trust but verify” by checking sources and asking for help when something feels suspicious becomes especially important as AI-generated content makes deception increasingly sophisticated.

Keeping devices secure with updated security settings and AI-powered protection tools like McAfee’s Scam Detector helps create multiple layers of defense against evolving threats. These technological safeguards work best when combined with family agreements that establish clear expectations for online behavior and regular check-ins that maintain open communication as children mature.

Research Methodology

This comprehensive analysis is based on an online survey conducted in August 2025 of approximately 4,300 parents or guardians of children under 18 across Australia, France, Germany, India, Japan, the United Kingdom, and the United States. The research provides crucial insights into the current state of children’s online safety and the challenges families face in protecting their digital natives from increasingly sophisticated threats.

The data reveals that today’s parents are navigating unprecedented challenges in protecting their children online, with peak vulnerability occurring during the middle school years when digital independence collides with developing judgment and incomplete knowledge of online risks. While the threats may be evolving and complex, the research shows that informed, proactive families who combine technology tools with open communication are better positioned to help their children develop the skills needed to safely navigate the digital world.

The post From Cyberbullying to AI-Generated Content – McAfee’s Research Reveals the Shocking Risks appeared first on McAfee Blog.

How a Tech Expert Lost $13,000 to a Job Scam

By: Abhishek Karnik

Sam M. has spent more than 20 years building websites, testing systems, and managing technology projects. He knows code, he understands how the internet works, and he’s trained to spot digital red flags. None of that stopped him from losing $13,000 to scammers.

“I’ve been around long enough that I should have seen it coming,” Sam admits. “But when you’re looking for work, you’ve got blinders on. You just want something to work out.”

His story reflects a growing reality. McAfee data shows that job-related scams have exploded by over 1,000% from May through July 2025, making Sam part of a massive wave of Americans facing increasingly sophisticated employment fraud. But here’s what’s empowering: with the right protection, these scams can be spotted before they hit you and your wallet.

The Perfect Setup

Sam’s scam started with what looked like a legitimate opportunity: a polished website offering part-time work reviewing products online. The site had all the right elements: professional design, user authentication, and a logical process. Even his wife, who warned him that “if it sounds too good to be true, it probably is,” had to admit the pay rates weren’t unrealistic.

“I thought it was worth a try,” Sam said. “I’ve built websites, and this one looked okay. You had to log in, authenticate. Everything seemed legit.”

This sophisticated approach reflects how job scammers have evolved. They’re no longer sending obviously fake emails with spelling errors. Today’s scammers study real job platforms, mimic legitimate processes, and exploit the specific language that job seekers expect to see. McAfee’s analysis shows scammers are particularly focused on benefits-related terms like “resume,” “recruit,” “maternity,” and “paternity” to make their offers sound more credible. The good news? Advanced scam detection technology can automatically identify these sophisticated tactics before you even encounter them.

The Hook and the Trap

The scam followed a classic pattern – establish trust, then exploit it. Sam was paired with a trainer, guided through reviewing products, asked to upload screenshots. Then came the crucial moment.

“That first payout, a couple hundred dollars, hooked me,” Sam recalled. “I thought, this is working. This is real.”

But once Sam was invested, the ground shifted. A “special product” appeared, and suddenly his account showed a negative balance. The trainer explained he needed to deposit money to continue. It seemed reasonable at first, but it was the beginning of a financial death spiral.

“They kept telling me, ‘Just a little more and you’ll unlock it,'” Sam said. “And I kept chasing it.”

This “advance fee” model has become increasingly common in job scams. Victims are asked to pay for training materials, background checks, or equipment. Each payment is followed by a request for more money, creating a cycle that’s psychologically difficult to break.

The Scope of the Problem

Sam’s experience fits into a much larger crisis, but understanding the scope helps us stay ahead of it. According to McAfee data, 45% of Americans say they’ve either personally experienced a job search scam or know someone who has. That means nearly half the country has been touched by employment fraud in some way.

The reach extends beyond individual stories. Nearly 1 in 3 Americans (31%) report receiving job offer scams via text message, showing how these schemes have moved beyond email into our daily conversations. People now receive an average of 14 scam messages daily across all platforms. Email job scams alone rose 60% between June and July 2025, with “resume” being the most frequently used lure word. But here’s what’s encouraging: when scams can be identified automatically, people can stay one step ahead of scammers before any damage occurs.

The Real Cost

By the time Sam extracted himself from the scam, he was down more than $13,000. His loss reflects broader trends: McAfee research shows scam victims lose an average of $1,471 per scam, with $12 billion reported lost to fraud in 2024 alone, up 21% from the previous year. But the financial loss wasn’t the worst part for Sam.

“I was furious at them, but also at myself,” he said. “I’m supposed to know better. I felt stupid. I felt worn out.”

This emotional impact extends beyond individual embarrassment. These schemes attack people when they’re already vulnerable, turning the search for legitimate work into another source of stress and suspicion.

“It wears you down,” Sam explained. “Every time you think you’ve found something good, it turns out to be a scam. You get beat down again. And you start to wonder if you’ll ever find something real.”

The solution isn’t to stop trusting altogether. It’s having the right tools to confidently distinguish between what’s real and what’s fake before you click.

Staying One Step Ahead

Despite his losses, Sam maintains perspective about his situation. He knows people who’ve lost everything to scams, including their homes and savings.

“As hard as this was, I didn’t lose everything,” he said. “My family’s life didn’t have to change. Others aren’t so lucky.”

Now Sam sticks to established job platforms like LinkedIn and Glassdoor, avoiding websites that promise easy money. He’s also committed to sharing his story as a warning to others.

“I got caught, I admit it,” he said. “But I’m not the only one. And if telling my story helps someone else stop before it’s too late, then it’s worth it.”

The reality is that in today’s digital landscape, where people receive 14 scam messages daily, individual vigilance alone isn’t enough. What’s needed is automatic protection that works in the background, identifying suspicious texts, emails, and videos before you even encounter them. McAfee’s Scam Detector provides exactly that: real or fake? Scam Detector knows.

Know What’s Real Before You Click

Sam’s experience highlights several warning signs that job seekers should recognize, but modern scam protection goes far beyond manual vigilance:

Traditional Warning Signs:

  • Upfront payments (legitimate employers don’t ask employees to pay for the privilege of working)
  • Vague job descriptions (real jobs have specific requirements and clear responsibilities)
  • Pressure tactics (scammers often create artificial urgency to prevent careful consideration)
  • Too-good-to-be-true pay (research typical salaries for similar roles in your area)
  • Poor communication (legitimate companies use professional email addresses and clear contact information)

Lightning-fast alerts: With McAfee’s Scam Detector, you get automatic alerts about suspicious texts, emails, and videos before you click. The technology automatically identifies risky messages using advanced AI, so you don’t have to wonder what’s real and what’s fake online.

The explosive growth in job scams, with their 1,000%+ increase over just a few months, shows this challenge isn’t disappearing. But as scam technology evolves, so does scam protection. Intelligence and experience alone aren’t enough to combat well-crafted deception, but automatic detection technology can identify these sophisticated schemes before they reach you.

Sam’s story reminds us that anyone can be targeted, but with the right protection, you can spot scams before they hit you and your wallet. In a job market where people receive multiple suspicious messages daily, confidence comes from knowing you have technology working in the background to distinguish what’s real from what’s fake. With proactive scam protection designed with you in mind, you can enjoy the peace of a scam-free search and focus on finding legitimate opportunities. Real or fake? You’ll know before you click.

The post How a Tech Expert Lost $13,000 to a Job Scam appeared first on McAfee Blog.

What to Do if Your Phone is Stolen or Lost: 10 Steps to Protect Your Identity

By: Jasdev Dhaliwal

Losing your phone or having it stolen can feel like a nightmare, especially when you consider the treasure trove of personal information stored on your device. From banking apps and email accounts to social media profiles and payment methods, smartphones contain virtually our entire digital lives. When a criminal or pickpocket gains access to your phone, they potentially have the keys to your identity, finances, and online presence. However, acting quickly and methodically can help minimize the risks and protect you from identity theft and financial fraud.

Online safety advocate Amy Bunn emphasizes the scope of this vulnerability: “What many people don’t realize is how much information is stored or accessible through their phone — not just apps, but things like saved passwords, cloud backups, and multi-factor authentication codes. If someone gains access, they can move quickly to impersonate you or steal your identity. Features like remote wipe, app-specific PINs, and identity monitoring may not feel urgent until something goes wrong — but having them in place can make a big difference in how quickly you can recover and how much damage you can prevent.” The reality is sobering, criminals with access to your phone can make unauthorized purchases, hack into your accounts, and even steal your identity to open new credit lines in your name. But by following these nine critical steps immediately after discovering your phone is missing, you can significantly reduce the potential damage and protect your most sensitive information.

1. Try to Locate Your Phone Using Built-in Tracking

Before taking any drastic measures, start with the obvious: try calling your phone from another device. You might hear it ring nearby, or someone who found it might answer and be willing to return it. If this doesn’t work, turn to your phone’s built-in tracking capabilities.

For iPhone users, Apple’s Find My service allows you to see your device’s location on a map, play a sound to help locate it, and even view its last known location if the battery has died. Android users can access Google’s Find My Device with similar functionality. Both services can be accessed from any computer or other device by logging into your Apple or Google account. These tracking tools not only help you locate your phone but also provide remote control options that become crucial if recovery seems unlikely.

2. Lock Your Phone Remotely to Prevent Unauthorized Access

If you can’t physically retrieve your phone or suspect it’s in the wrong hands, immediately lock it remotely. This creates an additional barrier between a potential thief and your personal information, preventing access to your apps, messages, emails, and saved payment methods.

Both iPhone and Android devices offer remote locking capabilities through their respective tracking services. You can also set a custom message to display on the lock screen with your contact information, which could help if someone honest finds your phone and wants to return it. For iPhone users, this means accessing iCloud.com or using the Find My app on another Apple device, selecting your lost phone, and choosing “Mark as Lost.” Android users can visit android.com/find, select their device, and choose “Secure Device” to lock it and display a custom message.

3. File a Police Report for Documentation

While law enforcement may not actively search for your stolen phone, filing a police report creates an official record that can prove invaluable if you need to dispute fraudulent charges or deal with insurance claims. When you visit your local police department, bring as much information as possible about when and where your phone was lost or stolen.

Having your phone’s IMEI number (International Mobile Equipment Identity) or serial number available will strengthen your report. You can usually find these numbers in your phone’s settings, on the original packaging, or through your carrier’s account portal. This documentation becomes particularly important if criminals use your phone to commit further crimes or if you need to prove to financial institutions that fraudulent activity resulted from theft.

4. Contact Your Mobile Carrier Immediately

Your next call should be to your mobile carrier to suspend service on your stolen or lost device. This prevents unauthorized calls, texts, or data usage that could result in unexpected charges on your bill. More importantly, it helps protect your account from being hijacked or used to access two-factor authentication codes sent to your number.

Most major carriers can also blacklist your stolen device, making it much harder for thieves to use even if they manage to bypass the screen lock. When you contact your carrier, ask about temporary suspension options if you’re still hoping to recover your phone, or proceed with permanent cancellation if you’re ready to move to a replacement device. Many carriers also offer insurance programs that may help cover the cost of a replacement phone.

5. Secure All Connected Accounts

Even with remote locking enabled, sophisticated criminals may find ways to access your stored information. This makes securing your online accounts one of the most critical steps in protecting yourself from identity theft. Your phone likely has saved passwords, active app sessions, and stored payment information that could be exploited.

Start by changing passwords for your most sensitive accounts, particularly email, banking, and financial services. Focus on creating strong, unique passwords that would be difficult for criminals to guess. McAfee’s Password Manager can secure your accounts by generating and storing complex passwords and auto-filling your info for faster logins across devices. Next, remotely sign out of all apps and services that were logged in on your stolen device. Most major platforms, including Google, Apple, Microsoft, and social media sites, offer account security settings where you can view active sessions and log out of all devices remotely. This step is crucial because it prevents thieves from accessing your accounts even if they bypass your phone’s lock screen.

Consider this an opportunity to enable two-factor authentication on accounts that support it, adding an extra layer of security for the future. While you’re at it, monitor your online and financial accounts closely for any suspicious activity, unauthorized transactions, or login attempts from unfamiliar locations.

6. Remove Stored Payment Methods from Mobile Apps

Your stolen phone likely contains mobile payment apps like Apple Pay, Google Pay, or individual retailer apps with stored credit card information. Criminals can potentially use these payment methods to make unauthorized purchases, so removing them quickly is essential for protecting your finances.

For Apple Pay users, marking your device as lost through Find My iPhone will automatically suspend Apple Pay on that device. Alternatively, you can manually remove payment methods by signing into your Apple ID account at appleid.apple.com, selecting your lost device, and choosing to remove all cards. Google Pay users should visit payments.google.com, navigate to payment methods, and remove any cards linked to the compromised device.

Don’t stop there – contact your bank or credit card issuer directly to alert them about the potential for fraud. They can freeze or cancel the cards linked to your mobile payment apps and monitor for any suspicious transactions. Review your recent statements carefully and report any charges that weren’t made by you. Most financial institutions have straightforward fraud dispute processes and will work quickly to resolve unauthorized transactions.

7. Erase Your Phone’s Data Remotely

When all hope of recovering your phone is lost, remote data erasure becomes your final line of defense against identity theft. This nuclear option wipes all stored data, settings, media, and personal information from your device, ensuring that criminals can’t access your photos, contacts, passwords, financial information, or any other sensitive data.

Both iPhone and Android devices offer comprehensive remote wipe capabilities through their respective tracking services. For iPhone users, this means accessing Find My and selecting “Erase iPhone,” which will restore the device to factory settings and remove all personal information. Android users can accomplish the same thing through Find My Device by selecting “Erase Device.”

Keep in mind that once you erase your phone remotely, you’ll lose the ability to track it further, so make sure you’ve exhausted all other options first. However, the peace of mind that comes from knowing your personal information can’t be accessed often outweighs the slim chance of recovery.

8. Alert Your Contacts About Potential Scams

Criminals with access to your phone may attempt to exploit your personal relationships by impersonating you in messages or calls to your contacts. They might send urgent requests for money, ask for sensitive information, or attempt to trick your friends and family into various scams using your trusted identity.

As Amy Bunn warns, “Unfortunately, a stolen or lost phone often triggers the next wave of problems — scams. Criminals may use your personal details to send convincing phishing messages or pose as you to friends and family. That’s why tools like scam detection, identity monitoring, and security alerts matter. They not only help people lock down their accounts quickly but also give them an early warning when fraudsters try to take advantage of the situation.”

Reach out to your closest contacts through alternative communication methods to warn them that your phone has been compromised. Let them know to be suspicious of any unusual requests coming from your number and to verify your identity through a different channel if they receive anything questionable. This proactive step can prevent your loved ones from becoming secondary victims of the crime.

9. Plan Your Replacement Device

Once you’ve accepted that your phone is truly gone, it’s time to focus on getting back online securely. Check with your mobile carrier about replacement options, as some plans include insurance coverage that can significantly reduce the cost of a new device. Even if you don’t have insurance, carriers often offer payment plans for replacement phones.

When you get your new device, you’ll be able to restore your data from cloud backups like iCloud or Google Drive. This is why maintaining regular automatic backups is so important – they ensure you don’t lose photos, contacts, app data, and other important information permanently. During the setup process, take the opportunity to review and strengthen your security settings based on what you’ve learned from this experience.

10. How McAfee Can Help Protect Against Identity Theft

The theft of your phone represents just one potential pathway to identity theft, but it’s often one of the most impactful because of how much personal information our devices contain. While following the steps above can help minimize immediate damage, comprehensive protection requires ongoing vigilance and professional monitoring services.

McAfee’s Identity Protection offers multiple layers of defense that can alert you to potential identity theft before it becomes a major problem. Through comprehensive identity monitoring, McAfee identifies your personal information across the dark web and various databases, providing early warnings when your data appears in places it shouldn’t. This includes monitoring of social security numbers, government IDs, credit card numbers, bank account details, email addresses, and phone numbers – often alerting users up to 10 months earlier than similar services.

The credit monitoring component keeps watch over changes to your credit score, reports, and accounts, sending timely notifications when new accounts are opened, credit inquiries are made, or suspicious activity is detected. This early warning system can help you catch identity thieves before they cause significant financial damage. Perhaps most importantly, if you do become a victim of identity theft in the U.S., McAfee provides up to $2 million in identity theft coverage and restoration support for select McAfee+ plans.

Prevention Strategies for the Future

While no one plans to have their phone stolen, taking preventive measures can significantly reduce the potential impact if it happens to you. Enable device tracking features like Find My or Find My Device before you need them, and make sure you know how to access these services from other devices. Use a strong passcode or biometric authentication that would be difficult for thieves to guess or bypass quickly.

Consider adding a PIN to your SIM card to prevent thieves from removing it and using it in another device. Maintain regular automatic backups to cloud services so you won’t lose important data permanently if your phone disappears. Most importantly, review and limit the amount of sensitive information you store directly on your device and consider using additional authentication methods for your most critical accounts.

Record your phone’s IMEI number and serial number in a safe place where you can access them if needed for police reports or insurance claims. These small preparatory steps can save significant time and stress if the worst happens.

The Bigger Picture: Comprehensive Digital Protection

Phone theft is just one of many ways criminals can gain access to your personal information and identity. In our interconnected digital world, comprehensive protection requires a multi-layered approach that goes beyond device security. Data breaches at major companies, phishing attacks, social engineering scams, and various online threats all pose risks to your identity and financial well-being.

This is where integrated protection services like McAfee+ become invaluable. Rather than trying to manage multiple security concerns separately, comprehensive identity and device protection provides peace of mind through continuous monitoring, early warning systems, and professional restoration support when things go wrong. The goal isn’t just to react to problems after they occur, but to prevent them from happening in the first place and to minimize their impact when prevention isn’t enough.

Having your phone stolen is stressful enough without worrying about the long-term consequences for your identity and finances. By following these nine essential steps quickly and methodically, you can significantly reduce the potential damage and protect yourself from becoming a victim of identity theft. Remember, the key is acting fast – every minute counts when it comes to protecting your digital life from criminals who might have gained access to your most personal information.

The post What to Do if Your Phone is Stolen or Lost: 10 Steps to Protect Your Identity appeared first on McAfee Blog.

How to Create a Family Technology Pledge

By: Jasdev Dhaliwal

As another school year begins, the digital landscape our children navigate has become increasingly complex. With artificial intelligence tools now readily available and social media platforms evolving rapidly, considering creating a family technology pledge has never been more crucial, or more challenging.

Gone are the days when we simply worried about screen time limits. Today’s parents must address everything from AI-assisted homework to the growing threat of deepfake cyberbullying. The technology shaping our kids’ lives isn’t just about phones and social media anymore—it’s about preparing them for a world where artificial intelligence is reshaping how they learn, communicate, and express themselves.

The New Digital Reality for Tweens and Teens

Recent research from the Pew Research Center shows that 26% of students aged 13-17 are using ChatGPT to help with their assignments, double the number from 2023. Meanwhile, surveys reveal that between 40 and 50 percent of students are aware of deepfakes being circulated at school. These statistics underscore a reality many parents aren’t prepared for: our children are already immersed in an AI-powered world, whether we’ve given them permission or not.

The key to successful digital parenting in 2025 isn’t necessarily about banning technology—it’s about having intentional, educational conversations that prepare our children to use these powerful tools responsibly. We need to acknowledge that technology is here to stay, so the best thing we can do is accept it’s here, educate our kids on how to use it safely, and introduce boundaries and rules to help keep them protected.

Creating Your Family Technology Pledge: A Collaborative Approach

For any pledge to be effective, lasting, and conflict-free, we need to shift the focus from simply setting rules to creating an open, constructive dialogue that helps all family members use technology in healthy ways. The most successful technology pledges are created collaboratively, not decided without collaboration. This ensures everyone feels included and that the guidelines reflect your family’s unique needs and values.

The most important consideration in tailoring a pledge to your kids’ ages and maturity levels, and to your family’s schedule. There’s no point making pledges that don’t reflect your children’s actual technology use or your family’s realistic expectations. Remember, this is about starting conversations and creating a framework for ongoing dialogue, not a rigid set of rules that’s destined to fail.

Responsible AI Use for Academic Success

One of the biggest changes in recent years is the need to address AI tools like ChatGPT, Claude, and other learning platforms. Rather than trying to catch assignments written by AI, many schools are now launching programs that include AI Learning Modes, recognizing that these tools can be valuable when used appropriately.

The benefits of AI assistance in education are significant and shouldn’t be ignored. AI can serve as a personalized tutor, explaining complex concepts in multiple ways until a student understands. It can help students with learning differences access the curriculum more effectively, and students working in a second language can use these tools to level the playing field. When used properly, AI can enhance critical thinking by helping students explore different perspectives on topics and organizing their thoughts more clearly.

However, the risks of over-reliance on AI are equally real and concerning. New research has shown that overreliance on AI might erode our ability to think critically, and critical thinking skills are essential for success in the real world. Students may become dependent on AI for basic problem-solving, missing opportunities to develop their own analytical skills and unique voice. Academic integrity concerns arise when AI does the work instead of supporting learning, potentially undermining the entire educational process.

Your family technology pledge should address these nuances.. Children should understand that they will use AI tools to enhance their learning, not replace it. This means always disclosing when they’ve used AI assistance on assignments, using AI to explain concepts they don’t understand while still working through problems themselves, and never submitting AI-generated work as their own original thinking. They should learn to ask AI to help with organizing thoughts, not creating them, and use AI to check their work for errors while ensuring the ideas and solutions remain their own.

Digital Identity and Deepfake Prevention

The rise of AI-generated content has created unprecedented risks for students, particularly regarding deepfake technology. Research shows that girls are most often targeted by deepfake images, and for victims, the emotional and psychological impact can be severe and long-lasting. What’s particularly alarming is that one photo posted online is all that’s needed to create a deepfake, making this a potential risk for every student.

Parents should help their children become mindful of what photos they share on social media, understanding that any image could potentially be misused. Children must understand that they should never participate in group chats or conversations where deepfakes are being shared, even passively. They need to recognize that creating deepfakes of others, even as a “joke,” can cause serious psychological harm and that possession of manipulated sexual imagery involving minors is illegal.

Helpful Tips for Parents

Creating a family technology pledge isn’t about limiting your child’s potential—it’s about empowering them to navigate an increasingly complex digital world safely and ethically. The emergence of AI tools and deepfakes is forcing families to have important conversations about ethics, empathy, and responsibility that previous generations never had to consider.

The goal isn’t to create a perfect document that anticipates every possible scenario. Instead, it’s to establish a foundation for ongoing dialogue about how technology can enhance rather than detract from your family’s values and your child’s growth into a thoughtful, responsible digital citizen. To help parents and guardians start discussions, we’ve created a first draft Technology Pledge that you can use to start a discussion with your family. Click here to download McAfee’s Technology Pledge

The digital landscape will continue to evolve, but the fundamental principles of kindness, honesty, and critical thinking remain constant. By creating a thoughtful technology pledge and maintaining open dialogue about digital challenges, you’re giving your child the tools they need to thrive in whatever technological environment they encounter. Start the conversation today. Your child’s digital future depends on it.

The post How to Create a Family Technology Pledge appeared first on McAfee Blog.

Secure Your World This Cybersecurity Awareness Month

By: Jasdev Dhaliwal

October marks Cybersecurity Awareness Month, and this year’s message couldn’t be clearer: small actions can make a big difference in your online safety. As cyber threats continue to evolve and become more sophisticated, the importance of taking proactive steps to protect yourself, your family, and your personal information has never been greater.

The 2025 theme, “Secure Our World,” focuses on simple yet powerful steps that anyone can implement to boost their digital security. At the heart of this year’s campaign are the “Core 4” essential practices that form the foundation of good cybersecurity habits. These four pillars represent the most impactful actions you can take to strengthen your digital defenses without requiring technical expertise or significant time investment.

The Foundation: Understanding the Core 4

The Core 4 principles serve as your digital security roadmap. Using strong passwords paired with a reliable password manager eliminates one of the most common vulnerabilities that cybercriminals exploit. When every account has a unique, complex password, a breach of one service doesn’t compromise your entire digital life.

Enabling multifactor authentication adds a crucial second layer of protection that makes unauthorized access exponentially more difficult. Even if someone obtains your password, they would still need access to your phone or authentication app to breach your accounts. This simple step blocks the vast majority of automated attacks and significantly raises the bar for would-be intruders.

Keeping your software updated ensures that known security vulnerabilities are patched as soon as fixes become available. Cybercriminals often target outdated software because they know exactly which weaknesses to exploit. By maintaining current versions of your operating system, apps, and security software, you close these doors before attackers can walk through them.

The fourth pillar, recognizing and reporting scams, has become increasingly critical as fraudulent schemes grow more sophisticated and prevalent. Today’s scammers leverage artificial intelligence to create convincing fake emails, text messages, and even video content that can fool even cautious consumers.

The Growing Scam Epidemic

The statistics paint a sobering picture of today’s threat landscape. According to McAfee’s comprehensive Scamiverse Report, 59% of people globally say they or someone they know has been a victim of an online scam, with Americans facing an average of 14+ scams per day. Between February and March 2025 alone, scam text volumes nearly quadrupled, with almost half using cloaked links to disguise malicious intent.

The burden on consumers is staggering. Americans spend an average of 93.6 hours per year – nearly two and a half work weeks, just reviewing messages to identify fakes. This represents 1.6 hours per week spent verifying whether communications are legitimate, a significant drain on time that could be spent on productive activities. The emotional toll is equally concerning, with 35% of people globally experiencing moderate to significant distress from scams, and two-thirds of people reporting they are more worried about scams than ever before.

What makes modern scams particularly dangerous is their increasing sophistication and alarming success rates. When scams do succeed, 87% of victims lose money, with financial losses often being substantial. According to the Scamiverse Report, 33% of scam victims lost over $500, while 21% lost more than $1,000, and 8% lost over $5,000. Most troubling is the speed at which these crimes unfold – 64% of successful scams result in money or information theft in less than one hour.

Young adults face particularly high risks, with 77% of people aged 18-24 having been scam victims – significantly higher than the global average. This demographic encounters an average of 3.5 deepfake videos daily, compared to 1.2 daily for Americans over 65. The pattern suggests that digital nativity doesn’t necessarily translate to better scam detection abilities.

The Evolution of Digital Deception

Today’s cybercriminals have embraced artificial intelligence as a force multiplier for their fraudulent activities. The accessibility of deepfake creation tools has democratized sophisticated fraud techniques that were once available only to well-funded criminal organizations. For just $5 and in 10 minutes, scammers can create realistic deepfake videos using any of the 17 different AI tools tested by McAfee Labs.

The scale of this threat has exploded exponentially. North America has seen a staggering 1,740% increase in deepfakes over the past year, with over 500,000 deepfakes shared on social media in 2023 alone. Americans now encounter an average of 3 deepfake videos per day, yet confidence in detection abilities remains concerning – while 56% of Americans believe they can spot deepfake scams, 44% admit they lack confidence in their ability to identify manipulated content.

The platform distribution reveals where consumers are most at risk. Among Americans, 68% report encountering deepfakes on Facebook, followed by 30% on Instagram, 28% on TikTok, and 17% on X (formerly Twitter). Older adults appear particularly vulnerable on Facebook, with 81% of those 65+ encountering deepfakes on the platform.

Understanding these evolving threats requires more than awareness—it demands tools that can keep pace with rapidly changing criminal tactics. Traditional approaches that rely solely on user education and manual verification are no longer sufficient when facing AI-generated content that can fool even security-conscious individuals. The challenge becomes even greater when considering that repeat victimization is common, with 26% of scam victims falling victim to another scam within 12 months.

People are developing some detection strategies, but these manual methods have limitations. According to the Scamiverse Report, 40% of people look for over-the-top claims like unrealistic discounts, while 35% watch for distorted imagery or suspicious website links. Other detection methods include identifying images that seem too perfect (33%), generic audio (28%), and audio-lip sync mismatches (28%). However, only 17% use more advanced techniques like reverse image searches to verify content authenticity.

Technology Fighting Back: The Rise of AI-Powered Protection

The same artificial intelligence that enables sophisticated scams can also serve as our defense against them. Advanced security solutions now use machine learning algorithms to analyze patterns, context, and content in real-time, identifying threats that would be impossible for humans to detect quickly enough. This technological arms race requires consumers to leverage AI-powered protection to match the sophistication of modern threats.

McAfee’s Scam Detector represents a significant advancement in consumer protection, using AI-powered detection to identify and alert consumers of scam texts, emails, and AI-generated audio in deepfake videos across multiple platforms and devices. This technology addresses the reality that manual detection methods, while useful, aren’t sufficient against the volume and sophistication of current threats. When people are spending nearly 94 hours per year just trying to identify fake messages, automated protection becomes essential for reclaiming both time and peace of mind. With scam detector, you can automatically know what’s real and what’s fake.

Comprehensive Scam Protection in Action

McAfee’s Scam Detector works across three critical communication channels: text messages, emails, and video content. For text message protection, the system monitors incoming SMS communications and alerts users to potentially dangerous content before they open suspicious messages. This proactive approach prevents the curiosity factor that often leads people to engage with scam content—total protection with no guesswork.

Email protection extends to major providers, including Gmail, Microsoft, Yahoo Mail, and more, with lightning-fast background scanning that identifies suspicious messages and provides clear explanations of the risks involved. This educational component helps users understand the specific tactics scammers employ, from urgency language to impersonation strategies.

The scam detection capability represents a unique advancement in consumer protection, using AI to detect deepfake audio and other manipulative media designed to impersonate trusted individuals or spread disinformation. This feature addresses the growing threat of fake celebrity endorsements, manipulated political content, and fraudulent investment pitches that leverage realistic-sounding audio content and is trained to identify AI-generated audio.

In February 2025, McAfee Labs found that 59% of deepfake detections came from YouTube, more than all other domains combined, reinforcing the platform’s role as a primary source of deepfake content. This data underscores the importance of having protection that works across the platforms where people naturally consume video content.

Building Comprehensive Digital Protection

Effective cybersecurity extends beyond scam detection to encompass all aspects of digital life. Password management remains fundamental, as weak or reused passwords continue to be primary attack vectors. A quality password manager not only generates strong, unique passwords for every account but also alerts users when their credentials appear in data breaches.

Virtual private networks (VPNs) such as Secure VPN provide essential protection when using public Wi-Fi networks, encrypting internet traffic to prevent eavesdropping and man-in-the-middle attacks. This protection is particularly important for remote workers and travelers who frequently connect to untrusted networks.

Identity monitoring services watch for signs that personal information has been compromised or is being misused. McAfee’s Identity Monitoring services scan for data breach databases, monitor credit reports, and alert users to suspicious activity across various financial and personal accounts. Select plans of McAfee+, can provide up to $2M of identity theft coverage. Early detection of identity theft can significantly reduce the time and effort required for recovery. Our identity monitoring service can notify you up to 10 months sooner than similar services.

Device protection through comprehensive antivirus and anti-malware solutions remains crucial as cyber threats continue to target endpoints. Modern security suites use behavioral analysis and machine learning to identify previously unknown threats while maintaining system performance.

The Human Element in Online Protection

While technology provides powerful tools for protection, human judgment remains irreplaceable in maintaining security. Understanding common social engineering tactics helps consumers recognize when they’re being manipulated, even when automated systems might not detect a threat immediately.

Scammers frequently exploit emotions like fear, urgency, and greed to bypass rational decision-making. Messages claiming immediate action is required to avoid account closure, unexpected windfalls that require upfront payments, or urgent requests from family members in distress all follow predictable patterns that become easier to recognize with awareness and practice.

Verification through independent channels remains one of the most effective defense strategies. When receiving unexpected requests for money or personal information, contacting the supposed sender through a known, trusted method can quickly expose fraudulent communications.

Creating a Culture of Security Awareness

Cybersecurity is most effective when it becomes a shared responsibility within families and communities. Parents can model good digital hygiene practices for their children while teaching age-appropriate lessons about online safety. Regular family discussions about recent scam trends and security practices help create an environment where everyone feels comfortable reporting suspicious activity.

Workplace security awareness programs extend protection beyond individual households to encompass professional environments where data breaches can have far-reaching consequences. Employees who understand their role in organizational security are more likely to follow proper protocols and report potential threats promptly.

Community education initiatives, often supported by local law enforcement and cybersecurity organizations, provide valuable resources for groups that might be particularly vulnerable to certain types of fraud, such as seniors targeted by tech support scams or small business owners facing ransomware threats.

Looking Forward: The Future of Consumer Protection

The cybersecurity landscape will continue evolving as both threats and defenses become more sophisticated. Artificial intelligence will play an increasingly central role on both sides of this digital arms race, making advanced protection tools essential for ordinary consumers who lack specialized technical knowledge.

Integration between different security tools will likely improve, creating more seamless protection that works across all devices and platforms without requiring separate management interfaces. This consolidation will make comprehensive security more accessible to consumers who currently find managing multiple security solutions overwhelming.

Regulatory initiatives may also shape the future of consumer protection, potentially requiring stronger default security measures on devices and platforms while establishing clearer responsibilities for organizations that handle personal data.

Taking Action This Cybersecurity Awareness Month

Cybersecurity Awareness Month provides an excellent opportunity to evaluate and improve your digital protection strategy. Start by implementing the Core 4 practices: use strong passwords with a password manager, enable multifactor authentication on all important accounts, keep your software updated, and learn to recognize and report scams.

Consider comprehensive protection solutions that address multiple threat vectors simultaneously rather than relying on piecemeal approaches. Look for services that combine device protection, identity monitoring, scam detection, and privacy tools in integrated packages that work together seamlessly.

Remember that cybersecurity is an ongoing process rather than a one-time setup. Threats evolve constantly, requiring regular updates to both your tools and your knowledge. Stay informed about emerging threats through reliable sources and adjust your protection strategies accordingly. McAfee delivers smarter protection against evolving threats.

The digital world offers tremendous benefits for communication, commerce, education, and entertainment. By taking proactive steps to protect yourself and your family, you can enjoy these advantages while minimizing the risks that come with our increasingly connected lives. Small actions today can prevent significant problems tomorrow, making cybersecurity one of the most valuable investments you can make in your digital future.

The post Secure Your World This Cybersecurity Awareness Month appeared first on McAfee Blog.

“If You’re Real, Prove Me Wrong”: Beth’s Romance Scam Story

By: Jasdev Dhaliwal

Beth Hyland never imagined love would cost her $26,000. At 53, she considered herself cautious and financially aware. But when she matched with someone calling himself “Richard Dobb”, the whirlwind connection, late-night conversations, and promises of a future together felt genuine. What she didn’t realize was that she was being drawn into one of the most devastating and personal scams out there—romance fraud.

The Beginning of the Scam

Beth and Richard’s connection quickly escalated. They weren’t “officially” engaged, but in her mind, they were planning a future together. Richard told her he had just completed a project in Qatar and needed to pay a translator to finalize things. The catch? He claimed he couldn’t access his funds unless he went in person to a bank branch in England.

That’s when the requests for money began.

How the Fraud Unfolded

Richard framed it as a temporary problem. If Beth could just help him raise the money, they’d be set. Wanting to support her partner, she took out a $15,000 loan and added another $5,000 in cash advances from her credit card.

When she asked how to send the money, he directed her to a cryptocurrency site.

Beth’s financial advisor became concerned. “I think you’re in a romance scam,” he told her. But Beth didn’t want to believe it.

“No,” she thought, “we’re in love. He wouldn’t do this to me.”

Her last message to Richard was desperate: “If you’re real, prove me wrong. Bring me my money, and maybe we’ll talk.”

She never heard from him again.

Why Beth Shared Her Story

Romance scams are uniquely painful because they prey on trust, hope, and human connection. Beth said, “People would be surprised at how much this happens, how much it goes on.”

Like many victims, she wishes there had been a tool to fact-check the links, the stories, and the too-good-to-be-true excuses. That’s where technology like McAfee’s Scam Detector could have made all the difference, flagging suspicious links and warning her before thousands of dollars vanished.

Protect Yourself from Romance Scams

  • Be cautious with requests for money. Love should never come with a price tag.
  • Watch for excuses. Scammers often create urgent, dramatic reasons why they can’t access funds.
  • Fact-check with technology. Tools like McAfee’s Scam Detector analyze suspicious links and help you avoid falling for fake websites or fraudulent requests.
  • Trust your gut and outside voices. If friends, family, or advisors raise concerns, listen.

Beth’s Final Word

Romance scams thrive on silence. Victims often feel embarrassed, but Beth wants her story out there.

“It would have been really good if there was technology where I could have checked these links to fact-check all of that,” she reflected.

Her experience is a reminder that scammers aren’t just after money—they target trust. By sharing her story, Beth hopes others will pause before sending money to someone they’ve never met in person. And with tools like McAfee’s Scam Detector, more people can spot the lies before love turns into loss.

 

The post “If You’re Real, Prove Me Wrong”: Beth’s Romance Scam Story appeared first on McAfee Blog.

A Fake Delivery Text Nearly Cost Deshawn Hundreds: His Scam Story

By: Jasdev Dhaliwal

Deshawn never thought he’d be the kind of person to fall for a scam. At 30, he was tech-savvy, careful, and always aware of the world around him. But one busy afternoon, a single text message changed everything. What looked like a routine delivery notification turned into a $420 lesson that convenience can be a scammer’s greatest weapon.“I thought this stuff only happened to older people.” That’s what Deshawn, 30, told us after a fake delivery text nearly drained his bank account. It all started on what he thought was just a busy day.

How the Scam Hooked Him

Deshawn was juggling errands when a text came through: a delivery company said his package was being held at a facility. To recover it, all he had to do was click the link.

Since he really was expecting packages, it felt routine. He tapped the link, entered his information, and moved on.

The next day, his bank flagged a transaction: $420 spent—in Jamaica. Deshawn had never been there. That’s when it clicked. The delivery text was a scam, and the fraudsters had his financial info.

The Aftermath

“When I saw purchases hitting my card, I felt like an idiot,” Deshawn admitted. “I thought things like this only happened to older people.”

But scams don’t discriminate. Deshawn realized the very convenience he relied on—quick taps, fast responses—was exactly what scammers exploit.

“Even if you’re detail-oriented, even if you check all the boxes, it can happen to you,” he said.

Why His Story Matters

Scammers count on assumptions. They count on younger people thinking they’re “too smart” or “too aware” to get tricked. But as Deshawn’s story shows, anyone can fall for a scam—especially when it looks like an everyday task, like recovering a package.

“It’s crazy how a device in your pocket and one tap can take your money,” Deshawn reflected. He wishes more people his age would share their experiences, so others wouldn’t let their guard down.

How to Stay Safe from Fake Delivery Scams

  • Don’t click links in unexpected texts. Go directly to the retailer’s or delivery service’s official site or app to track packages.
  • Double-check the sender. Scammers often spoof numbers or use odd-looking email addresses.
  • Watch for urgency. Messages that push you to act fast are classic scam red flags.
  • Use security tools. McAfee’s Scam Detector can help identify and block suspicious links before you click.

Final Word from Deshawn

“I used to laugh at the idea of being a scam target. Now I know it can happen to anyone. Sharing my story means maybe the next person will pause before they tap.”

The post A Fake Delivery Text Nearly Cost Deshawn Hundreds: His Scam Story appeared first on McAfee Blog.

How Agentic AI Will Be Weaponized for Social Engineering Attacks

By: Amy Bunn

We’re standing at the threshold of a new era in cybersecurity threats. While most consumers are still getting familiar with ChatGPT and basic AI chatbots, cybercriminals are already moving to the next frontier: Agentic AI. Unlike the AI tools you may have tried that simply respond to your questions, these new systems can think, plan, and act independently, making them the perfect digital accomplices for sophisticated scammers. The next evolution of cybercrime is here, and it’s learning to think for itself.

The threat is already here and growing rapidly. According to McAfee’s latest State of the Scamiverse report, the average American sees more than 14 scams every day, including an average of 3 deepfake videos. Even more concerning, detected deepfakes surged tenfold globally in the past year, with North America alone experiencing a 1,740% increase.

At McAfee, we’re seeing early warning signs of this shift, and we believe every consumer needs to understand what’s coming. The good news? By learning about these emerging threats now, you can protect yourself before they become widespread.

A Real-World Example: How Anthropic’s Claude AI Was Used for Espionage

A new case disclosed by Anthropic, first reported by Axios, marks a turning point: a Chinese state-sponsored group used the company’s Claude Code agent to automate the majority of an espionage campaign across nearly thirty organizations. Attackers allegedly bypassed guardrails through jailbreaking techniques, fed the model fragmented tasks, and convinced it that it was conducting defensive security tests. Once operational, the agent performed reconnaissance, wrote exploit code, harvested credentials, identified high-value databases, created backdoors, and generated documentation of the intrusion. In all, they completed 80–90% of the work without any human involvement.

This is the first publicly documented case of an AI agent running a large-scale intrusion with minimal human direction. It validates our core warning: agentic AI dramatically lowers the barrier to sophisticated attacks and turns what was once weeks of human labor into minutes of autonomous execution. While this case targeted major companies and government entities, the same capabilities can, and likely will, be adapted for consumer-focused scams, identity theft, and social engineering campaigns.

Understanding AI: From Simple Tools to Autonomous Agents

Before we dive into the threats, let’s break down what we’re actually talking about when we discuss AI and its evolution:

Traditional AI: The Helper

The AI most people know today works like a very sophisticated search engine or writing assistant. You ask it a question, it gives you an answer. You request help with a task, it provides suggestions. Think of ChatGPT, Google’s Gemini, or the AI features on your smartphone. They’re reactive tools that respond to your input but don’t take independent action.

Generative AI: The Creator

Generative AI, which powers many current scams, can create content like emails, images, or even fake videos (deepfakes). This technology has already made scams more convincing by cloning real human voices and eliminating telltale signs like poor grammar and obvious language errors.

The impact is already visible in the data. McAfee Labs found that for just $5 and 10 minutes of setup time, scammers can create powerful, realistic-looking deepfake video and audio scams using readily available tools. What once required experts weeks to produce can now be achieved for less than the cost of a latte—and in less time than it takes to drink it.

Agentic AI: The Independent Actor

Agentic AI represents a fundamental leap forward. These systems can think, make decisions, learn from mistakes, and work together to solve tough problems, just like a team of human experts. Unlike previous AI that waits for your commands, agentic AI can set its own goals, make plans to achieve them, and adapt when circumstances change

Key Characteristics of Agentic AI:

  • Autonomous operation: Works without constant human guidance from a cybercriminal
  • Goal-oriented behavior: Actively pursues specific objectives without requiring regular input.
  • Adaptive learning: Improves performance based on experience through previous attempts.
  • Multi-step planning: Can execute complex, long-term strategies based on the requirements of the criminal.
  • Environmental awareness: Understands and responds to changing conditions online.

Gartner predicts that by 2028, a third of our interactions with AI will shift from simply typing commands to fully engaging with autonomous agents that can act on their own goals and intentions. Unfortunately, cybercriminals won’t be far behind in exploiting these capabilities.

The Scammer’s Apprentice: How Agentic AI Becomes the Perfect Criminal Assistant

Think of agentic AI as giving scammers their own team of tireless, intelligent apprentices that never sleep, never make mistakes, and get better at their job every day. Here’s how this digital apprenticeship makes scams exponentially more dangerous.

Traditional scammers spend hours manually researching targets, scrolling through social media profiles, and piecing together personal information. Agentic AI recon agents operate persistently and autonomously, self-prompting questions like “What data do I need to identify a weak point in this organization?” and then collecting it from social media, breach data, exposed APIs and cloud misconfigurations.

What The Scammer’s Apprentice Can Do

  • Continuous surveillance: Monitors your social media posts, job changes, and online activity 24/7.
  • Pattern recognition: Identifies your routines, interests, and vulnerabilities from scattered digital breadcrumbs.
  • Relationship mapping: Understands your connections, colleagues, and family relationships.
  • Behavioral analysis: Learns from your communication style, preferred platforms, and response patterns.

Unlike traditional phishing that uses static messages, agentic AI can dynamically update or alter their approach based on a recipient’s response, location, holidays, events, or the target’s interests, marking a significant shift from static attacks to highly adaptive and real-time social engineering threats.

An agentic AI scammer targeting you might start with a LinkedIn message about a job opportunity. If you don’t respond, it switches to an email about a package delivery. If that fails, it tries a text message about suspicious account activity. Each attempt uses lessons learned from your previous reactions, becoming more convincing with every interaction.

AI-generated phishing emails achieve a 54% click-through rate compared to just 12% for their human-crafted counterparts. With agentic AI, scammers can create messages that don’t just look professional, they sound exactly like the people and organizations you trust.

The technology is already sophisticated enough to fool even cautious consumers. As McAfee’s latest research shows, social media users shared over 500,000 deepfakes in 2023 alone. The tools have become so accessible that scammers can now create convincing real-time avatars for video calls, allowing them to impersonate anyone from your boss to your bank representative during live conversations.

Advanced Impersonation Capabilities:

  • Voice cloning: Create phone calls that sound exactly like your boss, family member, senator, or bank representative
  • Writing style mimicry: Craft emails that perfectly match your company’s communication style.
  • Visual deepfakes: Generate fake video calls for “face-to-face” verification.
  • Context awareness: Reference specific projects, recent conversations, or personal details

Perhaps most concerning is agentic AI’s ability to learn and improve. As the AI interacts with more victims over time, it gathers data on what types of messages or approaches work best for certain demographics, adapting itself and refining future campaigns to make each subsequent attack more powerful, convincing, and effective. This means that every failed scam attempt makes the AI smarter for its next victim. Understanding how agentic AI will transform specific types of scams helps us prepare for what’s coming. Here are the most concerning developments:

Multi-Stage Campaign Orchestration

Agentic AI can potentially orchestrate complex multi-stage social engineering attacks, leveraging data from one interaction to drive the next one. Instead of simple one-and-done phishing emails, expect sophisticated campaigns that unfold over weeks or months.

Automated Spear Phishing at Scale

Traditional spear phishing required manual research and customization for each target. In the new world order, malicious AI agents will autonomously harvest data from social media profiles, craft phishing messages, and tailor them to individual targets without human intervention. This means cybercriminals can now launch thousands of highly personalized attacks simultaneously, each one crafted specifically for its intended victim.

Real-Time Adaptive Attacks

When a target hesitates or questions an initial approach, agents adjust their tactics immediately based on the response. This continuous refinement makes each interaction more convincing than the last, wearing down even skeptical targets through persistence and learning. Traditional red flags like “This seems suspicious” or “Let me verify this” no longer end the attack, they just trigger the AI to try a different approach.

Cross-Platform Coordination

These autonomous systems now independently launch coordinated phishing campaigns across multiple channels simultaneously, operating with an efficiency human attackers cannot match. An agentic AI scammer might contact you via email, text message, phone call, and social media—all as part of a coordinated campaign designed to overwhelm your defenses.

How to Protect Yourself in the Age of Agentic AI Scams

The rise of agentic AI scams requires a fundamental shift in how we think about cybersecurity. Traditional advice like “watch for poor grammar” no longer applies. Here’s what you need to know to protect yourself:

  • The Golden Rule: Never act on urgent requests without independent verification, no matter how convincing they seem.
  • Use different communication channels: If someone emails you, call them back using a number you look up independently
  • Verify through trusted contacts: When your “boss” asks for something unusual, confirm with colleagues or HR
  • Check official websites: Go directly to company websites rather than clicking links in messages
  • Trust your instincts: If something feels off, it probably is—even if you can’t identify exactly why

Understanding a New Era of Red Flags

Since agentic AI eliminates traditional warning signs, focus on these behavioral red flags:

High-Priority Warning Signs:

Emotional urgency: Messages designed to make you panic, feel guilty, or act without thinking

Requests for unusual actions: Being asked to do something outside normal procedures

Isolation tactics: Instructions not to tell anyone else or to handle something “confidentially”

Multiple contact attempts: Being contacted through several channels about the same issue

Perfect personalization: Messages that seem to know too much about your specific situation

How McAfee Fights AI with AI: Your Defense Against Agentic Threats

At McAfee, we understand that fighting AI-powered attacks requires AI-powered defenses. Our security solutions are designed to detect and stop sophisticated scams before they reach you. McAfee’s Scam Detector provides lightning-fast alerts, automatically spotting scams and blocking risky links even if you click them, with all-in-one protection that keeps you safer across text, email, and video. Our AI analyzes incoming messages using advanced pattern recognition that can identify AI-generated content, even when it’s grammatically perfect and highly personalized.

Scam Detector keeps you safer across text, email, and video, providing comprehensive coverage against multi-channel agentic AI campaigns. Beyond analyzing message content, our system evaluates sender behavior patterns, communication timing, and request characteristics that may indicate AI-generated scams. Just as agentic AI attacks learn and evolve, our detection systems continuously improve their ability to identify new threat patterns.

Protecting yourself from agentic AI scams requires combining smart technology with informed human judgment. Security experts believe it’s highly likely that bad actors have already begun weaponizing agentic AI, and the sooner organizations and individuals can build up defenses, train awareness, and invest in stronger security controls, the better they will be equipped to outpace AI-powered adversaries.

We’re entering an era of AI versus AI, where the speed and sophistication of both attacks and defenses will continue to escalate. According to IBM’s 2025 Threat Intelligence Index, threat actors are pursuing bigger, broader campaigns than in the past, partly due to adopting generative AI tools that help them carry out more attacks in less time.

Hope in Human + AI Collaboration

While the threat landscape is evolving rapidly, the combination of human intelligence and AI-powered security tools gives us powerful advantages. Humans excel at recognizing context, understanding emotional manipulation, and making nuanced judgments that AI still struggles with. When combined with AI’s ability to process vast amounts of data and detect subtle patterns, this creates a formidable defense.

Staying Human in an AI World

The rise of agentic AI represents both a significant threat and an opportunity. While cybercriminals will certainly exploit these technologies to create more sophisticated scams, we’re not defenseless. By understanding how these systems work, recognizing the new threat landscape, and combining human wisdom with AI-powered protection tools like McAfee‘s Scam Detector, we can stay ahead of the threats.

The key insight is that while AI can mimic human communication and behavior with unprecedented accuracy, it still relies on exploiting fundamental human psychology—our desire to help, our fear of consequences, and our tendency to trust. By developing better awareness of these psychological vulnerabilities and implementing verification protocols that don’t depend on technological red flags, we can maintain our security even as the threats become more sophisticated.

Remember: in the age of agentic AI, the most important security tool you have is still your human judgment. Trust your instincts, verify before you act, and never let urgency override prudence, no matter how convincing the request might seem.

The post How Agentic AI Will Be Weaponized for Social Engineering Attacks appeared first on McAfee Blog.

Android Malware Promises Energy Subsidy to Steal Financial Data

By: McAfee Labs

Authored by ZePeng Chen

Recently, we identified an active Android phishing campaign targeting Indian users. The attackers impersonate a government electricity subsidy service to lure victims into installing a malicious app. In addition to stealing financial information, the malicious app also steals text messages, uses the infected device to send smishing messages to user’s contact list, can be remotely controlled using Firebase and phishing website and malware was hosted in GitHub. This attack chain leverages YouTube videos, a fake government-like website, and a GitHub-hosted APK file—forming a well-orchestrated social engineering operation. The campaign involves fake subsidy promises, user data theft, and remote-control functionalities, posing a substantial threat to user privacy and financial security.

McAfee, as part of the App Defense Alliance committed to protecting users and the app ecosystem, reported the identified malicious apps to Google. As a result, Google blocked the associated FCM account to prevent further abuse. McAfee also reported the GitHub-hosted repository to GitHub Developer Support Team, which took action and already removed it from GitHub. McAfee Mobile Security detects these malicious applications as a high-risk threat. For more information, and to get fully protected, visit McAfee Mobile Security.

Background

The Government of India has approved the PM Surya Ghar: Muft Bijli Yojana on 29th February, 2024 to increase the share of solar rooftop capacity and empower residential households to generate their own electricity. The scheme provides for a subsidy of 60% of the solar unit cost for systems up to 2kW capacity and 40 percent of additional system cost for systems between 2 to 3kW capacity. The subsidy has been capped at 3kW capacity. The interested consumer has to register on the National Portal. This has to be done by selecting the state and the electricity distribution company. Scammers use this subsidy activity to create phishing websites and fake applications, stealing the bank account information of users who want to apply for this subsidy.

Technical Findings

Distribution Methods

This phishing operation unfolds in multiple stages:

  1. YouTube Video Lure: The attackers upload promotional videos claiming users can receive “government electricity subsidies” through a mobile app. A shortened URL is included in the video description to encourage users to click.

Figure 1. YouTube video promoting the phishing URL

 

     2. Phishing Website Imitation: The shortened URL redirects to a phishing website hosted on GitHub. it designed to closely resemble an official Indian government portal.

 

Figure 2. Phishing and official website

The phishing site has a fake registration process instruction, once the users believe this introduction, they will not have any doubts about the following processes. The phishing site also has a fake Google Play icon, making users believe it’s a Google Play app, but in reality, the icon points to an APK file on GitHub. When victims click the Google Play icon, it will download the APK from GitHub repository instead of accessing Google Play App Store.

    3. GitHub-Hosted APK and Phishing page

Both the phishing site source and the APK file are hosted on the same GitHub repository—likely to bypass security detection and appear more legitimate. The repository activity shows that this malicious app has been continuously developed since October 2024, with frequent updates observed in recent weeks.

 

Figure 3. Malware repository in GitHub

Installation without network

The downloaded APK is not the main malicious component. Instead, it contains an embedded APK file at assets/app.apk, which is the actual malware. The initial APK serves only to install the embedded one. During installation, users are deceived into believing they are installing a “security update” and are prompted to disable mobile data or Wi-Fi, likely to reduce the effectiveness of malware detection solutions that use detection technologies in the cloud. But McAfee is still able to detect this threat in offline mode

 

Figure 4. Install a malicious APK without a network

According to the installation instructions, a malicious application will be installed. There are 2 applications that are installed on devices.

  • PMBY – The initial APK, it is used to install PMMBY.
  • PMMBY – Malware APK, it is installed under the guise of “Secure Update“

 

Figure 5. Application names and icons.

Malware analysis

PMMBY is an application that actually carries out malicious behavior—let’s delve into the concrete details of how it accomplishes this.

It requests aggressive permission when it is launched.

  • READ_CONTACTS – Read contacts list
  • CALL_PHONE – Make/manage phone calls
  • READ_SMS, SEND_SMS – View and send SMS messages
  • Notification access – For spamming or masking malicious actions

Figure 6. Aggressive permissions request

Fake UI and Registration Process

Once permissions are granted, the app displays a fake electricity provider selection screen. The message “To Get 300 Unit Free Every Month Please Select Your Electricity Provider From Below And Proceed” is shown in English and Hindi to prompt users to select their provider.

 

Figure 7. “SELECT YOUR PROVIDER” Activity

 

After selecting a provider, the app presents a fake registration form asking for the user’s phone number and a ₹1 payment to “generate a registration token.”

 

Figure 8. Registration Form

 

In this stage, malware creates a background task to send a https request to https[://]rebrand[.]ly/dclinkto2. The response text is https[://]sqcepo[.]replit[.]app/gate[.]html,https[://]sqcepo[.]replit[.]app/addsm[.]php. The string is split as 2 URLs.

  • UPI PIN URL – https[://]sqcepo[.]replit[.]app/gate[.]html. It will be used in “ENTER UPI PIN” process. When malware uses this URL, “gate.html” will be replace with“gate.hml”, so the loaded URL is https[://]sqcepo[.]replit[.]app/gate[.]htm.
  • SMS Uploaded URL – https[://]sqcepo[.]replit[.]app/addsm[.]php. SMS incoming messages are uploaded to this URL.

Figure 9. dclinkto2 request

 

In the stage of ”MAKE PAYMENT of ₹ 1“,victims are asked to use “UPI-Lite” app to complete the payment. In the “UPI-Lite” activity, victims enter the bank UPI PIN code.

 

Figure 10. The process of “ENTER UPI PIN”

UPI Credential Theft

UPI-Lite activity is a fake HTML-based form from https[://]sqcepo[.]replit[.]app/gate[.]htm.

Once submitted, the phone number, bank details, and UPI PIN are uploaded to https[://]sqcepo[.]replit[.]app/addup.php. After the attacker obtains this information, they can steal money from your bank account.

 

Figure 11. Post user’s banker information.

Malware Background Behaviors

In addition to stealing the financial and banking information from the user, the malware is also able to send distribution itself by sending a phishing message to the victim’s contact list, stealing user’s text messages probably to intercept 2FA codes and can be remotely controlled via Firebase.

  • Send mass phishing SMS messages to Indian users from the victims’ contacts list.

Figure 12. Send Phishing SMS message.

  • Upload SMS message to Server.

Malware has requested view SMS permission when it is launched. When it receives the incoming SMS message, it handles the message and posts below data to remote server(https[://]sqcepo[.]replit[.]app/addsm[.]php).

  • senderNum: The phone number of send the incoming message.
  • Message: The incoming SMS message.
  • Slot: Which SIM Slot to receive the message
  • Device rand: A random number was created during the first run to identify the device.

Figure 13. Post Incoming SMS message

  • Firebase as a Command Channel.

Attackers use FCM(Firebase Cloud Messaging) to send commands to control devices. According to the _type value, malware executes different commands.

 

Table1. Commands from FCM message

 

Figure 14. Commands from FCM message

Recommendations

To protect against such sophisticated attacks, users and defenders should take the following precautions:

  • Avoid downloading apps from unofficial websites:
    Especially those offering benefits like subsidies, rewards, or financial aid.
  • Be cautious of apps that require disabling network connections:
    This is often a red flag used to evade real-time antivirus scanning.
  • Carefully review app permissions:
    Apps requesting contact access, SMS read/send or call permissions—without clear reason—should be treated as suspicious.
  • Use security software with SMS protection:
    Enable permission alerts and use reputable mobile security apps to detect abnormal app behavior. McAfee’s Scam Detector as an additional protection for the smishing part.

Cybercriminals are using relevant themes like energy subsidies to trick users into providing financial information. This campaign demonstrates an integrated and stealthy attack chain. YouTube is used to distribute phishing link, GitHub is a reliable and legitimate website to using it to both distribute malicious APKs and serve phishing websites make it more difficult to identify and take it down, and malware authors can remotely update the phishing text messages to be more effective in tricking users into installing the malware via Firebase Cloud Messaging (FCM). With its self-propagation capabilities, financial data theft, and remote-control functions, it poses a serious risk. We will continue to monitor this threat, track emerging variants, and coordinate with relevant platforms to report and help take down associated infrastructure.

Indicators of Compromise (IOCs)

The post Android Malware Promises Energy Subsidy to Steal Financial Data appeared first on McAfee Blog.

How Do Hackers Hack Phones and How Can I Prevent It?

By: Jasdev Dhaliwal

How do hackers hack phones? In several ways. But also, there are several ways you can prevent it from happening to you. The thing is that our phones are like little treasure chests. They’re loaded with plenty of personal data, and we use them to shop, bank, and take care of other personal and financial matters—all of which are of high value to identity thieves. However, you can protect yourself and your phone by knowing what to look out for and by taking a few simple steps. Let’s break it down by first understanding what phone hacking is, taking a look at some common attacks, and learning how you can prevent it.

What is phone hacking?

Phone hacking refers to any method where an unauthorized third party gains access to your smartphone and its data. This isn’t just one single technique; it covers a wide range of cybercrimes. A phone hack can happen through software vulnerabilities, like the spyware campaigns throughout the years that could monitor calls and messages. It can also occur over unsecured networks, such as a hacker intercepting your data on public Wi-Fi. Sometimes, it’s as simple as physical access, where someone installs tracking software on an unattended device. 

Types of smartphone hacks and attacks

Hackers have multiple avenues of attacking your phone. Among these common methods are using malicious apps disguised as legitimate software, exploiting the vulnerabilities of unsecure public Wi-Fi networks, or deploying sophisticated zero-click exploits that require no interaction from you at all. The most common method, however, remains social engineering, where they trick you into giving them access. Let’s further explore these common hacking techniques below.

Hacking software

Whether hackers sneak it onto your phone by physically accessing your phone or by tricking you into installing it via a phony app, a sketchy website, or a phishing attack, hacking software can create problems for you in a couple of ways:

  • Keylogging: In the hands of a hacker, keylogging works like a stalker by snooping information as you type, tap, and even talk on your phone.
  • Trojans: Trojans are malware disguised in your phone to extract important data, such as credit card account details or personal information.

Some possible signs of hacking software on your phone include:

  • A battery that drains way too quickly.
  • Your phone runs a little sluggish or gets hot.
  • Apps quit suddenly or your phone shuts off and turns back on.
  • You see unrecognized data, text, or other charges on your bill.

In all, hacking software can eat up system resources, create conflicts with other apps, and use your data or internet connection to pass your personal information into the hands of hackers.

Phishing attacks

This classic form of attack has been leveled at our computers for years. Phishing is where hackers impersonate a company or trusted individual to get access to your accounts or personal info or both. These attacks take many forms such as emails, texts, instant messages, and so forth, some of which can look really legitimate. Common to them are links to bogus sites that attempt to trick you into handing over personal info or that install malware to wreak havoc on your device or likewise steal information. Learning to spot a phishing attack is one way to keep yourself from falling victim to one.

Bluetooth hacking

Professional hackers can use dedicated technologies that search for vulnerable mobile devices with an open Bluetooth connection. Hackers can pull off these attacks when they are within range of your phone, up to 30 feet away, usually in a populated area. When hackers make a Bluetooth connection to your phone, they might access your data and info, yet that data and info must be downloaded while the phone is within range. This is a more sophisticated attack given the effort and technology involved.

SIM card swapping

In August of 2019, then CEO of Twitter had his phone hacked by SIM card swapping scam. In this type of scam, a hacker contacts your phone provider, pretends to be you, then asks for a replacement SIM card. Once the provider sends the new SIM to the hacker, the old SIM card is deactivated, and your phone number will be effectively stolen. This enables the hacker to take control of your phone calls, messages, among others. The task of impersonating someone else seems difficult, yet it happened to the CEO of a major tech company, underscoring the importance of protecting your personal info and identity online to prevent hackers from pulling off this and other crimes.

Vishing or voice phishing

While a phone call itself cannot typically install malware on your device, it is a primary tool for social engineering, known as vishing or voice phishing. A hacker might call, impersonating your bank or tech support company, and trick you into revealing sensitive information like passwords or financial details. They might also try to convince you to install a malicious app. Another common tactic is the “one-ring” scam, where they hang up hoping you’ll call back a premium-rate number. To stay safe, be wary of unsolicited calls, never provide personal data, block suspicious numbers, and check that your call forwarding isn’t enabled.

Low-power mode hacks

Generally, a phone that is powered off is a difficult target for remote hackers. However, modern smartphones aren’t always truly off. Features like Apple’s Find My network can operate in a low-power mode, keeping certain radios active. Furthermore, if a device has been previously compromised with sophisticated firmware-level malware, it could activate upon startup. The more common risk involves data that was already stolen before the phone was turned off or if the device is physically stolen. While it’s an uncommon scenario, the only sure way to take a device offline and completely sever all power is by removing the battery, where possible.

Camera hacks

Hacking a phone’s camera is referred to as camfecting, usually done through malware or spyware hidden within a rogue application. Once installed, these apps can gain unauthorized permission to access your camera and record video or capture images without your knowledge. Occasionally, vulnerabilities in a phone’s operating system (OS) have been discovered that could allow for this, though these are rare and usually patched quickly. Protect yourself by regularly reviewing app permissions in your phone’s settings—for both iOS and Android—and revoking camera access for any app that doesn’t absolutely need it. Always keep your OS and apps updated to the latest versions.

Android vs. iPhone: Which is harder to hack?

This is a long-standing debate with no simple answer. iPhones are generally considered more secure due to Apple’s walled garden approach: a closed ecosystem, a strict vetting process for the App Store, and timely security updates for all supported devices. Android’s open-source nature offers more flexibility but also creates a more fragmented ecosystem, where security updates can be delayed depending on the device manufacturer. However, both platforms use powerful security features like application sandboxing. 

The most important factor is not the brand but your behavior. A user who practices good digital hygiene—using strong passwords, avoiding suspicious links, and vetting apps—is well-protected on any platform.

Signs your phone has been hacked

Detecting a phone hack early can save you from significant trouble. Watch for key red flags: your battery draining much faster than usual, unexpected spikes in your mobile data usage, a persistently hot device even when idle, or a sudden barrage of pop-up ads. You might also notice apps you don’t remember installing or find that your phone is running unusually slow. To check, go into your settings to review your battery and data usage reports for any strange activity. The most effective step you can take is to install a comprehensive security app, like McAfee® Mobile Security, to run an immediate scan and detect any threats.

How to remove a hacker from your phone

Discovering that your phone has been hacked can be alarming, but acting quickly can help you regain control and protect your personal information. Here are the urgent steps to take so you can remove the hacker, secure your accounts, and prevent future intrusions.

  1. Disconnect immediately: Turn on Airplane Mode to cut off the hacker’s connection to your device via Wi-Fi and cellular data.
  2. Run an antivirus scan: Use a reputable mobile security app to scan your phone, and identify and remove malicious software.
  3. Review and remove apps: Manually check your installed applications. Delete any you don’t recognize or that look suspicious. While you’re there, review app permissions and revoke access for any apps that seem overly intrusive.
  4. Change your passwords: Using a separate, secure device, change the passwords for your critical accounts immediately—especially for your email, banking, and social media.
  5. Perform a factory reset: For persistent infections, a factory reset is the most effective solution. This will wipe all data from your phone, so ensure you have a clean backup—the time before you suspected a hack—to restore from.
  6. Monitor your accounts: After securing your device, keep a close eye on your financial and online accounts for any unauthorized activity.

10 tips to prevent your phone from being hacked

While there are several ways a hacker can get into your phone and steal personal and critical information, here are a few tips to keep that from happening:

  1. Use comprehensive security software. We’ve gotten into the good habit of using this on our desktop and laptop computers. Our phones? Not so much. Installing security software on your smartphone gives you a first line of defense against attacks, plus additional security features.
  2. Update your phone OS and its apps. Keeping your operating system current is the primary way to protect your phone. Updates fix vulnerabilities that cybercriminals rely on to pull off their malware-based attacks. Additionally, those updates can help keep your phone and apps running smoothly while introducing new, helpful features.
  3. Stay safe on the go with a VPN. One way that crooks hack their way into your phone is via public Wi-Fi at airports, hotels, and even libraries. This means your activities are exposed to others on the network—your bank details, password, all of it. To make a public network private and protect your data, use a virtual private network.
  4. Use a password manager. Strong, unique passwords offer another primary line of defense, but juggling dozens of passwords can be a task, thus the temptation to use and reuse simpler passwords. Hackers love this because one password can be the key to several accounts. Instead, try a password manager that can create those passwords for you and safely store them as well. Comprehensive security software will include one.
  5. Avoid public charging stations. Charging your device at a public station seems so convenient. However, some hackers have been known to juice jack by installing malware into the charging station, while stealing your passwords and personal info. Instead, bring a portable power pack that you can charge ahead of time. They’re pretty inexpensive and easy to find.
  6. Keep your eyes on your phone. Many hacks happen simply because a phone falls into the wrong hands. This is a good case for password or PIN protecting your phone, as well as turning on device tracking to locate your phone or wipe it clean remotely if you need to. Apple and Google provide their users with a step-by-step guide for remotely wiping devices.
  7. Encrypt your phone. Encrypting your cell phone can save you from being hacked and can protect your calls, messages, and critical information. To check if your iPhone is encrypted, go into Touch ID & Passcode, scroll to the bottom, and see if data protection is enabled. Typically, this is automatic if you have a passcode enabled. Android users have automatic encryption depending on the type of phone.
  8. Lock your SIM card. Just as you can lock your phone, you can also lock the SIM card that is used to identify you, the owner, and to connect you to your cellular network. Locking it keeps your phone from being used on any other network than yours. If you own an iPhone, you can lock it by following these simple directions. For other platforms, check out the manufacturer’s website.
  9. Turn off your Wi-Fi and Bluetooth when not in use. Think of it as closing an open door. As many hacks rely on both Wi-Fi and Bluetooth to be performed, switching off both can protect your privacy in many situations. You can easily turn off both from your settings by simply pulling down the menu on your home screen.
  10. Steer clear of unvetted third-party app stores. Google Play and Apple’s App Store have measures in place to review and vet apps, and ensure that they are safe and secure. Third-party sites may not have that process and might intentionally host malicious apps. While some cybercriminals have found ways to circumvent Google and Apple’s review process, downloading a safe app from them is far greater than anywhere else.

Final thoughts

Your smartphone is central to your life, so protecting it is essential. Ultimately, your proactive security habits are your strongest defense against mobile hacking. Make a habit of keeping your operating system and apps updated, be cautious about the links you click and the networks you join, and use a comprehensive security solution like McAfee® Mobile Security.

By staying vigilant and informed, you can enjoy all the benefits of your mobile device with confidence and peace of mind. Stay tuned to McAfee for the latest on how to protect your digital world from emerging threats.

The post How Do Hackers Hack Phones and How Can I Prevent It? appeared first on McAfee Blog.

A Guide to Remove Malware From Your iPhone

By: McAfee

Malicious software, also called malware, refers to any program or code engineered to harm or exploit computer systems, networks and devices. It affects your phone’s functionality, especially if you jailbreak your device—that is, opening your iOS to additional features, apps, and themes. 

The risks associated with a malware infection can range from poor device performance to stolen data. Cybercriminals typically use it to extract data—from financial data and healthcare records to emails and passwords—that they can leverage over victims for financial gain. 

Thanks to their closed ecosystem, built-in security features, and strict policies on third-party apps, Apple devices tend to be generally resilient against malware infections. It’s important to note, however, that they’re not completely without vulnerabilities.

Read on to learn how you can detect malware on your iPhone and how to remove these infections so you can get back to enjoying your digital activities.

What is iPhone malware?

While traditional self-replicating viruses are rare on iPhones, malware is a genuine threat for Apple devices. Malware typically enters through links in deceptive texts or emails or through downloaded, unvetted apps rather than system-wide infection. These are some types of malware that could infect your iPhone:

  • Adware: Once embedded into your phone, adware collects your personal data and learns browsing habits to determine what kinds of ads can be targeted to you. It then bombards your screen with pop-up ads.
  • Ransomware: This type of malware encrypts your files or locks you out of your computer, making the data inaccessible. The attackers then demand a ransom before releasing your encrypted files or systems.
  • Spyware: This malicious software sits on your device, tracks your online activities, then sends it to a central server controlled by third-party internet service providers, hackers, and scammers, who then exploit this information to their advantage.
  • Trojans: Disguised as a real, operational program, this type of malware steals passwords, PINs, credit card data, and other private information.

Understanding Apple’s built-in security layers

To keep you safe against malware and other threats, Apple engineers the iPhone with multiple security layers, including:

  • Secure Enclave: This hardware feature is a dedicated secure subsystem in Apple devices that protects your most sensitive data, such as Face ID or Touch ID information in a separate, fortified processor. 
  • Sandboxing: This process serves as a digital wall around each app, preventing it from meddling with other apps or accessing your core iOS system files. A downloaded app is first isolated or sandboxed to prevent it from accessing data in your iPhone or modifying the operating system. 
  • App Store review: Apple also enforces a process to strictly vet apps for malicious code, and it delivers rapid security patches via regular iOS updates to fix vulnerabilities quickly. 

Together, these features create a highly secure environment for iPhones. However, this robust shield does not eliminate all risks, as threats can still bypass these defenses through phishing scams or by tricking a user into installing a malicious configuration profile.

6 signs of malware on your iPhone and quick actions

If your iPhone is exhibiting these odd activities listed below, a manual scan is your first point of order. These quick actions are free to do as they are already integrated into your device.

  • Sudden battery drain: Your battery dies much faster than it should because malware is secretly running in the background. It could mean malware is running in the background and consuming a significant amount of power. To make sure that no such apps are installed on your phone, head over to Settings > Battery and select a period of your choice. Uninstall any unfamiliar apps that stand out.
  • Unexpected data spikes: You notice a sudden jump in your data usage, which could mean malware is sending information from your phone to a hacker’s server. Keep an eye on it if you suspect malware is in your system. To do so, go to Settings > Mobile Data and check if your data usage is higher than usual.
  • Constant pop-ups: Occasionally running into pop-up ads is inevitable when browsing the internet. However, your phone might be infected with adware if you’re getting them with alarming frequency. Never click the pop-ups. Instead, go to Settings > Safari and tap Clear History and Website Data. This can remove adware and reset your browser.
  • Overheating device: Your iPhone feels unusually hot, even when idle, as malicious software can cause the processor to work overtime. Restart your phone to terminate any hidden processes causing the issue.
  • Mysterious apps appear: You discover apps on your iPhone that you are certain you never downloaded. Take some time to swipe through all of your apps and closely inspect or uninstall any that you don’t recognize or remember downloading. 
  • Sluggish performance: Your phone becomes slow, apps crash unexpectedly, or the entire system freezes for no reason. A simple restart can often clear up performance issues and improve responsiveness.

The disadvantage of doing a manual scan is that it requires effort. In addition, it does not detect sophisticated malware, and only identifies symptoms rather than root causes.

Scan your iPhone for malware

If your iPhone persistently exhibits any of the red flags above despite your quick actions, you may have to investigate using a third-party security app to find the threats that manual checks don’t catch. 

Compared with manual or built-in scans, third-party solutions like McAfee Mobile Security offer automated, comprehensive malware scans by detecting a wider range of threats before they enter your digital space. While available at a premium, third-party security suites offer great value as they include full-scale protection that includes a safe browsing feature to protect your digital life and a virtual private network (VPN) for a more secure internet connection. 

How to remove malware from your iPhone

If the scan confirms the presence of malware on your iPhone, don’t worry. There’s still time to protect yourself and your data. Below is an action plan you can follow to remove malware from your device.

Update your iOS, if applicable

In many cases, hackers exploit outdated versions of iOS to launch malware attacks. If you don’t have the latest version of your operating system, it’s a good idea to update your iOS immediately to close this potential vulnerability. To do this, go to Settings > General > Software Update and follow the instructions to update your iPhone.

Restart your device

It might sound simple, but restarting your device can fix certain issues. The system will restart on its own when updating the iOS. If you already have the latest version, restart your iPhone now.

Clear your iPhone browsing history and data

If updating the iOS and restarting your device didn’t fix the issue, try clearing your phone’s browsing history and data. If you’re using Safari, go to Settings > Clear History and Website Data > Clear History and Data. Keep in mind that the process is similar for Google Chrome and most other popular web browsers.

Remove any suspicious apps

Malicious software, such as spyware and ransomware, often end up on phones by masquerading as legitimate apps. To err on the side of caution, delete any apps that you don’t remember downloading or installing.

Restore your iPhone

The option to restore to a previous backup is one of the most valuable features found on the iPhone and iPad. This allows you to restore your device to an iCloud backup version that was made before the malware infection. Go to Settings > General > Transfer or Reset iPhone > Erase All Content and Settings > Restore from iCloud Backup.

Factory reset your iPhone

A factory reset should be your last resort when other removal methods have failed, as it is a complete data wipe. That means it will erase all content and settings, including any malicious apps, profiles, or files, returning the software to its original, out-of-the-box state. That’s why it’s crucial to back up your essential data such as photos and contacts first. Also, remember to restore to an iCloud backup version *before* the malware infection to avoid reintroducing the infection. For the highest level of security, set the iPhone up as new and manually redownload trusted apps from the App Store. When you are ready to reset, go to Settings > General > Transfer or Reset iPhone > Erase All Content and Settings > Set Up as New iPhone.

How to detect spyware on your iPhone

Spyware is designed to be sneaky, but it leaves subtle traces. Pay attention to your iPhone’s behavior, such as the camera or microphone unexpectedly activating as indicated by a green or orange dot in the status bar, sudden battery drain, or your device overheating for no reason. Another major red flag is a spike in data usage when you aren’t actively using your phone.

For a deeper look, do this 5-minute check to see which apps have accessed your data, camera, and microphone. Look for any activity that seems suspicious or that you don’t recall authorizing. 

5-minute spyware check:

  • Scan for unknown apps: Scroll through your home screens and App Library for any apps you didn’t install.
  • Review the App Privacy Report: Check for recent sensor or network activity from apps that shouldn’t be active. Go to Settings > Privacy & Security > App Privacy Report
  • Check for unusual profiles: Go to Settings > General > VPN & Device Management. Remove any profiles you don’t recognize.
  • Look at battery usage: In Settings > Battery, look for unfamiliar apps consuming significant power.

Removing spyware from your iPhone

If you suspect your iPhone has been compromised, it’s important to act quickly. Here’s a step-by-step process to remove it, restore your privacy, and prevent future threats.

  1. Backup your essential data: Before making any changes, back up your photos, contacts, and other important files. Ensure you back up to a trusted location like iCloud or your computer.
  2. Update to the latest iOS: Apple frequently releases security patches. Go to Settings > General > Software Update and install any available updates to close vulnerabilities that spyware might exploit.
  3. Delete suspicious apps and profiles: Remove any apps you don’t recognize. Additionally, go to Settings > General > VPN & Device Management and delete any configuration profiles that you did not install yourself.
  4. Change your passwords: Once your device is clean, immediately change the passwords for your critical accounts, including your Apple ID, email, and banking apps.
  5. Enable two-factor authentication (2FA): For an added layer of security, enable 2FA on all important accounts, to make it much harder for anyone to gain unauthorized access, even if they have your password.
  6. Run a mobile security scan: The most reliable way to detect spyware is with a trusted mobile security app that can perform a comprehensive system scan to help flag any remaining malicious files or settings.
  7. When to escalate: If you suspect you are a victim of stalking or that your device was compromised for illegal activities, contact Apple Support for assistance and consider reporting the incident to law enforcement.

Don’t engage with fake virus pop-up scams

A common tactic used by scammers is the fake virus pop-up. These alarming messages appear while you are browsing, often using logos from Apple or other trusted companies, and claim your iPhone is infected. Their goal is to create panic, urging you to click a link, download a fake app, or call a fraudulent support number. Never interact with these pop-ups. Here’s a quick response plan when dealing with fake virus pop-up ads: 

  • The correct action is to close the Safari tab or the entire browser immediately. 
  • To be safe, clear your browsing data by going to Settings > Safari > Clear History and Website Data. This action removes any lingering scripts from the malicious page. 
  • You can also report phishing pages to help protect others.

Never enter personal information, passwords, or payment details on a page that appears from a pop-up ad.

Avoid malware from the start

The best way to protect your iOS device is to avoid malware in the first place. Follow these security measures to safeguard your device:

  • If you receive unexpected or unsolicited emails or texts, think before you tap the suspicious links to avoid phishing traps.
  • Stick only with apps from the Apple App store. Avoid installing apps from unvetted third-party stores.
  • Protect your device’s built-in defenses by avoiding the temptation to jailbreak your iPhone as this will remove most Apple security features.
  • Enable automatic updates of iOS and iTunes to stay in line with Apple’s security updates and bug fixes.
  • Back up your iPhone data regularly to iCloud or a computer so you can always restore it.
  • Avoid engaging with suspicious text messages on iMessage, as hackers use them to spread phishing scams.
  • Enable two-factor authentication on your Apple ID for a powerful extra layer of security.
  • Routinely review your app permissions to ensure they only have access to necessary data.
  • Install a trusted security app, such as McAfee Mobile Security, for proactive scanning and web protection.

FAQs about iPhone malware

Can my iPhone get a virus from opening an email?
Simply opening an email is very unlikely to infect your iPhone. However, clicking a malicious link or downloading an attachment from a phishing email can lead you to a harmful website or trick you into compromising your information. It’s the action you take, not opening the email itself, that creates the risk.

How do I know if a virus warning is real or fake?
Any pop-up in your browser that claims your iPhone has a virus is fake. Apple does not send notifications like this. These are scare tactics designed to trick you into clicking a link or calling a fake support number. The safest response is to close the browser tab and clear your browsing data.

Does my iPhone really need antivirus software?

It’s a misconception that iPhones are immune to all viruses. While Apple’s built-in security provides a strong defense, it doesn’t offer complete protection. Cybercriminals are increasingly using phishing, smishing, AI voice cloning, deepfake videos and other social engineering methods to target iPhone users. A comprehensive security app provides layered protection beyond the iOS integrated security. Think of it as adding a professional security guard to already-strong walls.

What is the best way to check my iPhone for a virus or malware for free?
You can perform manual checks for free by looking for suspicious apps, checking for unusual battery drain and data usage, and reviewing your App Privacy Report. While helpful for spotting obvious issues, these manual checks aren’t foolproof. A dedicated security app offers a more reliable and thorough analysis.

Can an iPhone get malware without jailbreaking it?
Yes. While jailbreaking significantly increases the risk, malware can still infect a non-jailbroken iPhone. This typically happens through sophisticated phishing attacks, installing malicious configuration profiles from untrusted sources, or, in very rare cases, by exploiting an unknown vulnerability in iOS, known as a “zero-day” attack.

Is an iPhone malware scan truly necessary?
Given the value of the personal data on our phones, a regular malware scan provides significant peace of mind. A reputable security app can identify vulnerabilities you might miss, such as outdated software or risky system settings, helping you maintain a strong security posture.

Final thoughts on iPhone malware protection

Keeping your iPhone secure from malware is an achievable goal that puts you in control of your digital safety. By combining smart habits with powerful security tools, you can confidently protect your personal information from emerging threats. 

McAfee is committed to empowering you with the resources and protection needed to navigate the online world safely. McAfee Mobile Security provides full protection against various types of malware targeting the Apple ecosystem. With safe browsing features, a secure VPN, and antivirus software, McAfee Security for iOS delivers protection against emerging threats, so you can continue to use your iPhone with peace of mind. Download the McAfee Mobile Security app today and get all-in-one protection.

The post A Guide to Remove Malware From Your iPhone appeared first on McAfee Blog.

Scammers Take Advantage of Back-to-School Shopping Scams.

By: Jasdev Dhaliwal

Scammers didn’t take a summer break. They kept busy, ramping up a fresh wave of back-to-school shopping scams. As busy families rush to get kitted out for a new school year, scammers are ready with a glut of phony shopping sites, bogus offers, and fake delivery notifications designed to steal your money and personal info. Let’s get a rundown of what scams are out there this year and how you can avoid them.

What back-to-school shopping scams are out there?

Scammers look to cash in on all the spending that tends to peak in July and August. According to the National Retail Federation, the average U.S. family spends nearly $860 per child to prep them for school—which includes supplies, clothing, and shoes for the new school year. So, like any time of year where a holiday or seasonal event drives a spike in online shopping, we see a rise in scam shopping sites.

The scammers behind these sites promote them in several ways, such as through sponsored search links, email offers, and through social media ads (more on that in a moment). Typically, these sites fall into two categories:

  • Bogus shopping sites where shoppers pay for goods and never receive them. Not only are victims charged for the non-existent goods, but the scammers also have their payment info to use moving forward.
  • Sites that sell counterfeit or cheap knockoff goods. Shoppers get less than they pay for, and they potentially unwittingly support sweatshops and child labor in the process.

While scammers use the lure of low-priced classroom staples like pens, notebooks, backpacks, and the like, they also crank out non-existent deals everything from clothing and shoes to big-ticket items like laptop computers. Also popular are phony shopping sprees and giveaways, which also lure shoppers into handing over their account and personal info. In all, with online shopping hitting another seasonal peak, it’s time for shoppers to give those ads and deals a particularly closer look. Scammers are out there in force.

How are scammers using social media for back-to-school scams?

Fake social media ads remain a mainstay of the scammer arsenal, and scammers most certainly put them to use during back-to-school time. Scammers love social media ads because they offer precise audience targeting. With a convincing-looking ad created using AI tools, they can reach vast numbers of interested buyers—people who are on the lookout for back-to-school deals. With these ads, they point potential victims to the sites mentioned above, all with the hope that unsuspecting shoppers will impulsively click on the deal. From there, the scam works much the same as above. Shoppers end up on a scam site that often looks convincing (thanks again to AI tools that help scammers spin them up quickly) where they enter their personal and account info, only to end up getting scammed.

Three ways you can avoid back-to-school shopping scams.

  1. Look up retailers you’re not familiar with. When you’re shopping online and come across a retailer you haven’t seen before, do some quick research on the company. How long have they been around? Have any complaints been recorded by your attorney general or local consumer protection agency? Also a quick search of “[company name] scam” can help. You might come across posts and reports about a scam related to that company. One extra resource comes courtesy of the Better Business Bureau (BBB) at BBB.org. There you can look up a company, verify its info, and see a list of any complaints against it.
  2. When shopping, pay with a credit card instead of your debit card. In the U.S., the Fair Credit Billing Act offers the public protection against fraudulent charges on credit cards. Citizens can dispute charges of over $50 for goods and services that were never delivered or otherwise billed incorrectly. (Note that many credit card companies have their own policies that improve upon the Fair Credit Billing Act as well.) However, debit cards don’t get the same protection under the act. Avoid using a debit card while shopping online and use your credit card for extra assurance.
  3. Get a scam detector to spot bogus links and offers for you. Even with these tips and tools, spotting bogus links with the naked eye can get tricky. Some look “close enough” to a legitimate link that you might overlook it. Yet a combination of features in our McAfee+ plans can help do that work for you. Our Scam Detector helps you stay safer with advanced scam detection technology built to spot and stop scams across text messages, emails, and videos. Likewise, our Web Protection will alert you if a link might take you to a sketchy site. It’ll also block those sites if you accidentally tap or click on a bad link.

Also watch out for phony delivery message scams during back-to-school season.

Another popular scammer ploy involves shipping notifications. Scammers know that with lots of online shopping comes a lot of online shipping notifications. They send phony delivery messages by the thousands, all with the aim of catching a few victims who have real packages on the way.

They pose as legitimate shippers and retailers, do their best to look and sound like them, and use urgency to get people to act. “Your package can’t be delivered. Please click this link within the next 24 hours to get your shipment.” And so on. In some cases, those links lead to phishing and malware sites. In others, the notification contains an attachment that installs malware if clicked.

With these scams in the mix, here’s how you can stay safe:

  1. Don’t tap on links in text messages: If you follow one piece of advice, it’s this. Companies use their standard addresses and phone numbers to contact customers. Follow up on their websites to see what they are. The USPS, UPS, FedEx, and Amazon each have pages dedicated to sharing that info.
  2. Confirm directly: If you have concerns, get in touch with the company you think might have sent it. Manually type in their website and enquire there. Again, don’t click or tap any links.
  3. Use the shipping company’s or retailer’s app: the USPS, UPS, FedEx, and Amazon all have legitimate apps available in Apple’s App Store and Google Play. You can also count on those to track packages and verify info about your shipments.

 

The post Scammers Take Advantage of Back-to-School Shopping Scams. appeared first on McAfee Blog.

You Have a Right to Delete Your Data—But Dozens of Data Brokers Hide How to Do It

By: Jasdev Dhaliwal

You can request data brokers to remove your personal info from their databases. But finding their request forms is another challenge entirely, especially when they’re hidden. Recent reporting from CalMatters and The Markup found that 35 data brokers injected code into their websites that hid their opt out pages from search, making it more difficult for people to delete their data.If you don’t like the idea of your sensitive personal info being collected, bought, and sold without your knowledge, this is important news for you.
And these brokers collect plenty of it. They compile often exacting profiles of people, which can include things like purchasing habits, health data, financial info, real-time location data (gathered from smartphone apps), and even inferred info like political leanings, lifestyle choices, and religious beliefs.
As you can see, this level of data collection can get entirely personal.

Moreover, practically anyone can purchase this sensitive info. That ranges from advertisers to law enforcement and from employers to anyone on the street who wants to know a lot more about you.
This report stands as a good reminder that data collection on this level is an everyday fact of life—and that you can still take some control of it.
With a quick look at the report, we’ll then show you what’s going on with all this data collection and what you can do about it.

Data brokers making it tougher to remove personal data from their sites

As part of the article, reporters analyzed 499 data broker sites registered in the state of California. Of them, 35 had search-blocking code. Additionally per the article, many opt out pages “required scrolling multiple screens, dismissing pop-ups for cookie permissions, and newsletter sign-ups and then finding a link that was a fraction the size of other text on the page.” Once the publications contacted the data brokers in question, multiple companies halted the practice, some responding that they were unaware their site had search-blocking code. Several others didn’t respond by the time the article was published and kept their practices in place.

Where do data brokers get such personal info?

There are several ways information brokers can get information about you…

Sources available to the public: Some of your personal records are easily available to the public. Data brokers can collect public records like your voter registration records, birth certificate, criminal record, and even bankruptcy records. By rounding them up from multiple sources and gathering them in one place, it takes someone seconds to find out all these things about you, rather than spending hours poring over public records.

Search, browsing, and app usage: Through a combination of data collected from internet service providers (ISPs), websites, and apps, data brokers can get access to all kinds of activity. They can see what content you’re interested in, how much time you spend on certain sites, and even your daily travels thanks to location data. They also use web scraping tools (software that pulls info from the web), to gather yet more. All this data collecting makes up a multi-billion-dollar industry where personal data is gathered, analyzed, sold, and then sold again and again—all without a person’s knowledge.
Online agreements: As it is with smartphone apps, you’ll usually have to sign an agreement when signing up for a new online service. Many of these agreements have disclosures in the fine print that give the company the right to collect and distribute your personal info.

Purchase history: Data brokers want to know what products or services you’ve purchased, how you paid for them (credit card, debit card, or coupon), and when and where you purchased them. In some cases, they get this info from loyalty programs at places like supermarkets, drugstores, and other retailers. Kroger, one of the largest grocery chains, is a good example of how purchasing insights end up in the hands of others. According to Consumer Reports, the company draws 35% of its net income from selling customer data to other companies.
“What can I do about companies collecting my data?”

For starters, there aren’t any data privacy laws on the federal level. So far, that has fallen to individual states to enact. As such, data privacy laws vary from state-to-state, with California having some of the earliest and strongest protections on record, via the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

In all, 20 states currently have comprehensive privacy laws in place, with five others that have put narrower privacy protections in place, covering data brokers, internet service providers, and medical/biometric data.
States with Comprehensive Data Privacy Laws

  • California
  • Virginia
  • Colorado
  • Connecticut
  • Utah
  • Iowa
  • Indiana
  • Tennessee
  • Texas
  • Florida
  • Montana
  • Oregon
  • Delaware
  • New Hampshire
  • New Jersey
  • Kentucky
  • Nebraska
  • Rhode Island

For specific laws in your state and how they can protect you, we suggest doing a search for “data privacy laws [your state]” for more info.
Even if your state has no or narrow data privacy laws in place, you still have several ways you can take back your privacy.

How to protect your data from data brokers

The first thing you can do is keep a lower profile online. That can limit the amount of personal info they can get their hands on:

Be selective about what you share online. Don’t overshare personal info on social media. Avoid things like online quizzes and sweepstakes. And be aware that some data brokers indeed scour the web with scraping tools that gather up info from things like forum posts.

Go private. Even better, lock down your privacy on social media. Social media platforms like Facebook, Instagram, and others have several settings that keep your profile from being scraped in the ways mentioned above. Features like our Social Privacy Manager can make quick work of this by adjusting more than 100 privacy settings across your accounts in a few clicks.

Use a virtual private network (VPN) whenever possible. A VPN hides your IP address and encrypts your data while you surf the web. McAfee’s Secure VPN protects your personal data and credit card information so you can browse, bank, and shop online without worrying about prying eyes, like data brokers and internet service providers (ISPs) that collect info about what you do online.

Remove your info from data brokers quickly with McAfee

The list of data brokers is long. Cleaning up your personal data online can quickly eat up your time, as it requires you to reach out to multiple data brokers and opt out. Rather than removing yourself one by one from the host of data broker sites out there, you have a solution: our Personal Data Cleanup.
Personal Data Cleanup scans data broker sites and shows you which ones are selling your personal info. It also provides guidance on how you can remove your data from those sites. And if you want to save time on manually removing that info, you have options. Our McAfee+ Advanced and Ultimate plans come with full-service Personal Data Cleanup, which sends requests to remove your data automatically. If the thought of your personal info getting bought and sold in such a public way bothers you, our Personal Data Cleanup can put you back in charge of it.

The post You Have a Right to Delete Your Data—But Dozens of Data Brokers Hide How to Do It appeared first on McAfee Blog.

Going Lacoocoo over Labubu: How Viral Toy Trends Are Becoming Scams

By: Jasdev Dhaliwal

Scammers are exploiting the massive popularity of Labubu collectible toys through fake websites and social media ads, resulting in consumers losing hundreds of dollars to counterfeit “Lafufu” dolls or receiving nothing at all. Here’s how to protect yourself from becoming their next victim.

The Viral Phenomenon That Caught Cybercriminals’ Attention

If you haven’t heard of Labubu dolls yet, you’re about to understand why they’ve become both a cultural obsession and a cybersecurity nightmare. These small, mischievous-looking plush toys with distinctive sharp teeth have exploded in popularity thanks to celebrity endorsements from Rihanna, Dua Lipa, and BLACKPINK’s Lisa, plus viral TikTok unboxing videos.

Created by Hong Kong artist Kasing Lung and sold exclusively by Pop Mart since 2019, these $20-$30 “blind box” collectibles have generated such intense demand that rare “secret” versions are reselling for thousands of dollars. Fans line up for hours at Pop Mart stores and even travel internationally to get their hands on authentic Labubus. Where there’s viral demand and limited supply, cybercriminals inevitably follow.

The Anatomy of a Modern Scam Operation

The Scale of the Problem

The Better Business Bureau has received over 76 reports from consumers who thought they were purchasing authentic Labubu dolls but instead received counterfeit versions dubbed “Lafufus” – or worse, nothing at all. Some victims report losses of nearly $500 from a single fraudulent transaction.

How the Scam Works

The attack vector is disturbingly familiar yet devastatingly effective:

1. Social Media Infiltration: Scammers flood TikTok and Instagram with sponsored ads featuring “limited edition” Labubu dolls at discounted prices
2. Fake Website Creation: Professional-looking e-commerce sites mimic Pop Mart’s official branding and use urgent language like “limited stock” and countdown timers
3. Payment Harvesting: Once victims enter payment information, scammers either ship low-quality counterfeits or disappear entirely
4. Digital Vanishing Act: When complaints mount, the entire operation disappears overnight, only to resurface under a new domain name

The Most Dangerous Platforms

The BBB has specifically flagged these scam operations:

  • Kawaii Room
  • Cult Neo
  • Bubulands
  • Bears R Us
  • Labubu Fantasy

Additionally, TikTok live streams claiming to be “Pop Mart USA” have been particularly problematic, using high-pressure sales tactics and fake countdown timers to rush buyers into immediate purchases.

Red Flags To Recognize

Website Warning Signs

  • Prices significantly below retail ($20-30 for authentic Labubus)
  • Domains that slightly misspell official brand names
  • Lack of verifiable contact information or customer service
  • No official Pop Mart branding or licensing information
  • Generic order confirmation emails without proper company details

Sponsored Ads on TikTok or Instagram Promoting “Exclusive Deals”

These fraudulent advertisements are designed to look legitimate and often feature professional product photography stolen from Pop Mart’s official channels. The ads frequently claim unrealistic discounts such as “50% off limited edition Labubu” or similar offers that seem too good to be true. Promotional copy emphasizes false urgency with phrases like “Last 24 hours!” or “Only 100 left!” to pressure consumers into making immediate purchases without proper consideration.

Warning signs include links that redirect to domains other than popmart.com or Pop Mart’s official Amazon store, indicating fraudulent operations. These ads typically originate from accounts with generic names or recently created profiles that have little post history, suggesting they were established specifically for scamming purposes. The comments sections are either disabled entirely or filled with obviously fake positive reviews designed to create an illusion of satisfied customers.

Scammers often use unofficial terminology or deliberate misspellings of “Labubu,” sometimes intentionally using variations like “Lafufu” to avoid detection by platform algorithms designed to identify and remove fraudulent content related to official brand names.

Live Streams with Urgent Countdowns Creating Artificial Scarcity

TikTok live streams have become a particularly dangerous vector for Labubu scams, operating as sophisticated psychological manipulation campaigns. These streams claim to be “Pop Mart USA” and run for up to 12 hours daily, using countdown timers that reset repeatedly to create false urgency. The hosts make claims of “restocks” or “newly available inventory” that never actually existed, giving viewers only seconds to purchase once items “drop” to prevent careful consideration.

The manipulation extends to chat features filled with fake comments from bot accounts expressing excitement, while QR codes displayed on stream appear authentic but lead to fraudulent websites. Many hosts wear Pop Mart merchandise or display authentic products while selling counterfeits, using stream titles with official-sounding language like “Official Pop Mart Restock Event” to enhance their credibility.

Multiple Similar Accounts Claiming to be Official Retailers

Scammers create networks of interconnected fake accounts to build credibility and reach wider audiences. These profiles use variations of names like “Pop Mart USA” or “Official Labubu Store,” copying official Pop Mart language and contact information in their bio sections. They use profile pictures featuring Pop Mart’s logo or official product photography without permission, engaging in cross-promotion between fake accounts to create an illusion of legitimacy.

These fraudulent accounts maintain artificially inflated follower counts through bot networks and post histories that are either very recent or filled with stolen content from official accounts. The posting patterns appear inconsistent, suggesting automated or outsourced management, while comments and engagement seem coordinated rather than organic.

QR Codes and Fabricated “Proof of Authenticity”

Visual “proof” elements appear legitimate but are actually fabricated to deceive consumers. QR codes redirect to fake verification websites rather than Pop Mart’s official system, while authenticity certificates or stamps use similar but not identical branding to official materials. Scammers use photos of authentic Labubu products to “prove” legitimacy while shipping counterfeits, providing serial numbers or batch codes that don’t match Pop Mart’s actual numbering systems.

The deception includes holographic stickers or security features that look similar but lack proper verification methods, screenshots of “authentication apps” that are actually fake applications created by scammers, and references to verification through third-party services that don’t actually authenticate Pop Mart products. Authentic packaging may be displayed while the actual shipped products come in generic or counterfeit boxes.

Payment Red Flags

Several warning signs indicate fraudulent operations. Scammers often request payment through peer-to-peer apps like CashApp or Venmo, avoid implementing secure checkout processes or SSL certificates, and make it impossible to cancel orders immediately after placement. Customer service typically becomes unresponsive after payment is received, leaving consumers with no recourse.

Spotting Authentic vs. Counterfeit Labubus

Authentic Labubu Characteristics

Genuine Labubu toys have exactly nine pointed teeth, which serves as the key identifier for authenticity. They feature a pale peach complexion with specific color consistency and display the official Pop Mart logo stamped on the bottom of one foot. Authentic products come in proper packaging with legitimate QR codes and holographic stickers, including authenticity stamps that can be verified through Pop Mart’s official system.

Counterfeit “Lafufu” Warning Signs

Counterfeit versions exhibit several telltale signs of fraudulent manufacturing. These fake toys have more or fewer than nine teeth, different facial colors or expressions, and missing or fake Pop Mart branding. The materials and construction quality are noticeably poor, and packaging lacks verifiable QR codes that connect to official authentication systems.

Your Cybersecurity Action Plan

Protecting yourself from these scams requires a multi-layered approach starting with shopping exclusively through official channels. Purchase only from Pop Mart’s official website at popmart.com or their verified Amazon store to ensure authenticity. Before making purchases from unfamiliar retailers, always search for “[website name] + scam” to verify their legitimacy.

Use secure payment methods that offer fraud protection and dispute capabilities, particularly credit cards rather than peer-to-peer payment apps. Maintain extreme skepticism toward social media ads, especially those creating artificial urgency or pressure to purchase immediately.

If You’ve Been Targeted

If you discover you’ve been scammed, document everything immediately by saving screenshots, emails, and transaction records. Contact your credit card company or bank without delay to dispute charges and report the scam to the Better Business Bureau’s Scam Tracker. File complaints with the Federal Trade Commission to help authorities track these criminal operations.

Financial Recovery

Request chargebacks through your credit card provider and provide all documentation showing misrepresentation of goods. Avoid using peer-to-peer payment apps for future purchases as they offer limited fraud protection and fewer options for recovery when scams occur.

The Broader Cybersecurity Implications

The Labubu scam represents a troubling evolution in cybercriminal tactics, demonstrating how quickly bad actors can weaponize viral trends to create sophisticated fraud networks. These operations exploit consumer psychology around FOMO (fear of missing out) and artificial scarcity to pressure victims into making hasty financial decisions.

Several factors make this particularly dangerous for consumers and cybersecurity professionals alike. The speed of adaptation allows scammers to create convincing fake operations within days of a trend emerging, while social media amplification means platforms struggle to quickly identify and remove fraudulent sponsored content. The international scope of many operations makes law enforcement cooperation challenging, and the target demographics often include Gen Z consumers who may be early adopters of trends but lack experience with sophisticated scams.

Industry Response and Future Outlook

Pop Mart has been working to combat counterfeiting, but the distributed nature of online fraud makes this an ongoing challenge. Social media platforms are slowly improving their ad verification processes, though scammers continue finding workarounds to exploit system vulnerabilities.

International customs officials have begun seizing shipments of counterfeit Labubu toys, with hundreds of thousands of fake units confiscated in recent operations. However, the profit margins on these scams remain attractive enough that new operations continue launching regularly, adapting their tactics to avoid detection.

Protecting the Next Generation of Consumers

As cybersecurity professionals and informed consumers, we have a responsibility to educate others about these evolving threats. The Labubu scam won’t be the last time cybercriminals exploit viral cultural phenomena – it represents the most recent example of an increasingly sophisticated playbook that targets consumer psychology and cultural trends.

Consumer protection requires constant vigilance and education. Always verify the authenticity of sellers before providing payment information, maintain suspicion of deals that seem too good to be true, and use payment methods that offer fraud protection and dispute capabilities. Report suspected scams to relevant authorities to help protect other consumers from similar harm.

The intersection of viral culture and cybercrime is only going to become more complex as digital trends accelerate and criminal operations become more sophisticated. By staying informed about these tactics and sharing knowledge with our communities, we can help reduce the success rate of these operations and protect consumers from financial harm.

Remember that when it comes to viral trends and online shopping, a healthy dose of skepticism isn’t cynicism – it’s cybersecurity best practice. The cost of verification is always less than the cost of victimization.

 

The post Going Lacoocoo over Labubu: How Viral Toy Trends Are Becoming Scams appeared first on McAfee Blog.

Fortnite Impersonation Scams: A No-Nonsense Parent Guide

By: Jasdev Dhaliwal

Even years after its release, Fortnite still stands as the online “battle royale” game of choice, with millions of younger gamers packing its servers every month—along with fair share of scammers who want to target them both in and out of the game. What makes Fortnite such a proverbial hunting ground for scammers? The answer lies in an in-game economy—one fueled with its own virtual currency that’s backed by real dollars. As to how all that plays out, that calls for a closer look at the game. Fortnite’s in-game currency, V-Bucks, has become a prime target for cybercriminals. One of the most prevalent threats is the so-called “free V-Bucks generator” scam—a fraudulent scheme that promises players free or discounted V-Bucks in exchange for completing online forms, providing account credentials, or downloading software. These offers are entirely illegitimate. No third-party service can generate V-Bucks, and engaging with such sites puts users at significant risk of credential theft, malware infection, and financial fraud.

What is Fortnite?

Fortnite is player-versus-player game where up to 100 players fight as individuals, duos, or squads of up to four, battle on a cartoon-like island where the playable area increasingly shrinks as the game goes on. Along the way, players gain weapons and items that by rummaging through “loot boxes” or through bundles of loot left behind by eliminated players. Fortnite has several game modes, yet the most popular is the “battle royale” mode described here, where the last player, or team, left standing wins.

Is Fortnite free to play?

On the surface, Fortnite is free to play. However, money quickly enters the picture with Fortnite’s in-game currency known as V-Bucks. Players pay real money to purchase different amounts of V-Bucks through the Fortnite Item Shop or through official Fortnite V-Bucks gift cards available in stores and online.

Players use V-Bucks for all kinds of in-game purchases, notably outfits and game avatars known commonly as “skins” based on pop-culture icons like Marvel superheroes and popular singers, along with other game weapons and items. Further, players use V-Bucks to purchase “Battle Passes” that give them access to further in-game purchases and rewards. Finally, players can also purchase “Loot Llamas,” which are bundles of items, skins, and weapons as well (which players can also acquire these through gameplay to some degree).

And that’s where scammers enter the picture. Because wherever money changes hands online, scammers are sure to crop up. And with Fortnite in particular, players are more than willing to pay for V-Bucks, which can turn unwary kids into targets.

What are Fortnite scams, and what do they look like?

In all, players love spending V-Bucks because it lets them create custom avatars loaded with unique items. This makes up a big part of the game’s appeal above and beyond the gameplay itself, to the point where players sporting rarer skins and items take on the air of status symbols.

Bad actors out there do their best to capitalize on this mix of customization, status, and money with several types of scams designed to lure in young gamers. Put plainly, the game’s economy gives scammers a powerful emotional hook they can set—the drive to stand out on the battlefield is high.

Three of the most common Fortnite scams include:

Phishing scams

Just like shopping scams, fake ticket scams, and the like, these scams lure children into clicking links to phishing sites that promise in-game rewards, items, and discounted V-Bucks—but steal credit and debit card info. Young gamers might come across these links in search, yet YouTube has been rife with links to Fortnite scams as well. An examination of domains such as 750ge.com and ggfn.us reveals the use of established phishing methodologies coupled with malware delivery systems. These sites leverage Fortnite’s widespread appeal to attract users seeking free premium content, employing social engineering techniques that mirror those seen in Roblox-related scams and other forms of online fraud.

Social engineering scams

Scammers pose as friendly gamers and build up trust over time, only to betray that trust by asking children to share personal info, passwords, or credit card numbers for “discounted” V-Bucks or items. Some also get children to download malware, promising that the (harmful) app “generates” V-Bucks or gives them “upgrades” of some kind.

Account takeovers and ransoms

Also under the guise of providing items, upgrades, or V-Bucks, scammers persuade children into handing over their login info. This can give them access to personal and financial info contained in the Epic Games Launcher. Further, because some players have spent a great deal of time and money on their account, some scammers hold hijacked accounts for ransom—demanding payment for the return of the account. As it is with any kind of ransomware or ransom attack online, payment is no guarantee that the scammer will return the account.

How to Secure Your Epic Games Account

When it comes to protecting your Fortnite and Epic purchases, a few disciplined habits go a long way. Follow the guidance below to significantly reduce account-takeover risk and streamline recovery if something goes wrong.

Use Unique Passwords

Use a password that you don’t use anywhere else. Credential-stuffing attacks rely on recycled passwords from other breaches; a unique, long passphrase (ideally 14+ characters) blocks that common tactic. Consider a reputable password manager to generate and store complex credentials safely.

Enable Two-Factor Authentication (2FA)

Turn on 2FA so a one-time code is required at sign-in, stopping most unauthorized logins even if a password leaks. Epic supports email, SMS, and authenticator-app methods—use an app whenever possible for stronger protection. Note: 2FA is required for certain programs (e.g., tournaments, Support-A-Creator) and is strongly recommended for all players.

Secure and Verify your Email Address

Your email is the recovery backbone for your Epic account. Use an email you’ll keep long-term, enable that mailbox’s own 2FA, and verify the address within Epic. A verified, secured email makes account recovery faster and helps Player Support confirm ownership if there’s suspicious activity.

Link Your Social Accounts for Extra Security

Linking trusted single-sign-on options (e.g., Google) can simplify logins without creating yet another password—provided those social accounts are themselves protected with unique passwords and 2FA. Treat your SSO accounts as keys: if they’re well-secured, they reduce friction without sacrificing safety.

Keep Your Devices Secure

Good account security starts with healthy devices. Keep operating systems and browsers up to date, use reputable antivirus/anti-malware, and avoid installing unknown software or extensions. A compromised device can capture keystrokes and tokens regardless of how strong your password is.

Don’t Buy or Share Accounts

Buying, selling, or sharing accounts violates policy and exposes you to scams, chargebacks, and permanent loss of access. If someone else knows your password—or if ownership is disputed—support may not be able to help. Keep your credentials private and your account strictly personal.

Don’t Trust Suspicious Offers

Ignore sites and messages promising free or discounted V-Bucks, skins, or creator perks. These are common phishing and malware lures that mimic Epic branding to steal credentials or install harmful software. Only transact through official Epic channels and in-game menus.

If You Suspect Compromise

If you can still log in: immediately reset your email password, then your Epic password, and enable 2FA. Review recent logins and unlink unknown devices. If you can’t log in: work through Epic’s recovery steps starting with your email account and Epic password reset. Have purchase details handy to verify ownership.

What are the parental controls for Fortnite?

With many Fortnite scams, scammers need a way to speak with your child, ideally in the game itself. Fortunately, Fortnite has several parental controls that make it far more difficult for scammers to approach them and that give you further control over payments made through the platform.

Here are a few of the things you can manage from Fortnite’s parental controls:

Social permissions

This lets you manage your child’s online social interactions across Epic’s experiences and games by setting permissions for friend requests, voice and text chat, and mature language filtering.

Purchasing settings

Here you can set permissions to help prevent unauthorized payments while using Epic Games payment services.

Age-rating restrictions

You can manage which experiences your child can access in Fortnite, and which games your child can access in the Epic Games Store based on age ratings.

Time limit controls & time reports

Set time limits and view the total time your child spends in Fortnite and Unreal Editor for Fortnite (UEFN) each week. Choose if you want to receive email reports for your child’s time spent in Fortnite and UEFN.

Should I trust a website that’s offering free V-Bucks?

As Epic Games states, avoid trusting any offers for Epic Games products—such as free titles or V-Bucks that come from external or unverified sites, as they are likely scams. Legitimate promotions are only shared through the Epic Games Store, the official Epic Games website, or their verified social media channels, so if you don’t see it there, it’s not real.

Additionally, for parents of younger players …

Fortnite offers what Epic Games calls “Cabined Accounts,” a safer space that disables voice and text chat, while also disabling the ability to pay for items with real money. (In the U.S., Cabined Accounts are for children under 13 years old. Elsewhere, under that country’s age of digital consent.) Players with Cabined Accounts can still play titles from Epic Games like Fortnite, Rocket League or Fall Guys, but won’t be able to access certain features such as voice chat until their parent or guardian provides consent.

 

Source: Epic Games

What other parental controls can you set to keep your kids safe on Fortnite?

Be aware, though. The parental controls listed above only apply to games on the Epic Games platform. That means your child may still be able to access voice chat using the chat system built into the gaming console or device they’re playing on. So you’ll want to check out the parental controls on their console or device as well, which we’ve listed below:

PlayStation

PlayStation® 5 parental controls and PlayStation® 4 parental controls

Xbox

Xbox parental controls

Nintendo Switch

Nintendo Switch™ parental controls

Windows

Windows parental controls

iOS

iOS parental controls

Google Play

Google Play parental controls

More ways you can protect your kids from Fortnite and online game scams

Make sure your kids know that virtual money is often real money.

Whether it’s Fortnite V-Bucks or many of the other virtual currencies used in online games, many are tied back to real dollars. It costs real money to buy them. Ultimately, the same goes for the in-game purchases they make. Younger gamers don’t always make this connection, which is how we get the occasional headline story about a grade-school child who racks up a multi-thousand-dollar credit card bill. Have a sit-down with your child and help them understand this connection between “virtual” money and “real” money. And with that, you can have a follow-on chat about an allowance for online game purchases (which you can often set using a game’s parental controls). Do note, Epic Games does not offer legitimate V-Bucks generators outside their official platforms. Any site claiming otherwise is operating a fraud scheme that poses significant security risks to users.

Set the parental controls for the games they play.

We’ve outlined what Fortnite offers by way of parental controls, as well as the parental controls offered on several top gaming platforms. Once more, note that you’ll want to set parental controls on the any of the games your children play that include online chat or purchases. Granted, the controls vary from game to game, but a quick web search will let you know what your options are. In some cases, as with Fortnite, gaming companies have entire websites dedicated to parental controls and overall child safety.

Help your kids know the difference between “friends” in games and friends in real life.

As we outlined above, many scammers try to trick young gamers into thinking they’re a friend—when in fact any kind of “friendship” is part of a scam. Make sure you let them know it’s always okay to speak with you or another trusted adult if a “friend” asks them for personal info or anything that has to do with money. The same goes for asking them to chat on other apps outside the game, such as Whatsapp, or to meet up in person. Understandably, the answer to questions like these is always “no.” Note that some games and platforms let you report accounts for behavior like this. Use those tools as needed.

Use a credit card to pay for online games.

In the U.S., the Fair Credit Billing Act allows you to dispute charges. Additionally, some credit cards offer their own anti-fraud protections that can help you dispute a billing. Further, if your credit card offers online account alerts for when a purchase is made, set that up so you can track what your children are spending online. Lastly, use credit monitoring to track any unusual purchases. Credit monitoring like ours provides timely notifications and guidance so you can take action to tackle identity theft.

Get a scam detector working for you.

Phony sites, emails, texts, and on and on and on—scammers put them all into play. Yet a combination of features in our McAfee+ plans can help you and your children spot them.

McAfee’s Scam Detector helps you stay safer with advanced scam detection technology built to spot and stop scams across text messages, emails, and videos. Likewise, our Web Protection will alert you if a link might take you to a sketchy site. It’ll also block those sites if you accidentally tap or click on a bad link.

 

 

The post Fortnite Impersonation Scams: A No-Nonsense Parent Guide appeared first on McAfee Blog.

Instagram’s New Tracking Feature: What You Need to Know to Stay Safe 

By: Jasdev Dhaliwal
mobile apps on a phone

Meta has unleashed a groundbreaking feature that transforms Instagram from a photo-sharing platform into a real-time location broadcaster. While the company promises enhanced connectivity, cybersecurity experts are sounding alarm bells about potential dangers lurking beneath this seemingly innocent update. 

Understanding the Digital Surveillance Landscape

Instagram’s freshly minted “Map” functionality represents a seismic shift in social media architecture. Unlike traditional posting where you deliberately choose what to share, this feature operates as an always-on location transmitter that continuously broadcasts your whereabouts to selected contacts whenever you launch the application. 

The mechanism mirrors Snapchat’s infamous Snap Map, but with Instagram’s massive user base—over 2 billion active accounts—the implications for personal security amplify exponentially. This feature enables users to share their real-time location with friends and view theirs on a live map, but it also raises serious privacy concerns from targeted advertising to potential stalking and misuse in abusive relationships. 

McAfee’s Chief Technology Officer Steve Grobman provides crucial context: “Features like location sharing aren’t inherently bad, but they come with tradeoffs. It’s about making informed choices. When people don’t fully understand what’s being shared or who can see it, that’s when it becomes a risk.” 

The Hidden Dangers Every Consumer Should Recognize 

Stalking and Harassment Vulnerabilities 

Digital predators can exploit location data to track victims with unprecedented precision. Relationship and parenting experts warn location sharing can turn into a stressful or even dangerous form of control, with research showing that 19 percent of 18 to 24-year-olds think it’s reasonable to expect to track an intimate partner’s location. 

Steve Grobman emphasizes the real-world implications: “There’s also a real-world safety concern. If someone knows where you are in real time, that could lead to stalking, harassment, or even assault. Location data can be powerful, and in the wrong hands, dangerous.” 

Professional and Personal Boundary Erosion

Your boss, colleagues, or acquaintances might gain unwanted insights into your personal activities. Imagine explaining why you visited a competitor’s office or why you called in sick while appearing at a shopping center. 

The Social Network Vulnerability

The danger often comes from within your own network. Grobman warns: “It only takes one person with bad intentions for location sharing to become a serious problem. You may think your network is made up of friends, but in many cases, people accept requests from strangers or someone impersonating a contact without really thinking about the consequences.” 

Data Mining and Commercial Exploitation

While Instagram claims it doesn’t use location data from this feature for ad targeting, the platform’s history with user data suggests caution. Your movement patterns create valuable behavioral profiles for marketers. 

The Mosaic Effect: Building Detailed Profiles

Cybercriminals employ sophisticated data aggregation techniques. According to Grobman: “Criminals can use what’s known as the mosaic effect, combining small bits of data like your location, routines, and social posts to build a detailed profile. They can use that information to run scams against a consumer or their connections, guess security questions, or even commit identity theft.” 

Immediate Action Steps: Protecting Your Digital Territory

Step 1: Verify Your Current Status 

For iPhone Users: 

  • Launch Instagram and navigate to your Direct Messages (DM) inbox 
  • Look for the “Map” icon at the top of your message list 
  • If present, tap to access the feature 
  • Check if your location is currently being broadcast 

For Android Users: 

  • Open Instagram and go to your DM section
  • Locate the map symbol above your conversation threads
  • Select the map to examine your sharing status 

Step 2: Disable Location Broadcasting Within Instagram

Method 1: Through the Map Interface 

  • Access the Map feature in your DMs
  • Tap the Settings gear icon in the upper-right corner 
  • Select “Who can see your location” 
  • Choose “No One” to completely disable sharing 
  • Confirm your selection 

Method 2: Through Profile Settings 

  • Navigate to your Instagram profile 
  • Tap the three horizontal lines (hamburger menu) 
  • Select Settings and Activity 
  • Choose “Privacy and Security” 
  • Find “Story, Live and Location” section 
  • Tap “Location Sharing” 
  • Set preferences to “No One” 

Step 3: Implement Device-Level Protection

iPhone Security Configuration: 

  • Open Settings on your device 
  • Scroll to Privacy & Security 
  • Select Location Services 
  • Find Instagram in the app list 
  • Choose “Never” or “Ask Next Time” 

Android Security Setup: 

  • Access Settings on your phone 
  • Navigate to Apps or Application Manager 
  • Locate Instagram 
  • Select Permissions 
  • Find Location and switch to “Don’t Allow” 

Step 4: Verify Complete Deactivation

After implementing these changes: 

  • Restart the Instagram application 
  • Check the Map feature again 
  • Ensure your location doesn’t appear 
  • Ask trusted contacts to confirm you’re invisible on their maps 

Advanced Privacy Fortification Strategies

Audit Your Digital Footprint 

Review all social media platforms for similar location-sharing features. Snapchat, Facebook, and TikTok offer comparable functionalities that require individual deactivation. 

Implement Location Spoofing Awareness 

Some users consider VPN services or location-spoofing applications, but these methods can violate platform terms of service and create additional security vulnerabilities. 

Regular Security Hygiene 

Establish monthly reviews of your privacy settings across all social platforms. Companies frequently update features and reset user preferences without explicit notification. 

Grobman emphasizes the challenge consumers face: “Most social platforms offer privacy settings that offer fine-grained control, but the reality is many people don’t know those settings exist or don’t take the time to use them. That can lead to oversharing, especially when it comes to things like your location.” 

Family Protection Protocols 

If you’re a parent with supervision set up for your teen, you can control their location sharing experience on the map, get notified when they enable it, and see who they’re sharing with. Implement these controls immediately for underage family members. 

Understanding the Technical Mechanics 

Data Collection Frequency 

Your location updates whenever you open the app or return to it while running in the background. This means Instagram potentially logs your position multiple times daily, creating detailed movement profiles. 

Data Retention Policies 

Instagram claims to hold location data for a maximum of three days, but this timeframe applies only to active sharing, not the underlying location logs the platform maintains for other purposes. 

Visibility Scope 

Even with location sharing disabled, you can still see others’ shared locations on the map if they’ve enabled the feature. This asymmetric visibility creates potential social pressure to reciprocate sharing. 

Red Flags and Warning Signs 

Monitor these indicators that suggest your privacy may be compromised: 

  • Unexpected visitors appearing at locations you’ve visited 
  • Colleagues or acquaintances referencing your whereabouts without your disclosure
  • Targeted advertisements for businesses near places you’ve recently visited
  • Friends asking about activities they shouldn’t know about 

The Broader Cybersecurity Context

This Instagram update represents a concerning trend toward ambient surveillance in social media. Companies increasingly normalize continuous data collection by framing it as connectivity enhancement. As consumers, we must recognize that convenience often comes at the cost of privacy. 

The feature’s opt-in design provides some protection, but user reports suggest the system may automatically activate for users with older app versions who previously granted location permissions. This highlights the importance of proactive privacy management rather than reactive protection. 

Your Privacy Action Plan

Immediate (Next 10 Minutes): 

  • Disable Instagram location sharing using the steps above
  • Check device-level location permissions for Instagram 

This Week: 

  • Audit other social media platforms for similar features
  • Review and update privacy settings across all digital accounts
  • Inform family members about these privacy risks 

Monthly Ongoing: 

  • Monitor Instagram for new privacy-affecting features 
  • Review location permissions for all mobile applications 
  • Stay informed about emerging digital privacy threats 

Expert-Recommended Protection Strategy:

Grobman advises a comprehensive approach: “The best thing you can do is stay aware and take control. Review your app permissions, think carefully before you share, and use tools that help protect your privacy. McAfee+ includes identity monitoring, scam detection. McAfee’s VPN keeps your IP address private, but if a consumer allows an application to identify its location via GPS or other location services, VPNs will not protect location in that scenario. Staying safe online is always a combination of the best technology along with good digital street smarts.” 

Remember: Your location data tells the story of your life—where you work, live, worship, shop, and spend leisure time. Protecting this information isn’t paranoia; it’s fundamental digital hygiene in our hyper-connected world. 

The choice to share your location should always remain yours, made with full awareness of the implications. By implementing these protective measures, you’re taking control of your digital footprint and safeguarding your personal security in an increasingly surveilled digital landscape. 

 

The post Instagram’s New Tracking Feature: What You Need to Know to Stay Safe  appeared first on McAfee Blog.

Think Before You Click: EPI PDF’s Hidden Extras

By: McAfee Labs

Authored by: Anuradha & Prabudh

PDF converting software can be super helpful. Whether you’re turning a Word document into a PDF or merging files into one neat package, these tools save time and make life easier.

But here’s something many people don’t realize — some of these free PDF tools come with hidden baggage. When you install them, they might also sneak in a new search engine, browser extension, or change your homepage without clearly asking for permission. 

What’s Going On?

Some PDF software is bundled with extra programs. That means when you download and install the PDF converter, it may also install:

  • A new search engine in your browser
  • Toolbars or browser extensions
  • Apps that run in the background on your computer

Most of the time, these are not viruses, but they can slow down your computer, change your browsing experience, and even collect your data.

Geographical Customer Prevalence

The heat map below illustrates the prevalence of EPI PDF software in the field in Q2, 2025.

We see that the top country encountering this software is the United States of America with over 118,000 McAfee device encounters.

Why Do They Do This?

Many free software companies make money by including these extras. Other companies pay them to promote their search tools or browser extensions. It’s a way for them to earn something in return for offering the software for free.

During our daily hunt at McAfee to secure our customer, we came across one such bundler application called EPI PDF Editor that clearly had deceptive nature towards the end user.

Key Takeaways:

  1. Read Before You Click “Next”
    Always take a moment during installation to read what each screen says. Look for checkboxes that let you “opt out” of installing extra software.
  2. Choose “Custom” or “Advanced” Installation
    This gives you more control over what gets installed on your computer.
  3. Download From Trusted Sources
    Stick to well-known websites or the official site of the PDF software. Avoid shady download links from ads or pop-ups.
  4. Use Built-In Tools
    Many operating systems (like Windows or macOS) already have simple PDF features like printing to PDF or viewing files, so you might not need extra software at all.
  5. Check Your Browser
    If your homepage suddenly changes or you see a new search engine, go to your browser settings and change it back.

McAfee researches such applications proactively, and we review the EULA and Privacy Policy regularly for new applications.

Technical Analysis

EPI PDF Editor is distributed as an MSI installer. Upon launching, the installer window includes a pre-selected option to “Import your current browser settings into EPI PDF,” a choice that appears unrelated to the tool’s intended purpose of handling PDF documents. Unless the user actively opts out by unchecking the box, this action will continue automatically.

Installer Branding Mismatch

The installer is branded as “PDF Converter,” indicating that it is designed for typical PDF tasks such as viewing, converting, splitting, merging, and watermarking documents. However, the inclusion of an opt-out option to import browser settings raises questions about the application’s true functionality.

Figure 1: Import browser settings

Privacy Policy Conflict

A closer examination of the software’s Privacy Policy and Terms reveals a deceptive practice at play. Although the application is marketed as a PDF Converter, the legal documentation tells a different story. As shown in Figure 2, the Privacy Policy of the program—branded as EPIbrowser—explicitly defines the software as a browser designed for Windows-based devices. The screenshot displays both the EPIbrowser logo and the policy text, clearly indicating that the user is not installing a PDF tool, but rather a web browser disguised as one.

Figure 2: Application name in terms & conditions

Figure 3: Application meaning in terms

 

McAfee’s *PUP Policy states that Software installers must provide software licensing information prior to installing any bundled components.No ‘installation completed’ window pops up but instead, a chromium-based browser opens with a tab opened that too with deceptive behavior i.e. options are present to edit the opened pdf but no action being performed. We can browse the internet by opening other tabs.

Figure 4: Tab in EPI Browser

McAfee PUP policy violated here is, ”Installation: whether the user can make an informed decision about the software installation or add-ons and can adequately back out of any undesired installations.” Another suspicious behavior observed is install location i.e. from ‘Appdata/Temp’ instead of Program Files or Program Files(x86). Further while checking control panel we found that sample has created the entry with EPI Browser only and can be uninstalled. Due to its deceptive behavior, which aligns with the McAfee violation criteria, this application has been classified as a Potentially Unwanted Program (PUP).

The McAfee WebAdvisor browser extension warns users when attempting to navigate to websites known to distribute PUPs.

Figure 5: McAfee Web Advisor Warning

Bottom Line

Free PDF tools are useful — but be aware of what else might come with them. A few extra minutes of reading can save you from hours of frustration later. ✅

Stay smart. Stay safe. And always know what you’re really installing.

Indicator of Compromise

App Name  Distributed in different file names  SHA256 
EPI PDF Editor   viewpdftools.msi  c2d1ac2511eb2749cdc7ae889d484c246d3bd1e740725dc4dd2813c4b4d05c7b 
onestartpdfdirect.msi 
PDFSmartKit.msi 
pdfzonepro.msi 
6c9136.msi 
OneStartPDF-v4.5.282.2.msi 

In a digital world where convenience often comes at a hidden cost, it’s crucial to be vigilant about the software we install — especially free tools like PDF converters. As the case of EPI PDF Editor highlights, not all applications are what they claim to be. Deceptive installations, hidden browser hijackers, and unauthorized data collection can compromise both your privacy and your device’s performance. By staying informed and cautious — reading installation prompts, choosing advanced options, and relying on trusted sources — you can protect yourself from potentially unwanted programs and avoid falling into these traps.

At McAfee, our goal is to help users stay one step ahead of deceptive software. Awareness is your first line of defense. So, the next time you download a free tool, take a moment to think before you click. Because what seems like a simple installation could be opening the door to much more.

 

*PUP :- PUP stands for Potentially Unwanted Program that are used to deliver users some unwanted applications like ads, browser addon, search engine modification, extra programs that a user is generally using for daily purpose.

The post Think Before You Click: EPI PDF’s Hidden Extras appeared first on McAfee Blog.

Android Malware Targets Indian Banking Users to Steal Financial Info and Mine Crypto

By: McAfee Labs

Authored by Dexter Shin

McAfee’s Mobile Research Team discovered a new Android malware campaign targeting Hindi-speaking users, mainly in India. The malware impersonates popular Indian financial apps, including SBI Card, Axis Bank, and IndusInd Bank, and is distributed through phishing websites that are continuously being created. What makes this campaign unique is its dual-purpose design: it steals personal and financial information while also silently mining Monero cryptocurrency using XMRig, which is triggered via Firebase Cloud Messaging (FCM). It also abuses user trust by pretending to be a legitimate app update from Google Play.

McAfee, as part of the App Defense Alliance committed to protecting users and the app ecosystem, reported the identified malicious apps to Google. As a result, Google blocked the associated FCM account to prevent further abuse. Also, McAfee Mobile Security detects all of these apps as High-Risk threats. For more information, visit McAfee’s Mobile Security page.

This campaign targets Indian users by impersonating legitimate financial services to lure victims into installing a malicious app. This is not the first malware campaign targeting Indian users. In the past, McAfee has reported other threats. In this case, the attackers take it a step further by using real assets from official banking websites to build convincing phishing pages that host the malware payload. The app delivered through these phishing sites functions as a dropper, meaning it initially appears harmless but later dynamically loads and executes the actual malicious payload. This technique helps evade static detection and complicates analysis.

Apart from delivering a malicious payload, the malware also mines cryptocurrency on infected mobile devices. When the malware receives specific commands via FCM, it silently initiates a background mining process for Monero (XMR). Monero is a privacy-focused cryptocurrency that hides transaction addresses, sender and receiver identities, and transaction amounts. Because of these privacy features, cybercriminals often use it to stay hidden and move illegal money without getting caught. Its mining algorithm, RandomX, is optimized for general-purpose CPUs, making it possible to mine Monero efficiently even on mobile devices.

Technical Findings

Distribution Methods

The malware is distributed through phishing websites that impersonate Indian financial services. These sites are designed to closely resemble official banking sites and trick users into downloading a fake Android app. Here are some phishing sites we found during our investigation.

Figure 1. Screenshot of a phishing website

 

These phishing pages load images, JavaScript, and other web resources directly from the official websites to appear legitimate. However, they include additional elements such as “Get App” or “Download” buttons, which prompt users to install the malicious APK file.

Dropper Analysis

When the app is launched, the first screen the user sees looks like a Google Play Store page. It tells the user that they need to update the app.

Figure 2. The initial screen shown by the dropper app

The app includes an encrypted DEX file stored in the assets folder. This file is not the actual malicious payload, but a loader component. When the app runs, it decrypts this file using XOR key and dynamically loads it into memory. The loaded DEX file contains custom code, including a method responsible for loading additional payloads.

Figure 3. First-stage encrypted loader DEX and XOR key

Once the first-stage DEX is loaded, the loader method inside it decrypts and loads a second encrypted file, which is also stored in the assets. This second file contains the final malicious payload. By splitting the loading process into two stages, the malware avoids exposing any clearly malicious code in the main APK and makes static analysis more difficult.

Figure 4. Second-stage malicious payload loaded by Loader class

Once this payload is loaded, the app displays a fake financial interface that looks like a real app. It prompts the user to input sensitive details such as their name, card number, CVV, and expiration date. The collected information is then sent to the attacker’s command-and-control (C2) server. After submission, the app shows a fake card management page with messages like “You will receive email confirmation within 48 hours,” giving the false impression that the process is ongoing. All features on the page are fake and do not perform any real function.

 

Figure 5. Fake card verification screen

Monero Mining Process

As mentioned earlier, one of this campaign’s key features is its hidden cryptomining functionality. The app includes a service that listens for specific FCM messages, which trigger for start of the mining process.

 

Figure 6. Firebase messaging service is declared in the manifest.

 

In the second-stage dynamically loaded code, there is a routine that attempts to download a binary file from external sources. The malware contains 3 hardcoded URLs and tries to download the binary from all of them.

Figure 7. Hardcoded URLs used by the malware to download a binary file

 

The downloaded binary is encrypted and has a .so extension, which usually indicates a native library. However, instead of loading it normally, the malware uses ProcessBuilder, a Java class for running external processes, to directly execute the file like a standalone binary.

Figure 8. Executing downloaded binary using ProcessBuilder

What’s particularly interesting is the way the binary is executed. The malware passes a set of arguments to the process that exactly match the command-line options used by XMRig, an open-source mining tool. These include specifying the mining pool server and setting the target coin to Monero.

Figure 9. XMRig-compatible arguments passed to the mining process

 

When the decrypted binary is executed, it displays log messages identical to those produced by XMRig. In summary, this malware is designed to mine Monero in the background on infected devices when it receives specific FCM messages.

Figure 10. Decrypted binary showing XMRig log messages

Recommendations and Conclusion

 

Figure 11. Geographic distribution of infected devices

Telemetry shows that most infections are concentrated in India, which aligns with the campaign’s use of Hindi language and impersonation of Indian financial apps. A small number of detections were also observed in other regions, but these appear to be limited.

What makes this campaign notable is its dual-purpose design, combining financial data theft with background cryptomining, triggered remotely via Firebase Cloud Messaging (FCM). This technique allows the malware to remain dormant and undetected until it receives a specific command, making it harder for users and defenders to detect.

To stay protected, users are strongly advised to download apps only from trusted sources such as Google Play, and to avoid clicking on links received through SMS, WhatsApp, or social media—especially those promoting financial services. It is also important to be cautious when entering personal or banking information into unfamiliar apps. In addition, using a reliable mobile security solution that can detect malicious apps and block phishing websites can provide an added layer of protection against threats like this.

Indicators of Compromise (IOCs)

Type  Value  Description 
APK  2c1025c92925fec9c500e4bf7b4e9580f9342d44e21a34a44c1bce435353216c  SBI Credit Card 
APK  b01185e1fba96209c01f00728f6265414dfca58c92a66c3b4065a344f72768ce  ICICI Credit Card 
APK  80c6435f859468e660a92fc44a2cd80c059c05801dae38b2478c5874429f12a0  Axis Credit Card 
APK  59c6a0431d25be7e952fcfb8bd00d3815d8b5341c4b4de54d8288149090dcd74  IndusInd Credit Card 
APK  40bae6f2f736fcf03efdbe6243ff28c524dba602492b0dbb5fd280910a87282d  Kotak Credit Card 
URL  https[://]www.sbi.mycardcare.in  Phishing Site 
URL  https[://]kotak.mycardcard.in  Phishing Site 
URL  https[://]axis.mycardcare.in  Phishing Site 
URL  https[://]indusind.mycardcare.in  Phishing Site 
URL  https[://]icici.mycardcare.in  Phishing Site 
Firebase  469967176169  FCM Account 

 

 

The post Android Malware Targets Indian Banking Users to Steal Financial Info and Mine Crypto appeared first on McAfee Blog.

UK’s New Online Safety Act: What Consumers Need to Know

By: Jasdev Dhaliwal

The UK’s digital landscape underwent its most significant transformation yet on Friday, July 25, 2025. The Online Safety Act 2023, seven years in the making, is now being fully enforced by Ofcom (the UK’s communications regulator). These new rules fundamentally change how British citizens access and interact with online content, with the primary goal of protecting children from harmful material.

What Is the Online Safety Act?

The Online Safety Act is comprehensive legislation designed to make the UK “the safest place in the world to be online.” The law places legal responsibilities on social media companies, search engines, and other online platforms to protect users—especially children—from illegal and harmful content.

The Act applies to virtually any online service that allows user interaction or content sharing, including social media platforms, messaging apps, search engines, gaming platforms, dating apps, and even smaller forums or comment sections.

Origins of the Online Safety Act

The journey to the UK Online Safety Act was a long and complex one, beginning with the Government’s 2019 Online Harms White Paper. This initial proposal outlined the need for a new regulatory framework to tackle harmful content. The draft Online Safety Bill was published in May 2021, sparking years of intense debate and scrutiny in Parliament. Public pressure, significantly amplified by tragic events and tireless campaigning from organizations like the Molly Rose Foundation, played a crucial role in shaping the legislation and accelerating its passage. After numerous amendments and consultations with tech companies, civil society groups, and child safety experts, the bill finally received Royal Assent on October 26, 2023, officially becoming the Online Safety Act.

Who Must Comply with the Online Safety Act?

This new UK internet law applies to a vast range of online services accessible within the UK. The core focus is on platforms that host user-generated content (known as user-to-user services) and search engines. Ofcom, the regulator, has established a tiered system to apply the rules proportionally. Category 1 services are the largest and highest-risk platforms like Meta (Facebook, Instagram), X (formerly Twitter), and Google, which face the most stringent requirements. Category 2A covers search services, and Category 2B includes all other in-scope services that don’t meet the Category 1 threshold. This includes smaller social media sites, online forums, and commercial pornographic websites. Notably, services like email, SMS, and content on recognized news publisher websites are exempt from these specific regulations.

The Changes That Started July 25, 2025

Mandatory Age Verification for Adult Content

The most immediate change for consumers is the replacement of simple “Are you 18?” checkboxes with robust age verification. As Oliver Griffiths from Ofcom explained: “The situation at the moment is often ridiculous because people just have to self-declare what their birthday is. That’s no check at all.”

There are three main ways that Brits will now be asked to prove their age:

Age Estimation Methods:

  • Facial age estimation using approved third-party services like Yoti or Persona
  • Email-based age verification that checks if your email is linked to household utility bills

Information Verification:

  • Bank or mobile provider checks where these institutions confirm your adult status
  • Simple computer verification that gives websites a “yes” or “no” without sharing personal details

Document Verification:

  • Official ID verification requiring passport or driver’s license, similar to showing ID at a supermarket

Important Dates and Compliance Deadlines

  • October 2023: The Online Safety Act receives Royal Assent and becomes law.
  • November 2023 – May 2025: Ofcom undertakes three phases of consultation, developing the detailed rules and codes of practice needed to enforce the Act.
  • July 25, 2025: The first key enforcement date for the Online Safety Act 2025. Ofcom begins enforcing rules on illegal content, with a primary focus on services hosting pornography to implement robust age assurance measures.
  • Late 2025: The deadline for all in-scope services to complete their first illegal content risk assessments.
  • Early 2026: Expected deadline for larger platforms (Category 1) to comply with duties related to protecting children from legal but harmful content.
  • Beyond 2026: Ongoing compliance cycles, with platforms required to submit regular transparency reports to Ofcom detailing the safety measures they have in place.

Stricter Content Controls for Children

Platforms must now actively prevent children from accessing content related to suicide, self-harm, eating disorders, pornography, violent or abusive material, online bullying, dangerous challenges or stunts, and hate speech.

Social media platforms and large search engines must keep harmful content off children’s feeds entirely, with algorithms that recommend content required to filter out dangerous material.

Enhanced Platform Responsibilities

Online services must now provide clear and accessible reporting mechanisms for both children and parents, procedures for quickly taking down dangerous content, and identify a named person “accountable for children’s safety” with annual reviews of how they manage risks to children.

How to Comply with the Online Safety Act

  1. Conduct Detailed Risk Assessments: Platforms must proactively identify and evaluate the risks of illegal and harmful content appearing on their service, paying special attention to risks faced by children.
  2. Practice “Safety by Design”: This principle requires companies to build safety features directly into their services from the start, rather than treating safety as an afterthought. This includes systems to prevent harmful content from being recommended by algorithms.
  3. Implement Robust Age-Assurance: For services that host pornography or other age-restricted content, this means selecting and deploying effective age verification technologies to prevent children from gaining access. This is a key part of the porn law change UK citizens are now seeing.
  4. Publish Transparency Reports: Companies must regularly report to Ofcom and the public on the steps they are taking to manage risks and comply with the Online Safety Act.
  5. Appoint a UK Representative: Companies based outside the UK that are in scope of the Act must appoint a legal representative within the country to be accountable for compliance.

Ofcom’s enforcement will follow a proportionality principle, meaning the largest platforms with the highest reach and risk will face the most demanding obligations. Platforms are strongly advised to seek early legal and technical guidance to ensure they meet their specific duties under the new law.

The Scale of the Problem

The statistics that drove this legislation are shocking:

  • Around 8% of children aged 8-14 in the UK visited an online porn site or app in a month
  • 15% of 13-14-year-olds accessed online porn in a month
  • Boys aged 13-14 are significantly more likely to visit porn services than girls (19% vs 11%)
  • The average age children first see pornography is 13, with 10% seeing it by age 9

According to the Children’s Commissioner, half of 13-year-olds surveyed reported seeing “hardcore, misogynistic” pornographic material on social media sites, with material about suicide, self-harm, and eating disorders described as “prolific.”

Major Platforms Already Complying

Major websites like PornHub, X (formerly Twitter), Reddit, Discord, Bluesky, and Grindr have already committed to following the new rules. Over 6,000 websites hosting adult content have implemented age-assurance measures.

Reddit started checking ages last week for mature content using technology from Persona, which verifies age through uploaded selfies or government ID photos. X has implemented age estimation technology and ID checks, defaulting unverified users into sensitive content settings.

Privacy and Security: What You Need to Know

Many consumers worry about privacy implications of age verification, but the system has built-in protections:

  • Adult websites don’t actually receive your personal information
  • Age-checking services don’t learn what content you’re trying to view
  • The process is compliant with data protection laws and simply gives websites a “yes” or “no”
  • You remain anonymous with no link between your identity and online habits

Best Practices for Privacy:

  • Choose facial age estimation when available (supported by over 80% of users)
  • Avoid photo ID verification when possible to minimize data sharing
  • Understand that verification status may be stored to avoid repeated checks

Enforcement: Real Consequences for Non-Compliance

Companies face serious penalties for non-compliance: fines of up to £18 million or 10% of global revenue (whichever is higher). For a company like Meta, this could mean a £16 billion fine.

In extreme cases, senior managers at tech companies face criminal liability and up to two years in jail for repeated breaches. Ofcom can also apply for court orders to block services from being available in the UK.

Ofcom has already launched probes into 11 companies suspected of breaching parts of the Online Safety Act and expects to announce new investigations into platforms that fail to comply with age check requirements.

The VPN Reality Check

While some might consider using VPNs to bypass age verification, Ofcom acknowledges this limitation but emphasizes that most exposure isn’t from children actively seeking harmful content: “Our research shows that these are not people that are out to find porn — it’s being served up to them in their feeds.”

As Griffiths explained: “There will be dedicated teenagers who want to find their way to porn, in the same way as people find ways to buy alcohol under 18. They will use VPNs. And actually, I think there’s a really important reflection here… Parents having a view in terms of whether their kids have got a VPN, and using parental controls and having conversations, feels a really important part of the solution.”

What This Means for Different Users

For Parents

You now have stronger tools and clearer accountability from platforms. Two-thirds of parents already use controls to limit what their children see online, and the new rules provide additional safeguards, though about one in five children can still disable parental controls.

For Adult Users

You may experience “some friction” when accessing adult material, but the changes vary by platform. On many services, users will see no obvious difference at all, as only platforms which permit harmful content and lack safeguards are required to introduce checks.

For Teens

Stricter age controls mean more restricted access to certain content, but platforms must also provide better safety tools and clearer reporting mechanisms.

The Bigger Picture: Managing Expectations

Industry experts and regulators emphasize that this is “the start of a journey” rather than an overnight fix. As one tech lawyer noted: “I don’t think we’re going to wake up on Friday and children are magically protected… What I’m hoping is that this is the start of a journey towards keeping children safe.”

Ofcom’s approach will be iterative, with ongoing adjustments and improvements. The regulator has indicated it will take swift action against platforms that deliberately flout rules but will work constructively with those genuinely seeking compliance.

Impact of the Online Safety Act on Users and Industry

The UK Online Safety Act is set to have a profound impact, bringing both significant benefits and notable challenges. For users, the primary benefit is a safer online environment, especially for children who will be better shielded from harmful content. Increased transparency from platforms will also empower users with more information about the risks on services they use. However, some users have raised concerns about data privacy related to age verification and the potential for the Act to stifle free expression and lead to over-removal of legitimate content.

For the tech industry, the law presents major operational hurdles. Compliance will require substantial investment in technology, content moderation, and legal expertise, with costs potentially running into the billions across the sector. Smaller platforms may struggle to meet the requirements, potentially hindering innovation and competition. The key takeaway is that the Online Safety Act marks a paradigm shift, moving from self-regulation to a legally enforceable duty of care, the full effects of which will unfold over the coming years as Ofcom’s enforcement ramps up.

Criticism and Future Developments

Some campaigners argue the measures don’t go far enough, with the Molly Rose Foundation calling for additional changes and some MPs wanting under-16s banned from social media completely. Privacy advocates worry about invasive verification methods, while others question effectiveness.

Parliament’s Science, Innovation and Technology Committee has criticized the act for containing “major holes,” particularly around misinformation and AI-generated content. Technology Secretary Peter Kyle has promised to “shortly” announce additional measures to reduce children’s screen time.

Looking Ahead

This week’s implementation represents “the most significant milestone yet” in the UK’s bid to become the safest place online. While the changes may not be immediately visible to all users, they establish crucial foundations for ongoing child safety improvements.

The Online Safety Act is designed to be a living framework that evolves with technology and emerging threats. Expect continued refinements, additional measures, and stronger enforcement as the system matures.

The Online Safety Act represents a fundamental shift in how online platforms operate in the UK. While it may introduce some inconvenience through age verification processes, the legislation prioritizes protecting children from genuine harm.

The success of these measures will depend on consistent enforcement, platform cooperation, and ongoing parental engagement. As one Ofcom official noted: “I think people accept that we’re not able to snap our fingers and do everything immediately when we are facing really deep-seated problems that have built up over 20 years. But what we are going to be seeing is really big progress.”

Stay informed about these changes, understand your verification options, and remember that these new safeguards are designed to protect the most vulnerable internet users while preserving legitimate access for adults.

 

 

The post UK’s New Online Safety Act: What Consumers Need to Know appeared first on McAfee Blog.

New TikTok App on the Horizon: What US Users Need to Know About the Risks

By: Jasdev Dhaliwal

As reports emerge of a new TikTok app known internally as “M2” specifically designed for US users, McAfee warns that the transition period could create perfect conditions for cybercriminals to exploit unsuspecting consumers – including by distributing fake or malicious TikTok apps disguised as the real thing. Here’s what you need to know about the potential risks and how to stay protected.

A New App is Coming

According to reports from The Information, TikTok is reportedly building a new version of the app just for the United States that could launch as soon as September 5. This development comes as ByteDance faces pressure to sell TikTok’s US operations or face a ban under federal legislation. The existing TikTok app will be removed from US app stores on the same day the new US app launches, although Americans may be able to continue using the current app until March of next year.

The transition won’t be seamless. Transferring the profiles and content of current users to the new app could pose practical challenges, and such a move could also make it harder for American TikTok users to see content from users in other countries. This disruption period presents significant cybersecurity risks that users must be aware of.

Why This Transition is Happening

ByteDance has been on the clock to find a new owner for TikTok’s US operations since then-President Joe Biden signed the sale-or-ban law last year over national security concerns. The Chinese government has indicated it would block any transfer of TikTok’s algorithm, meaning any new, separate American TikTok would need its own algorithm, possibly built from the ground up. President Trump has stated there are wealthy buyers ready to purchase TikTok’s US operations, though ByteDance currently has until September 17 to sell the app or face a US ban.

The Cybercriminal Opportunity: Fake Apps in the Wild

The announcement of a new TikTok app creates a perfect storm for cybercriminals looking to exploit confused users during the transition period. Based on McAfee’s recent research into Android malware campaigns, we can expect to see a surge in fake TikTok apps appearing across various distribution channels.

How Criminals Will Likely Exploit the Transition

Drawing from our analysis of current malware trends, cybercriminals will likely leverage several tactics:

1. Timing Confusion: During the transition period when users are uncertain about which app is legitimate, scammers will capitalize on this confusion by distributing fake “new TikTok” apps through unofficial channels and app stores.

2. Sophisticated Impersonation: Cybercriminals are getting smarter, using development toolkits like .NET MAUI to create fake apps that look and feel like the real thing. Expect to see convincing fake TikTok apps that mirror the official design and functionality.

3. Advanced Evasion Techniques: These fake apps hide their code in binary files so it can’t be easily detected, letting them stay on your phone longer—stealing quietly in the background. The new TikTok transition provides perfect cover for such sophisticated malware.

Distribution Channels and Unofficial App Stores to Watch

These apps aren’t in the Google Play Store. Instead, hackers will likely share them on fake websites, messaging apps, and sketchy links in texts or chat groups. During the TikTok transition, be especially wary of:

  • Links claiming to offer “early access” to the new US TikTok app
  • Messages from friends or contacts sharing “leaked” versions of the new app
  • Social media posts advertising alternative download sources
  • Websites claiming to host the “official” new TikTok before its actual release

What These Fake Apps Could Steal

Based on recent malware campaigns we’ve analyzed, fake TikTok apps could potentially:

  • Steal contacts, photos, and texts from the phone
  • Request sensitive information like full name, phone number, birthdate, and even financial information
  • Use encrypted channels to send stolen data so even if someone intercepted it, they couldn’t read it
  • Install persistent malware that continues operating even after the legitimate app becomes available

Protecting Yourself During the Transition

To stay safe during this vulnerable period, follow these essential guidelines:

  • Download Apps only from Official App Stores: Download apps only from official app stores like Google Play or the Apple App Store. When the new TikTok app launches, wait for official announcements and download only from these verified sources.
  • Be Skeptical of Early Access Claims: Any app claiming to offer early access to the new TikTok before the official launch date should be treated with extreme suspicion.
  • Verify Before You Click: Avoid clicking on links from strangers or untrusted sources. Even if the link appears to come from someone you know, verify through another communication channel before downloading.
  • Use Comprehensive Mobile Security Software: Install security software like McAfee Mobile Security to catch threats in real-time and protect against malicious apps that might slip through other defenses.
  • Check App Permissions Carefully: If a flashlight app wants access to your texts, that’s a red flag. Similarly, be suspicious if a social media app requests excessive permissions unrelated to its core functionality.

Staying Ahead of Evolving Threats

Hackers are getting creative, but you can stay one step ahead. These recent .NET MAUI-based threats are sneaky—but they’re not unstoppable. The key is maintaining vigilance and using comprehensive security tools that evolve with the threat landscape.

As we navigate the transition to a new TikTok app for US users, remember that cybercriminals will attempt to exploit every opportunity for confusion and uncertainty. By staying informed, using official download sources, and leveraging tools like McAfee’s Mobile Security, you can continue enjoying social media safely.

The digital landscape is constantly evolving, but with the right knowledge and tools, you can stay protected while enjoying the platforms you love. Whether you’re transitioning to a new TikTok app or simply want better control over your social media privacy, McAfee+ provides the comprehensive protection you need in today’s connected world.

The post New TikTok App on the Horizon: What US Users Need to Know About the Risks appeared first on McAfee Blog.

Fake Android Money Transfer App Targeting Bengali-Speaking Users

By: McAfee Labs

Authored by Dexter Shin

McAfee’s Mobile Research Team discovered a new and active Android malware campaign targeting Bengali-speaking users, mainly Bangladeshi people living abroad. The app poses as popular financial services like TapTap Send and AlimaPay. It is distributed through phishing sites and FacebookFacekbook pages, and the app steals users’ personal and financial information. The campaign remains highly active, with the command-and-control (C2) server operational and connected to multiple evolving domains. While the attack techniques are not new, the campaign’s cultural targeting and sustained activity reflect how cybercriminals continue to adapt their strategies to reach specific communities. McAfee Mobile Security already detects this threat as Android/FakeApp. For more information, visit McAfee Mobile Security.

Bangladeshi people living abroad, particularly in countries such as Saudi Arabia, the UAE, Malaysia, and the UK, rely heavily on mobile money services to send remittances and verify their identities for various purposes. Services like bKash, TapTap Send, and AlimaPay are widely used and trusted within this community.

In 2024, annual remittances sent to Bangladesh reached nearly $26.6 billion, ranking sixth globally and third in South Asia. This massive flow of cross-border funds highlights the economic importance and digital engagement of the Bangladeshi diaspora.

 

Figure 1. Top Recipients of Remittances in 2024 (Source: World Bank)

 

As more people use mobile financial apps, cybercriminals are finding new ways to trick them using fake apps and phishing websites. Many users trust apps shared by friends or family, and some may not know how to spot scams. This makes them easy targets for attackers.

In May 2025, McAfee’s Mobile Research Team identified a malware campaign designed to exploit these conditions. The fake Android app impersonates well-known money transfer services and steals personal information such as the user’s name, email address, phone number, and photo ID (such as a passport or national ID card). It also attempts to collect financial data like card numbers through fake in-app pages. Moreover, the C2 server’s storage is publicly exposed, meaning that the stolen data can be accessed by anyone, which significantly increases the risk of abuse.

Technical Findings

Distribution Methods

Over the past few weeks, these fake apps have continued to appear, suggesting an active and sustained campaign targeting Bengali-speaking users. These apps are primarily distributed through phishing websites that mimic trusted remittance services, often shared via fake Facebook pages.

Figure 2. Screenshot of a phishing website

 

The page is written entirely in Bengali, mimicking a legitimate remittance service commonly used by Bangladeshi expatriates. Below is a translated excerpt of the main message shown on the landing page:

Bengali (original):

আসসালামু আলাইকুম।

প্রবাসী ভাইদের জন্য সুখবর। যারা কাজের পাশাপাশি বাড়তি আয় করতে চান, তারা বিকাশ, ফ্ল্যাশলোড ব্যবসা করতে পারেন। সম্পূর্ণ বৈধ উপায়ে। আপনার হাতের মধ্যে রয়েছে মোবাইলের মাধ্যমে। মোবাইল ব্যাংকিং করুন খুব সহজেই।

English (translation):

Peace be upon you.

Good news for our brothers living abroad. If you’re looking to earn extra income along with your job, you can do business with bKash or FlashLoad in a completely legal way. Everything is within your reach through mobile. Mobile banking is very easy.

In addition to phishing websites, the attackers also created fake Facebook pages that closely resemble legitimate remittance services. These pages often reuse official logos, promotional images, and even videos taken from real financial platforms to appear trustworthy. However, the site links on these pages point to phishing websites hosting the malicious app.

Figure 3. Fake Facebook page mimicking a legitimate remittance service

Fake App Analysis

Once installed, the fake app immediately presents an interface that closely resembles a legitimate remittance application. It supports both Bengali and English language options and shows realistic-looking exchange rates.

Figure 4. Initial UI of the fake TapTap Send app

Users can select from a list of countries with large Bangladeshi expatriate populations, such as Maldives, Dubai, Oman, Saudi Arabia, Malaysia, Canada, and India, to simulate money transfers to Bangladeshi Taka (BDT). These details are likely included to establish trust and make the app appear functional. However, these screens serve as bait to encourage users to proceed with account creation and enter personal information. As users continue through the registration flow, the app requests increasingly sensitive data in multiple stages. First, it requests the user’s email address and full name. Then, it prompts them to select their country of residence and provide a valid mobile number. Next, users are asked to choose an account type, either “Personal” or “Agent”, a distinction commonly seen in real remittance platforms.

Figure 5. Multi-step registration flow (1)

 

Following this, the app reaches its most sensitive stage: it asks the user to take and upload a photo of an official ID, such as a passport, national ID (NID), or an e-commerce verification photo. This request is made in the local language and framed as a requirement to complete account setup. After uploading the ID, users are then asked to create a login password and a 5-digit PIN, just like real financial apps. This step makes the app feel more trustworthy and secure, but the collected credentials could later be used in credential stuffing attacks. All of this information is sent to the C2 server and stored, making it available for future fraud or identity theft.

 

Figure 6. Multi-step registration flow (2)

 

After completing the registration process, users are taken to a fully designed dashboard. The interface mimics a real financial or remittance app, complete with icons for money transfer, bill payment, mobile banking, and even customer support features.

 

Figure 7. The fake TapTap Send app’s main dashboard

 

The malware includes multiple fake transaction interfaces. These screens simulate mobile money transfers, bill payments, and bank transfers using logos from real services. Although no actual transaction is performed, the app collects all entered information such as phone numbers, account details, PINs, and payment amounts. This data is then transmitted to the C2 server.

Figure 8. Fake transaction screens that imitate real financial services

 

C2 Server and Data Exfiltration

All the information collected by the fake app, including credentials, contact details, and photo IDs, is stored on the C2 server. However, the server lacks basic security settings. Directory listing is enabled, which means anyone can access the uploaded files without authentication. During our investigation, we found that one of the C2 domains contained 297 image files. These files appear to be photo IDs uploaded by users during the registration process.

 

Figure 9. Publicly accessible directory listing on the C2 server

 

These ID images include highly sensitive personal information and are publicly accessible. If downloaded or misused, they could pose a serious privacy and identity theft risk.

 

 

Figure 10. Example of a sensitive photo ID image uploaded during app registration

 

 

Figure 11. Geographic distribution of infected devices

As expected, telemetry shows activity in countries with large Bangladeshi populations abroad, such as Saudi Arabia, Malaysia, Bangladesh, and the United Arab Emirates. This aligns with the app’s targeting of Bengali-speaking users through culturally familiar language and visuals. The campaign remains active, with new phishing domains and variants continuing to appear. Given the evolving nature of this threat and its use of trusted platforms like Facebook to distribute malicious content, users should stay cautious when encountering financial service promotions through social media or unknown websites. We recommend downloading apps only from trusted sources such as Google Play, avoiding links shared via social media, and being extra careful when asked to provide personal or banking information. Using mobile security software that can detect and block these threats is also strongly advised.

Indicators of Compromise (IOCs)

 

The post Fake Android Money Transfer App Targeting Bengali-Speaking Users appeared first on McAfee Blog.

When AI Voices Target World Leaders: The Growing Threat of AI Voice Scams

By: Jasdev Dhaliwal

If someone called you claiming to be a government official, would you know if their voice was real? This question became frighteningly relevant this week when a cybercriminal used social engineering and AI to impersonate Secretary of State Marco Rubio, fooling high-level officials with fake voice messages that sounded exactly like him. It raises a critical concern: would other world leaders be able to tell the difference, or would they fall for it too?

The Rubio Incident: A Wake-Up Call

In June 2025, an unknown attacker created a fake Signal account using the display name “Marco.Rubio@state.gov” and began contacting government officials with AI-generated voice messages that perfectly mimicked the Secretary of State’s voice and writing style. The imposter successfully reached at least five high-profile targets, including three foreign ministers, a U.S. governor, and a member of Congress.

The attack wasn’t just about pranks or publicity. U.S. authorities believe the culprit was “attempting to manipulate powerful government officials with the goal of gaining access to information or accounts.” This represents a sophisticated social engineering attack that could have serious national and international security implications.

Why Voice Scams Are Exploding

The Rubio incident isn’t isolated. In May, someone breached the phone of White House Chief of Staff Susie Wiles and began placing calls and messages to senators, governors and business executives while pretending to be Wiles. These attacks are becoming more common because:

  • AI voice cloning is now accessible to everyone: What once required Hollywood-level resources can now be done with free online tools
  • Social media provides voice samples: Just a few seconds of someone’s voice from a video or podcast is enough
  • People trust familiar voices: We’re psychologically wired to trust voices we recognize
  • High-value targets are everywhere: From government officials to your own family members

It’s Not Just Politicians – Nobody is Immune

While the Rubio case involved government officials, these same techniques are being used against everyday Americans. A recent McAfee study found that 59% of Americans say they or someone they know has fallen for an online scam in the last 12 months, with scam victims losing an average of $1,471. In 2024, our research revealed that 1 in 3 people believe they have experienced some kind of AI voice scam

Some of the most devastating are “grandparent scams” where criminals clone a grandchild’s voice to trick elderly relatives into sending money for fake emergencies. Deepfake scam victims have reported losses ranging from $250 to over half a million dollars.

Common AI voice scam scenarios:

  • Family emergency calls: “Grandma, I’m in jail and need bail money”
  • CEO fraud: Fake executives asking employees to transfer money
  • Investment scams: Celebrities appearing to endorse get-rich-quick schemes
  • Romance scams: Building fake relationships using stolen voices

From Mission Impossible to Mission Impersonated

One big reason deepfake scams are exploding? The tools are cheap, powerful, and incredibly easy to use. McAfee Labs tested 17 deepfake generators and found many are available online for free or with low-cost trials. Some are marketed as “entertainment” — made for prank calls or spoofing celebrity voices on apps like WhatsApp. But others are clearly built with scams in mind, offering realistic impersonations with just a few clicks.

Not long ago, creating a convincing deepfake took experts days or even weeks. Now? It can cost less than a latte and take less time to make than it takes to drink one. Simple drag-and-drop interfaces mean anyone — even with zero technical skills – can clone voices or faces.

Even more concerning: open-source libraries provide free tutorials and pre-trained models, helping scammers skip the hard parts entirely. While some of the more advanced tools require a powerful computer and graphics card, a decent setup costs under $1,000, a tiny price tag when you consider the payoff.

Globally, 87% of scam victims lose money, and 1 in 5 lose over $1,000. Just a handful of successful scams can easily pay for a scammer’s gear and then some. In one McAfee test, for just $5 and 10 minutes of setup time, we created a real-time avatar that made us look and sound like Tom Cruise. Yes, it’s that easy — and that dangerous.

Figure 1. Demonstrating the creation of a highly convincing deepfake

Fighting Back: How McAfee’s Deepfake Detector Works

Recognizing the urgent need for protection, McAfee developed Deepfake Detector to fight AI-powered scams. McAfee’s Deepfake Detector represents one of the most advanced consumer tools available today.

Key Features That Protect You

  • Near-Instant Detection: McAfee Deepfake Detector uses advanced AI to alert you within seconds if a video has AI-generated audio, helping you quickly identify real vs. fake content in your browser.
  • Privacy-First Design: The entire identification process occurs directly on your PC, maximizing on-device processing to keep private user data off the cloud. McAfee does not collect or record a user’s audio in any way.
  • Advanced AI Technology: McAfee’s AI detection models leverage transformer-based Deep Neural Network (DNN) models with a 96% accuracy rate.
  • Seamless Integration: Deepfake Detector spots deepfakes for you right in your browser, without any extra clicks.

How It Would Have Helped in the Rubio Case

While McAfee’s Deepfake Detector is built to identify manipulated audio within videos, it points to the kind of technology that’s becoming essential in situations like this. If the impersonation attempt had taken the form of a video message posted or shared online, Deepfake Detector could have:

  • Analyzed the video’s audio within seconds
  • Flagged signs of AI-generated voice content
  • Alerted the viewer that the message might be synthetic
  • Helped prevent confusion or harm by prompting extra scrutiny

Our technology uses advanced AI detection techniques — including transformer-based deep neural networks — to help consumers discern what’s real from what’s fake in today’s era of AI-driven deception.

While the consumer-facing version of our technology doesn’t currently scan audio-only content like phone calls or voice messages, the Rubio case shows why AI detection tools like ours are more critical than ever — especially as threats evolve across video, audio, and beyond – and why it’s crucial for the cybersecurity industry to continue evolving at the speed of AI.

How To Protect Yourself: Practical Steps

While technology like McAfee’s Deepfake Detector provides powerful protection, you should also:

  • Be Skeptical of “Urgent Requests”
  • Trust and verify identity through alternative channels
  • Ask questions only the real person would know, using secret phrases or safe words
  • Be wary of requests for money or sensitive information
  • Pause if the message stirs strong emotion — fear, panic, urgency — and ask yourself, would this person really say that

The Future of Voice Security

The Rubio incident shows that no one is immune to AI voice scams. It also demonstrates why proactive detection technology is becoming essential. Knowledge is power, and this has never been truer than in today’s AI-driven world.

The race between AI-powered scams and AI-powered protection is intensifying. By staying informed, using advanced detection tools, and maintaining healthy skepticism, we can stay one step ahead of cybercriminals who are trying to literally steal our voices, and our trust.

The post When AI Voices Target World Leaders: The Growing Threat of AI Voice Scams appeared first on McAfee Blog.

How to Protect Yourself from Concert and Festival Ticket Scams

By: Jasdev Dhaliwal

Summer festival season is upon us, and music lovers are eagerly anticipating everything from The Weeknd tickets to intimate local music festivals. But while you’re dreaming of unforgettable performances, scammers are plotting to turn your concert and festival excitement into their profitable payday. The sobering reality? UK gig-goers lost over £1.6 million to ticket fraud in 2024 more than double the previous year’s losses. With approximately 3,700 gig ticket fraud reports made to Action Fraud in 2024, and almost half originating from social media platforms, the threat to festival-goers has never been greater. A Lloyds Bank analysis of scam reports from its customers has revealed that Oasis Live ’25 tickets are a top target for fraudsters. In the first month following the reunion tour announcement, these fake ticket scams made up roughly 70% of all reported concert ticket fraud cases since August 27, 2024. According to Lloyds, the average victim lost £436 ($590), with some reporting losses as high as £1,000 ($1,303).

Why Concerts Are a Scammer’s Paradise

Concert tickets have become the ultimate playground for cybercriminals, and it’s easy to see why. The perfect storm of high demand, limited supply, and emotional urgency creates ideal conditions for fraud. When your favorite artist announces a tour, tickets often sell out in minutes, leaving desperate fans scrambling on secondary markets where scammers thrive. Unlike typical retail purchases, concert tickets are intangible digital products that are difficult to verify until you’re standing at the venue gate, often too late to get your money back. Scammers exploit this by creating fake ticketing websites with legitimate-sounding names, posting counterfeit tickets on social media marketplaces, and even setting up fraudulent “last-minute deals” outside venues.

The emotional investment fans have in seeing their favorite performers makes them more likely to ignore red flags like unusual payment methods, prices that seem too good to be true, or sellers who refuse to use secure payment platforms. Add in the time pressure of limited availability, and scammers have found the perfect recipe for separating music lovers from their money. With the average concert scam victim losing over $400 according to the Better Business Bureau, what should be an exciting musical experience often becomes a costly lesson in digital fraud.

Common Scammer Tactics to Watch For

1. The Fake Ticket Factory

How It Works: Scammers create convincing counterfeit tickets using stolen designs, logos, and QR codes from legitimate events. They may purchase one real ticket and then sell multiple copies to different buyers, knowing only the first person through the gate will succeed.

The Digital Danger: With the rise of digital tickets and QR codes, scammers can easily screenshot, photograph, or forward ticket confirmations to multiple victims. Since many festival-goers don’t realize that QR codes can only be scanned once, multiple people may believe they own the same valid ticket.

Red Flags:

  • Sellers offering only PDF tickets or photos of tickets
  • Reluctance to use official transfer systems
  • Multiple identical tickets being sold by the same person
  • Prices significantly below or above market value

2. The Phantom Festival Scam

How It Works: Fraudsters create entirely fictional festivals, remember the Fyre Festival? A complete fake lineups featuring popular artists, professional websites, and aggressive marketing campaigns. They invest heavily in making these events appear legitimate, sometimes even securing fake venues and promotional partnerships.

The Impersonator: Some scammers specifically target popular festivals by creating fake events with slight name variations or claiming to offer exclusive “VIP experiences” that don’t exist.

Warning Signs:

  • New festivals with suspiciously star-studded lineups
  • Limited information about venue logistics or infrastructure
  • Aggressive marketing with urgent “limited time” offers
  • Lack of official venue confirmation or local authority permits

3. The Social Media Swindle

How It Works: Scammers create fake profiles or hack legitimate accounts to advertise sold-out festival tickets. They often target popular festival hashtags and engage with desperate fans seeking last-minute tickets on TikTok, Instagram, and Facebook Marketplace.

The FOMO Factor: These scammers exploit the fear of missing out by creating false urgency: “Only 2 tickets left!” or “Someone just backed out, quick sale needed!”

4. The Payment Pirate Scam

How It Works: Legitimate-seeming sellers request payment through untraceable methods like bank transfers, gift cards, or cryptocurrency. Once payment is sent, the “seller” disappears, leaving victims with no recourse for recovery.

Common Payment Red Flags:

  • Requests for wire transfers or bank transfers
  • Demands for payment via gift cards or vouchers
  • Cryptocurrency-only payment options
  • Refusal to use secure payment platforms with buyer protection

5. The QR Code Con

How It Works: Fraudsters create fake QR codes that lead to malicious websites designed to steal your personal information or payment details. These might be disguised as “ticket verification” sites or fake festival apps.

The Modern Twist: Some scammers send QR codes claiming they contain your tickets, but scanning them actually downloads malware or leads to phishing sites designed to harvest your personal information.

McAfee’s Festival Protection Kit

McAfee’s Scam Detector is your shield against concert and ticket scams this summer. This advanced scam detection technology is built to spot and stop scams across text messages, emails, and videos. Here’s how Scam Detector protects concert-goers:

1. Smarter Text Scam Detection for Ticket Offers

Scam Detector catches suspicious messages across apps like iMessage, WhatsApp, and Facebook Messenger—exactly where ticket scammers often strike.

2. AI-Based Email Protection Against Phishing

Flags phishing emails that appear to be from venues, ticketing companies, or resale platforms across Gmail, Outlook, and Yahoo. The system alerts you and explains why an email was flagged, helping you learn to spot concert scams as you go.

3. Deepfake Detection for Social Media Scams

Detects AI-generated or manipulated audio in videos on platforms like YouTube, TikTok, and Facebook—perfect for catching fake artist endorsements or fraudulent venue announcements that scammers use to promote fake ticket sales.

4. On-Demand Scam Check for Ticket Purchases

Found a great ticket deal but feeling uncertain? Upload a screenshot, message, or link for instant analysis. Scam Detector offers context so you understand exactly why a ticket offer might be fraudulent.

5. Custom Sensitivity Settings

Choose the level of protection that works for your concert-going habits:

  • High: Maximum caution for those buying from multiple sources
  • Balanced (default): Strong protection without interrupting legitimate purchases
  • Low: Flags only the most obvious ticket scams

6. Safe Browsing Protection

If you do click a suspicious ticket link, McAfee’s Scam Detector can help block dangerous sites before they load, protecting you from fake ticketing websites.

Real Protection for Real Fans

McAfee’s Scam Detector delivers reliable protection against the most common ticket scam tactics without false alarms that might block legitimate communications from venues or artists. Scam Detector uses on-device AI wherever possible, meaning your concert ticket searches and purchase communications aren’t sent to the cloud for analysis. Your excitement about seeing your favorite band stays between you and your devices.

Make This Summer About Music, Not Scams. Don’t let fraudsters steal your summer concert experience. With McAfee’s Scam Detector, you can focus on what really matters: getting legitimate tickets to see amazing live music. The technology works in the background, identifying scams and educating you along the way, so you can make confident decisions about your concert purchases.Summer festivals, arena shows, and outdoor concerts are waiting—make sure you’re protected while you’re getting ready to rock.

Learn more about McAfee’s Scam Detector at: https://www.mcafee.com/en-us/scam-detector.

The post How to Protect Yourself from Concert and Festival Ticket Scams appeared first on McAfee Blog.

How to Shop Safely During Amazon Prime Day

By: Jasdev Dhaliwal

As Amazon Prime Day approaches (July 8-11, 2025), millions of shoppers are gearing up for what promises to be one of the biggest online shopping events of the year. But while you’re hunting for deals, cybercriminals may be hunting for you. A recent devastating case from Montana serves as a stark reminder that not all “Amazon” calls are what they seem.

The $1 Million Nightmare: How It All Began

In April 2025, an elderly Missoula woman received what seemed like a routine customer service call. The caller claimed to be from Amazon’s fraud department and asked if she had recently purchased computer equipment. When she said no, the caller’s tone shifted to concern; they claimed her identity had been stolen, and immediate action was needed.

What followed was a masterfully orchestrated scam that would ultimately cost the woman nearly $1 million. The fake Amazon representative transferred her to what appeared to be the “Social Security Department,” where another scammer told her that her personal information had been linked to a money laundering investigation. To “protect” her funds, she was then connected to someone claiming to be a U.S. Marshal.

The supposed federal agent convinced her that the money in her bank accounts needed to be “legalized” to keep it safe from the criminals who had stolen her identity. Over multiple visits to her home, the woman handed over cash and gold to people she believed were federal agents protecting her life savings. Instead, she was systematically robbed.

The scam only unraveled when law enforcement, working with the victim, set up a sting operation. When 29-year-old Zabi Ullah Mohammed arrived for what he thought would be another pickup, police were waiting. They found nearly $70,000 in cash in his vehicle, along with airline tickets and rental car documents – evidence of a sophisticated, multi-state operation.

When Tariff Pressure Meets Scam Opportunity

This Montana case isn’t an isolated incident, it’s part of a growing trend that peaks during major shopping events like Prime Day. What makes this year particularly concerning is the economic backdrop driving consumer behavior.

With recently implemented tariffs now in effect, including 25% on certain goods from Canada and Mexico and additional levies on Chinese products, American households are feeling unprecedented financial pressure. Recent polling shows 73% of Americans expect significant price increases in the coming months, while economists project tariffs could cost the average household nearly $1,200 annually.

This economic anxiety is creating a perfect storm for scammers, as our research shows that 46% of shoppers plan to shop more during Prime Day specifically hoping to save money in light of tariff-related price hikes. Older consumers are particularly motivated by these concerns, with 68% of shoppers aged 65+ citing tariff worries as a key driver for increased online shopping – making them prime targets for sophisticated scams promising exclusive deals and savings.

“As inflation and tariffs push more people to hunt for deals, scammers are using generative AI to craft scams that are more polished, personal, and persuasive,” said Abhishek Karnik, Head of Threat Research at McAfee. “From retailer impersonations to hyper-realistic delivery scams, these threats are getting harder to spot. The good news is that the tools to fight back are getting smarter too. The best way to stay safe is to pause before you click, trust your instincts, and use AI-powered protection like McAfee’s Scam Detector to stay one step ahead.”

 

Figure 1. Examples of Amazon tariff and job scams

 

Figure 2. An example of a fake Amazon sign-in page.

 

 

Figure 3. Examples of Amazon phishing scams

 

The Scale of the Problem is Staggering

  • 81% of Americans plan to shop online during Prime Day 2025, creating a massive target pool for scammers
  • 15% of people have already fallen victim to online scams during Prime Day or similar major retail events.
  • Among scam victims, a shocking 84% lost money, with nearly 1 in 4 losing over $500.
  • While 89% of people report taking steps to stay safe, nearly two-thirds (65%) admit they’re not fully confident in their ability to spot a scam. That uncertainty is exactly what scammers are counting on. Designed to blend in with the shopping rush, today’s threats pressure people to click before they think.

The AI Threat is Real

  • 56% of Americans are more concerned about AI-generated scams this year than last year, particularly during major shopping events like Prime Day.
  • 36% of people have encountered deepfake scams involving fake celebrity endorsements during major sale events.
  • Among those who encountered deepfake scams, 71% reported that they or someone they know lost money.

The Vulnerability Factor

Older adults are particularly at risk, with 68% of shoppers aged 65+ saying tariff-related concerns motivate them to shop more online, potentially making them targets for scams promising “deals.” Heavy shoppers face the highest risk, with 23% reporting being scammed during major sale events – more than double the rate of light shoppers. More than one-third (35%) of scam victims don’t tell anyone about being defrauded. The main reasons for staying silent include embarrassment (27%), not wanting to appear gullible (24%), and shame (9%).

The Youth Risk Factor

Younger shoppers are far more likely to take risks on unfamiliar brands — especially on social media. Nearly a quarter of 18–34-year-olds say they’re willing to buy from unknown retailers if the deal looks good, with 22% of 18–24s and 21% of 25–34-year-olds ready to click “buy now” on offers from unknown brands. In stark contrast, older adults (65+) show extreme caution, with only 1% willing to engage with unfamiliar advertisements.

Social Shopping Platforms: Convenience Meets Danger

That openness comes with a serious trade-off. Platforms like TikTok Shop and Instagram Shopping are fast becoming hotspots for scam exposure. Nearly 1 in 3 young shoppers say they’ve encountered deepfake videos of influencers promoting deals or products that turned out to be scams during past sale events, and of those, a staggering 71% say either they or someone they know lost money. With 29% of shoppers browsing TikTok Shop and 10% using Instagram Shopping, these social platforms have become both a go-to destination for deals and a growing cybersecurity risk. The seamless integration of shopping and social content makes it easier than ever for scammers to blend fraudulent offers with legitimate content, creating a perfect storm of vulnerability.

How to Protect Yourself This Prime Day

The good news? These scams are preventable if you know what to watch for and take the right precautions. Here’s your defense playbook:

Verify Before You Trust

  • Amazon will never call you about suspicious account activity or unauthorized purchases
  • Always log into your Amazon account directly through amazon.com to check for real issues
  • Use Amazon’s Message Center – all legitimate communications from Amazon appear there
  • Never give personal information, passwords, or payment details over the phone

Watch for Red Flags

  • Urgent language demanding immediate action (“Your account will be closed in 24 hours!”)
  • Requests for payment via gift cards, wire transfers, or cash
  • Claims that you need to “verify” or “legalize” your money
  • Transfers to “government agencies” during the same call
  • Pressure to keep the call secret or not hang up

How to Protect Your Shopping Experience

  • Enable two-factor authentication on your Amazon account
  • Use strong, unique passwords or passkeys for your shopping accounts
  • Only shop on secure websites (look for “https://” and the padlock icon)
  • Monitor your bank and credit card statements regularly
  • Never click links in suspicious emails – go directly to the retailer’s website instead.
  • Use reputable online protection, such as McAfee’s Scam Detector to keep you safer from online shopping scams
  • Trust your gut – if it feels too urgent or too good to be true, it probably is

While 89% of people plan to take specific safety steps during Prime Day, the sophistication of modern scams means we all need to stay vigilant. The Montana woman’s story shows how even intelligent, cautious people can fall victim to well-orchestrated psychological manipulation.

This Prime Day, remember that the best deal is the one that doesn’t cost you your life savings. Legitimate retailers will never pressure you to act immediately or ask you to pay with untraceable methods. When in doubt, hang up, take a breath, and verify independently. Your skepticism might just save your bank account, and your peace of mind.

Key Takeaway: Amazon, and most other retailers, will not ask you to provide sensitive information over the phone or request payment via gift cards, wire transfers, or cash. When shopping this Prime Day, if something seems suspicious, it probably is. Trust your instincts and verify independently.

The post How to Shop Safely During Amazon Prime Day appeared first on McAfee Blog.

Why Public Wi-Fi at Tourist Hotspots is a Goldmine for Hackers 

By: Jasdev Dhaliwal

Picture this: You’ve just arrived at a bustling airport, exhausted from your journey but excited for your vacation. While waiting for your connecting flight, you pull out your phone to share that first travel selfie or check your hotel reservation. You spot the airport’s free Wi-Fi network and connect without a second thought. What you don’t realize is that you may have just handed cybercriminals the keys to your digital life. 

Tourist hotspots—airports, hotels, cafes, and popular destinations have become hunting grounds for hackers who exploit the very convenience that makes these locations attractive to travelers. The combination of rushed tourists, ubiquitous free Wi-Fi, and relaxed security awareness creates the perfect storm for cybercrime. 

The Shocking Reality: You’re More Vulnerable Than You Think 

The statistics paint an alarming picture of just how dangerous public Wi-Fi can be for travelers: 

  • 25% of travelers are hacked while using public Wi-Fi abroad 
  • 40% of people have had their information compromised while using public Wi-Fi networks 
  • One in four Wi-Fi hotspots are just waiting to be hacked 
  • 78% of people don’t use VPN protection while connected to public Wi-Fi during travel 

These aren’t just numbers—they represent real people whose vacations turned into identity theft nightmares, drained bank accounts, and compromised personal information that can haunt them for years. 

Why Tourist Hotspots Are Hacker Paradise

Airport Wi-Fi is known to be a “hacker honeypot” due to typically lax security. Think about it: thousands of tired, distracted travelers pass hrough daily, each carrying devices loaded with personal and financial information. Just one airport network could hold hundreds to thousands of potential targets. 

Hotels: Your Safe Haven Isn’t So Safe

Unsecured hotel networks can be accessed by anyone near the hotel, allowing them to monitor traffic to connected devices. Many hotels prioritize convenience over security, offering open networks that make it trivially easy for cybercriminals to intercept your data. 

Cafes and Tourist Attractions: Where Convenience Meets Vulnerability

Popular cafes, restaurants, and tourist attractions often offer free Wi-Fi as a customer amenity. However, public Wi-Fi networks are typically unencrypted, meaning data transmitted over these networks can be intercepted by hackers. 

The Hacker’s Playbook: How They Turn Your Connection Into Cash

Evil Twin Networks: The Perfect Impersonation

Cybercriminals are now updating an old cybercrime tactic called “evil twin” attacks. Here’s how it works: hackers create fake Wi-Fi networks with names that closely resemble legitimate ones. Instead of connecting to “Airport_WiFi,” you might accidentally connect to “Airport_Wi-Fi” or “Airport_Free_WiFi.” The miniaturization of digital twinning technology has made this kind of cyberattack more appealing to hackers, with the technology to pull it off available for less than $500. 

Man-in-the-Middle Attacks: The Digital Eavesdropper

The biggest threat to free Wi-Fi security is the ability for hackers to position themselves between you and the connection point. Instead of your data going directly to its intended destination, it first passes through the hacker’s system, giving them access to everything: emails, passwords, credit card information, and even business credentials. 

Packet Sniffing: Reading Your Digital Mail 

Hackers use packet sniffing tools to capture and analyze traffic, extracting personal information from unsuspecting users. This sophisticated technique allows cybercriminals to intercept and read data that isn’t properly encrypted, turning your private communications into an open book. 

Malware Distribution: The Unwanted Souvenir

Hackers can use an unsecured Wi-Fi connection to distribute malware. Some have even managed to hack connection points themselves, causing pop-up windows to appear offering fake software updates that actually install malicious code on your device. 

The Psychology Behind Tourist Vulnerability

Vacation Brain: When Guards Come Down

When on vacation, people tend to forget about their online security,” said cybersecurity expert Daniel Markuson. The excitement of travel combined with the stress of navigating unfamiliar places creates a perfect storm where normal security awareness takes a backseat to convenience. 

The Urgency Factor 

“It is typical to scroll through your phone while waiting for a flight or train. However, when on vacation, people tend to forget about their online security. Hackers take advantage of that and use the public Wi-Fi network weaknesses in airports and train stations to get their hands onto sensitive personal or corporate data”. 

McAfee Mobile Security: Your Digital Bodyguard for Every Journey

Understanding these threats is the first step, but protection requires the right tools. McAfee Mobile Security, available on both the Google Play Store and iOS App Store for iPhones, provides comprehensive protection designed specifically for the challenges travelers face. 

McAfee Secure VPN: Bank-Grade Protection in Your Pocket

McAfee’s automatic VPN proxy ensures secure browsing and hides your IP address for added privacy, while the network scanner and Wi-Fi security verify connections, keeping you safe on public networks. 

Key VPN Features:

  • Automatic Activation: McAfee unlimited VPN turns on automatically to protect your personal data and credit card info, so you can bank, shop, and browse online privately anywhere you go 
  • Bank-Grade Encryption: McAfee VPN for Android and iPhone gives you access to bank-grade Wi-Fi encryption so you can browse in confidence 
  • Global Server Network: Connect to different countries and change your location & IP address 

Wi-Fi Security Scanner: Your Network Detective

Receive alerts when connecting to an unsecured Wi-Fi network or hotspot. Wi-Fi scan analyzes networks for security and ensures a safer online connection. This feature acts as your personal network security expert, warning you before you connect to potentially dangerous networks. 

Real-Time Threat Protection

Safe Browsing Protection: Block malicious websites automatically so you can browse safely. Safe browsing alerts protect you from phishing and leaking personal info. 

Text and Email Scam Detection: Text scam protection filters risky messages and phishing attempts, and blocks harmful sites. Identify risky emails and get scam warnings with email scam protection. 

Getting Protected: Download McAfee Mobile Security Today

For Android Users: McAfee Mobile Security is available on the Google Play Store. The app combines antivirus protection, VPN security, and identity monitoring in one comprehensive package. 

For iPhone Users: iOS users can download McAfee Security from the App Store, providing the same robust protection optimized for Apple devices. 

Beyond VPN: Additional Travel Security Best Practices

While McAfee’s mobile security provides robust protection, combining it with smart travel habits creates an impenetrable defense: 

Verify Network Names Always confirm the exact Wi-Fi network name with establishment staff. Hackers create fake Wi-Fi hotspots that have convincing names designed to trick travelers. 

Use Mobile Hotspot When Possible “My favorite way to avoid evil twin attacks is to use your phone’s mobile hotspot if possible,” said cybersecurity expert Brian Callahan. This creates a secure, personal network that only you control. 

Disable Auto-Connect Set your mobile device to ‘ask’ before it connects to a Wi-Fi network, rather than automatically connecting to an available network. This simple setting prevents your device from automatically connecting to malicious networks. 

Keep Software Updated Updates often include security patches that address vulnerabilities and protect against emerging threats. Before traveling, ensure all your devices and security software are current. 

The Cost of Complacency vs. The Value of Protection

Consider the true cost of a security breach while traveling: 

  • Identity theft recovery can take months or years 
  • Fraudulent charges can drain bank accounts 
  • Compromised business credentials can affect your career 
  • Stolen personal photos and information can be used for extortion 

Compare this to the minimal cost of McAfee Mobile Security, which provides comprehensive protection for less than the price of a coffee at most airport cafes. 

Looking Ahead: The Evolving Threat Landscape

As cyber threats evolve, traditional security measures like VPNs may no longer be sufficient on their own. However, McAfee’s mobile security suite evolves continuously, incorporating the latest threat intelligence and protection technologies to stay ahead of cybercriminals. 

The integration of AI-powered threat detection, real-time network analysis, and behavioral monitoring means your protection improves automatically as new threats emerge. 

Your Next Steps: Travel Smart, Stay Protected

Don’t let cybercriminals turn your dream vacation into a digital nightmare. Before your next trip: 

  1. Download McAfee Mobile Security from the Google Play Store or iOS App Store 
  2. Enable automatic VPN protection for seamless security 
  3. Configure Wi-Fi scanning to alert you to unsafe networks 
  4. Review your travel security settings to ensure optimal protection 

With the right cybersecurity tools, it’s easy to surf the web securely while exploring new destinations. McAfee Mobile Security ensures that your only worry while traveling is choosing which adventure comes next not whether your personal information is safe. 

Your journey should be about creating memories, not dealing with the aftermath of cybercrime. With McAfee Mobile Security protecting your digital life, you can focus on what really matters: enjoying every moment of your travels while staying completely secure. Ready to protect your travels? Download McAfee Mobile Security today from the Google Play Store or iOS App Store and travel with confidence, knowing your digital life is secure no matter where your adventures take you. 

 

The post Why Public Wi-Fi at Tourist Hotspots is a Goldmine for Hackers  appeared first on McAfee Blog.

How Criminals Are Using AI to Clone Travel Agents and Steal Your Money

By: Jasdev Dhaliwal

Your dream vacation could become a nightmare if you fall for these sophisticated AI-powered scams. The travel industry is experiencing an unprecedented surge in AI-powered fraud. What started as simple fake booking websites has evolved into something far more sinister: criminals are now using artificial intelligence to clone the voices and identities of trusted travel agents, creating convincing impersonations that can fool even the most cautious travelers. 

Recent data paints a sobering picture. Booking.com reports a staggering 500 to 900 percent increase in travel scams over the past 18 months, largely driven by AI technology. McAfee research reveals that 30 percent of adults have either fallen victim to online travel scams or know someone who has while trying to save money on travel. 

The New Face of Travel Fraud: AI Voice Cloning

Gone are the days when scammers relied solely on poorly written emails with obvious typos. Today’s travel fraudsters are weaponizing AI voice cloning technology that requires as little as three seconds of audio to create a convincing replica of someone’s voice. Here’s how these sophisticated scams typically unfold: 

The Setup: Criminals research legitimate travel agents, tour operators, or booking specialists through social media, company websites, and online videos. They harvest voice samples from promotional videos, webinars, or even customer service recordings. 

The Clone: Using readily available AI tools—some costing as little as $5 to $10 per month—scammers create voice clones that perfectly mimic speech patterns, accents, and even emotional nuances of real travel professionals. 

The Hook: Armed with these cloned voices, criminals make convincing phone calls to potential victims, often claiming to represent established travel agencies or offering “exclusive” deals that create urgency to book immediately. 

Red Flags: How to Spot AI-Cloned Travel Agents 

While AI voice cloning technology has become incredibly sophisticated, there are still warning signs you can watch for: 

Listen for inconsistencies: Pay attention to unusual word choices, stilted language, or responses that seem rehearsed or robotic. AI-generated voices may struggle with emotional range or natural conversation flow. 

Verify through multiple channels: If someone claiming to be a travel agent unexpectedly contacts you, hang up and call the agency directly using a number you find independently—never redial the number that called you. 

Be wary of pressure tactics: Legitimate travel agents won’t pressure you to book immediately or demand payment through untraceable methods like wire transfers, cryptocurrency, or gift cards. 

Check for licensing and credentials: Ask for specific licensing information and verify it independently. Real travel agents are typically registered with industry organizations and local business bureaus. 

Beyond Voice Cloning: The Full Arsenal of AI Travel Scams

Voice cloning is just one weapon in the modern scammer’s arsenal. Criminals are also using AI to: 

Create convincing fake websites: AI tools can quickly generate professional-looking travel booking sites that mirror legitimate companies, complete with stolen branding and customer reviews. 

Generate fake reviews: AI-written testimonials can flood fake listings with glowing five-star reviews that seem authentic but are entirely fabricated. 

Produce deepfake videos: Some sophisticated scams now include video calls featuring AI-generated faces that can interact in real-time, making the deception even more convincing. 

Automate phishing campaigns: AI helps criminals create personalized emails and messages that target specific individuals based on their travel history and preferences. 

The Financial Impact: Why These Scams Are So Devastating

The financial consequences of AI-powered travel scams can be catastrophic. VPNRanks predicts that travel scam losses could reach $13 billion globally by 2025, with an average loss of nearly $1,000 per victim. Even more concerning, business travelers face a 65 percent higher risk of falling victim compared to leisure travelers. 

The sophistication of these scams means that even cybersecurity-savvy individuals can be caught off guard. In one notable case, a finance worker in Hong Kong was tricked by an AI-powered deepfake video call into transferring over $25 million to criminals who had used publicly available footage to impersonate multiple senior executives. 

How McAfee Protects You from AI-Powered Travel Scams

At McAfee, we understand that the same AI technology enabling these scams can also be our best defense against them. Our comprehensive McAfee+ protection suite includes several key features specifically designed to combat these emerging threats: 

McAfee Scam Detector: Our AI technology powers advanced scam detection that can identify suspicious patterns and behaviors. This includes recognizing potentially fraudulent communications before they reach you on text messages, email and even deepfake protection. 

Identity Monitoring and Alerts: Our comprehensive identity monitoring watches for signs that your personal information may have been compromised—a critical early warning system since scammers often research their targets extensively before launching attacks. 

Safe Browsing Protection: When you’re researching travel options online, our web advisor protection features block access to known malicious sites and warn you about suspicious domains in real-time. 

Personal Data Cleanup: We help remove your personal information from data broker sites that scammers often use to research potential victims, reducing your exposure to targeted attacks. 

Your Defense Strategy: Staying Safe in the Age of AI Scams

Protection against AI-powered travel scams requires a multi-layered approach combining technology, awareness, and smart practices: 

Verify independently: Always confirm travel arrangements through official channels. If someone calls claiming to represent a travel company, hang up and call the company directly using contact information from their official website. 

Be skeptical of urgency: Legitimate travel deals don’t require immediate action. Take time to research and verify any offer, especially if it involves upfront payments or personal information. 

Use secure payment methods: Avoid wire transfers, cryptocurrency, or gift cards for travel payments. Use credit cards that offer fraud protection and dispute resolution. 

Limit social media exposure: Be cautious about posting travel plans, photos, or videos that could provide scammers with material to clone your voice or research your activities. 

Trust your instincts: If something feels off about a conversation or offer, don’t ignore that feeling. It’s better to miss out on a potentially legitimate deal than fall victim to a sophisticated scam. 

The Road Ahead: Preparing for Future Threats

As AI technology continues to evolve, we can expect travel scams to become even more sophisticated. Future threats may include real-time deepfake video calls, AI-generated virtual travel agents with full conversational abilities, and hyper-personalized scams based on extensive data analysis. 

The key to staying protected is maintaining vigilance while leveraging advanced security tools. McAfee’s AI-powered protection evolves continuously to stay ahead of emerging threats, providing you with the most current defense against the latest scamming techniques. 

Your dream vacation should remain exactly that—a dream come true, not a financial nightmare. By staying informed about these threats and using comprehensive protection like McAfee’s identity and scam protection services, you can travel with confidence, knowing you’re protected against even the most sophisticated AI-powered fraud attempts. 

Remember: in our digital age, the best travel companion isn’t just a good guidebook—it’s robust cybersecurity protection that travels with you wherever you go.  

Ready to protect yourself from AI-powered scams? Learn how McAfee+ and its comprehensive identity theft protection and AI-powered scam detection is designed to keep you safe while traveling and beyond. 

The post How Criminals Are Using AI to Clone Travel Agents and Steal Your Money appeared first on McAfee Blog.

16 Billion Stolen Logins for Apple, Google, Facebook and More: How to Stay Safe

By: Jasdev Dhaliwal
easy passwords written on sticky notes

Reports last week detail a “16 billion password leak”, with major news outlets worldwide proclaiming this as one of the “largest data breach in history. The exposed dataset appears to be a massive compilation of previously leaked login credentials combined with recent information harvested from devices infected with a type of malware called an infostealer. The vast amount of stolen login credentials, especially from the platforms people use and rely on every day, serves as a powerful reminder of the need for up-to-date online security combined with strong cyber hygiene. 

Why This Matters  

If cybercriminals get hold of your login credentials, the consequences can be serious—think hijacked social media accounts, stolen identities, phishing attacks launched from your personal email account, and potentially even financial loss. The good news? You can take action right now to boost your security and stay protected from scammers. 

The Real Threat You’re Facing 

Don’t let the “old data” narrative fool you into complacency. As McAfee CTO Steve Grobman notes: “With over 16 billion login credentials exposed worldwide, the scale of this breach is a stark reminder of the prevalence of data leaks and the importance of practicing good cyber hygiene.” 

This compilation represents a significant threat because: 

Password Reuse Amplifies Risk: If you reuse passwords across multiple sites, one stolen credential can unlock multiple accounts.  

Social Media Account Takeovers: “Email and social media logins are particularly valuable, as they allow scammers to reset passwords and dig even deeper into someone’s digital life, even impersonating victims,” Grobman explains. 

Identity theft: With access to information, like the username and password for your banking or financial account, cybercriminals could steal your identity to open new accounts, apply for loans, and commit fraud. 

Increase in Phishing Attacks: In Grobman’s words: “For cybercriminals, this data is gold. It gives them everything they need to scam, impersonate, and steal. With a trove of personal information circulating widely, people should be on high alert for targeted scam emails and texts that look like they’re from trusted brands or known contacts.” 

Ongoing Infostealer Infections on Unprotected Devices: New databases appear “every few weeks” with “fresh, weaponizable intelligence” which means that without the right protection you may have malware on your device silently stealing your data. And according to the researchers, the problem isn’t getting better—it’s accelerating. 

Your Action Plan: Focus on What Matters 

Following McAfee’s official guidance, here’s what you need to do immediately: 

Step 1: Check for Infections First

Before changing any passwords, scan your devices for malware. If you’re concerned that an infostealer might be present on your computer, scan your device with a trusted antivirus program before changing any passwords. Otherwise, newly entered credentials could be stolen as well. 

Step 2: Update Critical Passwords

Steve Grobman’s recommendation is clear: “Now is the time to update passwords – especially for email, banking, and shopping accounts.” You should:  

  • Audit your password reuse—if you use the same password on multiple sites, prioritize changing those first. 
  • Focus on critical accounts: Email, banking, social media, and shopping sites. 

Step 3: Implement Strong Authentication

Enable Two-Factor Authentication everywhere possible. As our CTO recommends: “Enable two-factor authentication wherever possible” to add that crucial second layer of security. 

Use authenticator apps, such as Google Authenticator, Duo, and Authy, and do not use SMS. You should avoid using SMS texts to receive 2FA codes, as threat actors can conduct SIM-swapping attacks to hijack your phone number and obtain them. 

Step 4: Deploy Scam Detection Technology

Given the elevated risk of targeted scams using your real information, Grobman specifically recommends: ” Use scam detection technology, like McAfee’s Scam Detector, to help flag risky messages before they cause harm.” 

Why Professional Identity Protection Is More Critical Than Ever 

While this specific data compilation may contain both older and newer data, it highlights a fundamental truth: your credentials are constantly being targeted by cybercrooks. 

The Infostealer Epidemic

The infostealer problem has gotten so pervasive that manual monitoring simply isn’t sufficient anymore. You need automated, professional-grade protection that works 24/7. 

How McAfee+ Addresses Modern Threats 

  • Scam Detection: We protect you from scams with a powerful, AI-powered defense system that works across all your devices. Our scam protection technology identifies and blocks phishing attempts that use your real credentials from compilations like this 16 billion record database. 
  • Comprehensive Dark Web Monitoring: We continuously scan the dark web, including criminal marketplaces, where infostealer logs and credential compilations are sold, alerting you immediately if your information appears in new dumps. 
  • Credit Monitoring: Our Advanced and Ultimate plans provide up to three-bureau credit monitoring, catching activity on your credit report that may be indicators of identity fraud. 
  • Personal Data Cleanup: One of our most powerful features automatically removes your information from data broker databases—the same sources that often feed into massive credential compilations. By reducing your digital footprint, we make you a harder target. 
  • Expert Identity Restoration: If criminals successfully use old credentials to compromise your identity, our specialist team provides step-by-step guidance for complete recovery, backed by up to $2 million in identity theft insurance.

Proactive vs. Reactive Security

Traditional approaches wait for you to discover you’ve been compromised. McAfee’s approach is different: 

  • Monitor continuously for your personal info where it shouldn’t be. 
  • Alert immediately when threats are detected. 
  • Respond automatically to remove your data from risky sources. 
  • Restore professionally if you’ve been impacted by a breach. 

The Bigger Picture: Why This Won’t Be the Last

There are thousands, if not hundreds of thousands, of similarly leaked archives being shared online, resulting in billions of credentials records released for free. This 16 billion record compilation is just the latest in an ongoing parade of massive credential dumps. 

Previous Examples:

  • Countless smaller compilations are released weekly 

The Trend Is Accelerating: As infostealers have become so abundant and commonly used, threat actors release massive compilations for free on Telegram, Pastebin, and Discord to build reputation and attract customers to their paid services. 

Long-Term Protection Strategy

Assume You’re Already Compromised

Given the scale of credential theft over the years, assume some of your information is already in criminal hands. This mindset shift changes everything: 

  • Use unique passwords everywhere—password reuse is your biggest vulnerability 
  • Enable 2FA on all critical accounts—your second line of defense 
  • Monitor automatically—manual checks may cost you precious time needed to change your password and secure your login. 
  • Respond quickly—time is critical when credentials are exploited 

Build Defense in Depth

  • Network Security: Use VPNs on public networks and be cautious about which devices access sensitive accounts. 
  • Identity Monitoring: An automated service that scans the dark web and lets you know if your personal info is found there. 
  • Credit and Transaction Monitoring: Lets you know if you have activity on your credit report and financial accounts. 

Take Action: Don’t Wait for the Next Data Leak

Your credentials are valuable to criminals, and they’re actively working to steal and exploit them. The question isn’t whether your information will appear in future compilations—it’s whether you’ll be protected when it does. 

McAfee Identity Monitoring provides timely dark web alerts, complete with guidance on how to quickly secure your info if they’re found in breaches. 

Get McAfee+, with all-in-one scam, privacy, and identity protection and gain immediate access to: 

  • Dark web monitoring for timely alerts and quick steps to fix breaches. 
  • Personal data cleanup to remove your info from data broker sites. 
  • Credit and Transaction Monitoring 
  • Expert identity restoration support 
  • Up to $2 million in identity theft insurance 
  • AI-powered scam protection 
  • 24/7 security support 

Remember: Take this opportunity to update your passwords immediately and improve your cybersecurity habits — because the threat is real, ongoing, and growing. 

 

 

The post 16 Billion Stolen Logins for Apple, Google, Facebook and More: How to Stay Safe appeared first on McAfee Blog.

Navigating cybersecurity challenges in the early days of Agentic AI 

By: German Lancioni

As we continue to evolve the field of AI, a new branch that has been accelerating recently is Agentic AI. Multiple definitions are circulating, but essentially, Agentic AI involves one or more AI systems working together to accomplish a task using tools in an unsupervised fashion. A basic example of this is tasking an AI Agent with finding entertainment events I could attend during summer and emailing the options to my family. 

Agentic AI requires a few building blocks, and while there are many variants and technical opinions on how to build, the basic implementation typically includes a Reasoning LLM (Large Language Model) – like the ones behind ChatGPT, Claude, or Gemini – that can invoke tools, such as an application or function to perform a task and return results. A tool can be as simple as a function that returns the weather, or as complex as a browser commanding tool that can navigate through websites. 

While this technology has a lot of potential to augment human productivity, it also comes with a set of challenges, many of which haven’t been fully considered by the technologists working on such systems. In the cybersecurity industry, one of the core principles we all live by is implementing “security by design”, instead of security being an afterthought. It is under this principle that we explore the security implications (and threats) around Agentic AI, with the goal of bringing awareness to both consumers and creators: 

  • As of today, Agentic AI has to meet a high bar to be fully adopted in our daily lives. Think about the precision required for billing or healthcare related tasks, or the level of trust customers would need to have to delegate sensitive tasks that could have financial or legal consequences. However, bad actors do not play by the same rules and do not require any “high bar” to leverage this technology to compromise victims. For example, a bad actor using Agentic AI to automate the process of researching (social engineering) and targeting victims with phishing emails is satisfied with an imperfect system that is only reliable 60% of the time, because that’s still better than attempting to manually do it, and the consequences associated with “AI errors” in this scenario are minimum for cybercriminals. In another recent example, Claude AI was exploited to orchestrate a campaign that created and managed fake personas (bots) on social media platforms, automatically interacting with carefully selected users to manipulate political narratives. Consequently, one of the threats that is likely to be fueled by malicious AI Agents is scams, regardless of these being delivered by text, email or deepfake video. As seen in recent news, crafting a convincing deepfake video, writing a phishing email or leveraging the latest trend to scam people with fake toll texts is, for bad actors, easier than ever thanks to a plethora of AI offerings and advancements. In this regard, AI Agents have the potential to continue increasing the ROI (Return on Investment) for cybercriminals, by automating aspects of the scam campaign that have been manual so far, such as tailoring messages to target individuals or creating more convincing content at scale. 
  • Agentic AI can be abused or exploited by cybercriminals, even when the AI agent is in the hands of a legitimate user. Agentic AI can be quite vulnerable if there are injection points. For example, AI Agents can communicate and take actions by interacting in a standardized fashion using what is known as MCP (Model Context Protocol). The MCP acts as some sort of repository where a bad actor could host a tool with a dual purpose. For example, a threat actor can offer a tool/integration via MCP that on the surface helps an AI browse the web, but behind the scenes, it exfiltrates data/arguments given by the AI. Or by the same token, an Agentic AI reading let’s say emails to summarize them for you could be compromised by a carefully crafted “malicious email” (known as indirect prompt injection) sent by the cybercriminal to redirect the thought process of such AI, deviating it from the original task (summarizing emails) and going rogue to accomplish a task orchestrated by the bad actor, like stealing financial information from your emails. 
  • Agentic AI also introduces vulnerabilities through inherently large chances of error. For instance, an AI agent tasked with finding a good deal for buying marketing data could end up in a rabbit hole buying illegal data from a breached database on the dark web, even though the legitimate user never intended to. While this is not triggered by a bad actor, it is still dangerous given the large number of possibilities on how an AI Agent can behave, or derail, given a poor choice of task description. 

With the proliferation of Agentic AI, we will see both opportunities to make our life better as well as new threats from bad actors exploiting the same technology for their gain, by either intercepting and poisoning legitimate users AI Agents, or using Agentic AI to perpetuate attacks. With this in mind, it’s more important than ever to remain vigilant, exercise caution and leverage comprehensive cybersecurity solutions to live safely in our digital world.

The post Navigating cybersecurity challenges in the early days of Agentic AI  appeared first on McAfee Blog.

How To Do A Virus Scan

By: McAfee

New online threats emerge every day, putting our personal information, money and devices at risk. In its 2024 Internet Crime Report, the Federal Bureau of Investigation reports that 859,532 complaints of suspected internet crime—including ransomware, viruses and malware, data breaches, denials of service, and other forms of cyberattack—resulted in losses of over $16 billion—a 33% increase from 2023.

That’s why it is essential to stay ahead of these threats. One way to combat these is by conducting virus scans using proven software tools that constantly monitor and check your devices while safeguarding your sensitive information. In this article, we’ll go through everything you need to know to run a scan effectively to keep your computers, phones and tablets in tip-top shape.

What does a virus scan do?

Whether you think you might have a virus on your computer or devices or just want to keep them running smoothly, it’s easy to do a virus scan.

Each antivirus program works a little differently, but in general the software will look for known malware with specific characteristics, as well as their variants that have a similar code base. Some antivirus software even checks for suspicious behavior. If the software comes across a dangerous program or piece of code, the antivirus software removes it. In some cases, a dangerous program can be replaced with a clean one from the manufacturer.

Unmistakeable signs of a virus in your device

Before doing a virus scan, it is useful to know the telltale signs of viral presence in your device. Is your device acting sluggish or having a hard time booting up? Have you noticed missing files or a lack of storage space? Have you noticed emails or messages sent from your account that you did not write? Perhaps you’ve noticed changes to your browser homepage or settings? Maybe you’re seeing unexpected pop-up windows, or experiencing crashes and other program errors. These are just some signs that your device may have a virus, but don’t get too worried yet because many of these issues can be resolved with a virus scan.

Are free virus scanner tools safe and sufficient?

Free virus scanner tools, both in web-based and downloadable formats, offer a convenient way to perform a one-time check for malware. They are most useful when you need a second opinion or are asking yourself, “do I have a virus?” after noticing something suspect.

However, it’s critical to be cautious. For one, cybercriminals often create fake “free” virus checker tools that are actually malware in disguise. If you opt for free scanning tools, it is best to lean on highly reputable cybersecurity brands. On your app store or browser, navigate to a proven online scanning tool with good reviews or a website whose URL starts with “https” to confirm you are in a secure location.

Secondly, free tools are frequently quite basic and perform only the minimum required service. If you choose to go this path, look for free trial versions that offer access to the full suite of premium features, including real-time protection, a firewall, and a VPN. This will give you a glimpse of a solution’s comprehensive, multi-layered security capability before you commit to a subscription.

Cloud-based virus solutions

If safeguarding all your computers and mobile devices individually sounds overwhelming, you can opt for comprehensive security products that protect computers, smartphones and tablets from a central, cloud-based hub, making virus prevention a breeze. Many of these modern antivirus solutions are powered by both local and cloud-based technologies to reduce the strain on your computer’s resources.

Online virus scan: A step-by-step guide

This guide will walk you through the simple steps to safely scan your computer using reliable online tools, helping you detect potential threats, and protect your personal data.

1. Choose a trusted provider

When selecting the right antivirus software, look beyond a basic virus scan and consider these key features:

  • Real-time protection. This is paramount, as it actively blocks threats before they can execute.
  • An effective solution must also have a minimal performance impact so it doesn’t slow down your device.
  • Look for a program with an intuitive interface that makes it easy to schedule scans and manage settings.
  • The best protection goes beyond a simple virus detector. It should include features such as a firewall, a secure VPN for safe browsing, and identity protection.
  • Look for reliable brands with positive reviews and clear privacy policies, and that provide a powerful virus scanner and proactive protection for both Android and iOS devices.

2. Initiate the scan

The process of checking for viruses depends on the device type and its operating system. Generally, however, the virus scanner will display a “Scan” button to start the process of checking your system’s files and apps.

Here are more specific tips to help you scan your computers, phones and tablets:

On a Windows computer

If you use Windows 11, go into “Settings” and drill down to the “Privacy & Security > Windows Security > Virus & Threat Protection” tab, which will indicate if there are actions needed. This hands-off function is Microsoft’s own basic antivirus solution called Windows Defender. Built directly into the operating system and enabled by default, this solution provides a baseline of protection at no extra cost for casual Windows users. However, Microsoft is the first to admit that it lags behind specialized paid products in detecting the very latest zero-day threats.

On a Mac computer

Mac computers don’t have a built-in antivirus program, so you will have to download security software to do a virus scan. As mentioned, free antivirus applications are available online, but we recommend investing in trusted software that is proven to protect you from cyberthreats.

If you decide to invest in more robust antivirus software, running a scan is usually straightforward and intuitive. For more detailed instructions, we suggest searching the software’s help menu or going online and following their step-by-step instructions.

On smartphones and tablets

Smartphones and tablets are powerful devices that you likely use for nearly every online operation in your daily life from banking, emailing, messaging, connecting, and storing personal information. This opens your mobile device to getting infected through malicious apps, especially those downloaded from unofficial stores, phishing links sent via text or email, or by connecting to compromised wi-fi networks.

Regular virus scans with a mobile security software are crucial for protecting your devices. Be aware, however, that Android and IOS operating systems merit distinct solutions.

Antivirus products for Android devices abound due to this system’s open-source foundation. However, due to Apple’s strong security model, which includes app sandboxing, traditional viruses are rare on iPhones and iPads. However, these devices are not immune to all threats. You can still fall victim to phishing scams, insecure Wi-Fi networks, and malicious configuration profiles. Signs of a compromise can include unusual calendar events, frequent browser redirects, or unexpected pop-ups.

Apple devices, however, closed platform doesn’t easily accommodate third-party applications, especially unvetted ones. You will most likely find robust and verified antivirus scanning tools on Apple’s official app store.

Scanning files and attachments safely

Before you open any downloaded file or email attachment, it’s wise to check it for threats. To perform a targeted virus scan on a single file, simply right-click the file in Windows Explorer or macOS Finder and select the “Scan” option from the context menu to run the integrated virus checker on a suspicious item.

For an added layer of security, especially involving files from unknown sources, you can use a web-based file-checking service that scans for malware. These websites let you upload a file, which is then analyzed by multiple antivirus engines. Many security-conscious email clients also automatically scan incoming attachments, but a manual scan provides crucial, final-line defense before execution.

3. Review scan results and take action

Once the scan is complete, the tool will display a report of any threats it found, including the name of the malware and the location of the infected file. If your antivirus software alerts you to a threat, don’t panic—it means the program is doing its job.

The first and most critical step is to follow the software’s instructions. It might direct you to quarantine the malicious file to isolate the file in a secure vault where it can no longer cause harm. You can then review the details of the threat provided by your virus scanner and choose to delete the file permanently, which is usually the safest option.

After the threat is handled, ensure your antivirus software and operating system are fully updated. Finally, run a new, full system virus scan to confirm that all traces of the infection have been eliminated. Regularly backing up your important data to an external drive or cloud service can also be a lifesaver in the event of a serious infection.

4. Schedule an automatic scan for continuous protection

The most effective way to maintain your device’s security is to automate your defenses. A quality antivirus suite allows you to easily schedule a regular virus scan so you’re always protected without having to do it manually. A daily quick scan is a great habit for any user; it’s fast and checks the most vulnerable parts of your system. Most antivirus products regularly scan your computer or device in the background, so a manual scan is only needed if you notice something dubious, like crashes or excessive pop-ups. You can also set regular scans on your schedule, but a weekly full scan is ideal.

Final thoughts

These days, it is essential to stay ahead of the wide variety of continuously evolving cyberthreats. Your first line of defense against these threats is to regularly conduct a virus scan. You can choose among the many free yet limited-time products or comprehensive, cloud-based solutions.

While many free versions legitimately perform their intended function, it’s critical to be cautious as these are more often baseline solutions while some are malware in disguise. They also lack the continuous, real-time protection necessary to block threats proactively.

A better option is to invest in verified, trustworthy, and all-in-one antivirus products like McAfee+ that, aside from its accurate virus scanning tool, also offers a firewall, a virtual private network, and identity protection. For complete peace of mind, upgrading to a paid solution like McAfee Total Protection is essential for proactively safeguarding your devices and data in real-time, 24/7.

The post How To Do A Virus Scan appeared first on McAfee Blog.

7 Signs Your Phone Has a Virus and What You Can Do

By: McAfee

We use our smartphones for everything under the sun, from work-related communication to online shopping, banking transactions, and social media. For this reason, our phones store a lot of personal data, including contacts, account details, and bank account logins

High online usage also makes your devices vulnerable to viruses, a type of malware that replicate themselves and spread throughout the entire system. They can affect your phone’s performance or, worse, compromise your sensitive information so that hackers can benefit monetarily.

In this article, we will give you a rundown of viruses that can infect your phone and how you can identify and eliminate them. We will also provide some tips for protecting your phone from viruses in the first place.

iOS vs Android

iPhones and Android devices run on different operating systems, hence differences in how they resist viruses and how these affect each system.

While iOS hacks can still happen, Apple’s operating system is reputed to be highly resistant from viruses because of its design. By restricting interactions between apps, Apple’s operating system limits the movement of a virus across the device. However, if you jailbreak your iPhone or iPad to unlock other capabilities or install third-party apps, then the security restrictions set by Apple’s OS won’t work. This exposes your iPhone and you to vulnerabilities that cybercriminals can exploit. 

Android phones, while also designed with cybersecurity in mind, rely on open-source code, making them an easier target for hackers. Additionally, giving users the capability to install third-party apps from alternative app stores such as the Amazon or Samsung Galaxy app stores makes Android devices open to viruses. 

Types of phone viruses

Cybercriminals today are sophisticated and can launch a variety of cyberattacks on your smartphone. Some viruses that can infect your phone include: 

  • Malware: Malware encompasses programs that steal your information or take control of your device without your permission.
  • Adware: These are ads that can access information on your device if you click on them.
  • Ransomware: These prevent you from accessing your phone again unless you pay a ransom to the hacker. The hacker may also use your personal data such as pictures as blackmail.
  • Spyware: This tracks your browsing activity, then steals your data or affects your phone’s performance.
  • Trojan: Aptly named, this type of virus hides inside an app to take control of or affect your phone and data.

Common ways phones get infected

Ultimately, contracting a virus on your phone or computer comes down to your browsing and downloading habits. These are the most common ways it could happen:

  • Clicking on links or attachments from unverified sources, and mostly distributed through emails and text messages
  • Clicking on seemingly innocent ads that take you to an unsecured webpage or download mobile malware to your device
  • Visiting questionable websites, often ignoring security warnings
  • Downloading malicious apps from unverified sources, usually outside the Apple App Store or Google Play Store
  • Connecting to an unsecured internet connection like public wi-fi

7 signs your phone has a virus

Now that you know how your phone could be infected by a virus, look out for these seven signs that occur when malicious software is present:

1. You see random pop-up ads or new apps

Most pop-up ads don’t carry viruses but are only used as marketing tools. However, if you find yourself closing pop-up ads more often than usual, it might indicate a virus on your phone. These ads might be coming from apps in your library that you didn’t install. In this case, uninstall them immediately as they tend to carry malware that’s activated when the app is opened or used.

2. Your device feels physically hot

When you accidentally download apps that contain malware, your device has to work harder to continue functioning. Since your phone isn’t built to support malware, there is a good chance it will overheat.

3. Random messages are sent to your contacts

If your contacts receive unsolicited scam emails or messages on social media from your account, especially those containing suspicious links, a virus may have accessed your contact list. It’s best to let all the recipients know that your phone has been hacked so that they don’t download any malware themselves or forward those links to anybody else.

4. The device responds slowly

An unusually slow-performing device is a hint of suspicious activity on your phone. The device may be slowing down because it is working harder to support the downloaded virus. Alternatively, unfamiliar apps might be taking up storage space and running background tasks, causing your phone to run slower.

5. You find fraudulent charges on your accounts

Are you finding credit card transactions in your banking statements that you don’t recognize? It could be an unfamiliar app or malware making purchases through your account without your knowledge.

6. The phone uses excess data

A sudden rise in your data usage or phone bill can be suspicious. A virus might be running background processes or using your internet connection to transfer data out of your device for malicious purposes.

7. Your battery drains quickly

An unusually quick battery drain may also cause concern. Your phone will be trying to meet the energy requirements of the virus, so this problem is likely to persist for as long as the virus is on the device.

How to Detect and Remove a Virus on Your Phone

You may have an inkling that a virus resides in your phone, but the only way to be sure is to check. An easy way to do this is by downloading a trustworthy antivirus app that will prevent suspicious apps from attaching themselves to your phone and secures any public connections you might be using.

Another way to check your phone is to follow these step-by-step processes, depending on the type of phone you use:

Check your iPhone for malware

  1. Check battery usage: Go to Settings > Battery. Scroll down to see the battery usage by app. If you see an app you don’t recognize or an app with unusually high usage, it could be a sign of malicious activity.
  2. Review app list and storage: Carefully examine all the apps installed on your phone. If you find an app that you don’t remember downloading, it could be malware. Uninstall it immediately. Also, check Settings > General > iPhone Storage for any strange or unexpected data usage by apps.
  3. Monitor data consumption: Navigate to Settings > Cellular. Review the data usage for each app. A virus on your phone can consume large amounts of data by running in the background and communicating with a hacker’s server.
  4. Look for jailbreak evidence: If you didn’t jailbreak your phone but see apps like Cydia or Sileo, it’s a major red flag. Someone with physical access to your phone may have jailbroken it to install spyware or other malware.
  5. Run an iOS security app: For peace of mind and a thorough check, use a reputable security application to help you scan for system threats, secure your wi-fi connection, and help identify risks that are not immediately obvious.

Run a malware scan on an Android device

  1. Utilize Google Play Protect: This Android’s built-in malware protection is your first line of defense to know if your phone has a virus. Open the Google Play Store app, tap on your profile icon, and select Play Protect. Tap “Scan” to check your apps for harmful behavior.
  2. Boot into safe mode: If your phone is lagging or crashing, restarting in Safe Mode can help. Press and hold the power button, then tap and hold the “Power off” option until the “Reboot to safe mode” prompt appears. In Safe Mode, all third-party apps are disabled. If the issues disappear, a recently installed app is likely the culprit. You can then uninstall suspicious apps one by one.
  3. Review app permissions: Go to Settings > Apps and check the permissions for each app. Is a simple game asking for access to your contacts and microphone? That’s a red flag. Revoke any permissions that seem unnecessary for an app’s function. This helps prevent spyware from collecting your data.
  4. Install a trusted antivirus app: For the most comprehensive protection, install a top-rated security app like McAfee Mobile Security. Running a full scan will detect and help you quarantine or remove malicious files and apps that built-in tools might miss, providing a clear path on how to clean your phone from a virus.

How to remove a virus from your device

Once you have determined that a virus is present on your iPhone or Android device, there are several things you can do. 

  • Download antivirus software or a mobile security app to help you locate existing viruses and malware. By identifying the exact problem, you know what to get rid of and how to protect your device in the future. 
  • Do a thorough sweep of your app library to make sure that whatever apps are on your phone were downloaded by you. Delete any apps that aren’t familiar.
  • To protect your information, delete any sensitive text messages and clear history regularly from your mobile browsers. Empty the cache in your browsers and apps.
  • In some instances, you may need to reboot your smartphone to its original factory settings. This can lead to data loss, so be sure to back up important documents to the cloud.
  • Create strong passwords for all your accounts after cleaning up your phone, and protect them using a password manager. This tool uses the most robust encryption algorithms so only you have access to your information.

7 tips to protect your phone from viruses

Caring for your phone is a vital practice to protect your information. Follow these tips to stay safe online and help reduce the risk of your phone getting a virus. 

  • Only download apps only from a trusted source, i.e., the app store or other verified stores. Before installing, read the app reviews and understand how the app intends to use your data.
  • Set up strong, unique passwords for your accounts instead of reusing the same or similar passwords. This prevents a domino effect in case one of the accounts is compromised.
  • Think twice before you click on a link. If a link looks suspicious, trust your gut! Avoid clicking on it until you have more information about its trustworthiness. These links can be found across messaging services and are often part of phishing scams. 
  • Clear your cache periodically. Scan your browsing history to get rid of any links that seem suspicious. 
  • Avoid saving login information on your browsers and log out when you’re not using a particular browser. Although this is a convenience trade-off, it’s harder for malware to access accounts you’re not logged into during the attack.
  • Update your operating system and apps frequently. Regular updates build upon previous security features. Sometimes, these updates contain security patches created in response to specific threats in prior versions. 
  • Don’t give an app all the permissions it asks for. Instead, you can choose to give it access to certain data only when required. Minimizing an application’s access to your information keeps you safer.
  • Avoid using unsecure internet connections such as public wi-fi. If it is unavoidable, it is ideal to have a secure virtual private network that encrypts your data to make unsecured networks safe to use.

Final Thoughts

You have come to heavily rely on your smartphones for many online activities and storage of much of your personal data, including contacts, account details, and bank account logins. This puts your devices at high risk of being infected by viruses that impact not just your phone’s performance but also of being compromised by cybercriminals.

To help you protect your device and personal information, the award-winning McAfee Mobile Security solution regularly scans for threats transmitted through suspicious links in text messages, emails or downloads, and blocks them in real time. McAfee Mobile Security is a reputable security application that filters risky emails and phishing attempts so your inbox stays secure, while providing a secure virtual private network. It is also capable of spotting deepfake videos so you can stay ahead of misinformation. With McAfee, you can rest easy knowing your mobile phone is protected from the latest cyberthreats.

The post 7 Signs Your Phone Has a Virus and What You Can Do appeared first on McAfee Blog.

How the Sandwich Generation Can Fight Back Against Scams

By: Jasdev Dhaliwal

The modern family juggling act has never been more complex—or more dangerous. If you’re caring for aging parents while raising children, you’re part of what researchers call the “Sandwich Generation.” According to Pew Research, nearly half (47%) of adults in their 40s and 50s find themselves wedged between these dual responsibilities. But in today’s digital landscape, this demographic faces a uniquely modern threat: becoming the primary target of an unprecedented scam epidemic. 

As a cybersecurity professional who has witnessed the evolution of online threats over two decades, I can tell you that today’s scam landscape is unlike anything we’ve seen before. The stakes are higher, the tactics more sophisticated, and the Sandwich Generation is squarely in the crosshairs. 

The Stark Reality: Britain Under Digital Siege

McAfee’s recent State of the Scamiverse report paints a troubling picture of digital life in the UK. The statistics are staggering: 60% of Brits report either falling victim to an online scam or knowing someone who has. When these attacks succeed, the financial impact is severe—victims lose an average of £936, with some reporting devastating losses exceeding £7,980. 

Perhaps most alarming is the speed at which these crimes unfold. A shocking 68% of victims said it took less than an hour to be defrauded, with 48% reporting that fraud occurred within just 30 minutes of engaging with a scammer. This isn’t the slow-burn con artistry of yesteryear—this is lightning-fast digital predation. 

Beyond Money: The Hidden Emotional Toll

The financial losses, while significant, represent only part of the damage. The psychological impact cuts deeper than many realize. Our research shows that 32% of Brits who fell for online scams experienced moderate to significant distress, including anxiety, depression, and damaged self-esteem. For the Sandwich Generation, already stretched thin emotionally and financially, this psychological burden can be overwhelming. 

Consider the compounding effects: 80% of scam victims reported that the experience impacted their self-esteem and ability to trust others. When you’re responsible for protecting not just yourself but also tech-savvy teenagers and digitally-vulnerable parents, this erosion of confidence can have far-reaching consequences for your entire family’s digital safety. 

Why Cybercriminals Target the Sandwich Generation 

From a cybercriminal’s perspective, the Sandwich Generation represents the perfect storm of vulnerability. Here’s why you’re in their crosshairs: 

Overwhelm and Distraction: Scam tactics are most effective when targets are tired, rushed, or mentally overloaded. The constant juggling act of work, children’s needs, and aging parents’ care creates exactly these conditions. 

Multiple Attack Vectors: You’re not just protecting yourself—you’re managing the digital lives of three generations. Children who overshare on social media and parents who may trust too readily both create entry points for scammers. 

The “Family Tech Lead” Burden: In most households, one person becomes the de facto IT support for everyone. If that’s you, you’re essentially protecting three generations of users with the cybersecurity knowledge and tools designed for one. 

Time Poverty: When you’re constantly switching between helping with homework, managing medical appointments, and handling your own responsibilities, the careful scrutiny required to spot sophisticated scams becomes nearly impossible. 

What British Scam Victims Are Experiencing:

  • 85% of victims lost money
  • 29% lost over £400
  • 22% of victims were scammed again within a year
  • The average Brit encounters 2 scam messages and 2 deepfakes daily on social platforms alone 

The repeat victimization rate is particularly concerning. Once scammers identify a successful target, they often share that information within criminal networks, leading to sustained harassment and repeated attempts. 

Generation-Specific Threats: A Two-Front War

Protecting Your Children (The Digital Natives) 

Despite their technological fluency, young people face unique vulnerabilities: 

Social Media Saturation: 28% of 18-24-year-olds receive scam messages via social media platforms. The integration of these platforms into daily life makes detection more challenging. 

Gaming Community Exploitation: Scammers infiltrate gaming communities with fake giveaways, cryptocurrency cons, and phishing attempts disguised as game-related communications. 

Celebrity Deepfake Scams: AI-generated celebrity endorsements for cryptocurrency schemes or investment opportunities are becoming increasingly sophisticated and harder to detect. 

Overconfidence Bias: Young people often believe their digital nativity makes them immune to scams, leading to less cautious behavior online. 

Protecting Your Parents (The Trusting Generation) 

Older adults face different but equally serious threats: 

Email-Based Attacks: 67% of over-55s encounter scams primarily through email, a medium they often trust more than social media. 

Authority Impersonation: Tech support scams, fake government communications, and bank impersonation attempts exploit older adults’ respect for authority and institutions. 

Voice Cloning Threats: 21% of Brits have encountered AI voice scams impersonating loved ones—a particularly dangerous development for older users who may be more trusting of familiar voices. 

Isolation Exploitation: Scammers often target older adults during periods of loneliness or health concerns, when they’re more likely to engage with unexpected communications. 

Platform-Specific Protection Strategies

Mobile Device Security 

Mobile scams have reached epidemic proportions in the UK, with 35% of Brits falling victim to SMS or call-based scams in the past year. The most common mobile threats include: 

Package Delivery Scams (33%): “Your parcel couldn’t be delivered” texts that lead to fake websites designed to steal personal information or payment details. 

Subscription Renewal Cons (23%): Messages claiming services like Netflix require payment information updates, leading to credential theft or unauthorized charges. 

Social Engineering Openers (16%): Simple “Hey, how are you?” messages that gradually build trust before introducing investment or romance scams. 

Essential Mobile Protections:

  • Enable carrier-provided spam filtering services 
  • Set up real-time banking alerts for all family accounts 
  • Educate family members about the “pause and verify” rule for unexpected messages 

Computer and Email Security 

Email remains the primary attack vector, with 32% of Brits falling victim to phishing attempts last year. The sophistication of these attacks has increased dramatically—while 78% of people believe they can spot scams, today’s emails often perfectly mimic legitimate communications. 

UK-Specific Email Threats:

  • Fake HMRC tax refund emails (21% of email scams) 
  • Fraudulent subscription notices from legitimate services (18%) 
  • Tech support emails containing malware downloads (17%) 

Essential Email Protections:

  • Enable advanced anti-phishing protection in your email client 
  • Use secure DNS services or browser extensions like McAfee WebAdvisor 
  • Implement email filtering rules for common scam keywords 

The Deepfake Threat: When Seeing Isn’t Believing

Artificial intelligence has revolutionized scamming, with 21% of Brits encountering AI-generated scams. The challenge is significant: 53% of people admit that deepfakes are difficult to spot, and the technology improves daily. 

Where Deepfakes Appear:

  • Facebook (57% of deepfake encounters) 
  • Instagram and TikTok (significant secondary sources) 
  • WhatsApp and other messaging platforms (voice cloning) 

Common Deepfake Scams:

  • Celebrity cryptocurrency endorsements 
  • Voice cloning for “emergency” family situations 
  • Fake investment guru testimonials 

Detection Strategies:

  • Question claims that seem too good to be true  
  • Watch for video quality issues or sync problems  
  • Verify suspicious links against official domains  
  • Use reverse image search tools like Google Lens  
  • Enable VPNs to reduce targeted advertising based on browsing history 

Building Your Family’s Cyber Defense Plan

Just as you have a fire escape plan, your family needs a comprehensive fraud response strategy. This should include: 

Immediate Response Protocols:

  • Contact information for all banks and financial institutions 
  • Your mobile provider’s fraud reporting number 
  • Steps for freezing cards and reporting identity theft 

Regular Maintenance Schedule:

  • Quarterly “Digital Clean-Up Days” to remove unused apps, update passwords, and install security patches 
  • Monthly family discussions about new scam trends 
  • Annual review of privacy settings across all platforms and devices 

Educational Components:

  • Age-appropriate scam awareness training for children 
  • Simplified threat recognition guides for older family members 
  • Practice scenarios for suspicious communications 

Essential Security Tools for UK Families

Identity Protection:

  • Dark web monitoring services that alert you when personal information appears in criminal databases 
  • Comprehensive security suites like McAfee+ that include real-time scam blocking 
  • Credit monitoring through Experian, Equifax, or TransUnion 

The Human Element: Communication and Education

Technology alone cannot solve this crisis. The most effective defense combines good security tools with open family communication and ongoing education. Regular conversations about online safety should be as normal as discussions about physical safety. 

For Children: Focus on critical thinking skills rather than fear-based messaging. Teach them to question unexpected opportunities and verify information through multiple sources. 

For Parents: Emphasize that asking for help with suspicious communications is a sign of wisdom, not weakness. Create an environment where they feel comfortable seeking guidance. 

For Everyone: Establish family rules about financial communications—for example, agreeing that no family member will ever ask for money or personal information via text or email without prior verbal confirmation. 

Looking Forward: Staying Ahead of Evolving Threats

The scam landscape evolves constantly, driven by technological advancement and criminal innovation. As someone who has tracked these trends for two decades, I can tell you that the only constant is change. What worked last year may be ineffective today, and tomorrow will bring new challenges. 

The key is building adaptable defenses: security awareness that can evolve with threats, technology solutions that update automatically, and family communication patterns that encourage ongoing vigilance without creating paranoia. 

Your Family’s Digital Resilience

The Sandwich Generation faces unique challenges in today’s digital world, but you’re not powerless. By understanding the threat landscape, implementing appropriate security measures, and fostering open communication about online safety, you can protect your family’s financial security and emotional well-being. 

Remember that in the UK today, encountering scam attempts isn’t rare—it’s daily. The goal isn’t to avoid all contact with potential threats but to recognize them quickly and respond appropriately. With the right preparation and tools, you can maintain your family’s digital confidence while staying one step ahead of the scammers. 

Your role as the family’s digital guardian is challenging, but it’s also crucial. You’re not just protecting money—you’re protecting your family’s trust, confidence, and peace of mind in an increasingly connected world. 

Stay vigilant, stay informed, and remember: when in doubt, pause, check, and verify. Your family’s digital safety depends on it.

The post How the Sandwich Generation Can Fight Back Against Scams appeared first on McAfee Blog.

Love, Lies, and Long Flights: How to Avoid Romance Scams While Traveling This Summer 

By: Jasdev Dhaliwal

Ah, summer. The season of sun-soaked beaches, bucket list adventures, and Instagram-worthy Aperol Spritzes. For many, it’s also a time of new connections—whether it’s a whirlwind vacation romance, a flirtatious chat over sangria, or that handsome stranger who slides into your DMs while you’re posting travel pics. 

But while your heart may be on holiday, romance scammers are very much on the job. 

Every summer, there’s a spike in cybercrime that preys on people’s heightened emotions, loneliness, and lowered guard while traveling. Romance scams aren’t just the stuff of Netflix documentaries or embarrassing Reddit threads—they’re a multi-billion dollar business. In fact, in the U.S. alone, consumers reported losing $1.3 billion to romance scams in 2023, according to the FTC. And those are just the ones who reported it. 

Whether you’re vacationing in Ibiza or just swiping Tinder in Tuscany, here’s what you need to know to keep your love life and your bank account scam-free this summer. 

Why Summer Travel Is Peak Romance Scam Season

Let’s break down the perfect storm: 

  1. You’re relaxed, open, and more trusting. 
  2. You’re sharing your location and travel plans publicly. 
  3. You’re looking for connection—romantic or otherwise. 
  4. And you may be unfamiliar with local customs or risks. 

Scammers love this combo. It gives them everything they need to make you feel special, disarmed, and emotionally invested—before making their move. 

And don’t think these scams are limited to dating apps. They happen on Facebook, Instagram, TikTok, WhatsApp, Airbnb experiences, and yes, even LinkedIn. Love (and deception) finds a way. 

Classic Romance Scam Red Flags (Even While Abroad)

No matter where you are in the world, these red flags are global. If your new summer fling is showing any of these signs, take a step back before you step deeper in: 

They move too fast.
They say they love you after two days. They want to video call all the time. They talk about marriage before you’ve even exchanged last names. Classic sign of love bombing. 

They avoid meeting in person or always have a reason to cancel.
Even if you’re in the same city, they’ll say they’re stuck at customs, quarantining, or detained by border patrol (yes, really). This isn’t just shady—it’s scripted. 

They need money—urgently.
Hospital bill. Stolen passport. Emergency flight. Sick relative. Whatever it is, it’s always an emergency and always comes with a request for money, gift cards, or cryptocurrency. 

They ask you to keep the relationship private.
“Let’s keep this just between us.” Translation? “Please don’t tell your smarter friends who would spot me a mile away.” 

They want to take the chat off-platform.
If someone you met on a dating app pushes you onto WhatsApp, Telegram, or a private email chain quickly, it’s a red flag. 

How to Spot Travel Triggered Romance Scams

Summer brings out some unique variations on the classic romance scam, here are a number of the common types of travel romance scams. 

The “Travel Buddy” Scam
You meet someone on a travel app or forum who wants to join your trip. They seem cool—until they ghost you after you book everything in their name. Or worse, they show up and mooch off you the entire time. 

The “Local Lover” Scam
A charming local sweeps you off your feet. They say they want to visit you in your home country, but need help with a visa fee, plane ticket, or travel insurance. 

The “Digital Dater” Abroad
You’re on vacation and your dating app blows up with matches. Coincidence? Hardly. Scammers geo-fence popular tourist zones because they know travelers are emotionally available and often disconnected from their usual guardrails. 

The “Crypto Casanova”
You match with someone on a dating app who subtly mentions they’ve made loads of money on crypto. Soon, they offer to help you invest. Spoiler alert: the platform they send you to is fake. Your money is gone, and so are they. 

McAfee’s Top Ten Tips to Protect Your Heart and Wallet While Traveling

You don’t have to be a digital hermit on your holiday. But you do need a bit of cyber street smarts. Here’s how to travel (and flirt) safely: 

  1. Keep Your Personal Info Private

No sharing your hotel, flight info, or travel itinerary with someone you just met online. And definitely don’t post your boarding pass or hotel room number on socials. 

  1. Don’t Send Money—Ever.

Not for flights, food, phone credit, visas, crypto, or “emergencies.” If someone asks for money, it’s a scam. Every. Single. Time. 

  1. Reverse Image Search Their Photos

If someone seems too good to be true, screenshot their profile pics and run a reverse image search. If they’re stolen from a model or influencer, you’ll know quickly. 

  1. Use Dating Apps with Built-In Safety Features

Stick with apps that offer verified profiles, video chat, and in-app messaging. The more friction between you and scammers, the better. 

  1. Trust Your Gut but Also Your Brain

If something feels off, it probably is. Don’t let the vacation buzz cloud your common sense. 

  1. Watch for Time Zone Gaps

If someone claims to be in Paris but always replies at 3 a.m. Paris time? Red flag. 

  1. Stay Sober, Stay Sharp

A few too many cocktails and you’re more likely to miss signs of manipulation or send info you shouldn’t. Scammers love an intoxicated target. 

  1. Tell a Friend

Let someone back home know who you’re talking to. Share screenshots if necessary. Having a second pair of eyes can save you. 

  1. Be Cautious About Wi-Fi

Don’t send sensitive messages, share banking info, or access dating apps over public Wi-Fi. Use a VPN like McAfee Secure VPN if you must connect while on the go. 

  1. Know When to Walk Away

Romantic attention can feel flattering—especially if you’re traveling solo. But don’t confuse flattery with trust. If someone’s pushing boundaries, bail. 

What to Do If You Think You’re Being Scammed

If your gut’s screaming “scam,” don’t ignore it. Cut contact immediately. Don’t argue, don’t explain. Just block and move on. 

Report them to the platform.
Whether it’s a dating app or social media site, reporting helps stop them from targeting others. 

Tell your bank if you sent money.
They may be able to freeze a transaction or help with fraud recovery. 

Talk to someone.
Shame is what scammers count on. Speak up. You are not alone, and you are not stupid. 

Final Thoughts: Love Doesn’t Ask for Your Bank Details

Look, summer romance can be amazing. I’m not here to kill the vibe. But don’t confuse intensity for intimacy, especially when someone is operating behind a screen. If you’re lucky, your summer fling ends with a postcard and a good story. If you’re not careful, it could end with an empty bank account, a broken heart, and a bruised ego. 

Be bold. Be open. But above all be smart. McAfee’s Scam Detector, can help in the fight against scammers. Our scam detector catches suspicious text messages so you can reply with confidence.  We’ll filter out risky emails and phishing attempts so your inbox stays secure. With our leading, cutting-edge protection, we’ll spots deepfake videos so you can stay ahead of misinformation. Love doesn’t need to be transactional. And real connections don’t pressure, isolate, or guilt-trip. This summer, protect your heart like your passport: with care, vigilance, and just the right amount of suspicion. 

 

The post Love, Lies, and Long Flights: How to Avoid Romance Scams While Traveling This Summer  appeared first on McAfee Blog.

❌