John C. isn’t the person you picture getting scammed. 

He’s 36. He’s tech-savvy. He’s a mechanical engineer leading a team at a national energy lab in Denver. And he told us his story for one reason: “Scammers will target anyone.” 

It began with a phone call from someone claiming to be the IRS. They said John had underpaid his taxes and needed to resolve it quickly. The caller sounded polished and convincing, so convincing that John didn’t stop to question it. 

“I thought maybe they sent back too much money [in my refund], and they needed it back,” he said. “I was just so busy and overwhelmed that I never really stopped to think about the situation.” 

A follow-up email arrived with IRS logos, clean formatting, and a big payment button. John was trying to move fast between classes as he finished up his PhD, and he wanted to correct the situation as quickly as possible. 

“I was like, let me just hurry up and do this, get it over with.” 

He clicked. He paid. But later, when he checked his statement, he saw the charge didn’t look like an IRS payment at all. In fact, it was an international charge. The whole thing was a scam. 

John said the scammer on the phone had appealed to his emotions and been incredibly convincing.  

“It was absolutely masterful,” John said. “I would give him an Oscar for it. 

And new McAfee research shows John isn’t alone, with nearly 1 in 4 (23%) US adults surveyed revealing they’ve lost money to a tax scam.  

Key findings from McAfee’s 2026 Tax Season Survey 

Here’s what our January 2026 survey of 3,008 U.S. adults found: 

The big picture: lots of worry, not enough confidence 

• 82% of Americans say they’re concerned about tax fraud this season. 
• 67% say they’re seeing the same or more tax scam messages than last year. 
• 40% say tax scam messages are more sophisticated than last year. 
• 84% are concerned about AI making tax scams more realistic. 
• Only 29% say they’re very confident they could spot a deepfake tax scam. 

How often scams are reaching people 

• 34% say they’ve been contacted by someone claiming to be the IRS or another tax authority (phone, text, or email). 
• 38% say they’ve been asked to click a link or send payment related to a “tax issue.” 
• Common asks include SSNs (15%), birth dates (11%), addresses (10%), “you owe back taxes” pressure (9%), and banking details (8%). 

Who is getting hit hardest 

• Nearly 1 in 4 Americans (23%) say they’ve fallen for a tax scam. 
• Young adults report the highest exposure: 42% of 18–24-year-olds say they’ve fallen for at least one tax scam. 
• 11% of Americans report tax-related identity theft, rising to 17% among ages 25–34. 

The money is real 

• Among people who say they’ve fallen for a tax scam, the average loss is $1,020. 
• Separately, nearly 1 in 5 Americans say they’ve lost money to a tax scam. 

Tax filing is increasingly digital (and that changes the risk) 

• 55% say they file taxes online (software or IRS Free File). 
• 75% say they receive refunds or pay taxes electronically (direct deposit, cards, apps, EFTPS, etc.). 
• 30% say they plan to use an AI tool (like ChatGPT) to help prepare taxes, especially younger adults. This is highly dangerous, even with platform security protections. For example, if an AI tool were compromised in a data breach, user messages with personal tax information (like social security numbers, home address, and more) could be made public.  

Tax Scams Now Hit Year-Round, McAfee Labs Finds 

In addition to our consumer survey findings, McAfee Labs analyzed malicious URLs, apps, texts, and emails in the months leading up to filing season. 

The major takeaway: tax scams don’t wait for April. 

Scam activity began climbing as early as November and has again continued building steadily into 2026. 

Between September 1, 2025, and February 19, 2026, McAfee Labs identified 1,468 malicious or suspicious tax-themed unique domains, an average of 43 new fake tax websites every day. 

In early November 2025 alone, the average number of new tax-themed malicious domains nearly doubled in just over a week. After a brief dip in late December, activity resumed climbing into February, a pattern we expect to intensify as the April filing deadline approaches. 

 

Fake IRS Websites Are A Major Threat 

Scammers are rapidly creating lookalike IRS domains that mimic official government URLs.  

They use small changes, extra letters, added words, subtle misspellings, to trick taxpayers into believing they’re on a legitimate IRS site. 

Examples include domains that insert additional text around “irs.gov” or add misleading subdomains designed to pass a quick glance. 

These fake portals are used to: 

• Steal login credentials 
• Harvest Social Security numbers and tax IDs 
• Capture payment details 
• Charge bogus “processing fees” 

In some cases, these sites don’t just steal, they overcharge. 

McAfee Labs observed scam services offering to file for an EIN (Employer Identification Number), something the IRS provides for free, and charging as much as $319 for it. 

Example of a scam website we found charging for an EIN. 

The official IRS website explicitly warns: you never have to pay a fee to obtain an EIN. 

Other scam sites misuse legitimate policy terms, like the “Fresh Start Initiative,” to harvest personal data and enroll victims in aggressive robocall and marketing campaigns. 

Tax scams don’t always steal outright. Sometimes they monetize confusion. 

How a Typical Tax Scam Unfolds 

Most tax scams aren’t one single message. They’re a sequence, designed to make you panic, click, and comply. 

Below is the common playbook, plus the red flags that show up repeatedly. 

*Note: Scammers may swap the details like AI voice, fake IRS videos, cloned websites, or impersonating tax software, but the pattern stays familiar. 

Step	What happens	Red flags you’ll see at this step	Red flags that are true every time	What to do instead
1) The hook	You get a call, text, or email claiming there’s a tax issue (refund problem, underpayment, verification needed).	Message arrives out of nowhere, often during busy hours; “final notice” language; spoofed caller ID.	Unexpected contact + urgency.	Don’t engage. Pause. Go directly to IRS.gov or your tax provider’s official site (type it in).
2) The authority move	They lean hard on being “the IRS” or “state tax authority,” sometimes with personal details.	They sound polished; may use AI voice cloning; may cite a “case number.” Fake or meaningless case numbers are very common.	They want you to trust the title, not verify the source.	Ask for written notice and time. Real tax issues can be verified through official channels.
3) The link	They send a link to a “secure portal” or “refund page.”	Lookalike website, subtle misspellings, weird domain, shortened link, email button that says “Pay Now.”	They’re trying to pull you off official channels.	Never click the link. Navigate to the real site yourself. If unsure, delete it.
4) The data grab	The site (or “agent”) asks for SSN, banking info, login credentials, or details from a prior return.	Requests that are broader than needed; “verify identity” prompts; form fields that feel too invasive.	They want sensitive info fast.	Stop. Don’t type anything. If you already did, assume it’s compromised and act quickly (see next section).
5) The payment push	They demand payment to “avoid penalties,” “release your refund,” or “resolve a mistake.”	Gift cards, crypto, wire transfers, payment apps; pressure to pay today; threats.	Urgency + unusual payment method.	The IRS does not demand immediate payment via text/social, and doesn’t require gift cards or crypto. Verify independently.
6) The escalation	If you hesitate, they intensify: threats, “law enforcement,” or AI video/audio that “proves” it’s real.	Deepfake IRS video, intimidating language, “you’ll be arrested,” “your license will be revoked.”	Fear is the product.	Hang up. Save evidence. Talk to a trusted person. Contact official support through verified numbers.
7) The aftermath	You realize it was a scam—often after noticing a strange charge or login activity.	Charges from odd merchants; new accounts; IRS account alerts; failed tax filing due to “duplicate return.”	Shame keeps people quiet—scammers count on that.	Report it and protect your identity right away. You’re not alone, and it’s not your fault.

Key point: A message can look “official” and still be fake. AI is making scam language smoother and scams more believable. The safest habit is simple: slow down, and verify using official sources you navigate to yourself. 

What to do if you’ve been involved in a tax scam 

First: take a breath. Scams are designed to trick you, especially when you’re overwhelmed, rushed, or just trying to fix a problem quickly. 

John said it plainly: “Don’t be embarrassed. It does happen. It’s common… they will target anyone.” 

And he’s right. The most important thing is what you do next. 

1) Stop the bleeding: cut off contact 

• Stop replying 
• Don’t click anything else 
• Don’t send more information or money 

2) Capture proof (before it disappears) 

Take screenshots and save: 

• Phone numbers, email addresses, usernames 
• The message content 
• Links (don’t click them, just copy) 
• Payment receipts and transaction IDs 

3) Lock down your accounts (especially email) 

If a scammer gets into your email, they can reset passwords for everything else. 

Do this today: 

• Change your email password first, then banking/tax accounts 
• Turn on two-factor authentication (2FA) 
• If you reused passwords anywhere, change those too 

Important: If you clicked a suspicious link, downloaded a file, or gave someone remote access to your computer, make sure you use a different, trusted device (like your phone or another computer) to change passwords. Why? If a scammer installed malware or has access to your computer, they may be able to see all of your brand-new passwords as you’re making them. 

Tip: A password manager like McAfee’s can help you create strong, unique passwords quickly, without having to memorize them all. 

4) Check for identity theft signals 

Tax scams often turn into identity theft. Watch for: 

• IRS notices about a return you didn’t file 
• Trouble e-filing because a return was already submitted 
• Alerts about a new IRS online account you didn’t create 

If you suspect tax-related identity theft: 

• Consider filing an IRS identity theft report (commonly done with IRS Form 14039, Identity Theft Affidavit). 
• Create or log into your IRS account periodically to review account activity (John now does this every few months). 

McAfee’s Identity Monitoring can help restore your sense of security and privacy online.  

5) Report it (even if you feel weird about it) 

Reporting helps you and helps stop the next person from getting hit. 

Common reporting options include: 

• FTC report: Report scams and identity theft at the FTC’s reporting site. 
• IRS phishing email: If you received a scam email posing as the IRS, you can forward it to phishing@irs.gov. 
• Your bank or card provider: If you paid, contact them immediately. Even if recovery isn’t guaranteed, speed matters. 

6) Clean up your digital footprint 

Scammers don’t just use what you give them. They also use what they can look up. 

Removing your personal details from risky data broker sites can reduce how easily scammers can target you again. Tools like Personal Data Cleanup can help you identify where your information is exposed and guide removal. 

7) Add protection for the next attempt 

Tax season scams often come in waves, especially if scammers think your info is “good.” 

Helpful layers include: 

• Web protection to warn you about risky links and lookalike sites before you enter info – get our free WebAdvisor download here 
• Scam detection that can flag suspicious messages 
• Identity monitoring to alert you if key personal info shows up in risky places 
• Run a free antivirus scan to check your device for malware or unwanted programs (especially if you clicked a link or downloaded anything) 

The key takeaway 

Tax season creates the perfect storm: time pressure, sensitive data, and a lot of official-looking communication. 

Our research shows most people are worried, and for good reason. Scammers are getting more convincing, and AI is raising the bar on what “real” looks and sounds like. 

“Tell your friends, tell your family,” John said. “Everyone I know at some point has heard this story, and it might just prevent someone from losing… thousands of dollars.” 

If you remember just three things this season, make them these: 

1. Pause before you click. 
2. Verify through official channels you navigate to yourself. 
3. If something happens, act quickly, and don’t blame yourself. 

The post Tax Scams Hit Nearly 1 in 4 Adults. Spot the Red Flags appeared first on McAfee Blog.

This week in scams, we’re looking at three very different stories with the same underlying theme: trust is being exploited at scale. 

A massive government contractor data breach has quietly grown to affect more than 25 million people. Meanwhile, a viral AI-generated image of Mary-Kate and Ashley Olsen posing in a fake luxury campaign is spreading across social media, fooling some users and alarming others. 

And in a new threat report, OpenAI detailed how its own tools are being misused for dating scams, impersonation, and influence operations. 

Let’s break it down. 

The Conduent Data Breach Now Impacts 25+ Million People 

The fallout from a ransomware attack on Conduent, one of the largest government contractors in the U.S., continues to expand. 

According to reporting from TechCrunch, updated state-level breach notifications now indicate that more than 25 million people across the U.S. have had personal data exposed. 

Conduent provides services tied to state benefit programs, including food assistance, unemployment systems, and other government payment processing operations. The company has said its services reach over 100 million people. 

Data reportedly exposed in the breach includes: 

• Names 
• Dates of birth 
• Addresses 
• Social Security numbers 
• Health insurance and medical information 

TechCrunch noted that the majority of affected individuals appear to be in Oregon and Texas, based on state breach disclosures. Other states have also reported an impact. 

The attack has been described as one of the largest government-contractor-related data breaches in recent memory. 

Why this matters: When companies that process government benefits are hit, the exposed data often includes highly sensitive identity information. Social Security numbers combined with medical or insurance details can significantly increase the risk of identity theft and fraud. 

How to Protect Yourself After a Major Data Breach 

If you believe your data may have been exposed: 

• Monitor your credit reports for unfamiliar activity 
• Consider placing a free credit freeze 
• Be wary of phishing emails or texts referencing benefits or account verification 
• Never share personal information in response to unexpected outreach 

Breaches like this often lead to secondary scams months later. The breach itself is only phase one. Phishing campaigns usually follow. 

That Viral Olsen Twins “Louis Vuitton” Image? It’s AI. 

A supposed luxury campaign featuring Mary-Kate and Ashley Olsen began circulating widely on X and Facebook this week, racking up millions of views. 

The images show the twins styled in what appears to be a high-end fashion shoot, drawing numerous comments over their styling. But social media users quickly pointed out visual irregularities and inconsistencies commonly associated with AI-generated imagery. 

A screenshot of one of the AI images making thr rounds across social media.

While this doesn’t fall into our typical “scam” roundup, the normalization of AI-generated visuals that look close enough to real to confuse people are a growing issue that can lead to real confusion and distrust. 

We have entered a phase where: 

• Fake ads look legitimate 
• Public figures appear in campaigns they never participated in 
• Synthetic images spread faster than corrections 

Today it’s a fashion ad. Tomorrow it could be a fake political endorsement, financial announcement, or emergency alert. 

The takeaway: If you see a surprising campaign or announcement, verify it through official brand websites or verified accounts before assuming it’s real. 

OpenAI Details How ChatGPT Is Being Misused

In a newly released threat report, OpenAI outlined several ways its tools have been abused by bad actors. 

According to Reuters’ reporting: 

A cluster of accounts used ChatGPT to run a dating scam targeting Indonesian men, allegedly defrauding hundreds of victims per month. 

Some accounts used the tool to generate promotional copy and ads for a fake dating platform that pressured users into completing costly “tasks.”

Other accounts posed as law firms, impersonating real attorneys and U.S. law enforcement to target fraud victims.

OpenAI also banned accounts linked to activity believed to be part of influence operations, including efforts targeting Japanese political figures. 

OpenAI stated that the activity was detected and accounts were removed. 

Why this matters: AI tools themselves are not inherently scams. But they dramatically lower the cost and increase the scale of fraud operations. Writing persuasive emails, generating fake legal letters, building scam ads… these now require fewer technical skills than ever before. 

The technology doesn’t create the criminal intent. It just accelerates it. 

McAfee’s Safety Tips This Week 

1. Assume viral images could be AI-generated until verified 
2. Verify unexpected announcements through official websites 
3. Treat post-breach emails as suspicious by default 
4. Be skeptical of online “consultation” invites that promise payment 
5. Never send money to someone you’ve only met online 

We’ll Be Back Next Week 

From ransomware breaches to AI-generated impersonations, the pattern is clear: scammers are scaling trust manipulation with technology. 

Stay skeptical. Verify before you click. And we’ll be back next week with another breakdown of what’s making headlines, and what it actually means for your security. 

For more reading on AI deepfakes and breaches: 

Taylor Swift Tops List of Most Deepfaked Celebs

What to Do If You’re Caught Up in a Data Breach

Everything You Need to Know to Keep Your Passwords Secure

The post This Week in Scams: Conduent Data Breach and AI Olsen Twins appeared first on McAfee Blog.

X (formerly Twitter) hacks tend to hit fast. 

One minute you’re scrolling like normal. The next, your account is posting crypto promotions, sending spam DMs, or following hundreds of random accounts you’ve never heard of. Sometimes you don’t even notice until a friend asks why you’re suddenly “giving away” gift cards. 

If you use X for work, your personal brand, or your business, a takeover can do real damage quickly. And in many cases, the hacker isn’t just trying to cause chaos, they’re trying to use your account to scam your followers while you still look trustworthy. 

This guide walks you through exactly what to do if your X account has been hacked: how to spot the warning signs, how to regain access, and what to change immediately so it doesn’t happen again. 

If you’re still locked out after trying these steps, X also offers an official support form for hacked or compromised accounts. 

Signs Your X Account May Be Compromised 

X account takeovers don’t always start with a full lockout. Often, the first signs are strange activity you didn’t authorize. 

Watch for these red flags: 

Unexpected posts: Tweets you didn’t write, especially spam, crypto links, or promotions. 

Unusual DMs: Messages sent from your account that you don’t remember sending. 

Account behavior changes: Random follows, unfollows, blocks, or profile changes you didn’t approve. 

Security notifications: Alerts from X that your account may be compromised. 

Account info changed: Notifications that your email, phone number, or password was updated without your permission. 

Password suddenly stops working: You’re prompted to reset your password even though you didn’t request it. 

If any of these are happening, assume your account is compromised and start recovery steps immediately. 

What to Change Immediately If Your X Account Was Hacked 

If your X account was hacked, assume your login details may have been stolen. 

That means simply getting back into your account isn’t enough, you also need to update the passwords and settings attackers could still use. 

Here’s what to change right away: 

• Change your X password 
• Change the password for the email account connected to X 
• Turn on two-factor authentication (2FA) 
• Confirm your email address and phone number are correct 
• Revoke access for any suspicious third-party apps 
• Review X Pro / Teams access (if you use it) and remove unfamiliar users 
• Update any other accounts that share the same password 
• Delete unauthorized posts and DMs (once you regain control) 

If you suspect the hack started through malware or phishing, it’s also smart to update passwords for other sensitive accounts tied to your identity, like banking apps, payment apps, or your Apple/Google account. 

Using a password manager like McAfee’s can help you create strong, unique passwords for every account, and store them securely in one place. 

Step-by-Step: How to Recover a Hacked X Account 

X offers different recovery options depending on whether you can still log in. 

Step	What to Do	Why It Matters
1. Change your password immediately (if you can still log in)	Go into your X account settings and update your password to something strong and unique.	This is the fastest way to cut off unauthorized access.
2. Reset your password if you’re locked out	Use the “Forgot password” option on the login screen to start account recovery.	This can help you regain access even if the hacker changed your password.
3. Secure your email account	Change your email password and enable 2FA. Make sure only you can access it.	If your email is compromised, the hacker can keep resetting your X account.
4. Reverse suspicious email changes if possible	If you receive an email about an account email change, check for an option to undo it.	This may allow you to regain control before the hacker fully locks you out.
5. Revoke third-party app access	While logged in, review connected apps and remove anything you don’t recognize.	Some takeovers happen through malicious apps, not direct password guessing.
6. Revoke mobile app sessions if needed	If suspicious activity continues, revoke access for X mobile apps from your settings so they’re forced to re-authenticate.	X notes that password changes may not automatically log out mobile sessions.
7. Update your password anywhere it’s saved	If you use trusted apps or services that store your X password, update it there too.	Repeated failed login attempts can temporarily lock your account.
8. Turn on 2FA	Enable two-factor authentication as soon as you regain control.	This adds a strong layer of protection even if your password gets stolen again.
9. Contact X support if you still can’t regain access	Submit X’s hacked/compromised account request form. Include your username and the last date you had access.	If self-recovery fails, support may be able to help restore access.

If you’re still unable to log in after attempting recovery, visit X’s official hacked account support form for next steps. 

Watch for Phishing “X Support” Scams 

One of the most common ways X accounts get hacked is through phishing. 

Scammers impersonate: 

• X support 
• “verified account” teams 
• copyright warnings 
• fake sponsorship offers 
• fake security alerts claiming your account will be suspended 

They try to pressure you into clicking a link and logging in on a fake page designed to steal your password. 

If you receive a suspicious email or DM, don’t click. 

Instead, open X directly in the app or browser and check your account settings from there. 

Final Tips: Recovering From an X Hack 

A hacked X account can spread scams quickly, especially if the attacker uses your account to message followers directly. 

The most important steps are: 

• Act quickly 
• Change your password immediately 
• Secure the email account connected to X 
• Revoke suspicious third-party app access 
• Review X Pro / Teams access if applicable 
• Enable two-factor authentication (2FA) 
• Delete unauthorized posts once you regain control 
• Scan your device for malware 

McAfee offers a free antivirus scan that can help you detect malware or suspicious programs that may have compromised your account in the first place. 

And if you’re still locked out or something doesn’t look right, use X’s official support request form to report the account as hacked or compromised. 

Frequently Asked Questions 

Q: How do I know if my X account was hacked? A: Common signs include posts or DMs you didn’t send, unusual follows/unfollows, account changes you didn’t authorize, security alerts from X, or a password that suddenly stops working.

Q: If I change my password, will the hacker be logged out? A: Changing your password is critical, but some mobile sessions may remain active. X recommends revoking app access in your settings if suspicious activity continues.

Q: What should I do if my email address was changed? A: Check your inbox for an email from X about the change. In some cases, you may be able to reverse it using the security link. If you can’t, start account recovery immediately and submit a support request if needed.

Q: Should I remove third-party apps after a hack? A: Yes. X notes that malicious or untrusted third-party apps can compromise your account. Remove anything you don’t recognize or no longer use.

Q: What if I still can’t log in after resetting my password? A: Submit a hacked account support request through X’s official form. Be sure to include your username and the last date you had access.

Q: What’s the biggest mistake people make after their X account gets hacked? A: Only changing their password. If the attacker still has access through connected apps, a compromised email account, or saved sessions, they can regain control quickly.

 

The post X (Twitter) Account Hacked: What to Do Right Now appeared first on McAfee Blog.

Instagram hacks don’t always start with a dramatic “you’ve been locked out” moment. 

More often, it starts with something small: your followers asking why you just sent them a weird link. Your account suddenly following hundreds of random profiles. A post you didn’t write showing up in your feed. Or an email from Instagram saying your login details were changed. 

By the time you realize what’s happening, scammers may already be using your account to impersonate you, message your followers, or promote fake giveaways and crypto scams through your profile. 

This guide walks you through exactly what to do if your Instagram account has been hacked: how to spot the warning signs, how to regain access, and what to change immediately so it doesn’t happen again. 

And if you’re still having trouble at any stage, be sure to visit Instagram’s official recovery tools for additional support. 

Signs Your Instagram Account May Be Compromised 

Instagram account takeovers don’t always look obvious at first. In many cases, the first signs are subtle changes you didn’t make. 

Watch for these red flags: 

Password or email changes you didn’t request: You may receive an email saying your account information was updated. 

Suspicious login alerts: Notifications about a login attempt, new device, or verification code you didn’t request. 

Posts, Stories, or Reels you didn’t publish: Scammers often post crypto promotions, fake giveaways, or sketchy links. 

DMs you didn’t send: A common tactic is using your account to message your followers with phishing links. 

Your account starts following random accounts: Hackers may use compromised accounts to inflate scam pages or bot networks. 

Your profile info has been edited: Name, bio, profile photo, or website links changed without your permission. 

If any of these are happening, assume your account is compromised and start recovery steps immediately. 

What to Change Immediately If Your Instagram Account Was Hacked 

If your Instagram account was hacked, assume your login details may have been stolen. 

That means simply getting back into your account isn’t enough, you also need to update the passwords and settings attackers could still use. 

Here’s what to change right away: 

• Change your Instagram password 
• Change the password for the email account connected to Instagram 
• Turn on two-factor authentication (2FA) 
• Log out of all active sessions/devices 
• Remove suspicious third-party apps connected to your account 
• Confirm your phone number and email address are correct 
• Check Accounts Center and remove linked accounts you don’t recognize 
• Update any other accounts that share the same password 

If you suspect the hack started through malware or a phishing link, it’s also smart to update passwords for other sensitive accounts tied to your identity, like banking apps, payment apps, or your Apple/Google account. 

Using a password manager like McAfee’s can help you create strong, unique passwords for every account, and store them securely in one place. 

Step-by-Step: How to Recover a Hacked Instagram Account 

Instagram provides several recovery options depending on what information you still have access to (email, phone number, username, or trusted device). 

Step	What to Do	Why It Matters
1. Visit Instagram’s hacked account recovery page	Use Instagram’s official hacked account recovery flow in your browser or app.	This is often the fastest way to secure your account and start recovery.
2. Check your email for security messages from Instagram	Look for messages about password changes or email changes. If Instagram gives you a link to undo the change, use it immediately.	If a hacker changed your email address, this may be your quickest chance to reverse it.
3. Request a login link	Use “Forgot password?” to request a login link sent to your email or phone number.	This can restore access even if your password was changed.
4. Request a security code or additional support	If login links aren’t working, follow Instagram’s prompts to request further help. Use an email address only you can access.	If the attacker changed your contact info, you may need additional verification steps.
5. Complete identity verification if prompted	Instagram may ask you to verify your identity, including submitting a video selfie if your account contains photos of you.	This helps Instagram confirm you’re the real account owner.
6. Change your password immediately after regaining access	Reset your password to something strong and unique.	This cuts off access and helps prevent repeat takeovers.
7. Remove suspicious linked accounts and apps	Check Accounts Center and remove anything unfamiliar. Revoke access for any third-party apps you don’t trust.	Hackers may leave behind access routes to get back in later.
8. Turn on 2FA and login alerts	Enable two-factor authentication and set alerts for new logins.	This makes it much harder for attackers to regain access.

If you’re still unable to recover your account, visit Instagram’s official support and recovery tools for additional help. 

Watch for Phishing “Instagram Support” Scams 

One of the most common ways Instagram accounts get hacked is through phishing. 

Scammers impersonate: 

• Instagram support 
• verification teams 
• copyright violation notices 
• “your account will be deleted” warnings 
• fake giveaway collaborations 

Their goal is to pressure you into clicking a link and entering your password on a fake login page. 

If you receive a suspicious email or DM, don’t click. 

Instead, open Instagram directly in the app and check your security settings from there. 

If you think you entered your login info into a suspicious link, change your password immediately and secure your account right away. 

Final Tips: Recovering From an Instagram Hack 

A hacked Instagram account is stressful for a reason: it doesn’t just affect your profile. It affects your followers, your reputation, and your private messages. 

The most important steps are: 

• Act quickly 
• Check your email for Instagram security alerts 
• Use Instagram’s official hacked account recovery tools 
• Change your password immediately 
• Log out of all active sessions 
• Remove suspicious apps and linked accounts 
• Enable two-factor authentication (2FA) 
• Scan your device for malware 

McAfee offers a free antivirus scan that can help you detect malware or suspicious programs that may have compromised your account in the first place. 

And if you’re still locked out or something doesn’t look right, follow Instagram’s official recovery guidance and contact Instagram support directly. 

Frequently Asked Questions 

Q: How do I know if my Instagram account was hacked? A: Common signs include password or email changes you didn’t request, suspicious login alerts, DMs you didn’t send, posts you didn’t publish, or unexpected changes to your profile details.

Q: What if my Instagram email address was changed? A: Check your inbox for an email from Instagram about the change. In some cases, Instagram may provide a security link that lets you reverse it. If you can’t undo the change, start the hacked account recovery process as soon as possible.

Q: What if I can’t log in at all? A: Use Instagram’s official hacked account recovery tools. Depending on your situation, Instagram may offer login links, security codes, or identity verification options to help you regain access.

Q: Should I remove third-party apps after a hack? A: Yes. Some account takeovers happen because an unsafe app was given access. Remove anything you don’t recognize or no longer use.

Q: What’s the biggest mistake people make after getting hacked? A: Only changing their Instagram password. If the attacker still has access through your email account, linked accounts, or suspicious third-party apps, they can regain control quickly.

Q: Can Instagram ask me to verify my identity? A: Yes. In some cases, Instagram may ask you to confirm ownership through verification steps. This can include submitting additional information or completing a video selfie process.

 

The post My Instagram Has Been Hacked – What Do I Do Now? appeared first on McAfee Blog.

AI is supposed to make the internet easier. But right now, it’s also making scams easier. 

Every week, we round up the biggest scam and cybersecurity stories of the moment so you can recognize red flags, protect your accounts, and avoid the most common traps scammers are using. 

This week in scams, we’re talking AI-powered search scams, a major fintech data breach, and an unexpected ticket fraud scheme that allegedly cost the Louvre millions. 

Let’s jump in: 

Google AI Overviews Are Being Used to Scam People Out of Money 

Google Search doesn’t just show links anymore. Now, it often shows AI-generated summaries at the top of the page called AI Overviews, quick answers designed to save you time. 

But according to reporting from WIRED, scammers are finding ways to exploit these AI summaries by planting fake customer support phone numbers into search results. 

Here’s how the scam works: Someone searches for a bank, airline, or service provider, usually something like “Company name customer support number.” Then Google’s AI Overview pulls a phone number from somewhere online and displays it as if it’s legitimate. 

The problem? Sometimes that number doesn’t connect you to the company at all. 

Instead, it connects you to a scammer impersonating customer service, someone trained to sound helpful, calm, and official, while quietly steering you toward sharing payment information, account details, or verification codes. 

This isn’t just misinformation. It’s a direct path into fraud. 

Google told WIRED it’s working to strengthen anti-spam protections in AI Overviews, but also recommends users double-check customer support numbers through additional searches. 

Key red flags to watch for 

• The AI Overview provides a phone number without clearly showing where it came from 
• The “support agent” asks for payment information immediately 
• The person asks for your login credentials, bank info, or verification codes 
• The caller pressures you to act quickly (“your account will be frozen”) 
• The number doesn’t match what’s listed on the company’s official website 

How to protect yourself 

If you’re looking for a customer support number, don’t rely on an AI summary. 

• Go directly to the company’s official website and find their contact page 
• Verify the phone number through multiple sources 
• If the person on the phone asks for passwords or MFA codes, hang up immediately 
• Treat any urgency or threats (“you must act now”) as a scam signal 

The big lesson: AI can summarize the internet, but it can’t always verify the truth. 

Data Breach Watch: Fintech Firm Figure Exposes Nearly 1 Million Accounts 

If you’ve applied for a loan, worked with a fintech service, or interacted with a home equity platform recently, this one is worth paying attention to. 

According to BleepingComputer, fintech company Figure Technology Solutions was breached in a social engineering attack, with hackers reportedly stealing personal data tied to nearly 967,200 accounts. 

The exposed data reportedly included names, email addresses, phone numbers, physical addresses, and dates of birth. And that’s exactly what scammers use to build believable impersonation attempts. 

Why this matters 

Even if you’ve never heard of Figure, data breaches like this can ripple outward fast. Once scammers have your email, phone number, and date of birth, they can launch more convincing scams like: 

• Fake “account verification” calls 
• Fraudulent loan or credit applications 
• Phishing emails pretending to be financial institutions 
• Identity theft attempts using your personal details 

And because this breach was reportedly caused by social engineering, it’s also a reminder that the weakest link in security isn’t always technology, it’s human trust. 

Key red flags to watch for after a breach 

• Calls claiming your loan account needs immediate verification 
• Emails asking you to “confirm your identity” using a link 
• Messages that include personal details to sound legitimate 
• Fake financial support agents asking for payment or login credentials

What to do right now 

• Change passwords (especially if you reuse them across accounts) 
• Turn on multi-factor authentication where possible 
• Monitor your credit report for unusual activity 
• Be skeptical of unexpected financial messages, even if they seem personalized 

After breaches like this, scammers often wait weeks or months before striking, because they know people stop paying attention.  

A Scam at the Louvre Allegedly Cost $12 Million 

Not every scam story is about malware or phishing links. Some are about old-fashioned fraud, executed at a scale that feels almost unbelievable. 

According to reporting from The New York Times, French investigators uncovered a ticket fraud scheme that may have cost the Louvre in Paris nearly $12 million over a decade. 

Officials say the suspected scam involved tour guides allegedly reusing tickets multiple times, bribes paid to museum employees, and tourist groups being split up to avoid additional fees. 

Last week, police reportedly arrested nine people in the case, including two museum employees. 

Investigators also believe similar fraud may have taken place at Versailles. 

The Takeaway

This wasn’t a one-time trick. Investigators believe the network may have been running for years, allegedly bringing in multiple tour groups per day. 

It’s a reminder that scammers don’t always need to “hack” a system. 

Sometimes, they just find a weak point, then repeat it until it becomes a business model. 

The bottom line: the Louvre story is dramatic, but the lesson is familiar. Scams thrive anywhere oversight is stretched thin, systems are overwhelmed, and people assume someone else is double-checking. 

Whether it’s a museum ticket scanner or an AI-generated search result, scammers will always look for the fastest path through the cracks. 

McAfee’s Safety Tips for This Week 

This week’s scam pattern is all about one theme: trust shortcuts. 

AI summaries that feel official. Phone numbers that look real. Support agents who sound convincing. Breach data that makes phishing more believable. 

The best defense is slowing down and verifying before you act. 

Here are the smartest moves to make right now: 

Don’t trust AI Overviews (or search snippets) for customer support phone numbers. Always verify through the company’s official website. 

Treat “customer service” calls with caution, especially if they ask for payment info, passwords, or MFA codes. 

Never share verification codes, even if someone claims they’re just “confirming your identity.” 

Watch for phishing attempts after major breaches. Scammers often use stolen data to make messages feel personal and urgent. 

Be suspicious of pressure tactics like “your account will be frozen” or “you must act immediately.” 

If you think your personal data may be exposed, monitor your credit and update your passwords now, not later. 

Use tools like McAfee Web Protection to avoid dangerous links, bad downloads, malicious websites, and more. 

We’ll be back next week with another roundup of the scams making headlines, and what you can do to stay ahead of them. 

The post This Week in Scams: AI Search Traps, a Fintech Breach, and a $12M Louvre Hustle appeared first on McAfee Blog.

You don’t always realize your YouTube channel has been hacked right away. 

Sometimes it’s a sudden spike in notifications. Sometimes it’s a flood of confused comments. And sometimes it’s the worst-case scenario: you wake up to find your channel renamed, your videos hidden, and a scam livestream running under your brand. 

This is one of the most common forms of creator-targeted account takeover today. Attackers hijack real channels because they already have an audience, and then use that trust to promote fake crypto giveaways, “investment” livestreams, or malicious links in video descriptions. 

A YouTube channel hack can also put your account at risk of Community Guidelines strikes or monetization penalties, even if you didn’t upload the content yourself. 

This guide walks you through exactly what to do if your YouTube channel has been compromised: how to regain owner access, stop scam live streams fast, and secure your Google Account so it doesn’t happen again. 

Signs Your YouTube Channel May Be Compromised 

A hacked YouTube channel usually means your Google Account has also been compromised, since every YouTube channel is tied to at least one Google Account. 

Watch for these red flags: 

Changes you didn’t make: Your channel name, profile photo, handle, description, or external links were updated. 

Videos or live streams you didn’t create: You may see uploads you don’t recognize, scam live streams, or replays that weren’t posted by you. 

You receive warnings or strikes: YouTube may send emails about Community Guidelines violations, copyright claims, or suspicious activity tied to content you didn’t publish. 

You can’t log in or your password stops working: A sudden login failure may mean your password was changed or your account access was locked. 

Monetization or AdSense settings changed: Attackers may try to redirect revenue or alter payment associations. 

If any of these are happening, assume your channel is compromised and start recovery steps immediately. 

What to Change Immediately If Your YouTube Channel Was Hacked 

If your YouTube channel was hacked, assume your Google login details may have been stolen. 

That means simply getting back into your channel isn’t enough; you also need to update the passwords and settings attackers could still use. 

Here’s what to change right away: 

• Change your Google Account password 
• Enable two-factor authentication (2FA) 
• Remove unknown devices and active sessions 
• Check and update your recovery email and recovery phone number 
• Remove any unfamiliar channel owners/managers/editors 
• Remove suspicious connected apps or third-party access 
• Review your AdSense/monetization settings for changes 
• Update any other accounts that share the same password 

If you suspect the takeover started through malware or phishing, it’s also smart to update passwords for other sensitive accounts tied to your Google identity, like Gmail, Google Drive, banking accounts, or payment apps. 

Using a password manager like McAfee’s can help you create strong, unique passwords for every account, and store them securely in one place.  

Step-by-Step: How to Recover a Hacked YouTube Channel 

Step	What to Do	Why It Matters
1. Recover your Google Account first	If you can still log in, change your password immediately. If you can’t, start Google’s account recovery process.	Your YouTube channel is tied to your Google Account. If your Google Account is compromised, your channel will remain vulnerable.
2. Secure your Google Account	Enable 2FA, review recent logins, and remove unknown devices.	Hackers often stay logged in through active sessions even after a password change.
3. Remove unknown channel access	Check channel permissions and remove any unfamiliar owners, managers, or editors.	Attackers may add themselves as a manager to keep access even after recovery.
4. Stop scam live streams and remove suspicious uploads	End any unauthorized livestreams, delete scam videos, and remove malicious links from descriptions.	Scam streams can damage your reputation and trigger policy strikes quickly.
5. Revert channel changes	Restore your channel name, branding, About section, links, and settings.	This helps prevent your channel from being used to impersonate a brand or run scams.
6. Review YouTube Studio for strikes or policy issues	Check for Community Guidelines strikes, copyright claims, or monetization restrictions.	Hackers often upload policy-violating content that can put your channel at risk.
7. Scan your device for malware	Run a trusted security scan to check for spyware or password-stealing malware.	If your device is infected, attackers can steal your new password immediately.
8. Contact YouTube/Google support if you’re still locked out	Use YouTube’s hacked channel support tools or Google Account recovery help.	If self-recovery fails, YouTube may be able to help restore access or guide you through next steps.

If you’re still having issues after completing these steps, be sure to visit YouTube and Google’s official support resources for hacked accounts. 

And, if you’re an eligible creator, you can also contact YouTube’s Creator Support Team. 

Watch for Phishing “YouTube Support” Scams 

One of the most common ways YouTube channels get hacked is through phishing. 

Scammers impersonate: 

• YouTube support 
• YouTube Partner Program emails 
• Copyright violation notices 
• Brand sponsorship offers 
• Verification or monetization warnings 

They try to pressure you into clicking a link, downloading a file, or logging in through a fake Google sign-in page. 

If you receive a suspicious email or message, don’t click. 

Instead, open YouTube Studio directly and check your account status from inside the platform. 

Final Tips: Recovering From a YouTube Channel Hack 

A hacked YouTube channel is stressful for a reason: it doesn’t just affect your account. It affects your audience, your reputation, and your income, especially if monetization is involved. 

The most important steps are: 

• Act quickly 
• Recover your Google Account first 
• Change your password and enable 2FA 
• Remove unknown channel managers and owners 
• End scam live streams immediately 
• Remove suspicious uploads and links 
• Review YouTube Studio for strikes or violations 
• Scan your device for malware 

And if you’re still locked out or something doesn’t look right, follow YouTube’s official recovery guidance and contact Google/YouTube support directly. 

YouTube may be able to help restore access, reverse changes, or provide instructions for appealing a termination if your channel was taken down during the hack. 

McAfee also offers a free antivirus scan that can help you detect malware or suspicious programs that may have compromised your account in the first place. 

Frequently Asked Questions 

Q: How do I know if my YouTube channel was hacked? A: Common signs include channel name or branding changes you didn’t make, scam livestreams, videos uploaded that aren’t yours, suspicious external links added to your channel, or being locked out of your account.

Q: Why does a hacked YouTube channel usually mean my Google Account was hacked too? A: Because YouTube channels are tied to Google Accounts. If your channel was taken over, your Google login credentials or active session may have been compromised.

Q: What should I do if my channel is live-streaming a crypto scam? A: End the livestream immediately if you still have access. Then change your Google password, remove unknown channel managers, enable 2FA, and remove scam links from your channel page and video descriptions.

Q: Can I get strikes or lose my channel because of videos the hacker uploaded? A: Potentially, yes. Scam uploads can trigger Community Guidelines or copyright violations. That’s why it’s important to remove unauthorized content quickly and review YouTube Studio for strikes.

Q: What if I can’t log in at all? A: Start Google’s account recovery process as soon as possible. If you’re still locked out after recovery attempts, visit YouTube’s official hacked channel support resources for next steps.

Q: How do I know if the hacker is fully kicked out? A: Review your Google Account security settings, logged-in devices, recovery email/phone settings, and channel permissions. Remove anything unfamiliar and enable 2FA to reduce the chance of re-entry.

 

The post YouTube Channel Hacked? Restore Owner Access and Stop Live-Stream Scams appeared first on McAfee Blog.

It usually starts with a small, uneasy moment. 

A password reset email you don’t remember requesting. A login alert that doesn’t make sense. Strange comments showing up under your username that you swear you didn’t write. 

Sometimes you don’t notice at all…until someone messages you asking why you’re suddenly promoting crypto giveaways, posting spam links, or commenting across random subreddits. 

A hacked Reddit account isn’t just embarrassing. It can be a real security risk. Attackers often use compromised accounts to spread scams, steal personal information, or take advantage of your reputation in online communities. 

This guide walks you through exactly what to do if your Reddit account has been compromised: how to spot the warning signs, how to regain control, and what security steps to take so it doesn’t happen again. 

Signs Your Reddit Account May Be Compromised 

Reddit account takeovers don’t always look dramatic at first. The earliest warning signs often feel subtle. 

Watch for these red flags: 

Password or email changes you didn’t make: You may receive an email from Reddit saying your password or email address was updated. 

Posts, comments, votes, or chat messages you don’t recognize: Hackers often use your account to upvote scam content or spam communities. 

Authorized apps you don’t remember approving: Some attackers compromise accounts through unsafe third-party apps or browser extensions. 

Unusual login activity or unfamiliar IP history: Reddit allows you to review recent account activity, which may show logins from locations you’ve never visited. 

Sudden account lock or forced reset notice: In some cases, Reddit may lock your account or prompt a password reset as a security precaution. 

If any of these are happening, assume your Reddit account is compromised and start recovery steps immediately. 

What to Change Immediately If Your Reddit Account Was Hacked 

If your Reddit account was hacked, assume your login details may have been stolen. 

That means simply getting back into your account isn’t enough, you also need to update the passwords and settings attackers could still use. 

Here’s what to change right away: 

• Change your Reddit password 
• Change the password for the email account connected to Reddit 
• Update any other accounts that share the same password 
• Remove suspicious authorized apps 
• Log out of all active sessions/devices 
• Turn on two-factor authentication (2FA) 
• Update your recovery options (email, phone, backup codes) 

If you think the hack started from malware or a phishing link, it’s also smart to update passwords for other sensitive accounts, like banking, payment apps, or your Apple/Google account. Using a password manager like McAfee’s can help you create strong, unique passwords for every account, and store them securely in one place. 

Step-by-Step: How to Recover a Hacked Reddit Account 

Step	What to Do	Why It Matters
1. Reset your password immediately	Use Reddit’s password reset flow and create a strong new password.	This is the fastest way to cut off unauthorized access. Resetting your password can also log you out across devices.
2. Check your inbox for Reddit security emails	Look for emails saying your password or email address was changed. Follow any “this wasn’t me” instructions if available.	If a hacker changed your account details, Reddit’s security email may be your best chance to reverse it quickly.
3. Review account activity and active sessions	Check where your account is logged in and log out of unfamiliar sessions/devices.	Hackers often stay logged in even after making changes, especially if you don’t remove active sessions.
4. Remove suspicious authorized apps	Review connected apps and revoke access for anything you don’t recognize or no longer use.	Some account takeovers happen through unsafe third-party apps, not password guessing.
5. Scan your device for malware	Run a trusted security scan to check for spyware, password-stealing malware, or malicious browser extensions. McAfee offers a free antivirus scan service.	If your device is compromised, attackers can steal your new password(s) immediately.
6. Secure the email account tied to Reddit	Change your email password and enable 2FA. Check recovery settings to make sure they’re yours.	If your email is compromised, the attacker can keep resetting your Reddit account and locking you out.
7. Contact Reddit support if you’re still locked out	Submit a request and choose: Security problems → I think my account has been hacked. Include your username and details.	Reddit may be able to help restore access or reverse changes if self-recovery doesn’t work.

 

Watch for Phishing “Reddit Support” Scams 

One of the most common ways accounts get compromised is through phishing. 

Scammers impersonate: 

• Reddit moderators 
• Reddit admin messages 
• Security alerts 
• Fake “copyright violation” notices 

They try to trick you into clicking a link and logging in on a fake site. 

If you receive a suspicious message, don’t click. 

Instead, open Reddit directly in your browser or app and check your account settings from there. 

Final Tips: Recovering From a Reddit Hack 

A hacked Reddit account can feel strangely personal, because your profile reflects your interests, communities, and identity online. 

The most important steps are: 

• Act quickly 
• Secure your email account first 
• Reset your password and log out of all sessions 
• Remove suspicious authorized apps 
• Enable two-factor authentication (2FA) 
• Scan your device for malware 

And if you’re still locked out or something doesn’t look right, follow Reddit’s official recovery guidance and contact Reddit support directly. 

Reddit may be able to confirm suspicious activity, restore access, or help reverse account changes. 

Frequently Asked Questions 

Q: How do I know if my Reddit account was hacked? A: Common signs include password or email changes you didn’t request, unfamiliar authorized apps, unusual IP history, and posts/comments/votes you don’t remember making. If any of these appear, treat your account as compromised.

Q: Will resetting my Reddit password log out the hacker?     A: In many cases, yes. Reddit notes that resetting your password can log you out across devices, which is one of the fastest ways to cut off unauthorized access.

Q: What if my Reddit email address was changed?   A: Check your email inbox for a message from Reddit. Reddit may provide instructions to reverse the change, but you’ll typically need to input the original email address associated with the account.

Q: What should I do if I can’t get my account back?   A: Submit a support request and select: Security problems → I think my account has been hacked. Include your username and explain what suspicious activity you noticed. Reddit also suggests checking r/help for additional guidance.

Q: Should I remove authorized apps after a hack?   A: Yes. Reddit specifically warns that unsafe authorized apps can lead to account compromise. Remove anything you don’t recognize or no longer use.

Q: What’s the biggest mistake people make after a Reddit hack?   A: Only changing their Reddit password. If your email account or device is compromised, attackers can regain access quickly. You should secure your email, scan your device, and update reused passwords.

 

The post Reddit Hacked? How to Regain Access and What to Change Immediately appeared first on McAfee Blog.

It’s Friday the 13th, but you have nothing to fear online if you’re scam-savvy and well protected.

Every week, we round up the biggest scam and cybersecurity stories of the moment so you can recognize red flags, protect your accounts, and avoid the most common traps scammers are using. 

This week in scams, we’re talking Valentine’s Day, deepfake deception, and online privacy.

Let’s jump in:

New McAfee Research Shows Romance Scams Spiking 

Valentine’s Day is supposed to be peak season for connection. But for scammers, it’s peak season for something else: emotional leverage. 

New McAfee research shows romance scams are not rare edge cases, they’re becoming a common part of the online dating experience. In fact, 1 in 7 American adults (15%) say they’ve lost money to an online dating or romance scam. Even more alarming: of the people who lost money, only 1 in 4 (24%) were able to recover all of it. 

And many scams start exactly the way real relationships do. 

One McAfee interviewee, Jules, a healthcare professional in her 40s, joined a dating app hoping to meet someone as a busy working single mom. She met “Andy,” who seemed local, charming, and emotionally invested. He didn’t rush into money. He built trust. He mirrored her life. He made her feel safe. 

Then he introduced a “crypto opportunity” that looked legitimate. The app showed gains. She even withdrew small amounts at first. But weeks later, her account froze, and she was told she needed to pay a $25,000 “tax payment” to unlock it. 

She paid. Then the account froze again. 

By the time Jules realized the truth, she had lost more than $80,000, including $25,000 borrowed from her elderly mother. 

This is the new shape of romance scams: slow, believable, and psychologically engineered. McAfee Labs also reports that romance-related scam activity spikes during peak dating season, including fake profiles, cloned apps, and AI-driven spam behavior. 

Key red flags to watch for 

• They move fast emotionally (“I’ve never felt this way before”) 
• They push you off-platform quickly (WhatsApp, Telegram, Signal) 
• Their story sounds polished but hard to verify (military, oil rig, entrepreneur) 
• They introduce “investment advice” or crypto opportunities 
• They ask for payment apps, gift cards, wire transfers, QR payments, or “fees” 
• They claim your money is “frozen” unless you pay one more time 

How romance scams typically unfold 

While scams can take many forms, most follow a familiar pattern. Understanding the progression can help people recognize risk earlier. 

Stage	The Red Flags / How it Unfolds	What the scammer wants	What to do instead
1) The hook	A friendly DM, a “wrong number” text, a dating match, a comment reply, a follow request	A response. Any response.	Don’t move fast. Keep the convo on-platform. Don’t give out your number.
2) Love bombing	Daily messages, fast intimacy, mirroring your interests, “I’ve never felt this way”	Trust and routine	Slow it down. Ask for a real-time video call and a specific, verifiable detail.
3) Private channels	“Let’s talk on WhatsApp/Telegram/Signal.” “Don’t tell anyone yet.”	Control and privacy	If someone pushes you off-platform quickly, treat it as a red flag.
4) Building credibility	A “job” story (military, oil rig, entrepreneur), polished photos, voice notes, even AI-assisted video	Believability	Verify independently. Reverse image search photos. Watch for inconsistencies.
5) A financial request	A “small” emergency, a plane ticket, a crypto opportunity, “help me unlock my account,” gift cards, payment app request	Money or financial access	Never send money to someone you haven’t met. Never share financial info or account details.
6) Escalation	“I need a verification code.” “Can you receive money for me?” “Open an account.” “Co-sign.”	Identity theft, account takeover, new credit	Never share MFA codes. Don’t open accounts for anyone. Lock credit if you’ve shared info.
7) Ghosting	Ghosting, deleted accounts, new persona, rinse-and-repeat	Exit before consequences hit them	Preserve evidence, report, and secure your accounts immediately.

Key point: the scariest scams may never send you a sketchy link. They may only send convincing words, and the pressure to act. 

Deepfake Fraud Is Going “Industrial” 

Deepfake scams used to sound like something only elite hackers could pull off. Not anymore. 

Reporting from The Guardian highlights a new analysis from AI experts suggesting deepfake fraud has gone “industrial,” meaning it’s now cheap, scalable, and increasingly accessible to non-experts. Researchers tied to the AI Incident Database described a landscape where impersonation scams are becoming one of the most common types of AI-driven incidents reported month after month. 

Instead of crude phishing emails, scammers can now use AI tools to generate: 

• Realistic fake videos of public figures 
• Fake doctors promoting products 
• Fake journalists endorsing scams 
• Realistic job applicants and “candidates” who aren’t real people at all 

One example described in the reporting involved an AI security CEO who posted a job listing and quickly received a referral for a candidate who looked perfect on paper. The resume was strong. The emails were polished. The interview was scheduled. 

But when the video call began, the candidate’s image loaded slowly, and the background looked artificial. The face was blurred around the edges. The person glitched slightly as they spoke. A deepfake detection firm later confirmed: the interviewee was AI-generated. 

The most unsettling part? Even the target didn’t know what the scammer was after…. a salary? access to internal systems? company secrets? 

This is what makes deepfake scams uniquely dangerous: they’re not always about stealing money immediately. They’re often about getting trust, access, and leverage first. 

Key red flags of deepfake impersonation scams 

• Video or audio glitches (especially around facial edges) 
• Backgrounds that look “too smooth” or artificial 
• Delays before video loads or odd syncing between voice and mouth movement 
• Overly polished speech with little natural hesitation 
• Pressure to move fast, hire fast, or approve payments quickly 

This is also why deepfake fraud is so effective: it exploits the assumption that “seeing is believing.” In 2026, that assumption is no longer safe. 

This is also backed up by McAfee’s previous research. In 2025, McAfee Labs conducted a study of 17 different deepfake-creation tools and found that for just $5 and with just 10 minutes of setup time, scammers can create powerful, realistic-looking deepfake video and audio scams.

 

Google “Results About You” Update Shows How Personal Data Fuels Scams 

Not every scam story this week is about criminals. This update is about fighting scammers, as shared by Google. 

Google announced this week that it has expanded its “Results about you” tool, which helps people monitor and remove sensitive personal information from Search results. Previously, the tool focused on personal contact details like phone numbers, email addresses, and home addresses. 

Now, users can also request the removal of Search results that include highly sensitive information like: 

• Passport numbers 
• Driver’s license numbers 
• Social security numbers 

Google is also making it easier to request removal of non-consensual explicit images, allowing users to submit multiple images at once rather than reporting them individually. 

This matters because personal data is often the fuel behind the scams we’ve been tracking all year, including romance scams. 

Removing sensitive data from search results doesn’t erase it from the internet completely but it can reduce how easily scammers can weaponize it. To take your online privacy to the next level, consider McAfee’s Personal Data Cleanup, which will help remove your personal information across the web.  

What this tool helps protect against 

• Identity theft attempts 
• Impersonation scams 
• Doxxing threats 
• Fake “verification” schemes 
• Social engineering and targeted romance scams 

The scam lesson here is simple: the less information scammers can find, the harder it is for them to tailor the con. 

McAfee’s Safety Tips for This Week 

This week’s scam pattern is all about emotional manipulation + AI credibility + personal data exposure. The best defense is slowing down and verifying before you trust. 

Here are the smartest moves to make right now: 

• Don’t confuse emotional intensity with authenticity. Love bombing is a tactic, not a love language. 
• Never send money to someone you haven’t met in real life, no matter how convincing their story is. 
• Treat “crypto investing tips” from strangers as an immediate red flag. 
• Don’t move off-platform quickly. If someone insists on WhatsApp, Telegram, or Signal early on, assume they’re trying to isolate you. 
• Never share verification codes or screenshots of financial apps, even if they claim it’s “just for confirmation.” 
• Reverse image search profile photos and look for inconsistencies in background details, timelines, or personal stories. 
• If a video call feels off, trust your instincts. Deepfakes often look almost real, but “almost” is the danger zone. 
• Reduce your digital footprint. The more personal info available online, the easier it is for scammers to tailor believable impersonations. 
• Use tools like McAfee Scam Detector to help flag risky messages across text, email, and social platforms. 
• If you suspect a romance scam, stop engaging immediately, document everything, and report it. The sooner you act, the more damage you can prevent. 

We’ll be back next week with another roundup of the scams making headlines, and what you can do to stay ahead of them. 

The post This Week in Scams: How Jules Lost $80K in a Romance Scam appeared first on McAfee Blog.

It usually starts with a small, uneasy moment. 

A login alert you don’t remember triggering. A password that suddenly doesn’t work. A friend asking why you just posted something… bizarre. 

Sometimes it’s even worse: you open your Facebook Page and realize you’re no longer an admin. 

Facebook account takeovers often don’t look dramatic at first. They start quietly: a new device login, a recovery email you didn’t add, or a Page role you never approved. But once someone has access, they can lock you out fast, post scams to your followers, and even run unauthorized ads. 

This guide walks you through exactly what to do if your Facebook account or Page has been compromised: how to spot the warning signs, how to recover access if you’re locked out, how to remove rogue admins, and how to lock down your account so it doesn’t happen again. 

Signs Your Facebook Account May Be Compromised 

Facebook hacks often start quietly. The first signs usually look like small changes you don’t remember making. 

Watch for these red flags: 

• Login alerts you didn’t trigger: Notifications about new devices, unfamiliar locations, or verification codes you didn’t request. 
• Posts or messages you didn’t send: Spam posts, strange DMs, or comments that don’t sound like you. 
• Account details changed: Your password, email address, phone number, or two-factor authentication settings were updated without you. 
• Page or Business access changes: New admins added, your role downgraded, unknown partners connected, or ad accounts you don’t recognize. 
• Unexpected ad spend or billing activity: Ads running that you didn’t create, new payment methods, or charges you can’t explain. 

If any of these are happening, assume your account is compromised and start recovery steps immediately. 

Step-by-Step: How to Regain Control of a Hacked Facebook Page 

Step	What to Do	Where to Go
1. Secure your personal Facebook account first	Log out of all sessions, change your password, and enable two-factor authentication (2FA). If your profile is compromised, your Page will stay vulnerable.	Settings → Password and security
2. Check whether you still have Page access	Go to your Page and see if you can access settings. If you still have partial access, move fast—attackers often remove legitimate admins quickly.	Your Facebook Page → Settings
3. Review Page roles / Page access	Look for unfamiliar admins or anyone with “Full control.” Remove them immediately if you still have permission.	Page Settings → Page access / Page roles
4. Check Meta Business Suite permissions	Hackers may add themselves through Business Manager instead of Page roles. Review who has access to the business and Page assets.	Meta Business Suite → Settings → Business settings → People
5. Remove suspicious partners	If an unknown Business Manager or partner account is connected, remove it. Rogue partners can retain access even after passwords are changed.	Business settings → Partners
6. Audit Ad Accounts and active campaigns	Check if unauthorized ads are running. Pause campaigns immediately and remove unfamiliar users tied to ad access.	Business settings → Ad accounts
7. Review payment methods for fraud	Look for unfamiliar credit cards or PayPal accounts. If charges occurred, contact your payment provider immediately.	Business settings → Payments / Billing
8. Start a Page admin dispute if you lost access	If all admins were removed or your role was downgraded, submit a Page admin dispute through Meta’s Business Help tools and begin the recovery process.	Meta Business Help Center → Page admin dispute / compromised Page support
9. Gather proof of ownership	Prepare evidence like business documentation, domain verification, screenshots of prior Page access, and ad account billing history. The more proof you provide, the faster recovery usually moves.	Business documents + screenshots + domain records
10. Lock down Page security after recovery	Remove rogue admins, reduce admin permissions, require 2FA for everyone, and limit who can manage ads. Treat this like a full security reset.	Page Settings + Meta Business Suite

What to Do After You Regain Control of Your Page 

Once you’re back in, don’t stop there. 

Attackers often return if they still have access through third-party permissions or compromised admin accounts. 

Immediately: 

• Remove rogue admins 
• Remove unknown partners 
• Reset Page access roles 
• Review ad accounts and billing 
• Turn on 2FA for everyone with Page access 
• Reduce admin permissions wherever possible 

A good rule: most people don’t need Admin access. 

Use Editor, Advertiser, or Moderator roles unless someone truly needs full control. 

Lock Down Facebook Security So It Doesn’t Happen Again 

Getting back into your account is only half the job. The real goal is making sure the hacker can’t come back. 

Turn on login alerts 

Facebook can notify you every time a new device logs in. 

Go to: Settings → Password and security → Alerts about unrecognized logins 

Turn them on for email and notifications. 

Use stronger passwords everywhere 

Hackers often gain access through reused passwords from older data breaches. 

If you’ve used the same password across platforms, change it immediately. 

A reputable password manager like McAfee’s can help generate and store secure passwords so you don’t have to rely on memory. 

Revoke third-party app access 

Even if you removed suspicious apps earlier, do a full audit again after recovery. 

Go to: Settings → Apps and websites 

Remove anything you don’t actively use. 

Keep your phone and Facebook app updated 

Security updates matter. 

Running outdated apps makes it easier for attackers to exploit known vulnerabilities. 

Watch out for phishing “Meta Support” scams 

Many Facebook hacks don’t happen through technical hacking, they happen through social engineering. 

Common scams include: 

• Fake copyright violation notices 
• Fake Meta verification warnings 
• Messages claiming your Page will be deleted 
• “Support” DMs asking you to click a link and confirm login 

If you ever get one of these messages, don’t click. 

Open Facebook directly, go to Settings, and check your account status from inside the platform. 

Quick Recovery Table: What to Do If Your Facebook Account or Page Is Hacked 

Situation	What to Do (Step-by-Step)	Where to Go in Facebook
You see a suspicious login alert	1) Log out of all sessions 2) Change your password immediately 3) Turn on two-factor authentication (2FA)	Settings → Password and security → Where you’re logged in
Your password suddenly doesn’t work	1) Tap Forgot password? 2) Follow recovery prompts 3) Use identity verification if needed	Facebook login screen → Forgot password?
You’re still logged in, but things look “off”	1) Remove unfamiliar devices 2) Check your email/phone info 3) Remove suspicious connected apps	Settings → Accounts Center Settings → Apps and websites
Your email or phone number was changed	1) Check your email for Facebook security alerts 2) Click “This wasn’t me” if available 3) Start recovery and select No longer have access?	Email inbox + recovery flow
Your Facebook Page has a new admin you didn’t add	1) Secure your personal account first 2) Remove the unfamiliar admin immediately 3) Review Page roles for other changes	Page Settings → Page access / Page roles
You lost admin access to your Page	1) Secure your Facebook profile first 2) Check Meta Business Suite permissions 3) Start a Page admin dispute with Meta	Meta Business Suite → Business settings
Unauthorized ads are running	1) Pause all campaigns immediately 2) Remove unfamiliar users/partners 3) Check payment methods for fraud	Business Manager → Ad accounts Business settings → Payments
You want to prevent this from happening again	1) Enable 2FA 2) Use a unique password 3) Turn on login alerts 4) Remove unnecessary admins	Settings → Password and security

 

Final Tips: Recovering From a Facebook Hack 

A Facebook hack is stressful for a reason: it doesn’t just affect your account. It can affect your reputation, your Page, your followers, and even your finances if ads are involved. 

The most important steps are: 

• Act quickly 
• Secure your email before finishing recovery 
• Log out all sessions and reset your password 
• Remove rogue admins and unknown partners 
• Lock down Business Manager permissions 
• Enable 2FA for every admin who touches your Page 

Once you take control back, reduce access to only the people who truly need it, and keep a close eye on logins and billing activity. 

With the right steps, you can recover a hacked Facebook account, remove unauthorized admins, and rebuild trust with your audience. 

And most importantly: you can make sure it doesn’t happen again. 

Finally, you can always reach out directly and seek support via Facebook’s help center and official contact channels if you still need help. 

Frequently Asked Questions 

Q: How do I log out of all devices on Facebook?  A: Go to Settings → Password and security → Where you’re logged in, then select Log out of all sessions. After that, change your password and enable 2FA.

Q: What if my email and phone number were changed?  A: Start account recovery through Forgot password? and look for the option No longer have access to these? If you still have access to your original email inbox, check for Facebook security emails and use the “This wasn’t me” link to reverse changes.

Q: How do I remove an admin from a Facebook Page?  A: If you still have Page access, go to Page Settings → Page access / Page roles and remove the person. If you no longer have admin access, you may need to start a Page admin dispute through Meta Business Help Center.

Q: What if someone is running ads from my Page?  A: Go to Meta Business Suite → Business settings → Ad accounts and pause campaigns immediately. Remove unfamiliar users or partners and check billing settings for unauthorized charges.

Q: Are authenticator apps safer than SMS codes?  A: Yes. Authenticator apps (and hardware security keys) are generally stronger than SMS because they’re harder to intercept through SIM-swapping or text message compromise.

Q: Should I warn my followers?  A: If your Page or profile posted spam, sent DMs, or promoted suspicious links, yes. A short post warning followers not to click links or respond to messages can prevent others from getting scammed.

 

The post Facebook Hacked? How to Recover Your Account and Remove Rogue Page Admins  appeared first on McAfee Blog.

“I signed up for an app because it felt like the only realistic way to meet people as a working single mom.” 

Jules, a healthcare professional in her 40s, turned to online dating while balancing work, school, and raising her child after the pandemic. Then she met “Andy.” 

He seemed like a great guy. He knew her area and even shared pictures of himself at restaurants, wineries, and neighborhood spots Jules recognized. Their early conversations felt ordinary and he seemed invested in her life and well-being. 

“He didn’t ask for money right away; he built trust first,” she said. “So when the investment came up, it didn’t feel risky. It felt like help.” 

Andy claimed he was successful in cryptocurrency and said he could show her how to pay down debt, get ahead financially, and finally have some breathing room. Jules decided, cautiously, to try it. And because the accounts appeared to show gains, and she was even able to withdraw small amounts of money, Jules believed the opportunity was real. 

But the crypto app wasn’t real. And neither was Andy. 

One day, weeks later, the account was suddenly frozen. A message popped up saying the only way to access her funds would be through a $25,000 “tax payment”. She paid the “tax,” worried about losing her investments. But the account immediately froze again, this time facing the claim of money laundering. 

That’s when she realized something wasn’t right. And Andy suddenly disappeared. 

By the time Jules realized it was a scam, she had lost more than $80,000. Jules said $25,000 of that was borrowed from her elderly mother.  

“The financial loss was devastating, but the emotional toll was worse. I felt ashamed and completely alone.”  

New research: Romance scams climb ahead of Valentine’s Day 

Jules isn’t alone. Unfortunately, this type of long-con romance scam is increasingly common. And AI-powered tools are only helping scammers increase their attack volume. 

According to McAfee’s 2026 Valentine’s Day research, 1 in 7 American adults (15%) say they have lost money to an online dating or romance scam.  

The cost of losses varied widely between age groups. American adults between ages 35 to 44 were among the most likely to report higher losses, over $5,000, while younger Gen Z victims reported smaller losses under $500.  

Of the people who’ve lost money to an online dating scam, just 1 in 4 (24%) were able to recover all their money. 

Exposure is widespread even when money is not lost. More than half of Americans say they have been asked to send money or share financial information by a potential romantic partner, often through payment apps, wire transfers, gift cards, QR codes, or cryptocurrency. 

McAfee Labs data reinforces what consumers are experiencing. During the peak dating season leading into Valentine’s Day, Labs blocked hundreds of thousands of romance-related malicious URLs and observed surging activity tied to fake profiles, cloned dating apps, and AI-driven chat behavior. In fact, Labs reported significant AI chat bot spam, with some users receiving more than 60 messages in 12 hours, even without a profile photo. 

At the same time, fewer scams relied on obvious malicious links, suggesting scammers are shifting toward persuasion and relationship-building instead. 

The research at a glance: Fast facts 

• 47% of American adults have used an online platform to meet a romantic partner 
• 35% have encountered fake profiles or AI-generated images while dating online 
• 1 in 4 say they discovered they were interacting with a fake profile or AI bot 
• 22% say they have been a victim of catfishing 
• 53% have been asked to send money or financial info by a romantic interest
• Payment apps are the most common path for money requests, especially among adults under 35 
• 32% believe it is possible to develop romantic feelings toward an AI bot 
• 9% say they have personally experienced romantic feelings for an AI chatbot 
• Men are significantly more likely than women to encounter romance scams weekly 
• Nearly everyone who experienced a romance scam says it had a lasting emotional impact 

How romance scams typically unfold 

While scams can take many forms, most follow a familiar pattern. Understanding the progression can help people recognize risk earlier. 

Stage	The Red Flags / How it Unfolds	What the scammer wants	What to do instead
1) The hook	A friendly DM, a “wrong number” text, a dating match, a comment reply, a follow request	A response. Any response.	Don’t move fast. Keep the convo on-platform. Don’t give out your number.
2) Love bombing	Daily messages, fast intimacy, mirroring your interests, “I’ve never felt this way”	Trust and routine	Slow it down. Ask for a real-time video call and a specific, verifiable detail.
3) Private channels	“Let’s talk on WhatsApp/Telegram/Signal.” “Don’t tell anyone yet.”	Control and privacy	If someone pushes you off-platform quickly, treat it as a red flag.
4) Building credibility	A “job” story (military, oil rig, entrepreneur), polished photos, voice notes, even AI-assisted video	Believability	Verify independently. Reverse image search photos. Watch for inconsistencies.
5) A financial request	A “small” emergency, a plane ticket, a crypto opportunity, “help me unlock my account,” gift cards, payment app request	Money or financial access	Never send money to someone you haven’t met. Never share financial info or account details.
6) Escalation	“I need a verification code.” “Can you receive money for me?” “Open an account.” “Co-sign.”	Identity theft, account takeover, new credit	Never share MFA codes. Don’t open accounts for anyone. Lock credit if you’ve shared info.
7) Ghosting	Ghosting, deleted accounts, new persona, rinse-and-repeat	Exit before consequences hit them	Preserve evidence, report, and secure your accounts immediately.

Key point: the scariest scams may never send you a sketchy link. They may only send convincing words, and the pressure to act. 

Watch out for AI. 

AI reduces the “tells” that used to give scammers away. Deepfake audio and video can make someone appear real-time credible. Bot-driven chat can sound polished, attentive, and emotionally responsive. 

People who discovered they were dealing with a bot or fake profile said the biggest clues were: 

• Responses felt scripted or repetitive (52%) 
• They replied instantly and flawlessly (41%) 
• Photos looked unnatural or AI-generated (38%) 
• They avoided voice/video calls (32%) 
• They made unusual requests early (26%) 

The important point is: a smooth conversation is not proof of authenticity. It may be proof of automation. 

What to do if you think you’re involved in a romance scam 

If you’re reading this and feeling that slow stomach-drop of recognition, the priority is to protect yourself before the situation escalates. 

1) Stop sending money and stop sharing information 

No more payments. No more screenshots. No more “verification” codes. No more personal details. 

If you’ve already shared sensitive info, don’t panic, but act quickly. 

2) Document everything 

Take screenshots. Save usernames, phone numbers, email addresses, payment handles, transaction confirmations, and any images they sent. If the account disappears, this may be all you have. 

3) Lock down your accounts 

• Change passwords for email, banking, and the platform where you met them 

• Turn on multi-factor authentication (MFA) everywhere 

• If you reused passwords anywhere, change those too 

4) Check your financial exposure 

Romance scams often lead to identity misuse: new accounts, fraudulent applications, or attempts to access your credit. 

If you’ve shared identifying details (full name, address, DOB, SSN, photos of documents), consider a protective step that blocks new credit from being opened in your name. McAfee’s Credit Monitoring and Identity Monitoring can help regain security. 

5) Reduce your public data footprint 

Scammers don’t just use what you tell them. They use what they can look up. 

Your phone number, address, relatives, old accounts, and leaked details can be stitched together to make impersonation easier and manipulation more convincing. 

Unfriend the scammer on social platforms and tighten your account privacy. Consider options like McAfee’s Personal Data Cleanup  

6) Report it 

Report the account on the platform or app where you met. In the U.S., you can also report romance scams to the FTC. 

If you sent money, notify your bank/payment provider immediately. 

The takeaway:  

Romance scams work because they feel real. They exploit trust, vulnerability, and the very human desire for connection, especially in digital spaces where so much of our social and romantic lives now take place.

If you recognize pieces of your own experience in Jules’s story or the research here, you are not alone, and you have nothing to be ashamed of. These scams are designed to be convincing, and anyone can be targeted. 

Protections like McAfee’s Scam Detector are built to catch risky messages across text, email, and social channels, adding an extra layer of defense while you focus on building genuine connections. 

Awareness, support, and protection go a long way, and help is available when you need it. 

The post 1 in 7 Lose Money to Romance Scams. Spot the Red Flags: appeared first on McAfee Blog.

Tax season creates a rare and dangerous overlap: Americans are sharing their most sensitive personal information at the exact moment scammers are most alert. 

W-2s arrive. Payroll portals light up. Refund notifications start circulating. Messages from employers, tax services, and government agencies suddenly feel routine… expected, even. 

That’s the opening scammers wait for. 

According to McAfee’s 2025 tax season research, nearly half (48%) of Americans say they or someone they know has received a message falsely claiming to be from the IRS or a state tax authority. Those messages arrive via email, text, phone calls, social media, and increasingly through channels that don’t look suspicious at all. 

And when they work, the consequences can be severe. 

This tax season, the biggest risk isn’t just clicking the wrong link. It’s how easily personal information can be weaponized once it’s exposed, and how quickly identity theft and credit damage can follow.  

How tax-related identity theft happens 

Rather than a single “step-by-step” scam, tax fraud usually unfolds as a chain reaction once personal information is exposed. 

Here’s how the risk typically escalates: 

1) Information enters circulation 

W-2s, tax forms, and payroll data are shared across email, HR portals, cloud storage, and tax software accounts. Even legitimate workflows expand the attack surface. 

2) Scammers impersonate trusted entities 

Using stolen or scraped data, criminals pose as: 

• The IRS or state tax agencies 
• Payroll departments 
• Tax preparation services like TurboTax or H&R Block 

In McAfee’s research: 

• 48% encountered fake IRS messages
• 33% saw impersonation of tax preparation services
• 35% were baited with fake refund messages containing malicious prompts

3) Victims are pressured to “fix” a problem 

Messages claim a refund was rejected, taxes are overdue, or identity verification is required. The urgency is the point. 

4) Personal or financial data is harvested 

Once victims respond, scammers collect SSNs, bank details, credit card numbers, or authentication codes, often without ever sending a malicious link. 

5) Identity theft follows 

Refund fraud, unauthorized credit applications, and account takeovers often happen weeks or months later, when victims least expect it. 

This is why tax scams are so damaging: the real fallout often shows up long after filing season ends. 

How to protect yourself before you file 

Tax season rewards preparation. These steps help reduce risk before problems start. 

1. File early if possible: Filing sooner reduces the window scammers have to submit fraudulent returns in your name. 
2. Treat tax-related messages with skepticism: Unexpected messages asking for documents, payment, or verification should be independently confirmed through official channels. 
3. Monitor your credit and identity: Identity theft often surfaces as unauthorized accounts or sudden credit changes. Regular monitoring helps catch issues early. 
4. Reduce your online data footprint: Scammers often source contact details and background information from data broker sites. Limiting what’s publicly available reduces targeting. 
5. Avoid clicking on tax-related links: Type official URLs directly into your browser instead of clicking links in messages or ads. 

Why McAfee+ Advanced is built for tax-season identity risk 

Tax scams expose a broader truth: protecting yourself today means limiting both exposure and impact. 

That’s why McAfee+ Advanced now includes expanded identity and financial protection officially rolling out to users today, designed for high-risk moments like tax season. 

Automatic personal info removal 

McAfee+ Advanced helps automatically locate and remove your personal information from high-risk data broker sites that publish phone numbers, addresses, and emails scammers rely on. 

Reducing this exposure makes it harder for criminals to impersonate you or target you during tax season. 

Credit monitoring with one-click credit lock 

If personal information is compromised, speed matters. 

McAfee+ Advanced includes credit monitoring and a one-click credit lock experience, making it easier to prevent unauthorized accounts from being opened in your name, a common escalation after tax-related identity theft. 

Scam Detector, included across all McAfee+ core plans 

In addition to identity and credit protections, all McAfee+ plans include Scam Detector, which helps flag suspicious texts, emails, links, and websites. That includes tax-related scam attempts that surface during filing season. 

Protection that lasts beyond tax season 

Tax scams may peak during filing season, but identity risk doesn’t follow a calendar. The same tools that help protect your W-2 and tax information also help reduce exposure to data breaches, account takeovers, and everyday fraud throughout the year. 

McAfee+ Advanced is designed for that reality; protecting your personal information, finances, and digital life not just during tax season, but year-round. 

The post Filing Taxes? Why Identity Protection Matters More Than Ever This Season appeared first on McAfee Blog.

It usually starts with a small, uneasy moment. A notification you don’t recognize. A login code you didn’t request. A friend texting to ask why you just posted something… weird. 

If you’re staring at your phone wondering whether your TikTok account was hacked, you’re not alone, and you’re not being paranoid.  

Account takeovers often don’t look dramatic at first. They show up as subtle changes: a password that suddenly doesn’t work, a new device logged in overnight, or settings you swear you never touched. 

This guide walks you through exactly what to do if your TikTok account has been compromised: how to spot the warning signs, how to recover access if you’re locked out, and how to lock down active sessions so it doesn’t happen again.  

Signs Your TikTok Account May Be Compromised 

When someone else gets into your account, things usually start behaving in ways that don’t feel like you. Pay attention to changes like these: 

Profile or settings changes you didn’t make
Your display name, bio, password, linked email, phone number, or privacy settings look different, even though you never touched them. 

Content or activity you don’t recognize
Videos you didn’t post. Comments or DMs you didn’t send. New follows or likes that don’t match how you use the app. 

Login alerts that come out of nowhere
Notifications about a new device, verification codes you didn’t request, or emails confirming changes you didn’t initiate. 

Other warning signs include being locked out of your usual login method, missing recovery options, or friends telling you your account is sending strange messages. 

How to Regain Access to Your TikTok Account 

Speed matters here. The longer someone has access, the more they can change, or use your account to scam others. 

If you can still log in 

Secure the account immediately. 

1. Change your password: Use the “Forgot password?” option if needed and choose a strong, unique password you haven’t used anywhere else. 
2. Check your account details: Confirm the email address and phone number are yours. Remove anything you don’t recognize. 
3. Look for unfamiliar devices or sessions: You’ll deal with this more thoroughly below, but flag anything that looks off. 

If you’re locked out 

Start TikTok’s recovery process right away. 

1. On the login screen, tap “Report a problem” or visit the Help Center. 
2. Be ready to prove ownership. That usually includes: 
3. Your username 
4. A previous email or phone number linked to the account 
5. Devices you’ve used to log in before 
6. Screenshots of changes, if you have them 

TikTok uses this information to verify that the account is yours and roll back unauthorized changes. 

Secure your email and phone, too 

This step is critical and often overlooked. 

• Change the password on the email account linked to TikTok.  If someone controls your email, they can keep resetting your social accounts. 
• Confirm your phone number is correct and remove any unfamiliar contact info. 

Once you regain access, clean up anything the attacker touched, delete suspicious posts, undo profile changes, and revoke access for any apps you don’t recognize. 

Figure 1: How to remove TikTok logins from other devices. 

Lock Down Sessions and Strengthen Your TikTok Security 

Getting back in is only half the job. The next step is making sure whoever got in can’t come back. 

Turn on two-step verification 

In Settings & Privacy, enable two-factor verification (2FA) and choose your preferred method. An authenticator app offers the strongest protection, but SMS or email is still far better than nothing. 

Review active sessions and devices 

Head to Security and look for Manage devices or Active sessions. 

• Remove any devices you don’t recognize. 
• If available, use “Log out of all devices” to force everyone, including an attacker, out at once. 

Revoke third-party app access 

Check which apps or tools are connected to your TikTok account and remove anything you don’t use or trust. 

Use a strong, unique password 

• Aim for 12+ characters with a mix of letters, numbers, and symbols. 
• Never reuse passwords from other sites. 
• A reputable password manager like McAfee’s can help generate and store secure passwords. 

Keep your app and phone updated 

Updates often include security fixes. Running outdated software makes it easier for attackers to exploit known issues. 

Be cautious with links and messages 

Unexpected DMs, “copyright warnings,” fake verification notices, or links asking you to log in again are common hacker tactics. When in doubt, don’t click, open the app directly instead. 

 

Figure 2: Where in “Security & permissions” to find security updates and 2FA. 

How to Report an Impersonation Account on TikTok 

Discovering a fake account that’s using your name, photos, or videos can feel like a second violation on top of having your account hacked.  

Luckily, TikTok has a way to flag these imposters, both from inside the app and, in some regions, through an official web form. 

1. Open the impostor’s profile: Head to the account that’s pretending to be you. 
2. Tap the share icon: On mobile, this is usually the arrow at  the top of the profile. 
3. Select “Report”: Choose the option to report the account. 
4. Choose “Report account” → “Pretending to Be Someone”: That’s TikTok’s way of flagging impersonation specifically. 
5. Indicate who is being impersonated: Select Me if it’s your identity, or Celebrity/Another person if it’s someone else. Then submit.  

Figure 3: A screenshot showing where in TikTok you report fake profiles. 

If you’re in the U.S. and the fake profile is doing real damage, for example, scamming your followers or using official business assets, TikTok also offers a dedicated impersonation report form online: 

• Choose whether you’re reporting or appealing an impersonation. 
• Enter your email and country. 
• Upload valid ID or other proof that you’re who you say you are. 
• Confirm the statements and submit the form.  

For accounts outside the U.S., the public Help Center form lets you select Report a potential violation → Account violation → Impersonation and walk through similar steps.

 

Frequently Asked Questions 

Q: How do I lock down sessions on TikTok? A: Go to Settings & Privacy → Security, then open Manage devices or Active sessions. Remove unfamiliar devices, log out of all sessions if possible, change your password, and enable two-step verification.

Q: Can I recover my account if the email and phone number were changed? A: Yes. Start an account recovery request through TikTok support and provide proof of ownership, including previous contact details and device information.

Q: What if I keep getting verification codes I didn’t request? A: That’s a sign someone is trying to get in. Change your password immediately, enable two-step verification, and review active sessions. If it continues, contact TikTok support

Q: Should I warn my followers? A: If your account posted or messaged others without your permission, yes. Let people know your account was compromised so they don’t engage with scam links or requests.

 

The post Was My TikTok Hacked? How to Get Back Into Your Account and Lock Down Sessions appeared first on McAfee Blog.

This week in scams, three headlines tell the same story: attackers are getting better at manipulating people, not just breaking into systems. We’re seeing a wave of intrusions tied to social engineering, a major delivery platform confirming a breach amid extortion claims, and a big tech headline that has a lot of people rethinking how apps handle their data. 

Every week, this roundup breaks down the scam and cybersecurity stories making news and explains how they actually work, so you can spot risk earlier and avoid getting pulled into someone else’s playbook. 

Let’s get into it. 

A Wave of Cyberattacks Hits Bumble, Match, Panera, and CrunchBase 

The big picture: Several major brands were hit by cybersecurity incidents tied to social engineering tactics like phishing and vishing. 

What happened: Bloomberg reported that Bumble, Match Group, Panera Bread, and CrunchBase each confirmed incidents.  

Bumble said a contractor account was compromised in a phishing incident, which led to brief unauthorized access to a small portion of its network, and said its member database, accounts, messages, and profiles were not accessed.  

Panera said an attacker accessed a software application it used to store data, and said the data involved was contact information.  

Match said the incident affected a limited amount of user data, and said it saw no indication that user logins, financial information, or private communications were accessed.  

CrunchBase said documents on its corporate network were impacted, and said it contained the incident. 

According to Bloomberg, cybersecurity firm Mandiant has also warned about a hacking campaign linked to a group that calls itself ShinyHunters. The group is using vishing, which means scam phone calls, to trick people into giving up their login information. Once attackers get those logins, they can access cloud tools and online work systems that companies use every day. The group has said they are behind some of these recent attacks, but that has not been independently confirmed. 

Red flags to watch for: 

Calls that pressure you to approve a login, reset credentials, or share a one-time code 

Messages posing as IT support, a vendor, or “security” that try to rush you 

MFA prompts you did not initiate 

“Quick verification” requests that bypass normal internal processes 

How this works: Social engineering works because it blends into normal life. A convincing message or call gets someone to do one small “reasonable” thing. Approve a prompt. Read a code. Reset access. That is often all an attacker needs to get inside with legitimate credentials, then pivot into the tools where valuable data lives. 

TikTok’s Privacy Policy Update Sparks Backlash 

Ok, we know this is called “This Week in Scams” but this is also a cybersecurity newsletter. So when the biggest tech and privacy headline of the week is TikTok updating its privacy policy, we have to talk about it. 

The big picture: TikTok’s updated terms and privacy policy are raising fresh questions about what data is collected, especially around location. 

What happened: TikTok confirmed last week that a new U.S.-based entity is in control of the app after splitting from ByteDance earlier this year. That same day, CBS reported TikTok published updated terms and a new privacy policy, which prompted backlash on social media. 

CBS reported that one major point of concern is language stating TikTok may collect precise location information if users enable location services in device settings. This is reportedly a shift from previous policy language, and TikTok said it plans to give U.S. users a prompt to opt in or opt out when precise location features roll out. 

According to CBS, some users are also concerned the new privacy policy would allow the TikTok to more easily share their private data with the federal and local government. 

That fear is based on a change in policy language stating that TikTok “processes such sensitive personal information in accordance with applicable law.” 

A quick, practical takeaway: This is a good reminder that “privacy policy drama” usually comes down to one thing you can actually control: your app permissions. 

What to do (general privacy steps): 

Check your phone settings for TikTok and confirm whether location access is Off, While Using, or Always. 

If your device supports it, consider turning off precise location for apps that do not truly need it. 

Do a quick permission sweep across social apps: location, contacts, photos, microphone, camera, and Bluetooth. 

Make sure your account is protected with a strong, unique password and two-factor authentication. 

Note: This is not a recommendation about whether to keep or remove any specific app. It’s a reminder that your device settings matter and they are worth revisiting. 

Grubhub Confirms a Data Breach Amid Reports of Extortion 

The big picture: Even when a company says payment details were not affected, a breach can still create risk because stolen data often gets reused for phishing. 

What happened: According to BleepingComputer, Grubhub confirmed unauthorized individuals downloaded data from certain systems and that it investigated, stopped the activity, and is taking steps to strengthen security. Sources told BleepingComputer the company is facing extortion demands tied to stolen data. Grubhub said sensitive information like financial details and order history was not affected, and did not provide more detail on timing or scope. 

Red flags to watch for next: Breach headlines are often followed by scam waves. Be on alert for: 

“Refund” or “order problem” emails you did not request 

Fake customer support messages asking you to verify account details 

Password reset prompts you did not initiate 

Links to “resolve your account” that don’t come from a known, official domain 

How this works: Customer support systems can contain personal details that make scams feel real. Names, emails, and account notes are often enough for attackers to craft messages that sound like legitimate help, especially when the brand is already in the news. 

Fake Chrome Extensions Are Quietly Taking Over Accounts 

The big picture: Some browser extensions that look like normal workplace tools are actually designed to hijack accounts and lock users out of their own security controls. 

What happened: Security researchers told Fox News that they uncovered a campaign involving malicious Google Chrome extensions that impersonate well-known business and human resources platforms, including tools commonly used for payroll, benefits, and workplace access. 

Researchers identified several fake extensions that were marketed as productivity or security tools. Once installed, they quietly ran in the background without obvious warning signs. According to Fox News, Google said the extensions have been removed from the Chrome Web Store, but some are still circulating on third-party download sites. 

How the scam actually works: Instead of stealing passwords directly, the extensions captured active login sessions. When you sign into a website, your browser stores small files that keep you logged in. If attackers get access to those files, they can enter an account without ever knowing the password. 

Some extensions went a step further by interfering with security settings. Victims were unable to change passwords, review login history, or reach account controls. That made it harder to detect the intrusion and even harder to recover access once something felt off. 

Why this matters: This kind of attack removes the safety net people rely on when accounts are compromised. Password resets and two-factor authentication only help if you can reach them. By cutting off access to those tools, attackers can maintain control longer and move through connected systems with less resistance. 

What to watch for: 

Browser extensions you don’t remember installing 

Add-ons claiming to manage HR, payroll, or internal business access 

Missing or inaccessible security settings on accounts 

Being logged into accounts you did not recently open 

A quick safety check: Take a few minutes to review your browser extensions. Remove anything unfamiliar or unnecessary, especially tools tied to work platforms. Extensions have deep access to your browser, which means they deserve the same scrutiny as any other software you install. 

McAfee’s Safety Tips for This Week 

Be skeptical of “helpful” tools. Browser extensions, workplace add-ons, and productivity tools can have deep access to your accounts. Only install what you truly need and remove anything unfamiliar. 

Treat calls and prompts with caution. Unexpected login requests, MFA approvals, or “IT support” outreach are common entry points for social engineering. If you didn’t initiate it, pause and verify. 

Review app and browser permissions. Take a few minutes to check what apps and extensions can access your location, accounts, and data. Small changes here can significantly reduce risk. 

Protect your logins first. Use strong, unique passwords and enable two-factor authentication on email and work-related accounts. If attackers get your email, they can reset almost everything else. McAfee’s Password Manager can help you create and store unique passwords for all of your accounts.  

Expect follow-up scams after headlines. When breaches or policy changes make the news, scammers often follow with phishing messages that reference them. Extra skepticism in the days and weeks after a story breaks can prevent bigger problems later. 

The post This Week in Scams: Dating App Breaches, TikTok Data, Grubhub Extortion appeared first on McAfee Blog.

As Harry Styles concert tickets go on sale for his first tour in years, cybersecurity experts warn that the same excitement driving ticket registrations and social chatter will also drive a spike in ticket scams across social media, email, and text messages. 

“When demand spikes around a major tour, ticket scams spike too,” said Abhishek Karnik, Head of Threat Research at McAfee. “We saw this during recent major ticket releases, including the Oasis reunion, when McAfee Labs identified more than 2,000 suspicious ticket listings online.” 

“Scammers take advantage of the urgency fans already feel, and the fear of missing out, inserting themselves into social posts, DMs, and text threads with offers that sound normal and believable,” Karnik added.

“Avoid interacting with unknown sellers, especially when offers are made over social media,” Karnik said. “Payments made via wire transfers, cryptocurrency, gift cards, or peer-to-peer platforms like Venmo or Zelle are often not recoverable, which is why it’s safer to buy directly from official ticketing sites or well known resale platforms.”

Where, When, and How to Get Harry Styles Tickets 

Styles announced Together, Together on January 22, marking his first tour since 2023. 

The residency-style run spans seven cities worldwide: Amsterdam, London, São Paulo, Mexico City, New York, Melbourne, and Sydney. Shows begin in May and continue through December. 

New York City is the only North American stop, making competition for tickets especially intense for U.S. fans. In fact, a record-breaking 11.5 million people have already registered for ticket information to attend the Madison Square Garden stop alone. For context, the capacity for that venue is just 19,500 people.  

According to The Hollywood Reporter, that means just 5% of people who signed up for U.S. tickets will be able to buy them when they go on sale this week.  

American Express access presale ticket sales are already live, and Ticketmaster is the primary platform handling official sales.  

The rest of the Together, Together tour tickets will be released in two stages:  

1. General on sale for NYC dates August 26 – October 9 begins on Friday, January 30.  
2. General on sale for October 10 – 31 begins Wednesday, February 4. 

That staggered release schedule matters. Multiple on-sale moments mean repeated waves of urgency, which scammers often mirror with fake “last chance” messages, counterfeit presale links, or impersonations of ticketing platforms and customer support. 

What do Harry Styles tickets cost right now 

Ticket prices range widely by seat location and package, with outlets reporting lower prices starting in the $100 range. However, premium seats climb past $1,000. According to Forbes, the average ticket price of his 2022 tour was $113. 

That context matters, because it helps fans recognize the biggest red flag in ticket fraud: a too-good-to-be-true price.  

If you are seeing “floor seats for $50” while reputable platforms are showing far higher prices for comparable sections, that is not a deal. It is a hook for a scammer. 

How ticket scams work 

Ticket scams rarely start with “Buy my fake ticket.” They start with the conditions that make people easy to rush: too much noise, too many messages, and too little time to verify what’s real. 

McAfee’s State of the Scamiverse survey of 7,500 consumers found people now receive 14 scam messages per day on average, and spend a “time tax” of 114 hours a year sorting real from fake. In that environment, criminals don’t need you to be careless. They just need you to be busy. And major ticket drops create the perfect opening: high demand, fast-moving queues, and price shock that makes a “good deal” feel like something you have to grab immediately. 

What’s changed is that scams don’t even need a link anymore. The report found more than 1 in 4 people (26%) say suspicious social messages now arrive without a URL, and 44% admit they reply to those linkless DMs anyway, often triggering the next step of the scam. That’s the blueprint behind many ticket scams today: a believable message, a quick pivot to payment, and pressure to move fast before you can verify. 

Below are among the most common ticket-scam patterns to watch for, and exactly how they play out. 

Ticket fraud 

Ticket fraud is when someone advertises tickets, takes payment, and delivers nothing, or delivers tickets that do not work at the door. This includes fake screenshots, fake confirmation emails, and counterfeit QR codes. 

How it plays out: 

• A seller claims they “cannot make the show.” 
• They ask you to pay quickly to “hold” the tickets. 
• They send a screenshot of a ticket or order email. 
• The tickets never arrive, or the QR code fails when scanned. 

Resale duplication scams 

A resale duplication scam happens when the scammer sells the same ticket to multiple buyers. Sometimes the scammer has one legitimate ticket and sells it repeatedly. Sometimes they have none and simply reuse the same screenshot. 

How it plays out: 

• You receive something that looks real. 
• Multiple people show up with the same ticket. 
• Only the first scan gets in. 

Phishing scams 

A phishing scam is a message designed to trick you into clicking a link or sharing personal information. Ticket phishing often pretends to be from Ticketmaster, a venue, a presale program, or customer support. 

How it plays out: 

• “Your tickets are on hold, confirm within 10 minutes.” 
• “Unusual activity detected. Verify your account.” 
• “Your payment failed. Update billing.” 

Modern phishing messages can look polished and grammatically clean, which is why relying on spelling errors is no longer a reliable defense. 

Cloned ticket websites 

A cloned ticket website is a fake site made to look like a legitimate seller. These sites are built to capture your payment info, personal data, or both. 

How it plays out: 

• You click an ad or link from social media. 
• The site looks legitimate, but the URL is slightly off. 
• You “buy” tickets and either receive nothing or later see fraud on your card. 

Ticket transfer and account takeover scams 

A ticket transfer scam exploits the fact that many tickets are digital and transferable. A related risk is account takeover, where scammers steal your ticketing login and transfer tickets out of your account. 

How it plays out: 

• You get a message claiming your account needs verification. 
• You enter credentials on a fake page. 
• The attacker logs in and transfers tickets away. 

Fake customer support scams 

A fake customer support scam is when scammers pose as a company’s help desk, often after you post publicly that you need help. 

How it plays out: 

• You tweet, post, or comment about ticket issues. 
• An “agent” messages you first. 
• They ask for login details, a code, or payment to “unlock” tickets. 

A true scam story: Henry’s last-minute ticket scam 

Henry A. had been trying for weeks to score a ticket to see Tyler, the Creator in Dallas. Even without a confirmed seat, he headed to the venue hoping for a miracle. And that’s when the message came in, someone nearby claimed to have extra tickets.  

The seller said he was just outside too. The price? Reasonable enough. The tone? Casual and confident. All Henry had to do was send half the money to hold the tickets.  

Minutes later, he sent the full $280.  

“I was already in line—excited, hopeful, and just trying to get in. That made me an easy target.”  

The seller began stalling. Then came a screenshot—another buyer offering a higher price. He pressured Henry to pay more. When Henry refused, the seller blocked him. 

Just like that, the tickets were gone. So was the money. And Henry and his friend never made it into the show.  

“I sent $280 and got blocked. We never made it inside.”  

What makes Henry’s experience so common is not the platform. It is the pattern: 

• A believable story 
• A “reasonable” price 
• A fast-moving negotiation 
• A sudden change in terms 
• Pressure, then disappearance 

How to spot a ticket scam fast 

Use these red flags as a reality filter: 

Red Flag	What It Looks Like in Real Life
Price mismatch	Tickets priced far below or far above comparable listings on official or verified resale platforms.
Urgency tactics	Messages pushing “last chance,” “only today,” or claiming someone else is about to buy.
Unprotected payment requests	Asking for wire transfers, cryptocurrency, gift cards, or peer-to-peer payments to strangers.
Off-platform pressure	Requests to move the transaction to text, DMs, or email instead of using an official site.
Refusal to verify tickets	Sellers unwilling to use a verified resale platform or provide proof that can be independently confirmed.
Suspicious links	Shortened URLs, unusual domains, or ticket links sent through direct messages.

Safer ways to buy tickets 

If you want the simplest rule: buy through official ticketing and verified resale platforms that offer buyer protection. Scammers can create fake accounts anywhere, but they cannot easily bypass legitimate purchase protections. 

Practical steps: 

1. Go direct: Type the official ticketing URL into your browser, do not follow random links. 
2. Use protected payment: Credit cards generally offer stronger dispute options than unprotected transfers. 
3. Avoid risky payment demands: Crypto, gift cards, and wires are common in fraud because they are hard to reverse. 
4. Secure your accounts: Use strong passwords and enable two-factor authentication where available. 
5. Pause before paying: Scammers depend on emotional momentum. 

How Scam Detector can help 

Tools like McAfee’s Scam Detector can act as a second set of eyes when messages or links are designed to rush you.  

Scam detection can help flag suspicious language patterns, risky links, and social engineering tactics before money leaves your account. 

The post Buying Harry Styles Tickets? Avoid These Common Ticket Scams appeared first on McAfee Blog.

You block a caller, feel a moment of relief, and then the phone rings again. If you’re wondering why you still get spam calls even after blocking numbers, you’re not alone.  

Spammers evolve quickly. They rotate phone numbers, spoof caller IDs, and use automated dialers to bypass basic defences, which is why many people see blocked calls still coming through and ask, can blocked numbers call you?

In this guide, we’ll explain what’s happening behind the scenes, share proven steps for how to stop getting spam calls, and help you protect your privacy and finances with confidence. 

What Counts as a Spam Call? 

Spam calls are unsolicited calls that aim to sell, deceive, or defraud. They include aggressive sales pitches, fake giveaways, tech support scams, and impersonations of banks or government agencies. Some are placed by people, while many are robocalls that play prerecorded messages at scale. Legality often hinges on consent and compliance with regulations, but harmful calls tend to ignore the rules. 

The typical scam call red flags: 1) Urgent or threatening language. 2) Pressure to pay right now. 3) Requests for sensitive details like Social Security numbers, bank information, or one-time passcodes.

Robocalls drive much of the volume today. They’re inexpensive, fast, and highly automated. While appointment reminders or pharmacy updates can be helpful and legitimate, scam robocalls promote fake debt collection, prize schemes, or malicious tech support. Their scale is precisely why blocked calls still coming through remains a persistent frustration. 

Inbox of spam calls feel familiar?

Why Blocking Numbers Doesn’t Stop Spam 

Blocking prevents repeat calls from the same caller ID. Spammers know this and adapt. They rotate through vast pools of numbers, so each attempt looks new. You block one, and the next call arrives from a different number. It’s a cat-and-mouse game that leads many to ask, can blocked numbers call you or why is a blocked number still calling? 

Caller ID spoofing amplifies the problem. Spoofing lets scammers display any number they want, including matching your area code or appearing as a trusted organisation. This undermines caller ID and weakens number-based blocking. Some spoofed calls even show familiar names, increasing the chance you’ll answer. 

Behind the scenes, spam operations acquire and discard numbers rapidly through VoIP services and disposable lines. Large campaigns can cycle through thousands of numbers daily, which makes manual blocking a limited defense. That’s why you still get spam calls even after blocking numbers and why many people wonder how to stop getting spam calls for good. 

Layered Measures to Reduce Spam Calls 

A stronger strategy combines smarter tools with practical policies that work together. Here’s how we approach it: 

Use call-protection apps: Choose reputable apps that leverage threat intelligence, crowdsourced reports, and machine learning. These tools detect patterns, silence high-risk calls, and warn you before you answer. Many provide enhanced caller ID and category-based filtering to cut down the noise. 

Register with the National Do Not Call Registry: Add your number at donotcall.gov to reduce lawful telemarketing. It won’t stop illegal spam calls, but it trims legitimate sales outreach and supports enforcement when violators call. 

Use your mobile carrier’s protections: Most phone carriers offer built-in features that help identify and block spam calls, often at no extra cost. When these tools are turned on, your phone may label suspicious calls as “Scam Likely,” warn you before you answer, or automatically block known spam numbers. Some carriers can also verify when a call is coming from a real business, which makes it harder for scammers to fake caller IDs and pretend to be someone they’re not. 

Used together, these layers reduce the chance that a blocked number still calling will get through and provide practical answers for how to stop getting spam calls without missing important calls. 

Best Practices for Handling Incoming Calls 

Build habits that make suspicious calls easier to spot and manage: 

Spot potential spam: Be cautious with unknown numbers, urgent demands, and offers that sound too good to be true. Don’t share personal information, one-time passcodes, or payment details. If someone claims to be from your bank, healthcare provider, or a government agency, hang up and call back using a verified number from their official website. 

Report spam quickly: File complaints with the Federal Trade Commission (FTC) at reportfraud.ftc.gov and the Federal Communications Commission (FCC) at consumercomplaints.fcc.gov. Include caller ID, time, message content, and any request for data or payment. Many call-protection apps and carriers support in-app reporting, which improves filters for everyone. 

Use call screening: Turn on features like Silence Unknown Callers on iOS or Filter Spam Calls on Android. Enable voicemail transcription and consider Do Not Disturb with exceptions for contacts and verified callers. Use screening assistants where available to prompt unknown callers to state their purpose. This reduces interruptions and blocks automated spam. 

Stay Safe from Social Engineering 

Phone scams often rely on social engineering. Recognising common tactics helps you pause and protect yourself. 

Spot voice phishing: Be wary of claims that your account is locked, a payment is overdue, or an immediate verification code is needed. Legitimate organisations do not ask for full Social Security numbers, passwords, or 2FA codes over the phone. If you’re concerned, contact the company through a trusted channel. 

Protect personal information: Keep sensitive data private. Don’t share account numbers, PINs, passwords, or security codes in response to an incoming call. Use strong, unique passwords and enable multi-factor authentication. If you receive a verification code you didn’t request, secure your account right away. 

If you responded to a spam call: If you disclosed financial details or made a payment, contact your bank or card issuer immediately. Change passwords, enable account alerts, and review recent activity. Report the incident to the FTC and local law enforcement if needed. Consider a credit freeze with the major credit bureaus. If a device may be compromised, run a trusted security app to scan and remove suspicious software. 

Quick Comparison of Anti-Spam Call Options 

Option	What It Does	Pros	Limitations
Manual Number Blocking	Blocks repeat calls from a specific caller ID	Built into phones; easy to use	Spammers rotate and spoof numbers; limited reach
Call-Protection Apps	Uses threat intelligence, AI, and community reports	Detects patterns; warns before you answer; auto-blocks known spam	May filter legitimate calls; requires setup and permissions
Carrier Protections	Network-level filtering and caller authentication (STIR/SHAKEN)	Flags spoofed calls early; verified caller indicators	Effectiveness varies by carrier and plan
Do Not Call Registry	Limits lawful telemarketing to registered numbers	Reduces legitimate sales calls; supports reporting	Does not stop illegal or scam calls
Built-In Call Screening	Silences unknown callers and transcribes voicemail	Minimises interruptions; helps you review safely	May miss important calls from new contacts

If you’re asking why you still get spam calls even after blocking numbers or seeing a blocked number still calling, this table shows how layered options work together to reduce risks. 

Go Beyond Blocking: Remove Your Number From the Dark Web and Data Broker Lists 

Blocking spam callers treats the symptom, not the source. One reason spam keeps coming is that your phone number may already be circulating in data broker databases or dark web marketplaces after a breach, app signup, or form fill. Once your number is out there, it gets resold, bundled, and targeted repeatedly. 

McAfee Data Cleanup tackles that upstream problem. It helps find where your personal data, including your phone number, appears online and works to remove it from risky sources. Fewer listings mean fewer lists for spammers to buy and fewer campaigns aimed at your number. 

How your number ends up being targeted 

Data brokers: Many sites legally collect and resell contact details. Spammers buy access and blast calls at scale. 

Breaches and leaks: Stolen databases often end up on underground forums, where numbers are traded and reused. 

Public profiles and apps: Old accounts, giveaways, and permissions can expose your number without you realising. 

What Data Cleanup adds to your defense 

Finds exposures: Scans for your number across broker sites and known risk areas. 

Removes listings: Submits opt-out and removal requests on your behalf, reducing where your data lives online. 

Keeps watch: Monitors for reappearance so your number doesn’t quietly get relisted later. 

Think of this as turning down the tap, not just mopping the floor. When fewer databases have your number, spam operations have fewer ways to reach you. 

If you’re serious about how to stop getting spam calls, add data cleanup to your toolkit. Reducing your digital footprint won’t eliminate every bad call overnight, but over time, it lowers exposure, cuts repeat targeting, and helps reclaim your phone from constant interruptions. 

Blocking Isn’t Protection. Layering Is. 

If spam calls feel endless, it’s because blocking numbers was never designed to stop modern scam operations. Today’s callers rotate numbers, spoof trusted IDs, and pull your phone number from massive data ecosystems that don’t disappear when you tap “Block.” 

The real fix is layered protection. Call filtering and carrier tools help stop suspicious calls at the door. Screening features reduce interruptions. And addressing the source, by limiting where your number exists online, cuts down the number of campaigns that ever reach you in the first place. 

No single tool will end spam calls overnight. But when you combine smart call protections, cautious habits, and proactive data cleanup, the volume drops, the risks shrink, and your phone becomes a lot quieter. 

If you’ve been asking why you still get spam calls even after blocking numbers, this is the answer. Blocking is reactive. Protection works best when it’s proactive. 

FAQs 

Q: Why do spam calls look like they’re from my area code?  A: Scammers use caller ID spoofing to display local-looking numbers, increasing the chances you’ll answer. Spoofing can mimic legitimate numbers, so don’t rely on caller ID alone. If you’re seeing a blocked number still calling with a local prefix, turn on carrier protections and call screening.

Q: Do call-blocking apps really help?  A: Yes. Quality apps combine real-time threat intelligence with community reports and machine learning to spot patterns and flag risky calls. While no tool catches everything, they significantly reduce spam calls and help address why you still get spam calls even after blocking numbers.

Q: Will the Do Not Call Registry stop all spam calls?  A: No. It reduces lawful telemarketing but does not stop illegal or scam calls. Registering still helps cut legitimate outreach and supports enforcement against violators, which is an important step in how to stop getting spam calls.

Q: What should I do after receiving a suspicious call?  A: Don’t share information. Hang up, verify the caller using a trusted number, and report the incident to the FTC or FCC. If you clicked a link or provided details, secure your accounts and contact your bank or service provider right away.

Q: Can my mobile carrier block spoofed calls?  A: Carriers support caller authentication through STIR/SHAKEN, which helps identify and flag spoofed calls. Turn on your carrier’s spam protection features and screening options to reduce the chances of blocked calls still coming through.

 

The post Why You Still Get Spam Calls Even After Blocking Numbers appeared first on McAfee Blog.

Scams don’t always arrive with obvious warning signs. 

They show up as QR codes on parking meters. As casual DMs that start with “Hey.” As social messages that feel routine enough to respond to without thinking twice. 

That shift has created a new burden for consumers. According to McAfee’s 2026 State of the Scamiverse report, Americans now spend 114 hours a year trying to figure out what’s real and what’s fake online. That is nearly three full workweeks lost to second-guessing messages, alerts, links, and notifications. 

McAfee’s upgraded Scam Detector is designed to meet people in those exact moments, with enhancements rolling out across core McAfee plans beginning in February. 

The latest improvements add instant QR code scam checks and smarter social messaging protection, making it easier to spot scams before they escalate. 

Figure 1: An example of a suspicious text being flagged by McAfee’s Scam Detector 

What’s new in McAfee’s Scam Detector 

Scams now move quickly across platforms and formats, often escalating in minutes once someone engages. Among people who were harmed by a scam, the typical scam unfolded in about 38 minutes. 

That speed leaves little room for hesitation. Scam protection has to work in real time, not after the damage is done. 

McAfee’s latest Scam Detector upgrades are designed around that reality, adding: 

• Instant QR code safety checks, so users can assess risk before tapping 
• Smarter social messaging protection, with clearer warnings for suspicious texts, emails, and DMs, even when no link is present 

These Scam Detector upgrades will begin rolling out in February across all core McAfee plans, bringing real-time protection to the moments where scams escalate fastest. 

QR codes, quishing, and why instant scans are needed 

QR codes were designed for convenience. That is exactly why scammers use them. 

Cybercriminals increasingly hide malicious links behind QR codes placed on menus, parking meters, packages, posters, and public signage. People scan quickly, often without stopping to evaluate where the code leads. 

McAfee research shows how common this risk has become: 

• 68% of people scanned a QR code in the past three months 
• 18% landed on a suspicious or unsafe page after scanning 
• Among those who did, more than half took risky actions such as entering personal information, installing an app, or connecting a digital wallet 

Figure 2. A still from a demo video, showing a risky QR code being blocked by McAfee’s Scam Detector 

Social media scams and the rise of linkless messages 

Phishing is no longer confined to emails with obvious red flags. 

Scams now arrive through WhatsApp, Instagram, Messenger, Telegram, and other social platforms, often starting as vague or friendly messages designed to lower suspicion rather than trigger alarm. 

McAfee’s research highlights a key shift: more than one in four suspicious social messages contain no link at all, and 44% of Americans say they have replied to a suspicious DM with no link. 

These messages rely on familiarity and momentum. A short greeting. A warning about an account issue. A promise of easy money. By the time a request or link appears, the conversation already feels normal. 

And the economic impact of these scams is significant. According to the FTC, social media scams drove $1.9 billion in reported losses in 2024, making social platforms one of the top channels for fraud and identity theft. 

That’s why McAfee’s Scam Detector includes smarter social messaging protection, delivering clearer warnings for suspicious texts, emails, and DMs, even those without risky links, across popular platforms. The focus is on identifying suspicious patterns and behavior, not just URLs. 

Users can take a quick screenshot of their social media content on social media, and McAfee’s Scam Detector will analyze the message for suspicious activity. 

Get protection that works before scams escalate 

The stakes are high: 

• One in three Americans has lost money to a scam 
• Among those who lost money, the average loss was $1,160 
• 15% of scam victims fall for another scam within a year 

Scams are not just increasing in volume. They are becoming more personal, more believable, and easier to scale using AI. 

McAfee’s upgraded Scam Detector is designed to stay ahead of those shifts, offering real-time guidance when it matters most, whether that’s a suspicious QR code, a vague DM, or a message that feels just normal enough to trust. 

The enhanced Scam Detector, including instant QR code checks and smarter social messaging protection, will begin rolling out in February across all core McAfee plans. 

The post How McAfee’s Scam Detector Checks QR Codes and Social Messages appeared first on McAfee Blog.

Merriam-Webster’s word of 2025 was “slop.” Specifically, AI slop. 

Low-effort, AI-generated content now fills social feeds, inboxes, and message threads. Much of it is harmless. Some of it is entertaining. But its growing presence is changing what people expect to see online.

McAfee’s 2026 State of the Scamiverse report shows that scammers are increasingly using the same AI tools and techniques to make fraud feel familiar and convincing. Phishing sites look more legitimate. Messages sound more natural. Conversations unfold in ways that feel routine instead of suspicious.

According to McAfee’s consumer survey, Americans now spend an average of 114 hours a year trying to determine whether the messages they receive are real or scams. That’s nearly three full workweeks lost not to fraud itself, but to hesitation and doubt.

As AI-generated content becomes more common, the traditional signals people relied on to spot scams, such as strange links and awkward grammar, are fading. That shift does not mean everything online is dangerous. It means it takes more effort to tell what is real from what is malicious.

The result is growing uncertainty. And a rising cost in time, attention, and confidence.

The average American receives 14 scam messages a day 

Scams are no longer occasional interruptions. They are a constant background noise. 

According to the report, Americans receive an average of 14 scam messages per day across text, email, and social media.  

Many of these messages do not look suspicious at first glance. They resemble routine interactions people are conditioned to respond to. 

• Delivery notices 
• Account verification requests 
• Subscription renewals  
• Job outreach 
• Bank alerts 
• Charity appeals 

And with the use of AI tools, scammers are churning out these scam messages and making them look extremely realistic.

That strategy is working. One in three Americans says they feel less confident spotting scams than they did a year ago.  

 

Figure 1. Types of scams reported in our consumer survey. 

Most scams move fast, and many are over in minutes 

The popular image of scams often involves long email threads or elaborate schemes. In reality, many modern scams unfold quickly. 

Among Americans who were harmed by a scam, the typical scam played out in about 38 minutes.  

That speed matters. It leaves little time for reflection, verification, or second opinions. Once a person engages, scammers often escalate immediately. 

Still, some scammers play the long game with realistic romance or friendship scams that turn into crypto pitches or urgent requests for financial support. Often these scams start with no link at all, but just a familiar DM.

In fact, the report found that more than one in four suspicious social messages contain no link at all, removing one of the most familiar warning signs of a scam.  And 44% of people say they have replied to a suspicious direct message without a link.  

The cost is not just money. It is time and attention. 

Financial losses from scams remain significant. One in three Americans report losing money to a scam. Among those who lost money, the average loss was $1,160.  

But the report argues that focusing only on dollar amounts understates the broader impact: scams also cost time, attention, and emotional energy. 

People are forced to second-guess everyday digital interactions. Opening a message. Answering a call. Scanning a QR code. Responding to a notification. That time adds up. 

And who doesn’t know that sinking feeling when you realize a message you opened or a link you clicked wasn’t legitimate?

Figure 3. World Map of Average Scam Losses. 

Why AI slop makes scams harder to spot 

The rise of AI-generated content has changed the baseline of what people expect online. It’s now an everyday part of life.

According to the report, Americans say they see an average of three deepfakes per day.  

Most are not scams. But that familiarity has consequences. 

When AI-generated content becomes normal, it becomes harder to recognize when the same tools are being used maliciously. The report found that more than one in three Americans do not feel confident identifying deepfake scams, and one in ten say they have already experienced a voice-clone scam. Voice clone scams often feature AI deepfake audio of public figures, or even people you know, requesting urgent financial support and compromising information.

These AI-generated scams also come in the form of phony customer support outreach, fake job opportunities and interviews, and illegitimate investment pitches.

Account takeovers are becoming routine 

Scams do not always end with an immediate financial loss. Many are designed to gain long-term access to accounts. 

The report found that 55% of Americans say a social media account was compromised in the past year.  

Once an account is taken over, scammers can impersonate trusted contacts, spread malicious links, or harvest additional personal information. The damage often extends well beyond the original interaction. 

Scams are blending into everyday digital life 

What stands out most in the 2026 report is how thoroughly scams have blended into normal online routines. 

Scammers are embedding fraud into the same systems people rely on to work, communicate, and manage their lives. 

• Cloud storage alerts (such as Google Drive or iCloud notices) warning that storage is full or access will be restricted unless action is taken, pushing users toward fake login pages.
• Shared document notifications that appear to come from coworkers or collaborators, prompting recipients to open files or sign in to view a document that does not exist.
• Payment confirmations that claim a charge has gone through, pressuring people to click or reply quickly to dispute a transaction they do not recognize.
• Verification codes sent unexpectedly, often as part of account takeover attempts designed to trick people into sharing one-time passwords.
• Customer support messages that impersonate trusted brands, offering help with an issue the recipient never reported.

Figure 4: Example of a cloud scam message. 

The Key Takeaway

Not all AI-generated content is a scam. Much of what people encounter online every day is harmless, forgettable, or even entertaining. But the rapid growth of AI slop is creating a different kind of risk.

Learn more and read the full report here.

FAQ: Understanding the AI Slop Era and Modern Scams 

Q: What is AI slop?   A: The term refers to the flood of low-quality, AI-generated content now common online. While much of it is harmless, constant exposure can make it harder to identify when similar technology is used for scams.

Q: How much time do Americans lose to scams?   A: Americans spend 114 hours a year determining whether digital messages and alerts are real or fraudulent. That is nearly three workweeks.

Q: How fast do scams happen today?   A: Among people harmed by scams, the typical scam unfolds in about 38 minutes from first interaction to harm.

Q: How common are deepfake scams?   A: Americans report seeing three deepfakes per day on average, and one in ten say they have experienced a voice-clone scam.

 

The post McAfee Report: In the AI Slop Era, Americans Spend Weeks Each Year Questioning What’s Real appeared first on McAfee Blog.

Deleting vs. Deactivating Instagram: Key Differences

Should You Deactivate or Delete? Factors to Consider

• Mental Health Breaks: If you’re feeling overwhelmed by social media and need a pause for your mental well-being, deactivation is an excellent choice. It allows you to step away without the finality of deletion, and you can return when you feel ready.
• Job Search Privacy: When actively job hunting, you might want to limit what potential employers can see. Temporarily deactivating your account hides your profile. Alternatively, you can make your account private.
• Serious Security Concerns or Harassment: If you’re facing persistent harassment or bullying, or believe your account security has been severely compromised, permanently deleting your Instagram account may be necessary for your safety and peace of mind. In less severe cases, blocking users and reporting content, coupled with deactivation, might suffice.
• Long-Term Digital Footprint Reduction: If your goal is to minimize your online presence and permanently remove your data from Instagram, then opting to delete Instagram account is the appropriate action. This is a long-term decision aimed at reducing your overall digital footprint.
• Quick Self-Assessment Questions:
  • Do you plan to use your current Instagram profile, including its photos and connections, in the future? If yes, consider deactivation.
  • Is your primary concern data privacy, and do you want Meta to remove your information? If yes, and you’re sure you don’t want to return, consider permanent deletion.
  • Are you simply looking for a temporary escape from notifications and social pressures? If yes, deactivation is likely sufficient.
• Recommendation Based on Goals: If you need a temporary pause, want to hide your profile for a while, or think you might return, learning how to deactivate your Instagram account is your best approach. If your objective is to sever ties and permanently remove your data, deleting your Instagram account is the right path.

How to Temporarily Disable Your Instagram Account

1. Via Mobile App (iOS or Android):
   1. Open the Instagram app and navigate to your profile page.
   2. Tap the menu icon (three horizontal lines) located in the top-right corner.
   3. Select Settings and privacy from the menu.
   4. Tap on Accounts Center, which is usually the first option.
   5. Under the “Account settings” section, tap on Personal details.
   6. Choose Account ownership and control.
   7. Tap on Deactivation or deletion.
   8. Select the Instagram account you wish to deactivate if multiple accounts are listed.
   9. Ensure Deactivate account is selected and tap Continue.
   10. You will be prompted to enter your Instagram password for verification. Enter it and tap Continue.
   11. Instagram will ask for a reason for deactivation. Choose one from the list and tap Continue.
   12. Finally, confirm your decision by tapping Deactivate Account.
2. Via Web Browser (Desktop or Mobile):
   1. Navigate to Instagram.com in your preferred web browser and log in to your account.
   2. Click on More (represented by three horizontal lines) in the bottom-left menu.
   3. Select Settings from the menu that appears.
   4. You should be directed to the Accounts Center. If not, click on it.
   5. Under “Account settings,” click Personal details.
   6. Click Account ownership and control.
   7. Choose Deactivation or deletion.
   8. Select your account, ensure Deactivate account is chosen, and click Continue.
   9. Enter your password when prompted and click Continue.
   10. Provide a reason for deactivating and then confirm the deactivation.
3. Time Limits for Reactivation: There is no specific time limit imposed by Instagram for how long an account can remain deactivated. You can reactivate it at any time by logging back into your account with your username and password.
4. Data Visibility During Deactivation: When your Instagram account is deactivated, your profile, photos, videos, Stories, comments, and likes will be hidden from all other users, including your followers. It will essentially appear as though your account does not exist. However, your information is not deleted from Instagram’s servers. Messages you have previously sent to other users may still be visible to them.

Step by Step: Permanently Delete Your Instagram Account

If you’ve decided to permanently delete your Instagram account, follow these steps carefully:

1. Log in via a browser: Log into your Instagram account. Account deletion must be completed through a web browser on your mobile phone or personal computer.
2. Go to Accounts Center: Click your profile picture at the top and navigate to Settings & Privacy > Accounts Center.
3. Inside Accounts Center: Navigate to Personal Details > Account Ownership and Control. Select Deactivation or Deletion.
4. Select the account you want to delete: If you manage multiple accounts, make sure you choose the correct one.
5. Click Delete Account: Select Delete Account, then click Continue.
6. Confirm your decision: Instagram will ask you to select a reason and re-enter your password. Once confirmed, your account will be scheduled for deletion.

Important to Know

• Instagram provides a 30-day grace period. If you log back in during this time, the deletion request is canceled.
• After 30 days, your account and data are permanently removed.
• This process cannot be reversed once the grace period ends, so make sure you’re fully certain before proceeding.
• Consider downloading your data, including photos, videos, messages, before deleting your account.

Back Up Your Instagram Photos and Data Before You Leave

Before you take the irreversible step of deleting your Instagram account, it is highly recommended that you back up your data. This ensures that you retain a copy of your photos, videos, messages, and other information you’ve shared on the platform.

Once an Instagram account is deleted, this data cannot be recovered. Instagram provides a built-in tool, often referred to as Meta’s “Download Your Information” feature, that lets you request a complete copy of your data. This includes content types such as your photos (including feed posts, Stories, and Reels you’ve archived or posted), videos, comments you’ve made, your profile information, and direct messages (DMs).

While some users might have manually saved individual photos or videos to their devices over time, using Instagram’s official download tool is the most comprehensive method to secure a full archive. This is a vital step before you learn how to delete Instagram and commit to removing your presence.

Request and Download a Copy of Your Instagram Data

1. Requesting Your Data (iOS and Android Devices):
   1. Open the Instagram app on your mobile device and navigate to your profile by tapping your profile picture in the bottom-right corner.
   2. Tap the menu icon (three horizontal lines) in the top-right corner of your profile page.
   3. From the menu, select Your activity.
   4. Scroll down to the bottom of the “Your activity” screen and tap on Download your information.
   5. Tap Request a download. If you have multiple accounts linked through Accounts Center, select your Instagram profile.
   6. You’ll have the option to request a Complete copy of your data or to Select types of information if you only need specific data.
   7. Configure your file options: choose a format (HTML is generally easier for viewing, while JSON is better for transferring data to another service), select media quality (e.g., high, medium, low), and specify a date range if you don’t want all your data.
   8. Ensure your email address is correct, as this is where the download link will be sent. Tap Submit request.
2. Requesting Your Data (Desktop/Web Browser):
   1. Open your web browser, go to Instagram.com, and log in to your account.
   2. Click on the More option (represented by three horizontal lines) found in the menu on the bottom-left side of the page.
   3. From the popup menu, select Your activity.
   4. Click on Download your information.
   5. Click the Request a download button. You’ll then follow similar prompts as on the mobile app: select the profile (if applicable), choose between a complete copy or specific types of information, and set your file options (format, media quality, date range). Submit the request.
3. Email Delivery Times, File Formats: Instagram (Meta) states that it may take up to 14 days to collect your information and prepare it for download, though for many users, this process is much faster, often completed within a few hours or even minutes, especially for accounts with less data. You will receive an email at the address associated with your account containing a link to download your data. This link is typically valid for only a few days for security reasons, so download it promptly. The data is usually delivered as a ZIP file. Inside, you’ll find your information organized in folders, typically in HTML (for easy viewing in a browser) or JSON (a structured data format useful for developers or data transfer).
4. How to Interpret the Archive Once Received: After downloading and unzipping the file, if you selected the HTML format, look for an `index.html` file. Opening this file in a web browser provides a navigable interface to view your data, including posts, messages, profile information, and more. Photos and videos will typically be in separate folders, often organized by date, in their original formats (e.g., JPG for photos, MP4 for videos). If you choose JSON, the files will contain raw data that can be parsed programmatically.

Troubleshooting: Why Can’t I Delete My Instagram Account?

• Forgotten Password: To confirm your identity and proceed with account deletion, Instagram requires your current password. If you’ve forgotten it, use the “Forgot password?” option on the login page to reset it before attempting to delete your Instagram account again.
• Two-Factor Authentication (2FA) Loops: If you have 2FA enabled but are unable to receive security codes, or your backup codes are not working, this can prevent you from completing the deletion process. Try to resolve the 2FA issue first, which might involve checking your SMS, authentication app, or using recovery codes. Refer to Instagram’s Help Center for 2FA troubleshooting.
• Active Advertisements or Boosted Posts: If your Instagram account is running active ad campaigns or has recently boosted posts, you may need to pause these activities or wait for them to complete before the system allows deletion. Check your settings in Meta Ads Manager.
• Linked Business Pages or Third-Party Applications: Connections to Facebook Business Pages, or certain third-party app integrations, might sometimes interfere with the Instagram delete account process. Review your linked accounts and app permissions, and consider unlinking them if necessary. Ensure your Instagram account isn’t the sole admin for a critical business asset.
• Using an Incorrect Deletion Path: Ensure you are navigating through the correct menu options, typically via Accounts Center > Personal Details > Account Ownership and Control > Deactivation or Deletion, and specifically selecting “Delete account” rather than “Deactivate account.” The steps for how to delete instagram can sometimes change slightly with app updates.
• Temporary System Glitches: Occasionally, the inability to delete might be due to temporary glitches or server-side issues on Instagram’s end. In such cases, waiting a few hours and trying again, or using a different device or web browser, can resolve the issue.
• If you’ve tried these steps and still can’t delete your account, the most reliable source for assistance is Meta’s Instagram Help Center, which provides detailed guidance and solutions for common account issues.

How Long Does the Deletion Process Take?

When you submit a request to delete an Instagram account permanently, the removal isn’t immediate. Instagram implements a 30-day grace period starting from the moment you confirm your deletion request. During this 30-day window, your account, along with all your information like photos, videos, and profile details, becomes invisible to other users on the platform.

However, it’s not yet entirely deleted. If you change your mind and log back into your account at any time within these 30 days, the deletion request will be automatically cancelled, and your account will be reinstated. If you do not log in during this period, your account will be permanently deleted after the 30 days conclude.

Following this, Instagram states that the complete deletion of your data from their backend systems and servers can take up to an additional 90 days. Therefore, the entire process from request to potential full backend deletion can span up to 120 days.

It’s also important to note that even after the 90-day backend deletion window, copies of some of your content may remain in backup storage that Instagram uses for disaster recovery, software errors, or other data loss events, though this data is generally not accessible. Cached copies of your profile might also briefly appear in search engine results until their indexes are updated.

What Happens After You Delete Your Account?

After you successfully delete your Instagram account and the 30-day grace period has passed, your account is permanently removed from the platform. This means your profile, including all photos, videos, comments, likes, and followers, will be permanently removed.

You will no longer be able to log in or reactivate that specific account. Your username might become available for others to use in the future, although Instagram may have policies that prevent immediate reuse. Any Direct Messages (DMs) you sent will typically remain visible to the recipients; however, they will usually be attributed to a generic “Instagram User” or a similar placeholder, without any link back to your deleted profile or your profile picture.

Tags of your former account on other users’ photos will persist, but they will become inactive text rather than a clickable link to a profile. If you had embedded Instagram posts on external websites or blogs, these embeds will likely stop displaying your content or show an error message.

Any third-party applications or services that were connected to your Instagram account will lose their access and will no longer function with that account. While Instagram aims to delete your data, its policy notes that copies of some information (such as log records) may remain in its database but are disassociated from personal identifiers.

Furthermore, advertisers and Meta may retain aggregated, anonymized engagement metrics (e.g., if you clicked on an ad), but this data would not be linked to your specific, now-deleted, account.

Can You Recover or Reactivate a Deleted or Disabled Account?

Whether you can recover an Instagram account depends on whether it was disabled (deactivated) or permanently deleted. If you chose to deactivate your Instagram account, this is a temporary measure. You can reactivate a disabled account at any time simply by logging back in with your username and password. Upon reactivation, your profile, photos, comments, and likes will be restored to their previous state.

However, if you followed the steps to permanently delete an Instagram account, the situation is different. After you request deletion, Meta provides a 30-day window during which your account is hidden but not yet permanently erased. If you log back into your account within 30 days, the deletion request is cancelled, and your account is restored. If these 30 days lapse without your logging in, your account and all associated data will be permanently deleted and cannot be recovered by you or Instagram support. There is no way to get it back once this point is reached.

While you might be able to create a new account, you generally cannot reuse the same username immediately, as Instagram may hold it for a period, or it could be claimed by someone else. If you attempt recovery after the 30-day window for a permanently deleted account, it will fail.

Will Your Followers Know If You Leave Instagram?

Instagram does not send out a direct notification to your followers informing them that you have decided to delete your Instagram account or even if you’ve chosen to deactivate your Instagram account. However, your followers will notice your absence in different ways depending on your action. If you deactivate your account, your profile, along with all your posts, comments, and likes, becomes completely invisible on the platform.

If a follower searches for your username, they won’t find your account. It will appear as if you’ve vanished or your account never existed, until you decide to reactivate it by logging back in. If you proceed to delete your Instagram account permanently, after the 30-day grace period, your profile and all its content are permanently removed.

For your followers, this means they will no longer see your account in their follower lists or following lists. Any past comments or likes you made on their posts might disappear or become attributed to a generic “Instagram User.”

Essentially, your digital presence on Instagram ceases to exist. If you wish to leave quietly without drawing attention, both deactivation and deletion provide formal notification.

However, a sudden disappearance will likely be noticed by those who regularly interact with you or check your profile. You may choose to inform close friends or followers directly before deleting your Instagram account to manage their expectations.

Alternative to Deleting: Make Your Account Private and Protect Your Data

1. Switching to a Private Profile on Mobile (iOS & Android):
   1. Open the Instagram app and go to your profile by tapping your profile picture.
   2. Tap the menu icon (three horizontal lines) in the top-right corner.
   3. Select Settings and privacy from the menu.
   4. Scroll down to the “Who can see your content” section and tap on Account privacy.
   5. Toggle the Private account switch to the on position. You may need to confirm your choice.
2. Switching to a Private Profile on Web Browser:
   1. Go to Instagram.com and log in to your account.
   2. Click on More (three horizontal lines) in the menu on the bottom-left side of the screen.
   3. Select Settings from the pop-up menu.
   4. In the left navigation bar, click on Settings and privacy (or it may directly show “Account privacy” options).
   5. Under “Who can see your content,” find the Account privacy section and check the box next to Private Account.
3. Privacy Trade-offs and Benefits: Making your account private means only your approved followers can see your posts, Stories, Reels, and list of followers/following. People who want to follow you must send a request, which you can approve or deny. This significantly increases your control over who views your content. Your bio and profile picture remain public. This doesn’t remove your data from Instagram’s servers like deletion would, but it limits public access to your shared content.
4. How It Limits Data Sharing: While Instagram still collects your data as per its privacy policy, a private account restricts other users from easily accessing, sharing, or misusing your content. Your posts won’t appear in public hashtag searches or on the Explore page for non-followers.
5. Why It May Be a Middle-Ground Solution: If your primary concern is controlling your audience and enhancing privacy without permanently leaving the platform or losing your content and connections, setting your account to private is an excellent alternative to deactivation or deletion. It offers a significant degree of control over your content’s visibility, making it a good middle-ground solution if you’re not ready to fully delete your Instagram account.

The post How to Delete or Deactivate Your Instagram Account appeared first on McAfee Blog.

Imagine someone putting your personal information out online for thousands of strangers to see—your home address, phone number, even details about your family members or workplace. This invasive practice, known as doxing, has become a significant concern in the digital age. It’s not just about privacy anymore; it’s about the potential for real-world harm. This article explains what doxing is and how to prevent it from happening to you.

Key Takeaways

• Doxxing is the act of publicly exposing someone’s personal information online without their consent.
• Doxxing is often intended to harass or intimidate victims online and in real life and can result in serious personal, professional, and safety-related harm.
• Doxxing is not always illegal, sharing publicly available information is generally permissible, but hacking or sharing stolen, confidential data is illegal.
• Protect yourself from doxxing by reducing your online personal information and using strong passwords, a VPN, and antivirus protection.
• Use preventive habits to safeguard your privacy.

What is doxing?

Doxing (or “doxxing”) is the practice of revealing another individual’s personal information (home address, full name, phone number, place of work, and more) in an online public space without the person’s consent.

The term “doxing” comes from the hacker world and references the act of “dropping dox” (as in “docs”) with malicious intent to the victim. The severity of the personal data leak may also go beyond phone numbers and addresses to include releasing private photos, Social Security numbers (SSNs), financial details, personal texts, and other more invasive attacks.

What’s an example of doxing?

One of the first incidents of doxing took place back in the late 1990s when users of the online forum Usenet circulated a list of suspected neo-Nazis. The list included the suspected individuals’ email accounts, phone numbers, and addresses.

One of the most infamous examples of doxing was during 2014’s Gamergate controversy, involving issues of sexism and misogyny in the video game industry. Female video game developers and journalists were subjected to relentless harassment and doxing, placing their personal safety in jeopardy.

Several high-profile cases of celebrity doxing have made headlines over the years, serving as stark reminders of the dangers of online harassment and privacy invasion. In 2017, a woman hacked Selena Gomez’s email and leaked her Los Angeles-area home address online. In 2021, rapper Kanye West famously doxed Drake when he tweeted the star’s home address.

Is doxing illegal?

While doxing can hurt people, it’s not necessarily a crime. In some cases, a doxer finds publicly available information and shares it broadly. Since the data is public record, it’s not illegal to share it. A doxer might invite others to visit the home or workplace of their target rather than taking a specific action.

That said, it is illegal to hack a device or computer without permission from the owner — even if the information collected is never used. The legality of doxing must be taken on a case-by-case basis, and law enforcement must build its case based on existing applicable laws. For example, if the doxer attempted to apply for a credit card using your private data, they could be prosecuted for fraud or identity theft.

How to protect yourself from doxing

You can follow a few critical practices to help protect yourself from doxing. Start by limiting what you share online, using strong passwords, and taking advantage of secure technologies like virtual private networks (VPNs).

Limit the personal information you share online

Limiting the amount of personal information you share online is one of the best ways to protect yourself from doxing. Avoid oversharing personal details of your life (like your child’s name, pet’s name, or place of work), and maintain the highest possible privacy settings for any social media app or website.

You should also take caution when tagging friends, locations, and photos, as this may give doxers more access to your data. Check out our Ultimate Guide to Safely Sharing Online to learn more.

Check data broker websites for your information

Data brokers are companies that mine the internet and public records for financial and credit reports, social media accounts, and more. They then sell that data to advertisers, companies, or even individuals who may use it to dox somebody.

You might be surprised to see the amount of sensitive information available to anyone who wants it with an online search. Data brokers often have contact information, including real names, current and former addresses, birth dates, phone numbers, social media profiles, political affiliations, and other information that most consider private.

While you can remove your private information from many data broker sites, they tend to make the process tedious and frustrating. McAfee Personal Data Cleanup makes the process much easier. All you have to do is enter your name, date of birth, and home address, and we’ll scan it across high-risk data broker sites. We’ll then help you remove it.

Use strong passwords and keep them secure

Having strong passwords can make you less vulnerable to hackers and doxers. Keep yourself more secure by following a few simple rules.

• Have long and strong passwords (at least eight to 10 characters).
• Don’t create passwords that include any words from your social media sites (like pet or child names).
• Change your passwords frequently — at least every three months.
• Don’t use the same password for multiple online accounts — unique passwords only.
• Use random sequences of letters and numbers without identifiable words.
• Turn on two-factor or multi-factor authentication (MFA) for critical accounts (Gmail, LinkedIn, Facebook, online banking).
• Don’t write down passwords (or keep them in a secure location if you must).

Make password management much easier by using a password manager and generator tool. True Key uses the strongest encryption available to decrypt your existing passwords and can help generate new strong passwords.

Use a virtual private network

When browsing on public Wi-Fi networks like those at airports and coffee shops, your data is at greater risk of being compromised by cybercriminals who may lift sensitive information for personal gain.

A virtual private network (VPN) service (like the one found in McAfee+) gives you an additional layer of protection by hiding your IP address and browsing activities when you’re on an unsecured network.

Protect your device with antivirus protection

Scammers, doxers, and hackers work hard to get personal information every day. With McAfee+, you can use the internet with confidence knowing you have the support of award-winning antivirus software to keep you and your family members safe online.

Get real-time threat protection through malware detection, quarantine, and removal, and schedule real-time or on-demand file and application scanning. You’ll also benefit from an advanced firewall for home network security.

Keep your online information secure with McAfee

We all increasingly rely on the internet to manage our lives. As a result, it’s important to address the risks that come with the rewards.

Comprehensive cybersecurity tools like those that come with McAfee+ can help you avoid scams, doxing attacks, identity theft, phishing, and malware. We can also help keep your sensitive information off the dark web with our Personal Data Cleanup.

With McAfee’s experts on your side, you can enjoy everything the web offers with the confidence of total protection.

The post What is Doxing? appeared first on McAfee Blog.

This week in scams, attackers are leaning hard on familiar brands, everyday tools, and routine behavior to trigger fast, unthinking reactions. From fake Netflix billing alerts to malicious browser extensions and QR code phishing tied to foreign espionage, the common thread is trust being weaponized at exactly the right moment. 

Every week, this roundup breaks down the scam and cybersecurity stories making news and explains how they actually work, so readers can better recognize risk and avoid being manipulated. 

Let’s get into it. 

Netflix Billing Emails Are Back… And Still Catching People Off Guard 

The big picture: Subscription phishing is resurging, with scammers impersonating Netflix and using fake billing failures to push victims into handing over payment details. 

What happened: Multiple Netflix impersonation emails circulated again this month, warning recipients that a payment failed and urging them to “update payment” to avoid service interruption. The messages closely mirror Netflix’s real branding and include polished formatting, official-looking language, and even PDF attachments designed to feel like legitimate billing notices. 

What makes these scams effective is timing. Victims often receive them while actively reviewing subscriptions, updating payment methods, or considering canceling services. That context lowers skepticism just enough for a quick click before slowing down to verify. 

McAfee’s Scam Detector flagged the messages (which one of our own employees received this week) as phishing, confirming they were designed to steal payment information rather than resolve a real billing issue. 

Red flags to watch for: 

• Unexpected billing problems paired with urgent calls to act 
• Payment requests delivered by email instead of inside the app 
• Attachments or buttons asking you to “fix” account issues 
• Sender addresses that don’t match official Netflix domains 

How this scam works: This is classic brand impersonation phishing. Scammers don’t need to hack Netflix itself. They rely on people recognizing the logo, trusting the message, and reacting emotionally to the idea of losing access. The attachment and clean design help bypass instinctive spam filters in the brain, even when technical filters catch it later. 

Netflix has warned customers about these scams and offers advice on its site if you encounter one.

What to do instead: If you get a billing alert, don’t click. Open the Netflix app or manually type the site address to check your account. If there’s no issue there, the email wasn’t real. 

Fake Ad Blocker Crashes Browsers to Push “Fix It” Malware 

The big picture: Attackers are exploiting browser crashes themselves as a social engineering tool, turning technical disruption into a pathway for malware installation. 

What happened: Researchers reported a malvertising campaign promoting a fake ad-blocking browser extension called “NexShield,” which falsely claimed to be created by the developer of a well-known, legitimate ad blocker. Once installed, the extension intentionally overwhelmed the browser, causing freezes, crashes, and system instability. 

After restart, victims were shown fake security warnings instructing them to “fix” the problem by running commands on their own computer. Following those instructions triggered the download of a remote access tool capable of spying, executing commands, and installing additional malware. The reporting was first detailed by Bleeping Computer, with technical analysis from security researchers. 

Red flags to watch for: 

• Browser extensions promising performance boosts or “ultimate” protection 
• Crashes immediately after installing a new extension 
• Pop-ups instructing you to run commands manually 
• “Security fixes” that require copying and pasting code 

How this scam works: This is a variant of ClickFix attacks. Instead of faking a problem, attackers cause a real one, then position themselves as the solution. The crash creates urgency and confusion, making people more likely to follow instructions they’d normally question. It turns frustration into compliance. 

FBI Warns QR Code Phishing Is Being Used for Cyber Espionage 

The big picture: QR codes are being used as stealth phishing tools, with highly targeted attacks tied to foreign intelligence operations. 

What happened: The Federal Bureau of Investigation issued a warning about QR code phishing, or “quishing,” campaigns linked to a North Korean government-backed hacking group. According to reporting by Fox News, attackers sent emails containing QR codes that redirected victims to fake login pages or malware-hosting sites. 

In some cases, simply visiting the site allowed attackers to collect device data, location details, and system information, even if no credentials were entered. These campaigns are highly targeted, often aimed at professionals in policy, research, and technology sectors. 

Red flags to watch for: 

• QR codes sent by email or messaging apps 
• QR codes leading to login pages for work tools or cloud services 
• Messages that feel personalized but unexpected 
• Requests to scan instead of click 

How this scam works: QR codes hide the destination URL, removing the visual cues people rely on to judge safety. Because scanning feels faster and more “passive” than clicking a link, people often skip verification entirely. That moment of trust is what attackers exploit. 

Read our ultimate guide to “quishing” and how to spot and avoid QR code scams here. 

McAfee’s Safety Tips for This Week 

• Verify inside official apps. Billing or security issues should be confirmed directly in the app or website you normally use, not through email links or QR codes. 
• Treat extensions like software installs. Only install browser extensions from trusted publishers you already know, and remove anything that causes instability. 
• Slow down with QR codes. If a QR code leads to a login page or download, close it and navigate manually instead. 
• Watch for urgency + familiarity. Scammers increasingly rely on brands, tools, and behaviors you already trust to short-circuit caution. 

McAfee will be back next week with another roundup of the scams making headlines and the practical steps you can take to stay safer online. 

The post This Week in Scams: Netflix Phishing and QR Code Espionage appeared first on McAfee Blog.