Memorial Day weekend officially kicks off summer, and for millions of Americans, that means road trips, flights, cookouts, and a little online shopping for the deals. 

Unfortunately, scammers know this. They count on the fact that you’re distracted, you’re moving fast, and you’re probably connected to a network you don’t own. 

Here are five scams surging this holiday weekend, what they look like, and how to stay ahead of them.

1. Fake Travel Alerts from “Your Bank” or Hotel

You’re packing your bag when a text arrives: “Unusual activity detected on your account. Verify now to avoid suspension.”  

It looks like it’s from your bank, or maybe your hotel loyalty program. There’s a link. There’s urgency. And that’s exactly the point. 

These are brand impersonation scams, and they’re a dominant tactic year-round, but they spike around travel holidays when people are actively monitoring reservations and accounts.  

According to McAfee research, trusted brands like banks, airlines, and hotels are among the most commonly impersonated, and email scams impersonating retail and financial brands have surged up to 85% as major holidays approach. 

The message will typically ask you to click a link and “confirm your details” to secure your account or honor a reservation. That link leads to a convincing-looking fake site designed to capture your login credentials, payment info, or both. 

How to Avoid Travel Alert Scams:  

• Don’t click links in unsolicited texts or emails.  
• Go directly to the company’s app or website by typing the URL yourself.  
• Remember: pressure is a tactic, not customer service.  

McAfee’s Scam Detector can flag suspicious messages before you interact with them, whether they come via text, email, or social media. 

2. Fake Memorial Day Weekend “Deals”

Memorial Day is one of the biggest shopping weekends of the year. Scammers treat it like an open invitation. 

Fraudulent retailers flood social feeds with too-good-to-be-true deals on everything from patio furniture to electronics, often impersonating legitimate brands with copycat websites and paid ads. 

According to McAfee’s holiday shopping research, 91% of shoppers see ads from unfamiliar retailers, 37% say they might buy from a brand they don’t recognize, and a full 40% of consumers have abandoned a purchase out of fear that the deal wasn’t real. 

The most impersonated brands in McAfee’s research span luxury labels (Coach, Dior, Gucci) to mainstream favorites (Apple, Samsung, Nintendo, Disney), exactly the kind of items that show up in “blowout sale” ads. Fake storefronts have grown significantly, with technology URL scams rising nearly 50%. 

Once shoppers enter their payment details on a fraudulent site, that information goes directly to criminals. The average scam loss during the holiday shopping period runs around $840 per victim. 

How to Avoid Shopping Scams:  

• Type retailer URLs directly into your browser instead of clicking through ads or social posts.  
• Look for HTTPS and double-check the domain carefully before entering any payment info.  
• If a deal looks unbelievably good, verify it on the retailer’s official app before buying.  

McAfee’s Web Protection blocks malicious and suspicious sites before they load, including fake checkout pages. 

3. QR Code Scams at Gas Stations and Travel Stops

If you’re road-tripping this weekend, you may scan a QR code somewhere. It could be at the gas pump, a rest stop, a parking meter, or a roadside attraction. Scammers know this too. 

Criminals increasingly place fake QR codes over legitimate ones on gas station pumps, parking kiosks, and public signs. When you scan, you’re redirected to a convincing-looking payment or login page that captures your financial information. This is known as “quishing” or phishing via QR code. 

McAfee research shows just how widespread this risk has become: 68% of people scanned a QR code in the past three months, and 18% ended up on a suspicious or unsafe page after scanning. Among those who did, more than half took a risky action like entering personal information, installing an app, or connecting a digital wallet. 

How to Avoid Sketchy QR Codes:   

• Before scanning any QR code in public, look closely at the sticker or sign.  

• If it looks like it’s been placed over something else, skip it.  

• If you do scan, check the URL before proceeding.  

McAfee’s Scam Detector now includes instant QR code safety checks that assess risk before you tap, so you’re not flying blind at the gas pump. 

4. Public Wi-Fi Traps at Airports, Hotels, and Coffee Shops

Whether you’re waiting at the airport or grabbing coffee before hitting the highway, free Wi-Fi can feel like a gift. But not every “free Wi-Fi” network is what it appears to be. 

Hackers set up what are called “evil twin” networks, hotspots with names designed to look exactly like the legitimate network at the airport, hotel, or café you’re in.  

The moment you connect, they can use tools called packet sniffers to capture the data you send and receive: passwords, banking credentials, credit card numbers, email logins.  

According to McAfee’s travel research, 63% of travelers connect to public Wi-Fi, and 49% use airport Wi-Fi, making these among the riskiest behaviors travelers engage in without realizing it. 

Some of these fake networks go further, presenting a phony login screen that captures your username and password for popular services like Google or Apple before you even realize you’ve been compromised. 

How to Avoid Malicious Wi-Fi : 

• Always confirm the exact Wi-Fi network name with staff before connecting.  
• Turn off auto-join for Wi-Fi on your devices.  
• And most importantly: use a VPN.  

A VPN creates an encrypted tunnel for your internet traffic, so even if a hacker intercepts it, they’ll only see scrambled data. McAfee’s VPN is included in McAfee+ plans and automatically connects when you join public Wi-Fi, exactly the protection you want when you’re traveling and connecting everywhere.

5. Toll Road and Parking Text Scams (Expect a Surge After the Weekend)

You may have seen these already: a text that says you owe an unpaid toll or parking fee, with a link to pay before penalties kick in. These scams have been circulating for a while, and there’s a good chance Memorial Day weekend is about to make them worse. 

Scammers track news cycles and know that millions of Americans will be driving this weekend, many of them through toll roads and unfamiliar areas.  

That means they can blast out fake “unpaid toll” texts after the holiday and a significant percentage of recipients will think: “Actually, I did drive somewhere new this weekend.” That uncertainty is exactly what they’re counting on. 

These texts typically impersonate EZPass, SunPass, or state transportation departments and create urgency around a small fee to avoid larger fines. The link leads to a fake payment page designed to steal your credit card details. 

How to Avoid Toll Scams:   

• Don’t click links in unsolicited toll or parking texts.  
• If you think the charge might be legitimate, go directly to your state’s official toll authority website and look up your account there.  
• Real toll agencies will not threaten immediate penalties over text with a payment link.  
• If you receive one of these texts after this weekend, treat it as suspicious by default. 

Have a Safe Memorial Day Weekend 

Scammers don’t take holidays. If anything, long weekends are peak season. The good news: a little awareness goes a long way. Slow down before you click, verify before you scan, and protect your connection before you log on. 

McAfee+ Advanced comes with layered protection across all the moments where scams are most likely to strike, from the gas station to the hotel lobby to your inbox.  

Stay safe out there. 

The post 5 Scams to Watch for This Memorial Day Weekend appeared first on McAfee Blog.

You’re comparing airfare on your phone, watching prices climb by the hour, when a deal pops up that feels just good enough to grab. The timer’s ticking. The price looks right. You don’t want to miss it. 

You’re comparing airfare on your phone, watching prices climb by the hour, when a deal pops up that feels just good enough to grab. The timer’s ticking. The price looks right. You don’t want to miss it. 

That moment, when you’re rushing to lock something in, is exactly where scams thrive. 

New McAfee research shows that more than 1 in 3 Americans have encountered a travel-related cyberthreat, and 41% of those impacted lost money, often exceeding $500. 

At the same time, rising travel costs and time pressure are pushing people to make faster, riskier decisions. Those are the exact conditions scammers rely on. 

That’s where protection has to show up earlier. 

McAfee’s Scam Detector lets you check suspicious links, messages, and booking sites before you click, so you can pause and verify instead of giving scammers the edge. 

Travel Scams, Red Flags, and How McAfee Protects You 

Travel Scam Type	Key Red Flags	How McAfee Helps
Fake travel deals	Prices far below market, pressure to “book now,” sites you’ve never heard of	Scam Detector flags suspicious links and explains why they’re risky, so you can avoid fake deals before you book
Fake booking confirmations	Unexpected messages about bookings you didn’t make, mismatched sender details	Scam Detector analyzes messages before you engage, helping you avoid fake confirmations
Fake airline/hotel websites	Slight URL changes, poor design, being pushed to pay immediately or off-platform	Safe Browsing helps block risky sites before you enter payment details, reducing the chance of fraud
Payment requests outside platforms	Asked to pay via wire transfer, crypto, or direct payment instead of official platforms	Scam Detector flags suspicious payment requests, helping you avoid sending money to scammers
QR code scams	QR codes posted in public with no clear source or context	Scam Detector checks QR links before they open, so you don’t land on malicious sites
Customer service impersonation	Calls or messages asking for login credentials or payment info	Scam Detector detects deepfake AI audio impersonation attempts, helping you avoid sharing sensitive information
AI-generated listings	Photos that look overly polished, details that don’t quite match up	Scam Detector identifies suspicious content patterns, helping you spot listings that aren’t real
Public Wi-Fi attacks	Open networks with no password or security prompts	VPN helps protect your data on public networks, keeping your personal information private

The Findings From Our 2026 Travel Research 

McAfee Labs found that many travel scams work because they look familiar and spread fast.  

TripAdvisor was the most commonly impersonated travel app, cloned at roughly three times the rate of other major platforms like Kayak, Expedia, and Booking.com.  

In some cases, thousands of scam detections traced back to just a handful of fake apps, showing how quickly a convincing scam can take off when travelers are racing to book. 

Top 5 Ways Rising Travel Costs Are Driving Risky Decisions 

Our 2026 travel survey shows how rising prices and last‑minute pressure are changing traveler behavior, often in ways scammers exploit. 

1. Booking faster than usual
90% feel pressure to act quickly  

2. Choosing cheaper deals without verifying
32% would book before confirming legitimacy  

3. Ignoring red flags
33% admit they’ve done it  

4. Trusting messages that look legitimate
41% trust airline/hotel messages without verifying  

5. Clicking links without checking the source
20% click first, verify later (or not at all)  

The post 1 in 3 Targeted by Travel Scams and Rising Costs are Making it Worse appeared first on McAfee Blog.

McAfee Total Protection just took first place in the latest AV-Comparatives PC Performance Test, the gold standard for measuring how much (or how little) security software slows down your computer.  

With an overall impact score of 3.3 out of a possible 100, McAfee outperformed all 19 other security products tested and earned the highest possible rating: 3 Stars ADVANCED+. 

The industry average? 12.8. McAfee came in nearly 4x lower than that. The lower the impact score, the less the software gets in your way 

What Is the AV-Comparatives PC Performance Test? 

AV-Comparatives is an independent cybersecurity testing lab that has been rigorously evaluating security software since 1999. Unlike a review written by a single journalist or a score based on a company’s own claims, AV-Comparatives tests are: 

• Independent: delivers unbiased, data‑driven evaluations of security products  
• Standardized: every product is tested under the same conditions 
• Widely trusted: regularly cited in product roundups, expert reviews, and buying guides that shape how consumers choose security software 

The PC Performance Test specifically measures how much a security product impacts your computer’s everyday speed. Testing is conducted on a real Windows 11 machine (Intel Core i3, 8GB RAM, SSD) with all default settings enabled and an active internet connection. That’s the same setup millions of everyday users have at home. 

AV-Comparatives evaluates real-world tasks including: 

• Copying and moving files 
• Installing and launching apps 
• Downloading files from the web 
• Browsing websites 

The lower the impact score, the less the software gets in your way.

What McAfee’s Score Actually Means 

McAfee Total Protection scored 3.3, the lowest impact score of all 20 products tested, and well below the industry average of 12.8. 

Here’s a simple way to think about it: if the average security product takes a measurable toll on your machine while it works in the background, McAfee barely registers. You get full, always-on protection without the sluggishness that frustrates so many users. 

This result earned McAfee the ADVANCED+ rating, the highest tier AV-Comparatives awards, reserved for products that deliver top-tier performance with minimal system impact. 

Why “Lightweight” Protection Matters More Than You Think 

There’s a common misconception that stronger protection means a heavier, slower product. McAfee’s results prove otherwise. 

When your security software is slow, you notice it: 

• Apps take longer to open 
• Downloads feel sluggish 
• Your machine lags during everyday tasks 
• You’re tempted to disable protection to get your speed back, leaving yourself exposed 

A lightweight product means protection that works quietly in the background, without making you choose between safety and performance. That’s the promise behind McAfee’s result, and it’s now independently verified. 

 

First Place, But Not for the First Time 

This isn’t a one-off result. McAfee has earned the ADVANCED+ rating consistently across multiple rounds of AV-Comparatives testing, demonstrating that this level of performance isn’t luck. It’s the result of deliberate, sustained engineering. 

Independent, repeatable results like these are what separate marketing claims from proven performance. 

With McAfee, you get award-winning protection and award-winning performance, so your devices stay secure without slowing you down. 

Which McAfee Plans Include This Protection? 

The same AI-powered threat protection validated in this test is built into every major McAfee plan: 

• McAfee+ Premium 
• McAfee+ Advanced 
• McAfee+ Ultimate 
• McAfee Total Protection 
• McAfee LiveSafe 

Whether you’re protecting one device or an entire household, you’re getting the same industry-leading, independently verified performance under the hood. 

Ready to get protection that doesn’t slow you down? Explore McAfee+ Plans → 

The post McAfee Ranks #1 in AV-Comparatives PC Performance Test — Again appeared first on McAfee Blog.

A text that looks like it came straight from a courthouse is making the rounds across the U.S. And yes, I got it too. 

First things first, that’s a scam. And to be clear: DON’T SCAN THAT QR CODE. 

It’s the same playbook as last year’s toll road scams, just dressed up with a little more authority and a lot more pressure. 

Before doing anything, our team ran it through McAfee’s Scam Detector. It immediately flagged the message as suspicious, and that’s exactly the kind of moment this tool is built for. When something feels just real enough to second guess, it gives you a clear signal before you click, scan, or spiral. 

This court notice scam has ramped up and changed shape since we first covered it in March. So let’s get into how it works: 

How the scam works 

The text claims you’ve missed a payment, violated a law, or have some kind of outstanding “case.” It then pushes you to scan a QR code or click a link to resolve it quickly. 

From there, one of two things usually happens: 

1. You’re taken to a fake payment page designed to steal your money, or 
2. You’re prompted to download something that gives scammers access to your device or data  

Either way, the goal is the same: get you to act fast before you have time to question it. 

The red flags in this message 

• Urgent, threatening language about fines, penalties, or legal action  
• Vague accusations with no real details about what you supposedly did  
• Official-looking formatting like case numbers, clerk signatures, and judge names  
• Copy-paste consistency across states: McAfee employees in New York and California received nearly identical messages with the same names  

There are reports of this scam popping up nationwide, but the rule is simple: law enforcement does not text you to demand payment or resolve legal issues. 

What to do if you scanned the QR code 

First, don’t panic. Then: 

• Do not pay anything or enter personal information  
• Do not delete apps you were told to install (this can make it harder to detect what happened)  
• Run a device scan using a trusted security tool like McAfee’s free antivirus  
• Keep an eye on your financial accounts and logins for unusual activity  

And that, my friends, is scam number one in this week’s This Week in Scams (new format, we’re experimenting a little).  

Let’s get into what else is on our radar. 

Deepfake Celebrity Ads Are Targeting Seniors on Social Media. Here’s What a New Study Found.  

If you saw our story last year about Al Roker speaking out after scammers used an AI-generated version of him to promote a fake hypertension cure, or the shocking case of a French woman who lost nearly $900,000 to fraudsters posing as Brad Pitt, you already know just how convincing celebrity deepfake scams have become. 

Now, new reporting suggests these scams are reaching older adults at enormous scale. 

According to a new study from the Center for Countering Digital Hate, just 30 of the most active scam advertisers on Facebook generated an estimated 215 million ad impressions over the past year. Nearly 73% of those impressions were shown to adults over 65. 

The fake ads used AI-generated versions of well-known figures including Donald Trump, Joe Biden, Oprah Winfrey, Steve Harvey, and Brad Pitt to promote fake government benefits, miracle health products, and bogus financial offers. 

What McAfee’s Data Says About Celebrity Deepfake Scams 

This aligns closely with McAfee’s 2025 Most Dangerous Celebrity: Deepfake Deception List. 

Our research found that: 

• 72% of Americans have seen a fake celebrity or influencer endorsement online  
• 39% have clicked on one of these ads or posts  
• 1 in 10 lost money or personal information  
• Average losses reached $525 per victim  

The celebrities most commonly exploited in the U.S. included Taylor Swift, Scarlett Johansson, Jenna Ortega, and Sydney Sweeney, while Brad Pitt also ranked prominently on the global list.  

Why These Scams Work So Well 

Celebrity deepfake scams exploit something simple: trust. 

When a familiar face appears in your social feed, whether it is Al Roker recommending a health product or Brad Pitt asking for help, your guard naturally drops. 

And AI is making these fakes harder to detect. 

McAfee’s 2026 State of the Scamiverse found that Americans now encounter an average of three deepfakes every day, yet more than one in three say they are not confident they can identify one. 

In other words, scammers are weaponizing the faces people know best to make fraud feel familiar. 

How to Spot a Deepfake on Social Media 

Celebrity deepfakes are designed to look convincing, but there are still clues that something is off. If you see a video of Oprah Winfrey, Al Roker, or Brad Pitt promoting a miracle cure, government benefit, or investment opportunity, pause before you click. 

Here are some of the biggest red flags to watch for: 

Red Flag	What to Look For
Too-good-to-be-true offers	The video promises free grocery money, secret Medicare benefits, guaranteed investment returns, or miracle health cures.
Out-of-character endorsements	A celebrity appears to promote a random supplement, financial opportunity, or government program that seems unrelated to their normal work.
Robotic or unnatural voice	The speech sounds overly smooth, lacks natural pauses, or has strange pacing and tone.
Lip-sync issues	The celebrity’s mouth movements do not perfectly match the words being spoken.
Unnatural facial expressions	Blinking, smiling, and head movements appear stiff, overly polished, or slightly off.
Urgent language	The ad pressures you to “Act now,” “Claim your benefits today,” or “Limited spots available.”
Suspicious links	Clicking leads to a website you do not recognize or that does not match the company or organization being referenced.
No confirmation elsewhere	Trusted news outlets and the celebrity’s verified accounts do not mention the same announcement or offer.

When in doubt, go directly to the celebrity’s verified social account or search trusted news sources to confirm the information. And if something feels off, trust your instincts. In the age of AI, seeing is no longer believing. 

How McAfee Helps You Stay Ahead of These Scams 

McAfee+ Advanced gives you multiple layers working together so you’re not left figuring it out in the moment: 

• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage  
• Safe Browsing helps block risky sites if you do click or scan  
• Device Security helps detect and remove malicious apps or downloads  
• Identity Monitoring alerts you if your personal info shows up where it shouldn’t, so you can act fast  
• Personal Data Cleanup helps remove your information from data broker sites, making you a harder target in the first place  
• Secure VPN keeps your data private, especially on public Wi-Fi  

Safety tips to carry into next week 

• Slow down when a message creates urgency. That’s the hook  
• Don’t scan QR codes or click links from unexpected texts  
• Go directly to official websites instead of using links sent to you  
• Use tools that flag scams in real time so you don’t have to guess  
• Don’t trust celebrity endorsements posted to social media unless they come directly from a celebrity’s official page 

The reality is, these scams are designed to look normal. You shouldn’t have to be an expert to spot them. That’s why McAfee’s here to help. 

We’ll be back next week with more scams making headlines. 

The post How to Spot Fake Court Texts and Celebrity Deepfake Ads: This Week in Scams appeared first on McAfee Blog.

Graduation season should be about launching your career, not dodging scams.

But for many new grads, the job search now comes with a hidden risk: fake recruiters, fraudulent job offers, and convincing messages designed to steal money, personal information, or both.

The threat is larger than many people realize. According to McAfee’s 2026 State of the Scamiverse report, 76% of Americans have encountered a scam, and the average person receives 14 scam messages every day through text, email, and social media. Americans now spend an estimated 114 hours each year trying to figure out what is real online and what is not.

Young adults are among the most heavily targeted groups. Nearly 3 in 10 people ages 18 to 24 (28%) report receiving conversational scams that begin with casual outreach such as “Hey, how are you?” or a “wrong number” text. Those same tactics increasingly appear in fake recruiter messages, LinkedIn outreach, and texts promoting remote job opportunities.

Today’s job scams can look highly professional. Scammers build polished LinkedIn profiles, clone legitimate company websites, and even use AI-generated interviews to appear credible. Many scams unfold quickly, with nearly half completed in less than an hour, creating pressure to act before candidates have time to verify what is real.

That’s where tools like McAfee’s Scam Detector come in—flagging suspicious emails, texts, links, and messages before you engage, so you can tell what’s real before you click. 

Here’s how to avoid job scams and stay safe with McAfee: 

How Job Scams Actually Work

Step	What Happens	Red Flags	What Scammers Want
1. The Outreach	You’re contacted via email, text, or social media about a job	Unsolicited offer, vague role, overly enthusiastic recruiter	Your attention
2. The Build-Up	They walk you through interviews or onboarding steps	No video calls, inconsistent details, fast timeline	Your trust
3. The Ask	They request personal info or payment	SSN requests, bank info, “training fees”	Identity + money
4. The Trap	They escalate the situation or disappear	More payment requests or sudden silence	Continued financial gain

A Real Example: How People Get Pulled In

Even experienced professionals fall for these scams.

In one case, a tech expert with decades of experience lost $13,000 after accepting what looked like a legitimate part-time role reviewing products.

The opportunity seemed real:

• A polished website
• Structured onboarding
• A small initial payout

Then came the shift. He was told he needed to deposit money to continue working and kept paying more to “unlock” earnings that never came.

This type of advance fee scam is increasingly common in job fraud, and it works because it builds trust first.

What the Data Says

Recent graduates are entering the workforce at a time when scams are more sophisticated, more personalized, and harder to spot than ever before. McAfee’s 2026 State of the Scamiverse report highlights why younger job seekers should be especially cautious.

Young Adults Face Higher Risk

• Younger adults report the highest rates of repeat scam victimization. McAfee’s research found that scam victims under 35 are more likely than older adults to be targeted again, suggesting that early-career professionals may be especially vulnerable as they navigate job searches, salaries, and onboarding for the first time.

Scam Messages Are Constant

• Americans receive 14 scam messages per day on average.
• 76% of Americans say they have encountered an online scam.
• People spend 114 hours per year, nearly three full workweeks, trying to determine what is real and what is fake online.

Professional Platforms Are Not Immune

• 7% of respondents reported encountering scams on LinkedIn.
• 44% have replied to suspicious messages that contained no link at all.

Many modern scams begin with a simple message such as “I came across your profile” or “We’d like to discuss an opportunity,” rather than an obviously suspicious URL.

Job Scams Move Fast

• The average scam unfolds in just 38 minutes.

Scammers often create urgency by claiming a role is limited, an offer will expire quickly, or onboarding must begin immediately.

AI Makes Fake Recruiters More Convincing

• 35% of Americans are not confident they can spot deepfake scams.
• McAfee predicts job scams will become increasingly personalized as scammers use AI to create tailored outreach, onboarding documents, and contracts that closely match a candidate’s background.

Job Scams Are a Growing Financial Threat

• FTC-reported job scam losses rose nearly 40% year over year, increasing from $543 million in 2024 to $752 million in 2025.

For new graduates eager to land their first job, the lesson is simple: if an opportunity seems rushed, asks for money, or feels too good to be true, take a step back and verify before you respond.

Where McAfee Comes In

Job scams don’t just happen in one moment. They unfold in stages—first a message, then a conversation, then a request for information or money.

That’s why protection needs to work the same way: across the entire experience. McAfee’s comprehensive protection helps you stay ahead of job scams at every step:

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done:

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage
• Safe Browsing helps block risky sites if you do click
• Device Security helps detect malicious apps or downloads
• Secure VPN keeps your data private, especially on public Wi-Fi   

The Biggest Red Flags to Watch For

These patterns show up again and again in job scams:

Red Flag	What It Looks Like	Why It’s a Problem	What to Do Instead
Requests for Sensitive Information Too Early	Asked for your Social Security number, banking info, or ID details early in the process	Scammers use this to steal your identity or access your accounts	Only share sensitive info after accepting a verified job—and through secure onboarding systems
You’re Asked to Pay to Work	Fees for training, equipment, onboarding, or background checks	Legitimate employers don’t charge candidates to get hired	Walk away immediately—this is one of the clearest signs of a scam
The Job Sounds Too Good to Be True	High pay, low hours, minimal experience required, vague responsibilities	Designed to hook attention and lower your guard	Research typical salaries and ask detailed questions about the role
The Hiring Process Moves Too Fast	Immediate job offers or rushed decisions without interviews	Real hiring processes involve multiple steps and evaluations	Be cautious of offers that skip standard hiring steps
No Real Interaction	Communication only via email or chat, refusal to do video or phone calls	Scammers avoid real-time interaction to stay anonymous	Request a video call or verify the recruiter through official company channels

How to Protect Yourself

You don’t need to overcomplicate it. Stick to a few grounded habits:

• Verify the company independently: Search the company, check official sites, confirm recruiter identities
• Keep communication on trusted platforms: Be cautious with offers coming from unexpected channels
• Never pay upfront for a job: That’s a dealbreaker
• Pause before sharing personal information: Especially early in the process
• Use tools that flag risks automatically: Scam Detector helps catch what looks legitimate, but isn’t

What to Do If You Think It’s a Scam

If something feels off:

• Stop communication immediately
• Do not send money or personal information
• Report the scam to the FTC
• Monitor your accounts for suspicious activity

If you’ve already shared sensitive information, act quickly to secure your accounts.

With McAfee’s comprehensive protection, you’re not left to figure it out on your own.

From blocking risky links to monitoring your identity and helping you respond quickly, it’s designed to help you stay one step ahead, and recover faster if needed. Because job searching is stressful enough without scammers, and you deserve to land your next job with confidence.

The post The New Grad’s Guide to Job and Recruitment Scams appeared first on McAfee Blog.

If you have ever checked your child’s grades online, submitted a college paper through a school portal, downloaded homework assignments, or received messages from a teacher through a classroom app, there is a good chance you have used Canvas, a nationwide learning management system that was just in a massive data breach. 

This is exactly the moment McAfee+ Advanced was built for. With our built-in Scam Detector to flag risky links, QR codes, and deepfakes; Identity Monitoring that alerts you when your data appears where it shouldn’t; and Personal Data Cleanup that removes your information from the dark web and data brokers, McAfee+ Advanced is an all-in-one solution for protection after a data breach.

Now let’s get into what you need to know about this breach: 

Who Is Behind the Canvas Breach? 

The ransomware group ShinyHunters is claiming responsibility for the attack. The group alleges it stole roughly 275 million records tied to nearly 9,000 schools and educational institutions worldwide. 

How Did the Canvas Cyberattack Happen? 

Instructure, the company behind Canvas, confirmed a cyber incident affecting its cloud-hosted environment. The attackers later posted claims about the breach on their leak site, where ransomware groups pressure organizations into paying by threatening to release stolen data publicly. 

What Information Was Stolen in the Canvas Breach? 

The stolen data reportedly includes: 

• Student names  
• Teacher and staff names  
• Email addresses  
• Student IDs  
• Course and enrollment information  
• School-related records  

ShinyHunters claims the breach exposed roughly 275 million records and more than 231 million unique email addresses. 

How Could the Canvas Data Breach Impact Families and Students? 

Even if financial information was not exposed, this kind of data can still be extremely valuable to scammers. Criminals can use real school names, real classes, teacher names, and student information to create highly convincing phishing emails, fake school alerts, scholarship scams, tuition scams, or password reset messages. 

A scam message referencing your child’s actual school or assignment is much harder to spot as fake. 

This is a real message from Canvas from a community college professor after yours truly took an anthropology class for fun during the pandemic. It’s full of links to apply for programs and reach out to professors. It has exact details about courses I’ve taken.  

While this correspondence is real, it’s exactly the type of messaging that scammers could fake and replicate, replacing real links with fake “paid” opportunities to pursue degrees.  

Now think of the millions of messages and specific scenarios scammers have access to, to create dubious and convincing scams. That’s why protecting yourself after a breach is key.  

What To Do Right Now 

Here are some actions you can take immediately ot protect yourself after this breach:

• Change you or your child’s Canvas password immediately, and update any other accounts where they reuse that password 
• Turn on multi-factor authentication (2FA) on parent and student accounts wherever the school permits it — Instructure’s own post-incident guidance specifically called out enforcing MFA as a recommended precaution 
• Ask your school what identity protection is being offered if sensitive data was involved 
• Consider placing a credit freeze on your or your child’s file to block new accounts from being opened in their name 
• Avoid clicking links in any messages that reference the breach, go directly to the official site instead 

---

And that, my friends, is issue number one in this week’s This Week in Scams. Let’s get into what else is on our radar in cybersecurity and scam news. 

---

Fake Amazon Recall Texts Are Targeting Shoppers  

Your phone buzzes. It’s a text from an unknown number, but the message looks official. 

“Dear Amazon Customer, we are writing to inform you that an item from your March 2026 order has been identified for recall.” There’s an order number. A link at the top of the message. A note about quality standards and a refund waiting for you. 

It looks real. It has the Amazon logo, the branded formatting, even a reference to the “Amazon Customer Safety Team.” The only thing it doesn’t have? Any connection to Amazon at all. 

This is a fake Amazon recall scam, and it is making the rounds right now. The goal is to get you to click that link, which takes you to a site designed to harvest your login credentials, payment information, or both.  

If you get a text like this, do not click the link. Go directly to amazon.com in your browser, log in, and check your orders and messages from there. Amazon does not initiate recall or refund processes through unsolicited texts with outside links. 

What Is a Fake Amazon Recall Scam And How Does It Work? 

A fake Amazon recall scam is a text message or email in which criminals impersonate Amazon to convince you that one of your recent orders has been flagged for a product recall. The message directs you to an external link leading to a phishing site designed to steal your Amazon credentials, credit card details, or personal information. 

Red Flags To Watch For 

• The text comes from an unknown number, not a short code or verified sender 
• The link goes to a domain that is not amazon.com 
• The message asks you to complete a refund through an external link 
• Small typos or awkward phrasing appear in what looks like official communication 
• The greeting says “Dear Amazon Customer” rather than your actual name 

What To Do If You Get One 

• Do not click the link 
• Go to amazon.com directly and check your orders and account notifications 
• Report the text to Amazon at stop-spoofing@amazon.com 
• Block the number 

Where McAfee Steps In (So You Don’t Have to Guess)  

Scams today are layered.  A fake email leads to stolen credentials. A breach leads to targeted phishing. And those follow-ups are getting harder to spot.  

With McAfee+ Advanced, multiple layers work together so you’re not left figuring it out after the damage is done: 

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast  
• Personal Data Cleanup helps remove your information from sites selling it. 
• Scam Detector flags suspicious texts, emails, links, QR codes, and even deepfake videos before you engage  
• Safe Browsing helps block risky sites, even if you do accidentally click  
• Device Security helps detect malicious apps or downloads  
• Secure VPN keeps your data private, especially on public Wi-Fi    

McAfee Safety Tips This Week 

Our advice based on this week’s scams and stories: 

• If your child’s school uses Canvas, update their password now and enable multi-factor authentication if available 
• Consider a credit freeze for your child’s identity, especially if sensitive identifiers were part of the breach 
• Never click links in unsolicited texts about refunds, recalls, or account issues — go directly to the official site instead 
• Treat any message that references your recent orders or personal account details with extra skepticism, even if it looks legitimate 
• Use Scam Detector to check suspicious links before engaging, and stay alert in the weeks and months after a breach, not just the first few days 

And we’ll be back next week with more scams and cybersecurity news making headlines. 

The post How to Protect Yourself After the Canvas Education Data Breach + Fake Amazon Recall Texts appeared first on McAfee Blog.

Scam messages are getting smarter and faster. 

According to McAfee’s 2026 State of the Scamiverse report, Americans now spend 114 hours a year trying to figure out what’s real and what’s fake online. That’s nearly three full workweeks lost to second-guessing messages, alerts, and links. 

And when scams do succeed, they move quickly. The typical scam unfolds in about 38 minutes, leaving little room for hesitation. 

That creates a gap: People want to check before they act, but the tools haven’t always met them in that moment. 

ChatGPT + McAfee is designed to close that gap, bringing scam detection directly to a platform people are already using to ask questions and make decisions. 

And it’s available to anyone. You don’t have to be a McAfee subscriber. 

This isn’t just detection. It’s guidance in the exact moment you’re deciding what to do.  

Instead of guessing, you can paste a message or drop in a screenshot and get a clear explanation of what’s risky, and what to do next, powered by McAfee’s threat intelligence. 

What You Can Do with ChatGPT + McAfee 

With this integration, checking something suspicious becomes as simple as asking a question. 

Paste a message. Drop in a link. Upload a screenshot. 

McAfee analyzes it and explains what’s going on clearly and in context. 

Here’s how it works: 

Feature	What it does	How it protects you
Link safety check	Paste a suspicious URL and get a reputational analysis based on McAfee threat intelligence	Scam links are often designed to look legitimate. A quick check helps avoid phishing and malware
Message analysis	Submit texts, emails, or social messages for evaluation	Many scams now rely on urgency and tone. Analysis helps surface subtle red flags
Screenshot uploads	Upload screenshots of messages, emails, or posts for review	Scams don’t always come as clean text. This makes it easier to check what you’re actually seeing
Clear explanations	Get a breakdown of why something is flagged as risky or safe	Not just a warning—an explanation that helps you recognize patterns next time
Guided next steps	Receive recommendations on what to do next	Helps prevent escalation, especially in moments of uncertainty

It’s a quick, accessible way to get answers in the moment. But it’s just one part of a broader system designed to protect you more comprehensively. 

Add the app to your ChatGPT account here. 

Built on McAfee’s Threat Intelligence 

Behind the scenes, ChatGPT + McAfee is powered by the same intelligence that fuels McAfee’s broader scam protection ecosystem. 

When you submit something for review: 

• Links are checked against known threat signals  
• Messages are analyzed for scam patterns and language cues  
• Results are translated into clear, human-readable explanations  

The goal isn’t just to flag risk. It’s to help you understand it. 

A New Way to Stay Ahead of Scams 

Scams aren’t slowing down. If anything, they’re becoming more convincing, more personalized, and harder to detect. 

That’s where ChatGPT + McAfee comes in. But this is only one part of a much bigger system designed to protect you before, during, and after a scam attempt. 

With McAfee+ Advanced, multiple layers work together so you’re not left figuring it out after the damage is done: 

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast  
• Personal Data Cleanup helps remove your information from sites selling it. 
• Scam Detector flags suspicious texts, emails, links, QR codes, and even deepfake videos before you engage  
• Safe Browsing helps block risky sites, even if you do accidentally click  
• Device Security helps detect malicious apps or downloads  
• Secure VPN keeps your data private, especially on public Wi-Fi    

The ChatGPT experience gives you a fast, intuitive way to check something in the moment. 

McAfee+ Advanced makes sure you’re protected across everything else.

The post Now Available: Use ChatGPT with McAfee to Spot Scams Faster appeared first on McAfee Blog.

Graduating should feel like a fresh start, a time when the whole world is at your fingertips.   

Unfortunately, scammers often see graduates and think “student loans.” Or more specifically “student loan scams.” 

As student loan payments resume or repayment plans shift, scammers move in fast; posing as loan servicers, promising forgiveness, or offering to “simplify” your loans for a fee. 

The tricky part? These messages often look real. 

That’s where tools like McAfee’s Scam Detector come in. It flags suspicious emails, texts, links, and even deepfake-style messages, helping you spot what’s real before you click, respond, or pay. 

Here’s how to spot these scams and stay safe with McAfee: 

What Is a Student Loan Consolidation Scam? 

Student loan consolidation itself is a legitimate option. It allows you to combine multiple federal loans into one, often to simplify payments. 

Scammers exploit that confusion. 

Instead of helping, they pose as government partners or “relief experts” and charge you for services you can do yourself…for free. 

According to Federal Student Aid, you never have to pay for help managing or consolidating your federal student loans.  

That’s the baseline truth most scams try to blur. 

How These Scams Actually Work 

Step	What Happens	Red Flags	What Scammers Want
1. The Outreach	You get an email, text, or call about “loan consolidation” or “forgiveness”	Urgent tone, unfamiliar sender, “final notice” language	Your attention and quick reaction
2. The Hook	They claim you qualify for a special program or limited-time offer	“Act now,” “guaranteed forgiveness,” or “new law” claims	Your trust
3. The Ask	They request payment or personal info	Upfront fees, requests for FSA ID or bank info	Money + account access
4. The Control	They may ask for authorization to manage your loans	Power of attorney forms, account takeover steps	Full control of your loan account

Luckily, for McAfee+ Advanced users, they have access to Scam Detector which alerts users to suspicious emails, messages, links, and deepfakes that are often employed by scammers in these student loan fraud scenarios.  

The Most Common Lies to Watch For 

Scammers tend to recycle the same scripts. Federal Student Aid warns about messages like: 

• “Act immediately to qualify for student loan forgiveness before the program is discontinued.”  
• “You’re eligible for total loan discharge. Call now.”  
• “Your loans are flagged for forgiveness pending verification.”  

These messages are designed to create urgency, not clarity. 

And importantly, they are not coming from the U.S. Department of Education or its partners. 

Where McAfee’s Scam Detector Comes In 

This is exactly the kind of gray-area messaging that trips people up. 

McAfee’s Scam Detector helps cut through that by: 

• Flagging suspicious loan-related messages before you engage  
• Identifying risky links in emails or texts  
• Highlighting signs of impersonation or manipulation  
• Helping you understand why something looks off  

Instead of relying on gut instinct alone, you get a second layer of analysis, right in the moment decisions happen. 

The Biggest Red Flags (Don’t Ignore These) 

Federal Student Aid highlights a few consistent warning signs, and they’re worth memorizing: 

1. They Charge You for “Help”

If a company asks for upfront or monthly fees to consolidate or manage your loans, that’s a major red flag. 

Free help is always available through your official loan servicer.  

2. They Promise Immediate Forgiveness

No legitimate program guarantees instant or total loan forgiveness. 

Most real programs require years of qualifying payments or specific eligibility criteria. 

3. They Ask for Your FSA ID

This is a hard line. 

Your FSA ID is legally equivalent to your signature—and no legitimate organization will ask for your password. 

4. They Pressure You to Act Fast

Urgency is a tactic, not a requirement. 

Scammers often claim deadlines tied to “new laws” or expiring programs to push quick decisions. 

5. They Want Control of Your Account

Requests for power of attorney or third-party authorization can allow scammers to: 

• Change your account details  
• Redirect communications  
• Make decisions without your knowledge 

How to Protect Yourself Without Overthinking It 

You don’t need to become a cybersecurity expert. Just follow a few grounded rules: 

• Go directly to official sources: Always use StudentAid.gov—not links sent to you  
• Don’t pay for what’s free: Loan consolidation and repayment help are available at no cost  
• Pause before clicking or responding: Most scams rely on speed  
• Use tools that flag risk for you: Scam Detector adds a layer of protection when things look legitimate, but aren’t  

What to Do If You Think You Fell for a Student Loan Scam 

Act quickly to limit damage: 

• Contact your loan servicer and revoke any third-party access  
• Call your bank or credit card company to stop payments  
• Change your FSA ID password immediately  
• Report the incident to the Federal Trade Commission here 

Federal Student Aid also recommends reviewing your account activity and confirming no unauthorized changes were made.  

The Bottom Line 

Student loan consolidation scams don’t look like scams anymore. 

They look like helpful emails. Official notices. Last chances. 

That’s why protection today isn’t just about knowing the rules, it’s about having backup when something feels off. 

With McAfee, you’re not left guessing. You can spot suspicious messages, understand the risks, and move forward with confidence, without handing your time, money, or identity to someone who doesn’t deserve it. 

Because starting your post-grad life shouldn’t come with a scam attached. 

The post The New Grad’s Guide to Student Loan Scams: How to Stay Safe appeared first on McAfee Blog.

You’re scrolling through Facebook or TikTok and see it. 

A flash sale from a brand you recognize. A limited-time investment opportunity. A job posting that promises quick money. 

The ad has comments. The account looks polished. Maybe someone you follow even liked it. 

So you click. 

From there, things move fast. You’re pushed to act quickly, enter your information, or send payment before the “deal” disappears. And just like that, the money is gone or your account is compromised. 

This isn’t an edge case anymore. According to new FTC data, nearly 30% of people who reported losing money to a scam in 2025 said it started on social media, with total losses hitting $2.1 billion. 

That’s why McAfee+ Advanced includes comprehensive protection designed to help you spot and stop scams at every step, including McAfee’s Scam Detector, which flags suspicious links and messages and explains why they may be risky, along with identity and privacy tools that help protect your information if a scam slips through. 

How Social Media Ad Scams Work 

A social media ad scam is when scammers use paid ads, fake profiles, or hijacked accounts on platforms like Facebook, Instagram, or TikTok to promote fake products, services, or investment opportunities in order to steal money or personal information. 

Step	What happens	What to do	How McAfee helps
1	You see an ad, post, or DM promoting a deal, job, or investment	Don’t engage immediately, even if it looks legitimate	Scam Detector flags suspicious links and messages before you interact
2	The ad links to a website or moves you into DMs	Avoid clicking unfamiliar links or continuing off-platform	Safe Browsing helps block risky or newly created websites
3	You’re pressured to act quickly or “secure your spot”	Slow down and verify the company independently	Scam Detector explains urgency tactics and why they’re risky
4	You’re asked to pay, share login info, or download something	Never send money or credentials based on a social media interaction	Identity Monitoring helps protect your personal data if exposed
5	The product never arrives, the investment disappears, or your account is compromised	Report the scam and secure your accounts immediately	Personal Data Cleanup and monitoring help reduce ongoing exposure

Red Flags To Watch For 

• Deals that feel unusually cheap or urgent  
• Ads linking to unfamiliar or slightly misspelled websites  
• Requests to move conversations off-platform quickly  
• Payment requests via apps, crypto, or wire transfer  
• Accounts with limited history or inconsistent engagement  

And that is the first part of This Week in Scams! This Friday we’re taking a different format to talk about this new FTC data and all that it reveals.  

Let’s keep digging in: 

FTC Report: Social Media Scams Are Now The Most Costly Fraud Channel 

New data from the FTC shows just how dominant social media has become in the scam landscape. 

• Social media scams drove $2.1 billion in reported losses in 2025  
• Losses have increased eightfold since 2020  
• Investment scams alone accounted for $1.1 billion of those losses 

Where Scams Are Happening And What’s Changing 

Category	What to know
Most common scams	Shopping scams lead, with over 40% of victims reporting purchases from social media ads that never arrived
Most costly scams	Investment scams drive the biggest losses, often starting with ads or group chats showing fake success
What’s changing	Scammers are using platform tools like ads, targeting, and profile data to reach people more precisely than ever

How Scams Play Out Across Platforms 

Platform	How scams typically start	What to watch for
Facebook	Ads, Marketplace listings, hacked accounts	Fake stores, duplicate listings, urgent purchase pressure
Instagram	Sponsored posts, influencer impersonation	“Limited drop” scams, fake brand collaborations
TikTok	Ads, stolen videos/profiles, comment links, bio links,	“Get rich quick” schemes, external link funnels, reselling via TikTok
WhatsApp	Group chats, investment communities	Fake testimonials, coordinated pressure to invest

 How McAfee Protects You from Scams and Cyber Threats 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done:   

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast  
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place  
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage  
• Safe Browsing helps block risky sites if you do click  
• Device Security helps detect malicious apps or downloads  
• Secure VPN keeps your data private, especially on public Wi-Fi    

McAfee Safety Tips This Week 

Our advice based on this week’s scams and schemes: 

• Treat social media ads like any other unknown source, not a trusted recommendation  
• Pause before clicking, especially when urgency is involved  
• Verify brands by going directly to their official website  
• Avoid sending money or personal information through social media  
• Use tools like Scam Detector to check suspicious links before engaging  

And we’ll be back next week with more scams making headlines.

The post Ad Impersonation Scams and Record-Breaking Social Media Fraud Losses: This Week in Scams appeared first on McAfee Blog.

A new scam making the rounds takes a familiar delivery trick and upgrades it with hyper‑realistic messaging and a QR code that looks safe to scan. 

But don’t be fooled. 

It’s the same delivery scam playbook scammers have relied on for years, just repackaged with better design and more convincing details. 

You get a message with a notice that looks something like this, a real message received by our team and tested against McAfee’s Scam Detector. 

 

That added layer of realism is what makes this version more dangerous. But it doesn’t hold up under scrutiny. McAfee’s Scam Detector flagged both the suspicious language and the QR code in this message before any interaction. 

If you receive something like this, pause. Do not scan the code. 

You can also protect yourself with McAfee’s Scam Detector, which flags suspicious links and messages, including delivery scams and QR‑based attacks, and explains why they may be risky. 

What is the USPS QR Code Scam and How Does it Work? 

The USPS QR code scam is a phishing attempt where scammers impersonate postal services and use QR codes instead of clickable links to direct victims to malicious websites. 

Once scanned, the QR code can lead to a fake USPS page that asks for payment, login credentials, or personal information. 

How the scam works 

Step	What happens	The red flags	What to do	How McAfee helps
1	You receive a text about a delivery issue or missed package	Urgency, you’re not tracking a package	Be skeptical of unsolicited delivery messages	Scam Detector flags suspicious messages
2	The message includes a QR code instead of a link	QR codes instead of official tracking links  is a red flag	Do not scan QR codes from unknown sources	QR scanning protection warns before opening risky destinations
3	You scan the code and land on a fake USPS page	Generic or slightly off branding on the webpage	Do not enter any information	Safe Browsing blocks known malicious sites
4	The page asks for payment or personal details	Requests for small “redelivery” or “processing” fees  are not normal	Exit immediately and do not submit anything	Scam Detector explains why the page is risky, and Identity Monitoring supports you when if your info gets out.

What To Do If You Get This Message 

• Do not scan the QR code  
• Go directly to the official USPS website to check tracking  
• Delete the message  
• Report it as spam  
• Monitor your accounts if you interacted with it  

And that, my friends, is scam number one in this week’s This Week in Scams. 

Let’s get into what else is on our radar. 

A Major Health Data Breach Exposes 500,000 Records 

A massive health data incident is raising new concerns about how sensitive information is handled and shared. 

According to reporting from the Associated Press, data tied to 500,000 participants in a major U.K. health research project was found listed for sale online. The dataset included biological and health-related information, though it did not contain direct identifiers like names or contact details. 

Access to the data had been granted to research institutions, but that access has since been revoked. Authorities say no purchases were made, and the listing has been removed. 

Still, the situation highlights a growing reality: once data is accessed or shared, control over it becomes harder to guarantee. 

What This Breach Says About Data Privacy 

Scams are no longer isolated events. They are layered. 

A data breach does not just stay a breach. It becomes fuel for future scams. Exposed information can be used to make phishing messages more convincing, personalize attacks, and build trust with targets. 

That is why detection alone is not enough anymore. Protection has to account for both incoming threats and what happens when data is already out there. 

How McAfee Protects You In A World of Scams and Data Breaches  

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done:  

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast 
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place 
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage 
• Safe Browsing helps block risky sites if you do click 
• Device Security helps detect malicious apps or downloads 
• Secure VPN keeps your data private, especially on public Wi-Fi   

McAfee Safety Tips This Week  

As always, we have some best practices and safety tips for navigating life online:  

• Pause before clicking, especially when a message creates urgency   
• Go directly to websites or apps instead of using email links   
• Be skeptical of routine account alerts that push immediate action   
• Double-check sender addresses and URLs closely   
• Use tools like McAfee’s Scam Detector to flag suspicious links and messages before interacting   
• Turn on identity monitoring so you’re alerted if your data is exposed  

And we’ll be back next week with more scams making headlines.

The post Fake USPS QR Code Text Scams and a Major Health Data Breach: This Week in Scams appeared first on McAfee Blog.

Co-Authored by Luiz Parente 

Your data might be safe today. But that doesn’t mean it’s safe forever. 

A growing number of sophisticated actors are collecting encrypted data now, with the goal of decrypting it later, when more powerful technology becomes available. 

This strategy is known as Harvest Now, Decrypt Later (HNDL). And it’s not a future problem. It’s already happening, according to research from our McAfee VPN team. 

For everyday people, that means private messages, financial records, and sensitive documents could be exposed years from now if protections don’t evolve today. 

That’s why security teams, including McAfee’s VPN engineers, are already working on ways to strengthen encryption for both today and what comes next. 

What “Harvest Now, Decrypt Later” Means 

At its core, HNDL is simple: Attackers collect encrypted data now, store it, and wait until they have the tools to unlock it later. 

Even though today’s encryption is incredibly strong, the strategy doesn’t rely on breaking it today. It relies on patience.  

A Simple Way to Think About It 

You put valuable belongings and documents in a safe at home that’s locked and secured. This works at preventing crimes of opportunity. But let’s say there’s a thief who steals the entire safe, knowing they have tools they can use later to access what’s inside. They wait, and once the tools are available, they break into your safe and access everything inside. 

That’s one way to think of HNDL. The safe is the encryption. The quantum computing is the tool they can use later.  

But in real life, you’d probably notice if your safe is gone. In the case of HNDL, if you’re not monitoring your data, you may not even notice encrypted information has been stolen to be decrypted.  

Key Terms Explained 

Term	What it means
Encryption	Scrambling data so others can’t read it
Quantum computing	A new type of computing that can break some encryption
HNDL	A strategy to collect encrypted data now and decrypt it later

Why This Matters Right Now 

This isn’t about whether your data is valuable today. It’s about whether it might be valuable later. 

Data with a long shelf life is especially at risk, including: 

• Financial records  
• Medical information  
• Private messages  
• Legal or identity documents  

Even something that feels low-stakes today could become sensitive in the future. 

And because the collection phase is already happening, the risk isn’t hypothetical. It’s already in motion. 

How This Affects VPNs (and what doesn’t change) 

VPNs remain one of the most effective ways to protect your data today. That hasn’t changed. 

But HNDL introduces a new layer of complexity. 

• What’s still strong: The encryption that protects your data in transit remains highly resilient.  
• Where the risk is: The “handshake” process (how a secure connection is established) is more vulnerable to future quantum attacks.  

In simple terms: Your data is well protected today, but parts of how that protection is set up may need to evolve for the future. 

What Quantum Computing Changes 

Traditional computers process information in a linear way. 

Quantum computers work differently. They can solve certain types of problems much faster, including the kinds of mathematical challenges that protect today’s encryption. 

That’s why attackers are willing to wait. 

Once quantum computing reaches a certain level, it could unlock data that was previously considered secure. 

What McAfee’s VPN Team is Working On 

McAfee’s VPN team is already preparing for this shift. 

• Evaluating quantum-safe encryption approaches  
• Exploring hybrid models that protect both now and long-term  
• Building toward a more resilient VPN experience  

This work builds on a broader privacy-by-design approach, where systems are designed to minimize risk from the start, not react after the fact. 

Because with HNDL, waiting isn’t an option. 

What You Can Do Now 

You don’t need to wait for quantum computing to take steps today. 

• Use a trusted VPN to encrypt your connection  
• Be mindful of long-term sensitive data you share online  
• Avoid unsecured public Wi-Fi when possible  
• Keep your apps and devices updated  

These steps help protect your data now while the industry builds toward future-ready security. 

How McAfee Helps Protect You 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done:  

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast 
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place 
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage 
• Safe Browsing helps block risky sites if you do click 
• Device Security helps detect malicious apps or downloads 
• Secure VPN keeps your data private, especially on public Wi-Fi   

Frequently Asked Questions (FAQs) 

FAQ

Q: Is my data safe right now?   A: In most cases, yes—today’s encryption is extremely strong and is designed to protect your data from current threats. If you’re using trusted security tools like a VPN, safe browsing protections, and device security, your data is actively protected while it’s in transit and in use. However, no system is risk-free. Data exposed through phishing, weak passwords, breaches, or unsecured networks may still be vulnerable. And with “Harvest Now, Decrypt Later,” even properly encrypted data could be collected today and targeted for decryption in the future.

Q: What is quantum-safe encryption?  A: Quantum-safe (or post-quantum) encryption refers to new types of cryptography designed to remain secure even against future quantum computers. Today’s encryption relies on math problems that are extremely difficult for classical computers to solve, but quantum computers could eventually solve some of them much faster. Quantum-safe approaches use different mathematical foundations that are believed to resist those capabilities. In practice, many companies are moving toward hybrid encryption, combining today’s proven methods with newer quantum-resistant techniques to protect data both now and long-term.

Q: Should I still use a VPN?  A: Yes. A VPN remains one of the most effective ways to protect your data today, especially on public or unsecured networks. It encrypts your internet traffic and helps prevent interception by hackers, internet providers, or other third parties. While VPN protocols are evolving to address future quantum risks, they still provide strong, essential protection against today’s threats.

Q: When will this become a real threat?  A: The risk unfolds in two phases. The collection phase is already happening today, where sophisticated actors gather encrypted data and store it. The decryption phase depends on when quantum computing advances far enough to break certain types of encryption, which could take years but is actively progressing. This means data with a long lifespan, such as financial records, personal communications, and sensitive documents, is most at risk because it only needs to remain valuable until those capabilities exist.

The post Why Hackers Are Collecting Data They Can’t Read Yet. And How to Stay Safe appeared first on McAfee Blog.

You open your inbox and see it: Your cloud storage is full. 

There’s a warning about photos being deleted, your account being suspended, or a renewal failing. There’s a button to “fix it now.” Or a warning to “act today.” 

It looks routine. Maybe even urgent enough to click. 

That’s exactly the point. 

Cloud storage scams are making headlines again, building on patterns we flagged earlier this year in our State of the Scamiverse research.  

These emails have circulated steadily since 2025, often impersonating trusted brands like Apple, Microsoft, and Google. Many are timed to moments when people are already thinking about storage, backups, or subscriptions. 

The safest move is simple: pause and don’t click. If there’s a real issue, go directly to your account through the official app or website. 

You can also protect yourself with McAfee’s Scam Detector, which flags suspicious links and messages, including cloud storage scams, and explains why they may be risky. 

What Is A Cloud Storage Scam And How Does It Work? 

Cloud storage scams are phishing attacks designed to trick you into believing there’s an issue with your account so you’ll click a malicious link.

They often look like this, and include 3 key red flags:  

• Messages that create urgency like “act now or lose your data”  
• Generic greetings instead of your name  
• Links that don’t match the official domain  

How the scam works (step-by-step) 

Step	What happens	What to do	How McAfee helps
1. You receive a message	Email or text claims your storage is full or your account has an issue	Don’t click links directly from the message	Scam Detector flags suspicious messages before you interact
2. Urgency is introduced	Warning that files or photos will be deleted if you don’t act	Pause. Urgency is a red flag	Scam Detector identifies pressure-based scam patterns
3. You’re pushed to a link	Link mimics a real login or billing page	Go directly to the official website instead	Safe browsing tools help block malicious sites
4. You’re asked for info	Login credentials or payment details requested	Never enter info from a link you didn’t verify	Scam Detector explains why a page or link is risky
5. Data is captured	Scammers collect your data or payment	Monitor accounts and report suspicious activity	Identity monitoring alerts you if your data is exposed

 Why This Scam Works 

• Familiar brands: Messages often appear to come from trusted platforms like Apple iCloud or Google Drive  
• Emotional pressure: The threat of losing photos or files triggers quick decisions  
• Routine context: Storage alerts feel normal, so people don’t question them  

And that, my friends, is scam number one in this week’s This Week in Scams. 

Let’s get into what else is on our radar. 

FBI Report: Over $20 Billion Lost to Scams in 2025

New data from the FBI’s Internet Crime Complaint Center (ICC) shows just how large the scam economy has become. 

In 2025 alone: 

• Americans reported over $20.8 billion in losses  
• More than 1 million complaints were filed  
• That’s roughly 3,000 complaints per day  

This is where layered protection matters. It’s not just about catching one bad link. It’s about recognizing patterns across messages, platforms, and moments when something feels slightly off. 

How McAfee Protects You From Scams and Cyber Threats 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done:  

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast 
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place 
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage 
• Safe Browsing helps block risky sites if you do click 
• Device Security helps detect malicious apps or downloads 
• Secure VPN keeps your data private, especially on public Wi-Fi   

McAfee Safety Tips This Week 

As always, we have some best practices and safety tips for navigating life online: 

• Pause before clicking, especially when a message creates urgency  
• Go directly to websites or apps instead of using email links  
• Be skeptical of routine account alerts that push immediate action  
• Double-check sender addresses and URLs closely  
• Use tools like McAfee’s Scam Detector to flag suspicious links and messages before interacting  
• Turn on identity monitoring so you’re alerted if your data is exposed 

And we’ll be back next week with more scams making headlines. 

The post Cloud Storage Scam Emails and Record-Breaking Fraud Losses: This Week in Scams  appeared first on McAfee Blog.

Wearable health devices are designed to give you more control over your body and your data. 

But in 2026, the bigger risk isn’t someone spying on your smartwatch or smartring in real time. It’s what happens if the data connected to that device gets exposed. 

Health data, login credentials, and behavioral patterns tied to wearables can become valuable signals for cybercriminals. And once that data is out, it can fuel everything from identity theft to highly targeted scams. 

Here’s what’s actually at risk, and how to protect yourself. 

What Is Wearable Health Data (and Why It Matters) 

Wearable health data refers to the personal information collected and stored by devices like fitness trackers, smartwatches, and connected medical monitors. 

This can include: 

• Heart rate and activity levels  
• Sleep patterns  
• Location data  
• Medical metrics (like glucose levels)  
• Account credentials tied to apps and dashboards  

On its own, this data may seem harmless. But combined, it creates a highly detailed profile of your habits, routines, and health status. 

The Real Risk in 2026 Isn’t the Device. It’s the Data. 

Early conversations around wearable security focused on device hacking or surveillance. 

Today, the bigger concern is data exposure. 

If wearable platforms, apps, or connected services are breached, your data could be: 

• Sold on the dark web  
• Used to impersonate you  
• Leveraged in targeted phishing or health-related scams  

And because this data is personal and specific, scams built from it can feel far more convincing than generic spam. 

How Exposed Wearable Data Can Lead to Scams 

When cybercriminals gain access to personal data, they don’t just sit on it. They use it. 

Here’s how that plays out: 

Scenario	What It Looks Like	Why It Works
Health-related phishing	“Your insurance claim was denied” or “Update your health profile”	Feels relevant and urgent
Account takeover attempts	Password reset emails tied to known apps	Uses real account signals
Personalized scams	Messages referencing routines, devices, or conditions	Builds trust quickly
Fake alerts or services	“Device security issue detected”	Mimics real product behavior

 

This is where the risk shifts from data privacy → real-world financial and identity impact. 

6 Smart Ways to Protect Your Wearable Data 

1)Install updates immediately
Security patches fix known vulnerabilities. Delaying updates leaves gaps open.  

2) Use layered protection, not just device settings
A VPN and security software help protect data in transit and block threats before they reach you.  

3) Strengthen your login credentials
Use strong, unique passwords and enable two-factor authentication wherever possible.  

4) Limit what you share
Review app permissions and only connect devices to services you trust.  

5) Verify every message or alert
If you receive a message tied to your device or health data, double-check the source before clicking.  

6) Monitor your accounts regularly
Small signs of unusual activity can be early indicators of larger issues. 

How McAfee Helps Protect Your Data Beyond the Device 

Protecting your wearable doesn’t stop at the device itself. It extends to what happens if your data is exposed or targeted. 

Identity Monitoring 

McAfee helps track your personal information across known breach sources and alerts you if your data appears where it shouldn’t. 

This gives you early warning if wearable-related accounts or associated data are compromised. 

Scam Detector 

If your data is exposed, scammers often follow. 

McAfee’s Scam Detector helps identify suspicious messages, links, and communications before you engage, and explains why something was flagged, so you can make informed decisions quickly. 

Together, these tools help protect not just your device, but the chain reaction that can follow a data breach. 

The post Can Your Wearable Health Monitors Be Compromised? appeared first on McAfee Blog.

Emails claiming to be from Social Security are making the rounds right now. 

They look official. They sound official. And they’re designed to get you to click before you think twice. 

The Social Security Administration’s Office of Inspector General is warning about a spike in messages that claim your Social Security statement is ready to download. The goal is simple. Get you to click a link or open an attachment. 

From there, things can go sideways fast. 

Before interacting with anything like this, it’s worth pausing and running it through a tool like McAfee’s Scam Detector. This is exactly the kind of message it’s built to flag. Something that looks legitimate, but feels just slightly off. 

How The Scam Works 

The email mimics official government communication, using logos, formatting, and language that feels familiar. It might say your statement is ready, your account needs attention, or you need to review a document. 

Once you click: 

• You may be sent to a fake website designed to capture your personal information  
• You may download malware without realizing it  
• Or you may be prompted to enter sensitive financial details  
• Either way, the goal is the same: get access to your identity. 

The Red Flags In These Emails 

• Messages claiming your social security statement is ready to download  
• Links or attachments labeled as official documents  
• Urgency pushing you to act quickly  
• Sender addresses that do not end in “.Gov”  

The biggest tell: Social Security does not send emails like this asking you to download statements or provide sensitive information. 

What To Do If You Get One 

• Do not click links or download attachments  
• Delete the email immediately  
• Access your account by going directly to the official SSA website  
• Report the message to the SSA Office of Inspector General  

If you already clicked: 

• Stop communication immediately  
• Contact your financial institutions  
• Monitor your accounts closely  
• Report the incident to the FTC or the FBI’s IC3  

And that, my friends, is scam number one in this week’s This Week in Scams. 

Let’s get into what else is on our radar. 

A Healthcare Data Breach That Could Lead to Follow-Up Scams 

Healthcare data breaches don’t always make headlines the same way big tech breaches do, but they can be just as serious. 

According to reporting from Fox News, CareCloud, a company that supports electronic health records for tens of thousands of providers, recently confirmed a security incident involving unauthorized access to one of its systems.  

The access lasted several hours. And while it’s still unclear whether any data was taken, that uncertainty is exactly what makes situations like this risky. 

Because even if you’ve never heard of the company, your doctor might use it. 

Why This Matters 

Healthcare data is incredibly valuable. It can include: 

• Names and social security numbers  
• Insurance details  
• Medical history  
• Billing information  

Unlike a credit card, you can’t just cancel your medical history. 

And when that kind of data is exposed or even potentially exposed, scammers often follow up with messages that feel highly specific and personal. 

What To Watch For Next 

After incidents like this, scammers often move quickly: 

• Emails or texts pretending to be your provider  
• Messages about billing issues or medical records  
• Requests to “verify” your information  
• Links to log in or update your account  

These scams work because they’re timed perfectly and feel relevant. 

This is another moment where Scam Detector can help flag suspicious links or messages before you engage, even when they reference real healthcare providers. 

How To Protect Yourself 

• Review medical bills and insurance statements for unfamiliar activity  
• Enable two-factor authentication on patient portals  
• Use strong, unique passwords  
• Avoid clicking links in unexpected healthcare-related messages  
• Consider identity monitoring to catch misuse early  

Where McAfee Steps In (So You Don’t Have to Guess) 

Scams today are layered. 

A fake email leads to stolen credentials. A breach leads to targeted phishing. And those follow-ups are getting harder to spot. 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done: 

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage
• Safe Browsing helps block risky sites if you do click
• Device Security helps detect malicious apps or downloads
• Secure VPN keeps your data private, especially on public Wi-Fi  

Safety Tips To Carry Into Next Week 

• Be cautious of emails that look official but create urgency  
• Never trust unsolicited messages asking for personal or financial information  
• Go directly to official websites instead of clicking links  
• Stay alert after any breach or security incident makes headlines  
• Use tools like McAfee that help you verify what’s real before you act  

Because the reality is, scams are designed to look legitimate. You shouldn’t have to figure it out on your own. We’re safer together. 

We’ll be back next week with more scams making headlines. 

The post Social Security Scam Emails and a Healthcare Data Breach: This Week in Scams appeared first on McAfee Blog.

We’re excited to share that McAfee’s Scam Detector has been named a finalist in the 2026 Webby Awards. 

Recognized in the AI Experiences & Applications – Consumer Application category and named a Webby Honoree for Best Use of AI & Machine Learning, Scam Detector is being acknowledged for its effectiveness as an AI-driven consumer tool. 

This recognition of Scam Detector validates something key in research findings. According to McAfee’s 2026 State of the Scamiverse report, Americans now spend 114 hours a year trying to decide what’s real and what’s fake online. 

Scam Detector was built with this era of uncertainty in mind, designed to help people cut through confusion and identify scams as they appear. The Webby recognition reinforces to us that McAfee’s Scam Detector is doing exactly that. 

What Are the Webby Awards? 

The Webby Awards are presented by the International Academy of Digital Arts & Sciences and recognize excellence across the internet, including apps, software, AI, and digital experiences. 

Each year, thousands of entries are evaluated, with finalists representing the top work in their category globally. 

In addition to judged awards, the Webby Awards include a People’s Voice Award, which is decided by public vote. 

How McAfee’s Scam Detector Uses AI to Stop Scams 

Scam Detector is designed to help people identify scams where they’re most likely to happen, always ready to help you spot what’s real and what’s not when you least expect it. 

It uses AI to analyze and flag suspicious: 

• Text messages and emails  
• Links and websites  
• QR codes  
• Social media messages  
• AI-generated and deepfake content  

Beyond detection, Scam Detector explains why something was flagged as risky. That transparency helps show how decisions are made, so people can quickly understand the risk and feel more confident trusting what’s flagged.

As scams become more personalized and harder to detect, this combination of automatic detection and clear guidance is critical to preventing financial loss and identity theft. 

Vote for McAfee’s Scam Detector 

Scam Detector is eligible for the Webby People’s Voice Award, which is decided by public vote. 

If you would like to support McAfee’s Scam Detector, you can vote here: https://vote.webbyawards.com/PublicVoting#/2026/ai/ai-experiences-applications/consumer-application 

Voting is open through Thursday, April 16 at 11:59 pm PDT. 

Winners will be announced on April 21, 2026. 

And a big thank you to the McAfee teams who brought Scam Detector to life and who continuously improve how Scam Detector identifies new threats and adapts to the evolving world of AI-driven scams. 

The post McAfee’s Scam Detector Named Webby Awards Finalist for AI Innovation appeared first on McAfee Blog.

A tax system breach in Oklahoma is putting highly sensitive personal information at risk. And unfortunately, this is exactly the kind of situation scammers love to exploit. 

Hackers reportedly accessed W-2 and 1099 files through Oklahoma’s online tax portal, according to state officials, exposing the kind of information that can open the door to tax fraud, identity theft, and highly targeted phishing attempts. 

Before the follow-up scams start rolling in, this is the kind of moment where layered protection matters. McAfee+ Advanced includes identity monitoring and data cleansup that can help alert you if your personal information starts circulating where it shouldn’t, and Scam Detector can flag suspicious messages if scammers try to use this breach as a hook. 

What Happened in Oklahoma 

According to a statement by the Oklahoma Tax Commission and reported by KOCO News 5, a local ABC affiliate, suspicious activity inside the state’s Oklahoma Taxpayer Access Point system was identified in December 2025. The agency says impacted individuals have been notified directly by mail, and complimentary credit monitoring and fraud assistance are being offered. 

When W-2s, 1099s, Social Security numbers, and tax-related records are exposed, scammers can use that information to: 

• File fraudulent tax returns  
• Try to open new accounts  
• Build phishing emails or texts that feel unusually real  

Either way, the goal is the same: use real information to make the next scam more believable. 

Red Flags of a Scam After a Breach Like This 

The breach itself is real. But what often follows is a second wave of scams pretending to help. 

Watch For: 

• Emails or texts about your “tax account” that create urgency  
• Messages asking you to verify personal information  
• Fake alerts about refunds, filings, or suspicious activity  
• Links telling you to log in and “secure” your account  

That’s where people can get hit twice: once by the breach, and again by the scam that follows it. 

What To Do If You’re Impacted 

First, don’t panic. Then: 

• Take advantage of any free credit monitoring or fraud assistance being offered  
• Monitor your bank accounts, tax records, and credit reports closely  
• Consider placing a fraud alert or credit freeze if needed  
• Be extra careful with any message referencing taxes, refunds, or account access 
• Go directly to official sites instead of clicking links in emails or texts  

And that, my friends, is scam number one in this week’s This Week in Scams. 

Let’s get into what else is on our radar. 

The FBI Impersonation Scam Showing Up Across the U.S. 

Scammers pretending to be federal agents are making the rounds across the country, and this one is built to make people panic fast. 

Field offices, including Chicago and Houston, are warning the public about fraudsters posing as FBI agents in calls, texts, and emails. In some cases, the scammers claim you’re connected to an investigation. In others, they say you’re a victim of fraud and need to act immediately to protect yourself. 

Sometimes they do not stop there. They may also pretend to be bank employees working alongside the FBI, all to make the story feel more convincing and get access to your money or personal information. 

Why This Scam Works

This scam plays on the same pressure tactics we’ve seen over and over again: authority, urgency, and confusion. 

If someone claims to be a federal agent, many people freeze up and assume they need to cooperate immediately. That’s exactly what scammers are counting on. 

The FBI has been clear about this: federal law enforcement will not ask you for money or sensitive personal information over the phone, by text, or by email. 

The Red Flags in This Message

• Unsolicited outreach from someone claiming to be federal law enforcement  
• Pressure to act immediately  
• Requests for money, gift cards, prepaid cards, or personal information  
• Instructions to keep the conversation secret  
• Stories involving a bank “working with” the FBI  

If it feels dramatic, high-pressure, and just a little off, trust that instinct. 

What To Do if You Get One Of These Messages

• Do not respond  
• Do not send money or share personal information  
• Contact the agency directly using publicly listed contact information  
• Save the message for your records  
• Report it to the FBI: 1-800-CALL-FBI (225-5324), or online at tips.fbi.gov.

This is also exactly the kind of message McAfee’s Scam Detector is built to flag before you get pulled in. 

How McAfee Helps You Stay Ahead of Scams and Breaches 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done: 

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage
• Safe Browsing helps block risky sites if you do click
• Device Security helps detect malicious apps or downloads
• Secure VPN keeps your data private, especially on public Wi-Fi  

This kind of layered protection is critical in cases like ghost student scams, where the first sign of fraud often comes after financial damage has already happened. 

Safety tips to carry into next week 

• Be extra cautious after any real breach makes headlines  
• Do not trust unsolicited messages just because they reference real institutions  
• Never send money to someone claiming to be law enforcement  
• Go directly to official websites instead of clicking links  
• Use tools that flag suspicious messages in real time so you do not have to guess 

The reality is, scams are getting better at looking official. 

You should not have to be an expert to spot them. That’s why McAfee is here to help. We’re Safer Together.

We’ll be back next week with more scams making headlines. 

The post Oklahoma Tax Breach and FBI Impersonation Scam: This Week in Scams appeared first on McAfee Blog.

Rob J., 31, an internal auditor in California, thought he was doing everything right this tax season. He filed his return as usual, even early, and expected a state refund just short of $400. 

Instead, he got a letter saying the state had taken it. 

The notice from the California Franchise Tax Board said his refund had been intercepted to pay a debt owed to a local community college. 

There was just one problem: Rob had never attended that school. 

“How could the state be taking my tax refund to pay a debt to a community college I’ve never attended?” he told us at McAfee. “I immediately knew something was wrong.” 

“I started researching and came across the term ‘ghost student,’ and that’s when it clicked. Someone had used my identity to enroll in a college like they were me.” 

How McAfee+ Advanced Helps Protect You from Identity Theft  

Scams like this do not start with a suspicious text or email. They start with your data being exposed somewhere you cannot see. 

That is why protection has to go beyond one moment and cover the full lifecycle of identity theft. 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done: 

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage
• Safe Browsing helps block risky sites if you do click
• Device Security helps detect malicious apps or downloads
• Secure VPN keeps your data private, especially on public Wi-Fi  

This kind of layered protection is critical in cases like ghost student scams, where the first sign of fraud often comes after financial damage has already happened. 

What Is a Ghost Student Scam? 

A ghost student scam is a form of identity theft where someone uses your stolen personal information, often your Social Security number, to enroll in a college or university under your name. 

The scammer is not trying to attend school. They are trying to use your identity to access financial aid, create accounts, or generate funds tied to a real person. 

In many cases, the victim has no idea anything happened until the consequences show up later, such as a tax refund being taken, a debt appearing, or a loan being opened in their name. 

That is exactly what happened to Rob. 

“I started researching and came across the term ‘ghost student,’ and that’s when it clicked,” he said. “Someone had used my identity to enroll in a college like they were me.”  

How Ghost Student Scams Happen 

These scams typically follow a predictable pattern, even if the victim does not see it happening in real time: 

Stage	What happens	Why it matters
Data exposure	Your personal information is leaked in a data breach or collected from data broker sites	Scammers get the core details they need to impersonate you
Identity misuse	Your information is used to apply to colleges or financial aid programs	The scam is tied to your real identity, not a fake one
Enrollment activity	Fake students may enroll just long enough to access funds or create accounts	This helps scammers avoid early detection
Financial impact	Debts, balances, or aid obligations are created in your name	You become financially responsible on paper
Discovery	You find out later through a notice, refund interception, or account alert	By this point, damage has already been done

In Rob’s case, the starting point was a data breach the year before. His Social Security number had been exposed, but he had not frozen his credit. 

Someone used that information to enroll at Pasadena City College. When the balance went unpaid, the state redirected his tax refund to cover it. 

“Despite Being the Victim, I’m Trying to Prove My Identity” 

Once Rob realized what happened, he moved quickly. He froze his credit, set up identity monitoring, filed a police report, and began working with the college to prove he was not the student. 

He says the process has been slow and frustrating. 

“I’ve spent hours on the phone trying to fix this… I’m exhausted,” he said. “Despite being the victim I am the one dealing with the consequences and trying to prove my identity to the same institution that let a fake me register.”  

When he contacted campus police, he learned something else: “this has been happening to other people too.” 

Why Ghost Student Scams Are Increasing 

Ghost student scams are part of a broader shift in how identity theft works. 

Instead of quick-hit fraud like a stolen credit card, scammers are using real identities to create more complex, longer-term opportunities for financial gain. 

In higher education, that can include: 

• Enrolling fake students using stolen identities  
• Accessing financial aid  
• Holding seats in classes long enough to collect funds  

This trend has already affected thousands of suspected cases across education systems and continues to grow as scammers scale their tactics  

What to Do If Your Identity Is Used in a Ghost Student Scam 

If something like this happens, speed matters: 

• Freeze your credit with all three bureaus  
• Check your FAFSA and student loan records  
• Contact the school and dispute the enrollment  
• File a police report  
• Set up identity monitoring and alerts  
• Remove your personal information from data broker sites  

These steps help contain the damage, but they are reactive. The goal is to catch exposure earlier. McAfee+ Advanced can help you with freezing your credit, ongoing identity monitoring, and data removal from the dark web. 

How Rob’s Story Ends: ‘I’m Waiting for the Other Shoe to Drop’ 

Rob has confirmed there are no federal loans in his name, but the situation is not fully resolved. 

“I still feel like I’m waiting for the other shoe to drop,” he said.  

That uncertainty is part of what makes identity theft so difficult. You are often reacting to something that started months or even years earlier. Rob said he currently has an outstanding police report and is in the process of getting his refund reclaimed.  

How to Stay Ahead of Identity Theft Like This 

Ghost student scams work because they operate quietly, using real data in systems most people are not actively watching. That is where ongoing protection matters. 

McAfee+ Advanced helps close those gaps by: 

• Alerting you early when your personal data appears on the dark web or in risky environments  
• Reducing your exposure by removing your data from broker sites that scammers rely on  
• Blocking scam entry points across texts, emails, links, and deepfakes  
• Protecting your devices and connections so attackers have fewer ways in  

Because the goal is not just to respond to identity theft, it’s to catch the signals early enough that someone cannot become a “student” in your name in the first place. 

The post Why Was My Tax Refund Intercepted? The “Ghost Student” Scam Explained appeared first on McAfee Blog.

We’re proud to share that McAfee’s “Keep It Real” campaign has been named a finalist in the 2026 Shorty Awards Social Good Campaign category. 

This category recognizes work that doesn’t just perform, it matters: campaigns that raise awareness, inspire action, and make a real-world impact. 

That’s exactly what “Keep It Real” set out to do. 

Because behind every scam statistic is a person who thought they were making the right call. And too often, what follows isn’t just financial loss. It’s embarrassment, silence, and stigma. 

We wanted to change that. 

The campaign launched alongside McAfee Scam Detector to address a growing reality: scams powered by AI are becoming harder to recognize and easier to fall for. 

“Keep It Real” paired real survivor stories with AI-driven protection to show how scams actually happen and how people can stop them in the moment. 

The goal was simple: 

• Normalize the experience  
• Remove shame around being scammed 
• Help more people recognize scams faster  

Because when people feel safe talking about scams, they’re more likely to spot them and stop them. 

What Are the Shorty Awards? 

The Shorty Awards honor the best work in social media, digital campaigns, and online storytelling across brands, creators, and organizations. 

Now in their 18th year, the awards recognize campaigns that combine creativity, impact, and real-world relevance. Finalists are selected alongside leading global brands and judged on both industry evaluation and public voting. 

How McAfee’s Scam Detector Fits In 

McAfee’s Scam Detector is designed to help people identify scams across everyday digital moments. 

It uses AI to fight AI by flagging suspicious: 

• Text messages and emails  
• QR codes and links  
• Social media messages  
• AI-generated and deepfake content  

By combining automatic detection with clear guidance, Scam Detector helps people better understand what they’re seeing and decide what to trust. 

Real Stories Behind the Campaign 

A core part of “Keep It Real” was giving space to people who experienced scams to share what happened, in their own words. 

These stories helped show that scams can happen to anyone and played a key role in breaking the stigma around being targeted. 

 

This recognition reflects the work across McAfee teams who built and brought this campaign to life, including product, engineering, research, creative, and communications. 

It also reflects the individuals who chose to share their real scam stories to help others recognize scams, stay safer, and end the shame and stigma around being scammed. 

Support the Campaign 

The Shorty Awards include a public voting component. 

If you’d like to support the campaign, you can vote here:
https://shortyawards.com/18th/keep-it-real-mcafees-ai-scam-media-relations-campaign 

Voting is open through April 8, and you can vote once per day. 

The post McAfee’s “Keep It Real” Campaign Named Shorty Awards Finalist appeared first on McAfee Blog.

McAfee’s mobile research team has uncovered a large-scale Android malware campaign we’re tracking as Operation NoVoice.

The campaign was distributed through more than 50 apps previously available on Google Play, disguised as everyday tools like cleaners, games, and photo utilities. Together, the apps were downloaded more than 2.3 million times, though it’s unclear how many devices may have been impacted.

If the attack succeeds, the malware can gain deep control of a device, allowing attackers to inject malicious code into apps as they are opened and access sensitive data.

However, the most serious impact depends on the device. 

On older or unpatched Android devices, the malware can install a highly persistent form of infection that may survive a standard factory reset. Newer Android devices with up-to-date security protections are not vulnerable to the root exploit observed in this campaign, though they may still be exposed to other types of malicious activity from these apps.

In other words, on vulnerable devices, the malware can behave like a kind of digital “zombie,” continuing to operate in the background even after a reset.

Want the full technical breakdown? Dive into the McAfee Labs research here. 

We break down what you need to know below: 

How “Operation NoVoice” Works 

Operation NoVoice is what security experts call a rootkit malware attack. 

A rootkit is a type of malware designed to gain deep, privileged control of a device while hiding its presence from the user and the operating system’s normal security tools. 

Breaking the term down: 

• “Root” refers to the highest level of access on a system (administrator-level control). 
• “Kit” refers to a collection of tools used by an attacker to maintain that control. 

Put simply, a rootkit allows attackers to operate underneath the normal apps and security protections on a phone, giving them powerful control while staying difficult to detect.

In the case of Operation NoVoice, the attack unfolds in several steps. 

1) A normal-looking app starts the attack

The campaign began with apps that appeared harmless on the Google Play Store. These apps advertised themselves as tools like phone cleaners, puzzle games, or gallery utilities. 

When a user downloaded and opened one of these apps, it appeared to work normally. There are no obvious signs to the user that anything is wrong. 

2) The malware quietly checks the device

Behind the scenes, the app contacts a remote server controlled by the attackers. 

The server collects information about the device, things like its hardware, operating system version, and security patch level. Based on that information, the attackers send back custom exploit code designed for that specific device.

3) The attack gains deep system access

If the exploit succeeds, the malware gains root-level access to the device.

At that point, the attackers can install additional malicious components and modify parts of the Android operating system itself. 

4) Every app on the phone can be affected

Once the rootkit is installed, it modifies a core Android system library that every app relies on. 

This allows attacker-controlled code to run inside any app the user opens. 

That means the attackers could potentially access data from messaging apps, financial apps, or social media apps without the user noticing. 

5) The malware can remain even after a reset

Operation NoVoice also includes persistence mechanisms designed to keep the malware active. 

In some cases, the infection could survive a standard factory reset, because the malicious components modify parts of the system software that resets typically do not replace.

Fully removing the infection may require reinstalling the device’s firmware, something most users cannot easily do themselves.

*To be clear, these apps have been removed from Google Play and are no longer available for download. 

Why The Name “Operation NoVoice” 

The name Operation NoVoice comes from a hidden component inside the malware itself. 

Researchers discovered a resource labeled “novioce” embedded in one of the attack’s later stages. The file contains a silent audio track that plays at zero volume. 

This may seem strange, but it serves a purpose. 

By continuously playing silent audio in the background, the malware can keep a foreground service running without drawing attention. This allows the malicious code to remain active while appearing harmless to the operating system. 

The researchers believe the name “novioce” is likely a misspelling of “no voice,” referring to the silent audio trick used to keep the malware running. 

How To Stay Safe from Malware Disguised as Apps 

Operation NoVoice highlights an important reality: even apps that appear legitimate can sometimes hide malicious behavior. 

Fortunately, there are several steps users can take to reduce their risk. 

Be cautious with unfamiliar apps 

Even if an app appears on the Google Play Store, it’s still important to review: 

• the developer’s name 
• the number of downloads 
• recent user reviews (check for negative reviews) 

Apps with very few reviews, vague descriptions, or suspicious developer accounts can sometimes be part of malware campaigns. And exercise even greater caution with apps promoted through advertisements or that create a a sense of urgency.  

Keep your phone updated 

Many attacks rely on exploiting known vulnerabilities in older versions of Android. 

Installing system updates and security patches helps reduce the chance that these exploits will work.

Remove apps you don’t recognize 

If you notice apps on your device that you don’t remember installing, review them carefully and remove anything suspicious. 

Keeping your phone’s app list clean reduces the potential attack surface. 

Use mobile security protection 

Mobile security software can help detect suspicious behavior and block known malware. 

For example, McAfee Mobile Security detects this threat as Android/NoVoice and can warn users if a malicious app is identified.  

McAfee offers more than traditional antivirus, combining multiple layers of digital protection in one app  

• Scam Detector to help flag suspicious messages and links  
• Safe Browsing tools to help block risky websites  
• VPN to keep your connection private on public Wi-Fi  
• Identity Monitoring and Alerts to notify you if your personal information appears where it shouldn’t  
• Personal Data Cleanup to help remove your information from high-risk data broker sites  
• Device and Account Security to help protect the things you use most 

What Operation NoVoice Tells Us About the Future of Mobile Threats 

Operation NoVoice highlights how mobile malware is evolving. Instead of obvious malicious apps, attackers are increasingly hiding their operations inside ordinary-looking tools distributed through legitimate app stores.

What makes this campaign particularly concerning isn’t just the number of downloads or the technical complexity. It’s the way the malware combines several advanced techniques, device-specific exploits, modular plugins, and deep system persistence, into a single attack chain.

That approach allows attackers to quietly turn an everyday app download into long-term control of a device.

That’s why keeping devices updated, reviewing apps carefully, and using mobile security protection are becoming increasingly important. As Operation NoVoice shows, today’s malware isn’t just trying to get onto devices; it’s trying to stay there. 

The post Operation NoVoice: Android Malware Found in 50+ Apps Can Hijack Devices appeared first on McAfee Blog.

A text that looks like it came straight from a courthouse is making the rounds across the U.S. And yes, I got it too. 

First things first, that’s a scam. And to be clear: DON’T SCAN THAT QR CODE. 

It’s the same playbook as last year’s toll road scams, just dressed up with a little more authority and a lot more pressure. 

Before doing anything, our team ran it through McAfee’s Scam Detector. It immediately flagged the message as suspicious, and that’s exactly the kind of moment this tool is built for. When something feels just real enough to second guess, it gives you a clear signal before you click, scan, or spiral. 

How the scam works 

The text claims you’ve missed a payment, violated a law, or have some kind of outstanding “case.” It then pushes you to scan a QR code or click a link to resolve it quickly. 

From there, one of two things usually happens: 

1. You’re taken to a fake payment page designed to steal your money, or 
2. You’re prompted to download something that gives scammers access to your device or data  

Either way, the goal is the same: get you to act fast before you have time to question it. 

The red flags in this message 

• Urgent, threatening language about fines, penalties, or legal action  
• Vague accusations with no real details about what you supposedly did  
• Official-looking formatting like case numbers, clerk signatures, and judge names  
• Copy-paste consistency across states: McAfee employees in New York and California received nearly identical messages with the same names  

There are reports of this scam popping up nationwide, but the rule is simple: law enforcement does not text you to demand payment or resolve legal issues. 

What to do if you scanned the QR code 

First, don’t panic. Then: 

• Do not pay anything or enter personal information  
• Do not delete apps you were told to install (this can make it harder to detect what happened)  
• Run a device scan using a trusted security tool like McAfee’s free antivirus  
• Keep an eye on your financial accounts and logins for unusual activity  

And that, my friends, is scam number one in this week’s This Week in Scams (new format, we’re experimenting a little).  

Let’s get into what else is on our radar. 

What to Know About an Alleged Crunchyroll Breach 

Anime streaming platform Crunchyroll is investigating claims of a data breach involving customer support ticket data, potentially impacting millions of users. 

According to TechCrunch, access appears to involve a third-party vendor system, a reminder that even strong security setups still rely on people and partners, which can introduce risk in everyday moments. 

Even if you’ve never entered your credit card into a support form, these tickets can still include: 

• Email addresses  
• Usernames  
• Screenshots or account details  
• Conversations that reveal habits, subscriptions, or personal context  

That’s more than enough for scammers to build highly believable follow-ups. 

Why this matters right now 

When breaches like this surface, scammers don’t wait. They use the moment to send emails and messages that feel timely, relevant, and legitimate. 

For example, scammers might send messages pretending to be Crunchyroll and suggesting you “click this link to secure your account” after the breach. In reality, that “security check” exposes your information.

This is where tools like Scam Detector come back into play, flagging suspicious links and messages even when they reference real companies or real events. 

What to do if you have a Crunchyroll account 

• Change your password, especially if you’ve reused it elsewhere  
• Turn on two-factor authentication  
• Be cautious of emails referencing the breach or asking you to “secure your account”  
• Avoid clicking links and go directly to the official site instead  

How McAfee Helps You Stay Ahead of Scams and Breaches

McAfee+ Advanced gives you multiple layers working together so you’re not left figuring it out in the moment: 

• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage  
• Safe Browsing helps block risky sites if you do click or scan  
• Device Security helps detect and remove malicious apps or downloads  
• Identity Monitoring alerts you if your personal info shows up where it shouldn’t, so you can act fast  
• Personal Data Cleanup helps remove your information from data broker sites, making you a harder target in the first place  
• Secure VPN keeps your data private, especially on public Wi-Fi  

Plus our instant QR code scam checks will flag suspicious QR codes before you scan them.

Safety tips to carry into next week 

• Slow down when a message creates urgency. That’s the hook  
• Don’t scan QR codes or click links from unexpected texts  
• Go directly to official websites instead of using links sent to you  
• Use tools that flag scams in real time so you don’t have to guess  

The reality is, these scams are designed to look normal. You shouldn’t have to be an expert to spot them. That’s why McAfee’s here to help. 

We’ll be back next week with more scams making headlines. 

The post Got a “Court Notice” Text? Ignore It. Plus, the Crunchyroll Breach: This Week in Scams appeared first on McAfee Blog.