Login
If you recently received an unexpected email from Instagram asking you to reset your password, you are not alone. Over the past several days, thousands of users reported receiving legitimate password reset emails they did not request.
The sudden wave of messages led to widespread confusion and concern about whether Instagram had suffered a data breach. Instagram and its parent company Meta deny that a breach occurred, stating instead that they fixed an issue that allowed an external party to trigger password reset emails for some users.
While the exact source of the activity remains disputed, the situation highlights a broader and more important issue. Password reset emails, even when legitimate, are often the first signal users get that their information may be exposed, reused, or being targeted by attackers.
Here is what we know so far and what this incident reveals about how password compromises really happen.
Instagram says no.
In statements reported by the BBC and BleepingComputer, Meta said it resolved a problem that allowed an external party to request password reset emails on behalf of users. The company maintains there was no breach of its systems and that accounts remain secure.
At the same time, cybersecurity researchers and firms, including Malwarebytes, have warned about a dataset circulating on hacking forums that allegedly contains information linked to more than 17 million Instagram accounts. According to reporting, that data may include usernames, email addresses, phone numbers, locations, and account IDs, but not passwords.
Some researchers believe the dataset may be a compilation of older scraped data rather than evidence of a new breach. Others say the timing of the password reset emails and the appearance of the data raises unresolved questions.
What matters for users is this: regardless of whether this was a new breach, old scraped data, or a technical abuse of password reset systems, attackers routinely use exposed personal information to launch phishing, account takeover attempts, and social engineering attacks.
A true data breach occurs when attackers gain unauthorized access to internal systems and steal protected data such as passwords, financial information, or private communications.
In many cases, personal data is also exposed through:
That distinction matters because even when passwords are not leaked, exposed personal data can still be weaponized. Names, emails, phone numbers, and locations are often enough for scammers to craft convincing phishing messages that appear legitimate.
There are several common reasons this happens, and none of them require your Instagram password to be stolen.
Scammers often use these moments to send fake follow-up emails that look nearly identical to legitimate ones. That is why security experts consistently recommend going directly to the app or official website rather than clicking links in unexpected messages.
If you did not request the reset:
If you decide to change your password, make sure the new one is unique and not used anywhere else.
Click “Review Settings” to enable 2FA in your Account Center
When you set up two-factor authentication on Instagram, you’ll be asked to choose one of three security methods: an authentication app, text message, or WhatsApp.
And here’s a link to the company’s full walkthrough: https://help.instagram.com/566810106808145
Remembering dozens of unique, strong passwords is not realistic for most people. That is why password managers exist.
A password manager can:
Using a password manager removes the pressure to reuse passwords and helps close one of the most common doors attackers walk through.
McAfee’s password manager helps you secure your accounts by generating complex passwords, storing them and auto-filling your info for faster logins across devices. It’s secure and, best of all, you only have to remember a single password.
|
Was my Instagram password stolen? There is no evidence that passwords were leaked in this incident. |
|
Should I reset my password anyway? If you are unsure or reuse passwords elsewhere, resetting it directly in the app is a smart precaution. |
|
Are the emails real or phishing? Some emails were legitimate, but scammers often mimic them. Always go directly to the app or website. |
|
Why is password reuse dangerous? Because a breach on one site can expose all accounts that share the same password. |
The post Didn’t Request an Instagram Password Reset? Here’s What to Do appeared first on McAfee Blog.
McAfee’s Scam Detector has been named a Winner of the 2026 BIG Innovation Awards, presented by the Business Intelligence Group, marking the third major industry award the product has earned since launching just months ago.
The recognition underscores a growing consensus across independent judges: as scams become more sophisticated and AI-driven, consumers need protection that works automatically, explains risks clearly, and helps stop harm before it happens.
The BIG Innovation Awards recognize products and organizations that deliver measurable innovation with real-world impact. The program focuses not only on technical advancement, but on how solutions improve everyday life for individuals and households.
For consumer cybersecurity products like Scam Detector, that means being evaluated on:
The award highlights Scam Detector’s role in helping people stay safer online as scams grow more sophisticated, more personal, and increasingly powered by AI.
According to feedback from the BIG Innovation Awards judging panel, Scam Detector was recognized for:
Strong real-world relevance: Scams are now an everyday risk, not a niche technical issue
Clear consumer value: Protection that runs automatically in the background without requiring expert knowledge
AI used responsibly: Applying advanced models to reduce harm, not increase it
Early impact: Rapid adoption, with more than one million users in its first months
Judges also noted the importance of Scam Detector’s educational alerts, which don’t just block threats, but explain why something is risky, helping people build confidence over time.
Using AI to Fight AI-Driven Scams
Scam Detector is McAfee’s AI-powered protection designed to detect scams across text, email, and video, block dangerous links, and identify deepfakes, before harm occurs.
As scammers increasingly use generative AI to impersonate people, brands, and institutions, protection needs to operate at the same speed and scale. Scam Detector is built to do exactly that, quietly working in the background while users go about their day.
Scam Detector is included with all core McAfee plans and is available across mobile, PC, and web.
McAfee was recognized alongside other consumer-facing innovators whose products directly serve individuals and households. Fellow 2026 BIG Innovation Award winners include:
Capital One Auto – Chat Concierge: A consumer-facing service designed to help car buyers and owners navigate financing and ownership decisions.
Starkey – Omega AI Hearing Aid: A wearable hearing aid that integrates AI assistance, health monitoring, and real-time translation.
Phonak – Virto R Infinio: Custom-fit hearing aids designed to deliver personalized hearing solutions for individual users.
EZVIZ – 9c Dual 4G Series Camera: A smart home security camera built for personal and household use.
Sinomax USA: Consumer mattresses and comfort products focused on everyday home use.
beyoutica 1905: A wellness product designed for health- and lifestyle-focused consumers.
Wheels – Pool CheckOut: A consumer-oriented solution designed to simplify vehicle service and checkout experiences.
Together, these winners reflect how innovation increasingly shows up in tools people rely on at home, in their cars, and on their phones.
Since launch, McAfee’s Scam Detector has earned recognition across multiple independent award programs, each highlighting a different dimension of its impact:
Winner and Top 10 Innovator – Large Business, recognizing real-world consumer impact and responsible AI use.
Together, these awards reinforce a consistent message from independent judges: consumer cybersecurity works best when advanced technology is paired with clarity, usability, and trust.
McAfee’s Scam Detector is an AI-powered scam protection feature designed to spot and stop scams across text messages, emails, and videos. Built in response to the rapid rise of AI-generated fraud, Scam Detector automatically analyzes suspicious content, blocks dangerous links, and identifies deepfakes, while explaining why something was flagged so users can make more confident decisions online.
What Scam Detector Does
Detects text message scams across popular apps and messaging platforms
Flags phishing and suspicious emails with clear explanations, helping users learn what to watch for
Identifies AI-generated or manipulated audio in videos, including potential deepfakes
Offers on-demand scam checks, allowing users to upload a message, link, or screenshot for analysis
Runs primarily on-device, helping protect user privacy without sending personal content to the cloud
Scam Detector is designed to work quietly in the background, providing protection without requiring constant decisions or technical expertise. Scam Detector is included at no extra cost with all core McAfee consumer plans. Learn more here.
The post McAfee’s Scam Detector Earns Third Major Award Within Months of Launch appeared first on McAfee Blog.
This week in scams, the biggest threats showed up as routine security messages, viral consumer “warnings,” and AI-generated content that blended seamlessly into platforms people already trust.
Every week, we bring you a roundup of the scams making headlines, not just to track what’s happening, but to explain how these schemes work, why they’re spreading now, and what you can do to stay ahead of them.
Here are scams in the news this week, and safety tips from our experts at McAfee:
Scammers are increasingly impersonating Amazon customer support to take over accounts using real one-time passcodes (OTPs), not fake links or malware.
Here’s how the scam works in practice.
Victims receive an unsolicited phone call from someone claiming to work for Amazon. The caller says suspicious activity has been detected on the account and may reference expensive purchases, often items like smartphones, to make the threat feel credible.
The call usually comes from a spoofed number and the scammer may already know your name or phone number, which helps lower suspicion.
While speaking to you, the scammer attempts to access your Amazon account themselves by entering your phone number or email address on the login page and selecting “forgot password” or triggering a login from a new device.
That action causes Amazon’s real security system to send a legitimate one-time passcode to your phone or email.
If you read that code aloud or share it, the scammer can immediately:
The scam works precisely because the code is real—and because it arrives while the caller is convincing you it’s part of a routine security check.
Important to remember: Amazon will never contact you first to ask for your password, verification codes, or security details. If you receive a one-time passcode you didn’t request, do not share it with anyone.
A growing scam on TikTok shows how AI-generated deepfake videos are now being used not just for misinformation, but for direct financial fraud.
This week, Spanish media and officials warned that scammers are circulating fake TikTok videos appearing to show Princess Leonor, the 20-year-old heir to Spain’s throne, offering financial assistance to users.
According to The Guardian, the videos show an AI-generated version of Leonor promising payouts running into the thousands of dollars in exchange for a small upfront “fee.”
Once victims send that initial payment, the scam doesn’t end. Fraudsters repeatedly demand additional fees before eventually disappearing.
This case highlights how deepfakes are moving beyond novelty and into repeatable, high-reach fraud, where trust in familiar public figures is weaponized at scale.
A viral post on Reddit this week shows how AI-generated text can convincingly impersonate whistleblowers, and even mislead experienced journalists.
The post claimed to come from an employee at a major food delivery company, alleging the firm was exploiting drivers and users through opaque AI systems. Written as a long, confessional screed, the author said he was drunk, using library Wi-Fi, and risking retaliation to expose the truth.
The claims were believable in part because similar companies have faced real lawsuits in the past. The post rocketed to Reddit’s front page, collecting over 87,000 upvotes, and spread even further after being reposted on X, where it amassed tens of millions of impressions.
As Platformer journalist Casey Newton later reported, the supposed whistleblower provided what appeared to be convincing evidence, including a photo of an employee badge and an 18-page internal document describing an AI-driven “desperation score” used to manage drivers. But during verification attempts, red flags emerged. The materials were ultimately traced back to an AI-generated hoax.
Detection tools later confirmed that some of the images contained AI watermarks, but only after the post had already gone viral.
This incident underscores a growing problem: AI-generated misinformation doesn’t need to steal money directly to cause harm. Sometimes, the damage is to trust itself — and by the time the truth surfaces, the narrative has already taken hold.
As scams increasingly rely on a combination of realism and urgency, protecting yourself starts with slowing down and verifying before you act.
The scams making headlines this week share a common theme: they don’t look like scams at first glance. Whether it’s an AI-generated video of a public figure or a viral post posing as a consumer warning, today’s fraud relies on familiarity, credibility, and trust.
That’s why McAfee’s Scam Detector and Web Protection help detect scam messages, dangerous sites, and AI-generated deepfake videos, alerting you before you interact or click.
We’ll be back next week with another roundup of the scams worth watching, the stories behind them, and the steps you can take to stay one step ahead.
The post This Week in Scams: Explaining the Fake Amazon Code Surge appeared first on McAfee Blog.
It’s no longer possible to deny that your life in the physical world and your digital life are one and the same. Coming to terms with this reality will help you make better decisions in many aspects of your life.
The same identity you use at work, at home, and with friends also exists in apps, inboxes, accounts, devices, and databases, whether you actively post online or prefer to stay quiet. Every purchase, login, location ping, and message leaves a trail. And that trail shapes what people, companies, and scammers can learn about you, how they can reach you, and what they might try to take.
That’s why digital security isn’t just an IT or a “tech person” problem. It’s a daily life skill. When you understand how your digital life works, what information you’re sharing, where it’s stored, and how it can be misused, you make better decisions. This guide is designed to help you build that awareness and translate it into practical habits: protecting your data, securing your accounts, and staying in control of your privacy in a world that’s always connected.
Being digitally secure doesn’t mean hiding from the internet or using complicated tools you don’t understand. It means having intentional control over your digital life to reduce risks while still being able to live, work, and communicate online safely. A digitally secure person focuses on four interconnected areas:
Your personal data is the foundation of your digital identity. Protecting it includes limiting how much data you share, understanding where it’s stored, and reducing how easily it can be collected, sold, or stolen. At its heart, personal information falls into two critical categories that require different levels of protection:
Account security ensures that only you can access them. Strong, unique passwords, multi-factor authentication, and secure recovery options prevent criminals from hijacking your email, banking, cloud storage, social media, and other online accounts, often the gateway to everything else in your digital life.
Privacy control means setting boundaries and deciding who can see what about you, and under what circumstances. This includes managing social media visibility, app permissions, browser tracking, and third-party access to your data.
Digital security is an ongoing effort as threats evolve, platforms change their policies, and new technologies introduce new risks. Staying digitally secure requires periodic check-ins, learning to recognize scams and manipulation, and adjusting your habits as the digital landscape changes.
Your personal information faces exposure risks through multiple channels during routine digital activities, often without your explicit knowledge.
Implementing comprehensive personal data protection requires a systematic approach that addresses the common exposure points. These practical steps provide layers of security that work together to minimize your exposure to identity theft and fraud.
Start by conducting a thorough audit of your online accounts and subscriptions to identify where you have unnecessarily shared more data than needed. Remove or minimize details that aren’t essential for the service to function. Moving forward, provide only the minimum required information to new accounts and avoid linking them across different platforms unless necessary.
Be particularly cautious with loyalty programs, surveys, and promotional offers that ask for extensive personal information, as they may share it with third parties. Read privacy policies carefully, focusing on sections that describe data sharing, retention periods, and your rights regarding your personal information.
If possible, consider using separate email addresses for different accounts to limit cross-platform tracking and reduce the impact if one account is compromised. Create dedicated email addresses for shopping, social media, newsletters, and important accounts like banking and healthcare.
Privacy protection requires regular attention to your account settings across all platforms and services you use. Social media platforms frequently update their privacy policies and settings, often defaulting to less private configurations that allow them to collect and share your data. For this reason, it is a good idea to review your privacy settings at least quarterly. Limit who can see your posts, contact information, and friend lists. Disable location tracking, facial recognition, and advertising customization features that rely on your personal data. Turn off automatic photo tagging and prevent search engines from indexing your profile.
On Google accounts, visit your Activity Controls and disable Web & App Activity, Location History, and YouTube History to stop this data from being saved. You can even opt out of ad personalization entirely if desired by adjusting Google Ad Settings. If you are more tech savvy, Google Takeout allows you to export and review what data Google has collected about you.
For Apple ID accounts, you can navigate to System Preferences on Mac or Settings on iOS devices to disable location-based Apple ads, limit app tracking, and review which apps have access to your contacts, photos, and other personal data.
Meanwhile, Amazon accounts store extensive purchase history, voice recordings from Alexa devices, and browsing behavior. Review your privacy settings to limit data sharing with third parties, delete voice recordings, and manage your advertising preferences.
Regularly audit the permissions you’ve granted to installed applications. Many apps request far more permissions to your location, contacts, camera, and microphone even though they don’t need them. Cancel these unnecessary permissions, and be particularly cautious about granting access to sensitive data.
Create passwords that actually protect you; they should be long and complex enough that even sophisticated attacks can’t easily break them. Combine uppercase letters, lowercase letters, numbers, and special characters to make it harder for attackers to crack.
Aside from passwords, enable multi-factor authentication (MFA) on your most critical accounts: banking and financial services, email, cloud storage, social media, work, and healthcare. Use authenticator apps such as Google Authenticator, Microsoft Authenticator, or Authy rather than SMS-based authentication when possible, as text messages can be intercepted through SIM swapping attacks. When setting up MFA, ensure you save backup codes in a secure location and register multiple devices when possible to keep you from being locked out of your accounts if your primary authentication device is lost, stolen, or damaged.
Alternatively, many services now offer passkeys which use cryptographic keys stored on your device, providing stronger security than passwords while being more convenient to use. Consider adopting passkeys for accounts that support them, particularly for your most sensitive accounts.
Device encryption protects your personal information if your smartphone, tablet, or laptop is lost, stolen, or accessed without authorization. Modern devices typically offer built-in encryption options that are easy to enable and don’t noticeably impact performance.
You can implement automatic backup systems such as secure cloud storage services, and ensure backup data is protected. iOS users can utilize encrypted iCloud backups, while Android users should enable Google backup with encryption. Regularly test your backup systems to ensure they’re working correctly and that you can successfully restore your data when needed.
Identify major data brokers that likely have your information and look for their privacy policy or opt-out procedures, which often involves submitting a request with your personal information and waiting for confirmation that your data has been removed.
In addition, review your subscriptions and memberships to identify services you no longer use. Request account deletion rather than simply closing accounts, as many companies retain data from closed accounts. When requesting deletion, ask specifically for all personal data to be removed from their systems, including backups and archives.
Keep records of your opt-out and deletion requests, and follow up if you don’t receive confirmation within the stated timeframe. In the United States, key data broker companies include Acxiom, LexisNexis, Experian, Equifax, TransUnion, Whitepages, Spokeo, BeenVerified, and PeopleFinder. Visit each company’s website.
Connect only to trusted, secure networks to reduce the risk of your data being intercepted by attackers lurking behind unsecured or fake Wi-Fi connections. Avoid logging into sensitive accounts on public networks in coffee shops, airports, or hotels, and use encrypted connections such as HTTPS or a virtual private network to hide your IP address and block third parties from monitoring your online activities.
Rather than using a free VPN service that often collects and sells your data to generate revenue, it is better to choose a premium, reputable VPN service that doesn’t log your browsing activities and offers servers in multiple locations.
Cyber threats evolve constantly, privacy policies change, and new services collect different types of personal information, making personal data protection an ongoing process rather than a one-time task. Here are measures to help regularly maintain your personal data protection:
By implementing these systematic approaches and maintaining regular attention to your privacy settings and data sharing practices, you significantly reduce your risk of identity theft and fraud while maintaining greater control over your digital presence and personal information.
You don’t need to dramatically overhaul your entire digital security in one day, but you can start making meaningful improvements right now. Taking action today, even small steps, builds the foundation for stronger personal data protection and peace of mind in your digital life. Choose one critical account, update its password, enable multi-factor authentication, and you’ll already be significantly more secure than you were this morning. Your future self will thank you for taking these proactive steps to protect what matters most to you.
Every step you take toward better privacy protection strengthens your overall digital security and reduces your risk of becoming a victim of scams, identity theft, or unwanted surveillance. You’ve already taken the first step by learning about digital security risks and solutions. Now it’s time to put that knowledge into action with practical steps that fit seamlessly into your digital routine.
The post What Does It Take To Be Digitally Secure? appeared first on McAfee Blog.
The holidays are just around the corner and amid the hustle and bustle, many of us will fire up our devices to go online, order gifts, plan travel, and spread cheer. But while we’re getting festive, the cybercriminals are getting ready to take advantage of the influx of your good cheer to spread scams and malware.
With online shopping expected to grow by 7.9% year-on-year in the U.S. alone in 2025, according to Mastercard, and more people than ever using social media and mobile devices to connect, the cybercriminals have a lot of opportunities to spoil our fun. Using multiple devices provides the bad guys with more ways to access your valuable “digital assets,” such as personal information and files, especially if the devices are under-protected.
In this guide, let’s look into the 12 most common cybercrimes and scams of Christmas, and what you can do to keep your money, information, and holiday spirit safe.
The festive atmosphere, continued increase in online shopping activity, and charitable spirit that define the holidays create perfect conditions for scammers to exploit your generosity and urgency.
Not surprisingly, digital criminals become more active and professional during this period, driven even more by the increasing power of artificial intelligence. A new McAfee holiday shopping report revealed that 86% of consumers surveyed receive a daily average of 11 shopping-related text or email messages that seem suspicious. This includes 3 scam texts, 5 emails, and 3 social media messages. Meanwhile, 22% admit they have been scammed during a holiday season in the past.
Their scams succeed because they exploit the psychological and behavioral patterns that are rife during the holidays. The excitement and time pressure of holiday shopping often prevail over our usual caution, while the emotional aspects of gift-giving and charitable donations can be exploited and move us to be more generous. Meanwhile, scammers understand that you’re more likely to make quick purchasing decisions when the fear of missing out on limited-time offers overtakes your judgment or when you’re rushing to find the perfect gift before it’s too late.
Overall, the frenzied seasonal themes create an environment where criminals can misuse the urgency of their fake offers and cloud our judgment, making fraudulent emails and websites appear more legitimate, while you’re already operating under the stress of holiday deadlines and budget concerns. After all, holiday promotions and charity appeals are expected during this time of year.
Now that you understand the psychology behind the scams, it’s time to become more aware of the common scams that cybercriminals run during the holiday season.
As you head online this holiday season, stay on guard and stay aware of scammers’ attempts to steal your money and your information. Familiarize yourself with the “12 Scams of Christmas” to ensure a safe and happy holiday season:
Many of us use social media sites to connect with family, friends, and co-workers over the holidays, and the cybercriminals know that this is a good place to catch you off guard because we’re all “friends,” right? Here are some ways that criminals will use these channels to obtain shoppers gift money, identity or other personal information:
As the popularity of smartphone apps has grown, so have the chances of you downloading a malicious application that steals your information or sends premium-rate text messages without your knowledge. Apps ask for more permissions than they need, such as access to your contacts or location.
If you unwrap a new smartphone this holiday season, make sure that you only download applications from official app stores and check other users’ reviews, as well as the app’s permission policies, before downloading. Software, such as McAfee Mobile Security, can also help protect you against dangerous apps.
Many of us travel to visit family and friends over the holidays. We begin our journey online by looking for deals on airfare, hotels, and rental cars. Before you book, keep in mind that scammers are looking to hook you with phony travel webpages with too-fantastic deals—beautiful pictures and rock-bottom prices—to deceive you into handing over your financial details and money.
Even when you’re already on the road, you need to be careful. Sometimes, scammers who have gained unauthorized access to hotel Wi-Fi will release a malicious pop-up ad on your device screen, and prompt you to install software before connecting. If you agree to the installation, it downloads malware onto your machine. To thwart such an attempt, it’s important that you perform a security software update before traveling.
You are probably already familiar with email phishing and SMiShing messages containing questionable offers and links. The scammer will mimic a legitimate organization offering cheap Rolex watches and luxury products as the “perfect gift” for that special someone, or send a message posing as your bank with a holiday promo and try to lure you into revealing information or direct you to a fake webpage. Never respond to these scams or click on an included link. Be aware that real banks won’t ask you to divulge personal information via text message. If you have any questions about your accounts, you should contact your bank directly.
QR code phishing, or “quishing,” has emerged as a significant new threat during holiday shopping seasons. In this scam method, cybercriminals place malicious QR codes in holiday advertisements posted on social media or printed flyers, parking meters and payment kiosks at shopping centers, or at restaurant tables during holiday dining. They could also email attachments claiming to offer exclusive holiday deals or fake shipping labels placed over legitimate tracking QR codes.
The kind of excitement and buzz surrounding Apple’s new iPad and iPhone is just what cybercrooks dream of when they plot their scams. They will mention must-have holiday gifts in dangerous links, phony contests, and phishing emails to grab your attention. Once they’ve caught your eye, they will again try to get you to reveal personal information or click on a dangerous link that could download malware onto your machine. Be suspicious of any deal mentioning hot holiday gift items—especially at extremely low prices—and try to verify the offer with the real retailer involved.
Cybercriminals exploit employee expectations of year-end communications by creating fake emails that appear to come from your HR department. These messages often claim to contain annual bonus information, updated benefits packages, or mandatory holiday attendance announcements. These scams are particularly effective because they prey on legitimate employee concerns about compensation, benefits, and personal time off during the holiday season. The emails often feature real-looking company logos, proper formatting, and even references to company policies to increase their credibility.
Gift cards are probably the perfect gift for some people on your holiday list. Given their popularity, cybercriminals can’t help but want to get in on the action by offering bogus gift cards online. Be wary of buying gift cards from third parties. It’s best to buy from the official retailer. Just imagine how embarrassing it would be to find out that the gift card you gave your mother-in-law was fraudulent!
No matter what gift you’re looking for, chances are you can find it quickly and easily online, but you still want to be careful in selecting which site to shop. By promoting great deals, phony e-commerce sites will try to convince you to type in your credit card number and other personal details. After obtaining your money and information, you never receive the merchandise, and your personal information is put at risk. To prevent falling victim to bogus e-commerce stores, shop only at trusted and well-known e-commerce sites. If you’re shopping on a site for the first time, check other users’ reviews and verify that the phone number listed on the site is legitimate.
This is one of the biggest scams of every holiday season. As we open our hearts and wallets, the bad guys will send spam emails and pretend to be a real charity in the hope of getting in on the giving. Their emails will sport a stolen logo and copycat text, or come from an entirely invented charity. If you want to give, it’s always safer to visit the charity’s legitimate website, and do a little research about the charity before you donate.
E-cards are a popular way to send a quick “thank you” or holiday greeting. While most e-cards are safe, some are malicious and may contain spyware or viruses that download onto your computer once you click on the link to view the greeting. Before clicking, look for clues that the e-card is legitimate. Make sure it comes from a well-known e-card site by checking the domain name of the included link. Also check to see that the sender is someone you actually know, and that there are no misspellings or other red flags that the card is a fake.
With increased package deliveries during the holiday season, fake shipping notifications have become a common attack. These messages claim to be from legitimate shipping companies such as UPS, FedEx, or DHL, informing you of package delivery attempts or shipping delays. To complete the delivery, these notices will ask you to click on malicious links or attachments that will download malware or direct you to fake websites that will steal personal information. The timing of these attacks coincides with legitimate increased shipping activity, making them harder to distinguish from authentic communications. To track your deliveries, it is best to check the shipping company’s real website or through the trusted platform from which you ordered the product.
Knowing about these common scam tactics is only the first step toward protecting yourself and those you care about. The next step is for you to learn and implement practical, effective strategies to stay safe while still enjoying digital holiday shopping and giving.
The holiday season brings joy and connection, but it’s also a time when scammers work hardest to exploit your festive but rushed and distracted spirit. Effective Christmas scam prevention starts with awareness. By slowing down and taking a moment to verify before you click or buy, and using layered cybersecurity protections, you can worry about one less thing and focus on what matters most this season.
Stay security-conscious without letting fear diminish your holiday enjoyment and pursue your digital holiday activities with the right knowledge and tools. We hope that the specific, actionable protections will help you identify red flags, verify legitimate offers, secure your devices and accounts, and respond effectively to suspicious activity. Stay informed by following trusted sources for the latest cybersecurity tips during the holidays, and make this season about celebrating safely with the people you care about most.
Send the link to this page to your family and friends to increase their awareness and take steps to protect themselves.
The post The Top 12 Scams Of Christmas To Watch Out For appeared first on McAfee Blog.
Thanksgiving—not before Halloween as we see things in stores and online now. It seems like the holiday season and decorations start earlier and earlier every year.
But one thing that hasn’t changed is that Black Friday is still a big shopping day. With the advent of online shopping has emerged Cyber Monday, another big sale day for online shoppers on the first Monday after Thanksgiving.
Although many of us may take advantage of these great deals that the holidays offer, we also need to be aware of the risks. Online shopping is a fun and convenient way to make purchases, locate hard-to-find items, and discover bargains, but we need to take steps to protect ourselves.
This guide looks at the methods and warning signs behind online shopping scams, shows you how to recognize fake shopping apps and websites, and shares tips for staying safe online.
Online shopping has become a cornerstone of American life. CapitalOne Shopping projects American online spending to reach $1.34 trillion in 2024 and exceed $2.5 trillion in 2030.
With such a massive sum at stake, cybercriminals are laser-focused on taking a share of it, posing financial risk to the 288 million Americans who shop online. As e-commerce grows, so does fraud. In 2024, e-commerce fraud was valued at $44.3 billion, a number seen to grow by 141% to $107 billion in 2029.
Be that as it may, there are many smart shopping habits you can apply to dramatically reduce your risk of becoming a victim of online shopping fraud and enjoy the convenience and benefits of online commerce.
Online shopping scams are designed to look normal—at first glance—especially during busy sale seasons when we’re distracted by a million preparations, moving fast, and chasing deals. These are the very circumstances that fraudsters bank on to victimize you into taking the bait. Being aware of the common scam indicators will help you pause and think, recognize trouble early, and protect both your money and your personal information.
Safe online shopping starts with recognizing the hallmarks of legitimate retailers. Before you enter any payment details, take a moment to verify that the website you’re shopping on is genuine. Scam stores can look polished and convincing, but they often leave behind subtle clues. Here are quick ways to check their authenticity:
trustmark, indicating that the site has been scanned and verified as secure by a trusted third party. This security seal indicates that the site will help protect you from identity theft, credit card fraud, spam, and other malicious threats.The FTC also recommends these additional tips so you can enjoy all the advantages that online shopping has to offer and prevent risking your personal information.
Online shopping should feel exciting, not a dangerous undertaking you have to brace for, especially during the season of giving. It can be, with a few simple steps—checking the URL, looking for HTTPS, verifying the seller, paying with a credit card or virtual number, and trusting your gut when something feels suspicious. These small habits will keep your money and your identity where they belong: with you.
For increased safety while shopping online, seek out the help of a trusted security solution such as McAfee+ that will alert you of risky links and compromised websites to prevent identity theft or malware infection.
If this guide helps you, pass it along to someone you care about. Scams don’t just target individuals—they cascade into families and friend groups. The more we normalize safe shopping habits and increase our vigilance, the harder it is for fraudsters to win. If you ever feel unsure mid-purchase, take a breath and double-check. A few extra seconds now can save you a lot of stress later. Stay safe, and happy shopping!
The post Helpful Tips for Safe Online Shopping appeared first on McAfee Blog.
Even as passkeys and biometric sign-ins become more common, nearly every service still relies on a password somewhere in the process—email, banking, social media, health portals, streaming, work accounts, and device logins.
Most people, however, don’t realize the many ways we make our accounts vulnerable due to weak passwords, enabling hackers to easily crack them. In truth, password security isn’t complicated once you understand what attackers do and what habits stop them.
In this guide, we will look into the common mistakes we make in creating passwords and offer tips on how you can improve your password security. With a few practical changes, you can make your accounts dramatically harder to compromise.
Modern password strength comes down to three truths. First, length matters more than complexity. Every extra character multiplies the number of guesses an attacker must make. Second, unpredictability matters because attack tools prioritize the most expected human choices first. Third, usability matters because rules that are painful to follow lead to workarounds like reuse, tiny variations, or storing written passwords in unsafe ways. Strong password security is a system you can sustain, not a heroic one-time effort.
Strong passwords serve as digital barriers that are more difficult for attackers to compromise. Mathematically, password strength works in your favor when you choose well. A password containing 12 characters with a mix of uppercase letters, lowercase letters, numbers, and symbols creates over 95 trillion possible combinations. Even with advanced computing power, testing all these combinations requires substantial time and resources that most attackers prefer to invest in easier targets.
This protection multiplies when you use a unique password for each account. Instead of one compromised password providing access to multiple services, attackers must overcome several independent security challenges, dramatically reducing your overall risk profile.
Developing strong password security habits offers benefits beyond protecting your accounts. These habits contribute to your overall digital security posture and create positive momentum for other security improvements, such as:
On the other hand, weak passwords are not just a mild inconvenience. They enable account takeovers and identity theft, and can become the master key to your other accounts. Here’s a closer look at the consequences:
Account takeover happens when cybercriminals gain unauthorized access to your online accounts using compromised credentials. They could impersonate you across your entire digital presence, from email to social media. For instance, they can send malicious messages to your contacts, make unauthorized purchases, and change your account recovery information to lock you out permanently.
The effects of an account takeover can persist for years. You may discover that attackers used your accounts to create new accounts in your name, resulting in damaged relationships and credit scores, contaminated medical records, employment difficulties, and legal complications with law enforcement.
Financial losses from password-related breaches aren’t limited to money stolen from your accounts. Additional costs often include:
The stress and time required to resolve these issues also affect your overall well-being and productivity.
Your passwords also guard your personal communications, private photos, confidential documents, and intimate details about your life. When these barriers fail, you could find your personal photos and messages shared without consent, confidential business information in competitors’ hands. The psychological, emotional, and professional impact of violated trust can persist long after the immediate crisis passes.
You can dramatically improve your password security with relatively small changes. No need to invest in expensive or highly technical tools to substantially improve your security. Here are some simple tips for better password security:
If you take away only one insight from this article, let it be this: password length is your biggest advantage. A long password creates a search effort that brute force tools will take a long time to finish. Instead of trying to remember short strings packed with symbols, use passphrases made of several unrelated words. Something like “candle-river-planet-tiger-47” is both easy to recall and extremely hard to crack. For most accounts, 12–16 characters is a solid minimum; for critical accounts, longer is even better.
Password reuse is the reason credential stuffing works. When one site is breached, attackers immediately test those leaked credentials on other services. If you reuse those credentials, you have effectively given the keys to your kingdom. Unique passwords can block that entry. Even if a shopping site leaks your password, your email and banking stay protected because their passwords are different.
Attackers always try the obvious human choices first: names, birthdays, pets, favorite teams, cities, schools, and anything else that could be pulled from social media or public records. Even combinations that feel “creative,” such as a pet name plus a year, tend to be predictable to cracking tools. Your password should be unrelated to your life.
In the past, security experts encouraged people to replace letters with symbols such as turning “password” into “P@ssw0rd” and calling it secure. That advice no longer holds today, as attack tools catch these patterns instantly. The same goes for keyboard walks (qwerty, asdfgh), obvious sequences (123456), and small variations like “MyPassword1” and “MyPassword2.” If your password pattern makes sense to a human, a modern cracking tool will decipher it in seconds.
Humans think they’re random, but they aren’t. We pick symbols and words that look good together, follow habits, and reuse mental templates. Two reliable ways to break that habit are using Diceware—an online dice-rolling tool that selects words from a list—and password generators, which create randomness better than your human brain. In addition, the variety of characters in your password impacts its strength. Using only lowercase letters gives you 26 possible characters per position, while combining uppercase, lowercase, numbers, and symbols expands this to over 90 possibilities.
Not every account needs the same level of complexity, but every account needs to be better than weak. For email, banking, and work systems, use longer passphrases or manager-generated passwords of 20 characters or more. For daily convenience accounts such as shopping or social media, a slightly shorter but still unique passphrase is fine. For low-stakes logins you rarely use, still keep at least a 12-character unique password. This keeps your accounts secure without being mentally exhausting.
Multi-factor authentication (MFA) adds a second checkpoint in your security, stopping most account takeovers even if your password leaks. Authenticator apps are stronger than SMS codes, which can be intercepted in SIM-swap attacks. Hardware or physical security keys are even stronger. Start with your email and financial accounts, then expand to everything that offers MFA.
A perfect password is useless if you type it into the wrong place. Phishing attacks work by imitating legitimate login pages or sending urgent messages that push you to click. Build the habit of checking URLs in unsolicited emails or texts, being wary of pressure tactics, and taking a moment to question the message. When in doubt, open a fresh tab and navigate to the service directly.
You may not know it, but shared computers may carry keyloggers, unsafe browser extensions, or saved sessions from other users. If you have no choice but to sign in using a shared device, don’t allow the browser to save your log-in details, log out fully afterward, and change the password later from your own device.
On public networks in places like such as cafes or airports, cybercriminals could be prowling for their next victim. Attackers sometimes create fake hotspots with familiar names to trick people into connecting. Even on real public Wi-Fi, traffic can be intercepted. The safest choice is to avoid logging into sensitive accounts on public networks. If you must use public Wi-Fi, protect yourself by using a reputable virtual private network and verify the site uses HTTPS.
Many password thefts happen as a result of compromised devices and software. Outdated operating systems and browsers can contain security vulnerabilities known to hackers, leading to malware invasion, session hijacking, or credential harvesting. The best recourse is to set up automatic updates for your OS, browser, and antivirus tool to remove a huge chunk of risk with no additional effort from you.
Password managers solve two hard problems at once: creating strong unique passwords and remembering them. They store credentials in an encrypted vault protected by a master password, generate high-entropy passwords automatically, and often autofill only on legitimate sites (which also helps against phishing). In practice, password managers are what make “unique passwords everywhere” feasible.
Among all others, your master password that opens your password manager is the one credential you must memorize. Make it long, passphrase-style, and make sure you have never reused it anywhere else. Then add MFA to the manager itself. This makes it extremely difficult for someone to get into your vault even if they somehow learn your master password.
The old “change every 90 days no matter what” guideline could backfire, leading to password-creation fatigue and encouraging people to make only tiny predictable tweaks. A smarter approach is to update only when something changes in your risk: a breach, a suspicious login alert, or a health warning from your password manager. For critical accounts, doing a yearly review is a reasonable rhythm.
Unused accounts are easy to forget and easy to compromise. Delete services you don’t use anymore, and review which third-party apps are connected to your Google, Apple, Microsoft, or social logins. Each unnecessary connection is another doorway you don’t need open.
As mentioned in the tips above, passphrases have become the better, more secure alternative to traditional passwords. A passphrase is essentially a long password made up of multiple words, forming a phrase or sentence that’s meaningful to you but not easily guessed by others.
Attackers use sophisticated programs that can guess billions of predictable password combinations per second using common passwords, dictionary words, and patterns. But when you string together four random words, you create over 1.7 trillion possible combinations, even though the vocabulary base contains only 2,000 common words.
Your brain, meanwhile, is great at remembering stories and images. When you think “Coffee Bicycle Mountain 47,” you might imagine riding your bike up a mountain with your morning coffee, stopping at mile marker 47. That mental image sticks with you in ways that “K7#mQ9$x” never could.
The approach blending unpredictability and the human ability to remember stories offers the ideal combination of security and usability.
To help you create more effective passphrases, here are a few principles you can follow:
Password managers are encrypted digital vaults that store all your login credentials behind a single master password. They are your personal security assistant that never forgets, never sleeps, and constantly works to keep your accounts protected with unique, complex passwords.
Modern password managers create passwords that are truly random, combining uppercase and lowercase letters, numbers, and special characters in patterns that are virtually impossible for cybercriminals to guess or crack through brute force attacks. These passwords typically range from 12 to 64 characters long, exceeding what most people could realistically remember or type consistently.
The encrypted format scrambles your passwords using advanced cryptographic algorithms before being saved. This means that even if someone gained access to your password manager’s servers, your actual passwords would appear as meaningless strings of random characters without the encryption key. Only you possess this key through your master password.
The auto-fill functionality also offers convenience, recognizing the login page of your account and instantly filling in your username and password with a single click or keystroke. This seamless process happens across operating systems, browsers, and devices—your computer, smartphone, and tablet—keeping your credentials synchronized and accessible wherever you need them.
Selecting the right password manager requires careful consideration of several factors that directly impact your security and user experience.
The reputation and track record of the company offering the password manager should be your first consideration. Look for companies that have been operating in the security space for several years and have a transparent approach to security practices.
Reputable companies regularly undergo independent security audits by third-party cybersecurity firms to examine the password manager’s code, encryption methods, and overall security architecture. Companies that publish these audit results demonstrate transparency and commitment to security.
Also consider password managers that use AES-256 encryption, currently the gold standard for data protection used by government agencies and financial institutions worldwide. Additionally, ensure the password manager employs zero-knowledge architecture, meaning the company cannot access your passwords even if they wanted to.
Intuitive user interface, reliable auto-fill functionality, responsive customer support, and ease of use should be checked as well. A password manager that is confusing to navigate or constantly malfunctions will likely be abandoned, defeating the purpose of improved password security.
Choose a solution that offers other features aside from the basic password storage. Modern password managers often include secure note storage for sensitive information such as Social Security numbers, passport details, password sharing capabilities for family accounts, and dark web monitoring that alerts you if your credentials appear in data breaches.
Strong password security doesn’t have to be complicated. Small changes you make today can dramatically improve your digital security. By creating unique, lengthy passwords or passphrases for each account and enabling multi-factor authentication on your most important services, you’re taking control of your online safety.
Consider adopting a reputable password manager to simplify the process while maximizing your protection. It’s one of the smartest investments you can make for your digital security.
The post 15 Vital Tips To Better Password Security appeared first on McAfee Blog.
Social media platforms connect you to thousands of people worldwide. But while these platforms offer incredible opportunities for bonding, learning, and entertainment, they also present personal security challenges. Navigating them safely requires being aware of risks and proactively protecting your accounts.
The three most common risks you’ll encounter are privacy exposure, account takeover, and scams. Privacy exposure occurs when your personal information becomes visible to unintended audiences, potentially leading to identity theft, stalking, or professional damage. You have control over your social media security. By implementing safe social media practices, you can dramatically reduce your risk exposure.
This guide rounds up 15 practical, everyday tips to help you secure your accounts and use them more safely. It covers smart posting habits, safer clicking and app-permission choices, stronger privacy settings, and core security basics like using updated browsers, reliable protection tools, and identity-theft safeguards—so you can enjoy social media without making yourself an easy target.
Before we dive in, we want to remind you first that our strongest recommendation amid anything and everything unsolicited, unusual, or suspicious on social media is this: verify, verify, verify through separate communication channels such as phone, email, and official websites.
Not a day goes by when we don’t hear about a new hack. With 450,000 new pieces of malware released to the internet every day, security never sleeps. For your increased awareness, here’s a short list of the most common social media scams:
Social media is quite engaging, with all the funny status updates, photos, and comments. However, all these bits of information can reveal more about you than you intended to disclose. The examples below might be extreme, but they are real-world scenarios that continue to happen to real people daily on social media:
Oversharing on social media creates significant risks that extend beyond embarrassment or regret. Identity thieves actively monitor social platforms for personal information they can use to answer security questions, predict passwords, or impersonate you in social engineering attacks.
Avoid publicly answering questionnaires with details like your middle name, as this is the type of information financial institutions—and identity thieves—may use to verify your identity.
Third-party apps with excessive permissions can access your personal data, post to social media at any time on your behalf, or serve as entry points for attackers, regardless of whether you’re using the application. To limit app access and reduce your attack surface significantly, review all apps and services connected to your social media accounts. Revoke permissions to applications you no longer use or don’t remember authorizing.
Shortened links can be exploited in social media phishing attacks as they hide the final destination URL, making it difficult for you to determine where it actually leads. These tactics mimic legitimate communications from trusted sources and come in the form of direct messages, comments, sponsored posts, and fake verification alerts, all in an effort to steal your personal information, login credentials, or financial details. Often, these attacks appear as urgent messages claiming your account will be suspended or fake prize notifications.
When you identify phishing attempts, immediately report and block the suspicious accounts using the platform’s built-in reporting features. This will protect not only you but other users on the platform.
If the link is posted by a product seller or service provider, it is a good idea to:
You might think the video or link relates directly to you. But when you click it, you get a message saying that you need to upgrade your video player in order to see the clip. When you attempt to download the “upgrade,” the malicious page will instead install malware that tracks and steals your data. As mentioned, don’t click suspicious links or download files from unknown sources before verifying independently. Visit the official websites by directly typing the URL yourself or using trusted search engines.
This also brings us to the related topic of being tagged on other people’s content. If you don’t want certain content to be associated with you, adjust the settings that enable you to review posts and photos before they appear on your profile. This allows you to maintain control over your digital presence and prevents embarrassing or inappropriate content associations.
If one of your friends posts, “We’re stuck in Cambodia and need money,” keep your radar up as it’s most likely a scam. It is possible that a scammer has taken over your friend’s account, and is using it to impersonate them, spread malicious content, or extract sensitive information from their contacts, including you. Don’t engage with this post or the fraudster, otherwise the next account takeover could be yours.
In this kind of scam, some critical areas of your life are affected:
When you encounter suspicious activity, always use official support pages rather than responding to questionable messages. Major social media platforms provide dedicated help centers and verified contact methods.
Select the most secure options and check periodically for changes that can open up your profile to the public. Depending on your preference and the privacy level you are comfortable with, you can choose from these options:
We suggest that you review your privacy settings every three months, as platforms frequently update their policies and default settings. While you are at it, take the opportunity to audit your friend lists and remove inactive or suspicious accounts.
Posting real-time locations or check-ins can alert potential stalkers to your whereabouts and routine patterns, while geo-tagged photos can reveal where you live, study, work, shop, or work out. Location sharing creates patterns that criminals can exploit for security threats such as stalking, harassment, and other physical crimes.
To avoid informing scammers of your whereabouts, turn off location tagging in your social media apps and avoid posting about your routine. You might also consider disabling “last seen” or “active now” indicators that show when you’re online. This prevents others from monitoring your social media activity patterns and reduces unwanted contact attempts, significantly improving your personal and family safety while maintaining your ability to share experiences.
Older browsers tend to have more security flaws and often don’t recognize newer scam patterns, while updated versions are crucial for security by patching vulnerabilities. Updates add or improve privacy controls such as tracking prevention, cookie partitioning, third-party cookie blocking, stronger HTTPS enforcement, transparent permission prompts. They also support newer HTML/CSS/JavaScript features, video and audio codecs, payment and login standards, and accessibility features.
In terms of performance, new browser versions offer faster performance, better memory management, and more efficient rendering, so you get fewer freezes, less fan noise, and longer battery life and better extension compatibility.
Consider using password managers, which can create and store secure passwords for you. Never reuse passwords across platforms. This practice ensures that if one account is compromised, your other accounts remain secure. Password managers also help you monitor for breached credentials and update passwords regularly.
In addition, implement multi-factor authentication (MFA)on every social media account using authenticator apps. This single step can protect social media accounts from 99% of automated attacks. MFA enforcement should be non-negotiable for both personal and business accounts, as it adds critical security that makes account takeovers exponentially more difficult.
Scammers build fake login pages that look identical to real ones. The only obvious difference is usually the domain. They want you to type your username/password into their site, so they can steal it. So if you’re visiting a Facebook page, make sure you look for the https://www.facebook.com address.
The rule is to read the domain from right to left because the real domain is usually the last two meaningful segments before the slash. For instance, https://security.facebook.com—read from right to left—is legitimate because the main domain is facebook.com, and “security” is just a subdomain.
Watch out for scam patterns such as:
Within the social media platform, scammers often insert a “second” sign-in step to capture your credentials. A common trick is sending you to a page that looks like a normal email, business, or bank website but then suddenly asks you to log in again “to continue,” “to verify your identity,” or “because your session expired.” That extra login prompt is frequently a fake overlay or a malicious look-alike page designed to steal passwords.
Clicking a shared document link, viewing a receipt, or checking a delivery status usually shouldn’t require you to re-enter your email and password—especially if you’re already signed in elsewhere. Another example is a fake security notification claiming your account has been compromised, directing you to another page or website that requires a new login. Attackers usually rely on urgency, panic, and habit; you might be so used to logging in all the time, that you could do it automatically without noticing the context is wrong.
A safer habit is to stop and reset the flow. If something unexpectedly asks for another login, don’t use the embedded prompt. Instead, open a new tab, type the site’s official address yourself, check account status, and log in there if needed. If the request was legitimate, it will still work once you’re signed in through the official site; if it was a trap, you’ve just avoided handing over your credentials.
Your suite should include an antivirus, anti-spyware, anti-spam, a firewall, and a website safety advisor. Keeping your security suite up to date is essential as threats evolve daily, and outdated protection can miss new malware, phishing kits, ransomware variants, and scam techniques. Updates also patch security weaknesses in the software itself, improve detection technologies, and add protections for newer attack methods.
The McAfee Social Privacy Manager extends “security updates” beyond your device and into your social media footprint by scanning your privacy settings across supported platforms, flagging exposures, and recommending safer configurations. Because social platforms frequently change their settings and defaults, Social Privacy Manager also needs to stay updated to recognize and apply the right privacy protections.
Regardless of how careful you may be or any security systems you put in place, there is always a chance that you can be compromised in some way. It’s nice to have identity theft protection watching your back.
McAfee+ combines every day device security with identity monitoring in one suite. Depending on the plan, McAfee+ can watch for your personal info on the dark web and breach databases, monitor financial and credit activity, and send real-time alerts for anomalies. The Advanced and Ultimate plans add wider support such as credit monitoring and tracking for bank or investment accounts, as well as tools that reduce your exposure such as Personal Data Cleanup that removes your info from data broker sites. It doesn’t just warn you after a breach; it helps shrink the chances your data gets misused in the first place.
Social media brings incredible opportunities, but privacy exposure, scams, and account takeovers remain real challenges that can impact your finances, reputation, and personal security. The tips outlined above give you practical ways to recognize the risks and protect your social media accounts. By raising your level of awareness and applying safe social media practices, you are building a stronger defense against evolving threats.
Make security a family affair by sharing these safe social media practices with everyone in your household—especially children and teens who use social media—so they can enjoy a safer experience.
The post 15 Critical Tips to Stay Safe on Social Media appeared first on McAfee Blog.
Mac users often say, “I don’t have to worry about viruses. I have a Mac!” But that sense of safety is outdated. Macs face real threats today, including scareware and fake antivirus pop‑ups designed specifically for macOS. One of the most infamous examples is the Mac Defender family, which appeared around 2011 under names like “Mac Defender,” “Mac Security,” and “Mac Protector,” luring users with fake security alerts and then installing malicious software.
These scams have long targeted Windows PCs and later expanded to Macs, using similar tactics: bogus scan results, alarming pop-ups, and fake security sites that push users to download “protection” software or pay to remove nonexistent threats. Once installed, these programs can bombard you with persistent warnings, redirect you to unwanted or explicit sites, and may even try to capture your credit card details or other sensitive information under the guise of an urgent upgrade.
In this blog, we’ll take a closer look at how you become a target for these fake antivirus pop‑up ads, how to remove them from your Mac, and practical steps you can take to block them going forward.
Fake antivirus software is malicious software that tricks you into believing your Mac is infected with viruses or security threats when, in fact, it isn’t. These deceptive programs, also known as rogue antivirus or scareware, masquerade as legitimate security tools to manipulate you into taking actions that benefit cybercriminals.
On your Mac, fake antivirus pop-up ads typically appear as urgent browser warnings or system alerts claiming to have detected multiple threats on your computer. These fraudulent notifications often use official-looking logos, technical language, and alarming messages like “Your Mac is infected with 5 viruses” or “Immediate action required” to create a sense of urgency and panic.
These scams manipulate you by:
Fake antivirus popups are almost always the result of a sneaky delivery method designed to catch you off guard. Scammers rely on ads, compromised websites, misleading downloads, and social engineering tricks to get their scareware onto your Mac without you realizing what’s happening. Let’s take a look at the common ways these scams spread so you can avoid them.
Fake virus alerts use a mix of visual tricks and psychological pressure to push you into clicking, calling, or paying before you have time to think. This section breaks down the common elements scammers use in these alerts so you can recognize a fake warning instantly and ignore it.
If you’re not sure whether an antivirus warning is real or just scareware, a quick verification is the safest next step. There are steps you can take and settings on your macOS you can check without putting your Mac at further risk.
The moment a fake virus warning pops up, scammers are hoping you’ll react fast, click a button, call a number, or download their “fix.” However, the safest approach is the opposite: take a moment to think, don’t interact with the alert, close the browser, and clear any files it may have tried to leave behind. Here’s exactly what to do right away to stay safe.
Your Mac experience should be enjoyable and secure. With the right awareness and tools, it absolutely can be, especially when you know what to look for and follow the right practices. By recognizing the warning signs of fake antivirus pop-ups, downloading software only from trusted sources, keeping your macOS and applications updated, and following the prevention tips outlined above, you can avoid falling victim to these fake antivirus scams.
Remember that legitimate security alerts from Apple come through System Preferences and official macOS notifications, not through alarming browser pop-ups demanding immediate payment or phone calls. Use reputable security tools from a trusted vendor, such as McAfee, that provides real-time protection and regular updates about emerging threats.
Share these tips with your family and friends, especially those who might be less tech-savvy and more vulnerable to these deceptive tactics. The more people understand how fake antivirus schemes operate, the safer our entire digital community is.
The post Stop Fake Antivirus Popups on Your Mac appeared first on McAfee Blog.
Pets, poisoned AI search results, and a phone call that sounds like it’s coming straight from the federal government, this week’s scams don’t have much in common except one thing: they’re getting harder to spot.
In today’s edition of This Week in Scams, we’re breaking down the biggest security lapses and the tactics scammers used to exploit them, and what you can do to stay ahead of the latest threats.
If you’re a Petco customer, you’ll want to know about not one but two data security lapses in the past week.
First, as reported by TechCrunch on Monday, Petco followed Texas data privacy laws by filing a data breach with the attorney general’s office. In that filing, Petco reported that the affected data included names, Social Security numbers, and driver’s license numbers. Further info including account numbers, credit and debit card numbers, and dates of birth were also mentioned in the filing.
Also according to Techcrunch, the company filed similar notices in California and Massachusetts.
To date, Petco has not made a comment about the size of the breach and the number of people affected.
Different states have different policies for reporting data breaches. In some cases, that helps us put a figure to the size of the breach, as some states require companies to disclose the total number of people caught up in the breach. That’s not the case here, so the full scope of the attack remains in question, at least for right now.
As of Thursday, we know Petco reported that 329 Texans were affected along with seven Massachusetts residents, per the respective reports filed. California’s report does not contain the number of Californians affected, yet laws in that state require businesses to report breaches that affect 500 or more people, so at least 500 people were affected there.
Below you can see the form letter Petco sent to affected Californians in accordance with California’s data privacy laws:
In it, you can see that Petco discovered that “a setting within one of our software applications … inadvertently allowed certain files to become accessible online.” Further, Petco said that it “immediately took steps to correct the issue and to remove the files from further online access,” and that it “corrected” the setting and implemented unspecified “additional security measures.”
So while no foul play appears to have been behind the breach, it’s still no less risky and concerning for Petco’s customers. We’ll cover what you can do about that in a moment after we cover yet another data issue at Petco through its Vetco clinics.
Also within the same timeframe, yet more research and reporting from Techcrunch uncovered a second security lapse that exposed personal info online. From their article:
“TechCrunch identified a vulnerability in how Vetco’s website generates copies of PDF documents for its customers.
“Vetco’s customer portal, located at petpass.com, allows customers to log in and obtain veterinary records and other documents relating to their pet’s care. But TechCrunch found that the PDF generating page on Vetco’s website was public and not protected with a password.
“As such, it was possible for anyone on the internet to access sensitive customer files directly from Vetco’s servers by modifying the web address to input a customer’s unique identification number. Vetco customer numbers are sequential, which means one could access other customers’ data simply by changing a customer number by one or two digits.”
With the size and reach of the Petco breach still unknown, and the impact of the Vetco security lapse also unknown, we advise caution for all Petco customers. At minimum, monitor transactions and keep an eye on your credit report for any suspicious activity. And it’s always a good time to update a weak password.
For those who received a notification, we advise the following:
Check your credit, consider a security freeze, and get ID theft protection. You can get all three working for you with McAfee+ Advanced or McAfee+ Ultimate.
Monitor transactions across your accounts, also available in McAfee+ Advanced and Ultimate.
Keep an eye out for phishing attacks. Use our Scam Detector to spot any follow-on attacks.
Update your passwords. Strong and unique passwords are best. Our password manager can help you create and store them securely.
And use two-factor authentication on all your accounts. Enabling two-factor authentication provides an added layer of security.
What to do if your Social Security number was breached.
If you think your Social Security number was caught up in the breach, act quickly.
You might want to be careful when searching for customer service numbers while in AI mode. Or with an AI search engine. It could connect you to a scammer.
From The Times comes reports of scammers manipulating the AI in platforms like Google and Perplexity so that their search results return scam numbers instead of a proper customer service numbers for, say, British Airways.
How do they manipulate those results? By spamming the internet with false info that gets picked up and then amplified by AI.
“[S]cammers have started seeding fake call center numbers on the web so the AI is tricked into thinking it is genuine …
“Criminals have set up YouTube channels with videos claiming to help with customer support, which are packed with airline brand names and scam numbers designed to be scraped and reused by the AI.
“Bot-generated reviews on Yelp or video descriptions on YouTube are filled with fraudulent numbers as are airline and travel web forums.”
And with these tactics, scammers could poison the results for just about any organization, business, or brand. Not just airlines. Per The Times, “The scammers have also hijacked government sites, university domains, and even fitness sites to place scam numbers, which fools the AI into thinking they are genuine.”
This reveals a current limitation with many AI platforms. Largely they can’t distinguish when people deliberately feed them bad info, as seen in the case here.
Yet even as this attack is new, our advice remains the same: any time you want to ring up a customer service line, get the number directly from the company’s official website. Not from AI search and not by clicking a paid search result that shows up first (scammers can poison them too).
Are you under investigation for money laundering? Of course not. But this scam wants you to think so—and to pay up.
On Tuesday, the Federal Trade Commission (FTC) issued a consumer alert warning that people are reporting getting unexpected calls from someone saying they’re “FTC agent” John Krebs. Apparently “Agent Krebs” is telling people that they’re under investigation for money laundering—and that a deposit to a Bitcoin ATM can resolve the matter.
Of course, it’s a scam.
For starters, the FTC doesn’t have “agents.” And the idea of clearing one’s name in an investigation with a Bitcoin payment is a sure-fire sign of a scam. Lastly, any time someone asks for payment with Bitcoin or other payment methods that are near-impossible to recover (think wire transfers and gift cards), those are big red flags.
Apart from hanging up and holding on to your money, the FTC offers the following guidance, which holds true for any scam call:
As always, here’s a quick list of a few stories that caught our eye this week:
AI tools transform Christmas shopping as people turn to chatbots
National cybercrime network operating for 14 years dismantled in Indonesia
Why is AI becoming the go-to support for our children’s mental health?
We’ll see you next Friday with a special edition to close out 2025 … This Year in Scams.
The post This Week in Scams: Petco Breach Warning, and Watch Out for Fake Federal Calls appeared first on McAfee Blog.
It looks harmless enough.
A digital party invitation lands in your inbox or phone. You click to see the details. Then it asks you to log in or create an account before revealing the event.
That’s where the scam begins.
Fake e-vite phishing scams are on the rise, and they take advantage of something simple: social trust. You’re far more likely to click an invitation than a generic “account alert” or “delivery notice.”
And that’s exactly why scammers are using them.
In fact, here’s a screenshot of a fake phishing email I recently got this holiday season:
When you click the “open invitation” link, it immediately asks you to sign in or create an account with your personal information. That’s the step where scammers steal your private data.
A fake e-vite scam is a phishing attack that pretends to be a real invitation from platforms like Paperless Post or other digital invitation services.
The goal is to trick you into:
Once scammers have your login information, they can:
Here’s the most common flow:
Because this starts with something familiar and social, many people don’t realize it’s phishing until accounts are already compromised. Plus, scammers then use your email and name to trick friends and family into trusting more fake e-vites from your account.
Paperless Post has publicly acknowledged these scams and shared what legitimate messages actually look like.
Legitimate Paperless Post Emails Will Never:
Official Paperless Post Email Domains:
Legitimate invitations and account messages only come from:
Official support emails only come from:
If the sender does not match one of these exactly, it’s a scam.
Paperless Post also notes that verified emails may display a blue checkmark in supported inboxes to confirm authenticity.
If you see any of the following, do not click:
Modern phishing attacks don’t rely on sloppy design anymore. Many now use:
Invitation phishing is especially powerful because:
If you entered any information into a suspicious invitation page:
The faster you act, the more damage you can prevent.
The post Think That Party Invite Is Real? Fake E-Vite Scams Are the New Phishing Trap appeared first on McAfee Blog.
AI-powered browsers give you much more than a window to the web. They represent an entirely new way to experience the internet, with an AI “agent” working by your side.
We’re entering an age where you can delegate all kinds of tasks to a browser, and with that comes a few things you’ll want to keep in mind when using AI browsers like ChatGPT’s Atlas, Perplexity’s Comet, and others.
So, what’s the allure of this new breed of browser? The answer is that it’s highly helpful, and plenty more.
By design, these “agentic” AI browsers actively assist you with the things you do online. They can automate tasks and interpret your intentions when you make a request. Further, they can work proactively by anticipating things you might need or by offering suggestions.
In a way, an AI browser works like a personal assistant. It can summarize the pages in several open tabs, conduct research on just about any topic you ask it to, or even track down the lowest airfare to Paris in the month of May. Want it to order ink for your printer and some batteries for your remote? It can do that too. And that’s just to name a few possibilities.
As you can see, referring to the AI in these browsers as “agentic” fits. It truly works like an agent on your behalf, a capability that promises to get more powerful over time.
But as with any new technology, early adopters should balance excitement with awareness, especially when it comes to privacy and security. You might have seen some recent headlines that shared word of security concerns with these browsers.
The reported exploits vary, as does the harm they can potentially inflict. That ranges from stealing personal info, gaining access to Gmail and Google Drive files, installing malware, and injecting the AI’s “memory” with malicious instructions, which can follow from session to session and device to device, wherever a user logs in.
Our own research has shown that some of these attacks are now tougher to pull off than they were initially, particularly as the AI browser companies continue to put guardrails in place. If anything, this reinforces a long-standing truth about online security, it’s a cat-and-mouse game. Tech companies put protections in place, bad actors discover an exploit, companies put further protections in place, new exploits crop up, and so on. It’s much the same in the rapidly evolving space of AI browsers. The technology might be new, but the game certainly isn’t.
While these reports don’t mean AI browsers are necessarily unsafe to use, they do underscore how fast this space is evolving…and why caution is smart as the tech matures.
It’s still early days for AI-powered browsers and understanding the security and privacy implications of their use. With that, we strongly recommend the following to help reduce your risk:
Don’t let an AI browser do what you wouldn’t let a stranger do. Handle things like your banking, finances, and health on your own. And the same certainly goes for all the info tied to those aspects of your life.
Pay attention to confirmations. As of today, agentic browsers still require some level of confirmation from the user to perform key actions (like processing a payment, sending an email, or updating a calendar entry). Pay close attention to them, so you can prevent your browser from doing something you don’t want it to do.
Use the “logged out” mode, if possible. As of this writing, at least one AI browser, Atlas, gives you the option to use the agent in the logged-out mode.i This limits its access to sensitive data and the risk of it taking actions on your behalf with your credentials.
If possible, disable “model learning.” By turning it off, you reduce the amount of personal info stored and processed by the AI provider for AI training purposes, which can minimize security and privacy risks.
Set privacy controls to the strictest options available. Further, understand what privacy policies the AI developer has in place. For example, some AI providers have policies that allow people to review your interactions with the AI as part of its training. These policies vary from company to company, and they tend to undergo changes. Keeping regular tabs on the privacy policy of the AI browser you use makes for a privacy-smart move.
Keep yourself informed. The capabilities, features, and privacy policies of AI-powered browsers continue to evolve rapidly. Set up news alerts about the AI browser you use and see if any issues get reported and, if so, how the AI developer has responded. Do routine searches pairing the name of the AI browser with “privacy.”
McAfee’s award-winning protection helps you browse safer, whether you’re testing out new AI tools or just surfing the web.
McAfee offers comprehensive privacy services, including personal info scans and removal plus a secure VPN.
Plus, protections like McAfee’s Scam Detector automatically alert you to suspicious texts, emails, and videos before harm can happen—helping you manage your online presence confidently and safeguard your digital life for the long term. Likewise, Web Protection can help you steer you clear of suspicious websites that might take advantage of AI browsers.
The post How to Stay Safe on Your New AI Browser appeared first on McAfee Blog.
Many content creators highlight the differences between today’s most prominent generations: the Silent Generation, baby boomers, Generation X, millennials, and Generations Z and Alpha. No generation seems to have much in common with the others. In truth, there is something that people can agree on: identity and online privacy protection. Young or old, cybercriminals don’t discriminate against who they target. In fact, some generations are more prone to certain scams than others. Educating yourself and your family members on current cyberthreats is the first step to defending against them. In this guide, we’ll take a look at how to protect every age group from online threats.
Your family faces an onslaught of online threats that didn’t exist just a decade ago, and growing. The FBI’s 2024 Internet Crime Report shows that Americans alone lost over $18 billion to cybercrime since 2020. That’s why protecting your family entails more than just antivirus software. Digital protection now encompasses safeguarding your household’s online privacy, monitoring for identity threats, and securing every family device that connects to the internet. This is how risks impact different family members differently:
Depending on the age group, criminals adapt their tactics based on who they’re targeting. With the right protection, you can expand your family’s digital life with confidence. When you have the right safeguards in place, your family can fully embrace the incredible opportunities that technology offers. Your kids can safely research school projects, your teens can connect with friends responsibly, and you can manage your household efficiently online. The most effective digital safety approach is to create a safety net with layered protection, one that works across all your devices and considers each family member’s technology usage—whether that’s helping your teenager safely explore career interests online, ensuring your online banking stays secure, or giving grandparents peace of mind when video chatting with distant relatives. This means combining real-time threat detection, safe browsing tools, identity monitoring, and secure connections through a virtual private network.
No two generations use technology the same way—and cybercriminals know it. Children, teens, adults, and seniors each face unique digital risks shaped by their habits, confidence levels, and online environments. That’s why effective cybersecurity isn’t one-size-fits-all. Tailoring protection to each age group ensures that everyone—from curious kids to tech-savvy adults—can navigate the digital world safely and confidently.
Cybercriminals can buy Social Security Numbers (SSNs) of minors on the dark web or gather them through medical records or school system breaches. SSNs are valuable to a cybercriminal because the theft can go undetected for years since children aren’t yet opening credit cards or applying for mortgages. It’s never too early to start identity monitoring. For the same reason, you might consider putting a credit freeze on behalf of your child since they won’t be needing it for several years. A credit freeze makes your child’s credit inaccessible to everyone, including criminals, and won’t negatively affect their credit score.
Once your child becomes a teenager, they can be allowed to open their first email addresses and social media profiles independently. It’s an important life lesson in organization, responsibility, and digital literacy. However, these platforms could open them to risks such as cyberbullying, fake news, and social engineering. The best way to avoid being cyberbullied is through education. Ensure that your tweens and teens who spend unsupervised time on their devices know what to do if they encounter cyberbullying. The best course of action is to report the incident to an adult and, in the meantime, to suspend their accounts.
Cybercriminals often seek out seniors as easy targets for online scams because they are typically less digitally savvy. They may not realize that some emails in their inbox could be sent by someone with bad intentions. What can start out as a friendly email pal can quickly spiral into divulging sensitive personal information or sending huge sums of money to a criminal. The best way to prepare the seniors in your life for online safety is to impart a few, easy-to-follow absolutes. Start with these three rules:
Creating a safer digital environment for your children doesn’t require you to become a tech expert. With the right approach and tools, you can establish healthy digital boundaries that protect your children while allowing them to enjoy the benefits of our connected world.
Before implementing any technical measures, have honest discussions with your family about online safety to build trust and help you recognize each family member’s digital journey. Explain that protective measures will not restrict freedom, but reduce risks such as phishing attempts, malware infections, and exposure to inappropriate content.
A family tech agreement serves as your household’s digital constitution. Work together to establish rules about screen time, appropriate websites, social media use, and consequences for breaking agreements, including guidelines about sharing personal information, downloading apps, and what to do if they encounter something concerning online.
Most devices and platforms offer robust parental control features. iOS devices’ Screen Time and Android’s Family Link allow you to set app limits and content restrictions, while Windows and macOS can filter content and set time limits. The Federal Communications Commission recommends router-level filtering as the first line of defense because it automatically protects all devices connected to your network.
Configure age-appropriate content filters on streaming services, gaming platforms, and app stores. Netflix, Disney+, and other services allow you to create child-friendly profiles with content restrictions, while gaming consoles like PlayStation, Xbox, and Nintendo Switch include comprehensive parental controls for game ratings, online interactions, and spending limits. For web browsing, enable SafeSearch on Google, Bing, and other search engines to create clarity and keep harmful content from appearing in search results.
Because social media platforms often favor data collection over privacy, it is critical that you adjust privacy settings on all social media accounts and apps your family uses. Turn off location sharing and disable targeted advertising when possible, and limit who can contact your children online. To reduce younger children’s exposure to social engineering attempts and inappropriate contact from strangers, make their profiles private by default and require approval for new followers or friend requests.
Your teen could be so focused on downloading a “free” TV or video game that they may not recognize the signs of malicious sites such as typos, blurry logos, or incredible offers. Trustworthy safe browsing extensions and software could protect your teen from these unsafe downloads, as well as from risky websites, hidden malware, phishing, and social media bots. Safe browsing extensions could teach your family members to develop better security instincts when they see warnings about suspicious URLs, poor website design, and too-fantastic offers.
Tailor your approach to each family member’s age, digital maturity, and comfort level with technology. Younger children will need more restrictive settings and closer supervision, while teenagers are more open when they understand the reason behind the rules and can have some autonomy with clear consequences for misuse.
As technology evolves, ongoing conversation about responsible usage will allow you to address new apps, games, or websites your family wants to explore. Set a monthly family meeting to discuss online experiences, review your technology agreement, and adjust settings as needed. When you implement these strategies consistently, your family will experience fewer security incidents, reduced exposure to inappropriate content, and better digital habits overall. These tools and strategies work best when combined with ongoing communication and a family culture that prioritizes both digital exploration and safety. In addition, children who grow up with these protections develop stronger security awareness and are less likely to fall victim to online scams as they become more independent digital users.
As an adult, you typically have better street smarts than teens. However, the daily rush of juggling work, social obligations, and running a household could leave you without much time to spare, even for romance. As a result, living life in the fast lane makes you more susceptible to scams, phishing, malware, and computer viruses. The best way to prevent falling for these digital threats is this: slow down! Take your time when you receive any message from someone you don’t know or have never met in person. If you feel even an iota of suspicion, don’t engage with the sender. Delete the message. If it’s important, the person or organization will follow up. To fully protect your connected devices and the personally identifiable information they store, consider investing in safe browsing, antivirus software, and identity monitoring and restoration services to catch any threats that may have passed under your watchful eye.
While you might think your devices are already secure, modern cyberthreats have evolved to become more virulent, far beyond what traditional built-in protections can handle. In response, antivirus solutions have transformed into intelligent security systems that provide comprehensive, real-time protection using behavioral analysis, machine learning, and cloud-based threat detection. These advanced technologies actively identify and block phishing attacks, malware, ransomware, and malicious websites that traditional security measures often miss. While operating systems such as Windows and macOS include basic security features, they’re designed as general safeguards rather than comprehensive family protection solutions. Built-in protections typically focus on known threats, but do not detect zero-day attacks, sophisticated phishing schemes, or emerging malware variants that cybercriminals specifically design to evade standard defenses. Consider these daily family scenarios where your teenager brings home their school laptop. It may have been exposed to threats through shared networks or downloads from classmates. That family tablet everyone uses for streaming and games becomes a potential entry point for malicious apps or compromised websites. When you connect to public Wi-Fi at the coffee shop, airport, or hotel during family travel, you’re exposing your devices to network-based attacks that built-in protections weren’t designed to handle. Your modern family needs a comprehensive antivirus solution that monitors all your family’s devices continuously, learns each member’s online behavior patterns, and adapts its protection accordingly. This means blocking that suspicious email before your spouse clicks on it, preventing your child from accidentally downloading malware disguised as a game, and ensuring your smart home devices remain secure. The best value comes from bundled services that address your family’s complete digital life. Identity monitoring services watch for signs that your family members’ personal information has been compromised in data breaches. A family VPN service encrypts your internet connection, protecting sensitive information when family members use public Wi-Fi networks for school projects, work calls, or entertainment. This integrated protection works seamlessly not just to protect individual devices, but to safeguard your entire family’s digital ecosystem. With cybercrime damages projected to continue growing significantly each year, investing in comprehensive family protection is one of the smartest decisions you can make for your household’s digital well-being.
Get the whole family committed to safer and more private online lives with the help of McAfee+ Ultimate Family Plan. This plan covers up to six individuals in your family with an entire suite of comprehensive privacy, identity, and device security features. The plan also includes preventive measures to fight online crime, such as safe browsing tools, an advanced firewall, unlimited VPN, and antivirus software for unlimited devices. Your family can also receive up to $2 million in identity theft recovery and $50,000 in ransomware coverage. With the McAfee+ Ultimate Family Plan, device security extends across unlimited computers, smartphones, and tablets, while its advanced antivirus software automatically updates to defend you against the latest threats. Safe browsing tools block malicious websites before they can cause harm, and the unlimited VPN encrypts internet connections on public networks, while the built-in firewall monitors incoming and outgoing traffic. All your family’s login credentials on all devices will be secure with password management, while secure cloud storage protects important documents and family photos. Real-time alerts notify you immediately when scams are detected or suspicious activity occurs.
Every family member faces different online risks, shaped by their age, habits, and digital experience. Children need safeguards against identity theft and unsafe content, while teens require protection that balances independence with security. Adults juggle multiple connected accounts that demand advanced monitoring, and seniors benefit from simplified defenses against scams and fraud. A one-size-fits-all approach no longer works. The McAfee+ Ultimate Family Plan effectively adapts to each person’s unique digital life, ensuring that everyone stays safe, confident, and connected online:
Getting started with the McAfee+ Ultimate Family Plan takes only minutes. Simply follow this short list to start protecting your family’s digital life:
A comprehensive online security solution combined with best digital practices can go a long way in protecting your loved ones from identity theft, scams, and online risks. These essential tips will help you strengthen your family’s digital defenses, build safer online routines, and give everyone the confidence to explore the internet securely.
Protecting your family’s digital life doesn’t have to be overwhelming. With the right knowledge, best digital practices, and a comprehensive security solution like McAfee+ Ultimate Family Plan, you can safeguard everyone against today’s online threats. A comprehensive family plan will help you enable safe browsing tools, monitor your family members’ identities, educate each family member about their unique risks, and build a strong foundation of online security. Start implementing these protective measures today, and stay informed about emerging threats and security best practices to keep your loved ones safe in our connected world.
The post Protect the Whole Family with McAfee+ Ultimate Family Plan appeared first on McAfee Blog.
If you’ve been watching the news, you’ve probably seen the headlines out of Paris: one of the most audacious heists in decades took place at the Louvre, where thieves made off with centuries-old crown jewels worth tens of millions of dollars.
But amid the cinematic drama, a quieter detail emerged that’s almost harder to believe—according to French newspaper Libération (via PC Gamer), auditors discovered that the password protecting the museum’s video surveillance system was simply “Louvre.”
While it’s not yet confirmed whether this played a direct role in the robbery, cybersecurity experts point out that weak or reused passwords remain one of the easiest ways for criminals—digital or otherwise—to get inside.
The Louvre’s cybersecurity audits, dating back to 2014, reportedly revealed a pattern of outdated software and simple passwords that hadn’t been updated in years. Subsequent reviews noted “serious shortcomings,” including security systems running on decades-old software no longer supported by developers.
That situation mirrors one of the most common security issues individuals face at home. Whether it’s an email account, a social media login, or your home Wi-Fi router, using an easy or repeated password is like leaving the front door open. Hackers don’t need to break in when they can just walk through.
As experts here at McAfee have explained, cybercriminals routinely rely on “credential stuffing” attacks, in which they test stolen passwords from one breach against other sites to see what else they can access. If you’ve used the same password for your streaming account and your online banking, it’s not hard to imagine what could go wrong.
A strong password is long, complex, and unique. Cybersecurity experts recommend at least 12–16 characters that mix uppercase and lowercase letters, numbers, and symbols. A short password can be guessed in minutes; a long one can take decades to crack.
If that sounds like a lot to juggle, you’re not alone. That’s why password managers exist.
A password manager takes the work—and the guesswork—out of creating and remembering complex passwords. It generates random combinations that are nearly impossible to crack, then stores them securely using advanced encryption.
The added bonus? You’ll never have to reuse a password again. Even if one account is theoretically compromised in a breach, your others remain protected because each password is unique.
McAfee’s password manager also uses multi-factor authentication (MFA), meaning you’ll need at least two forms of verification before signing in—like a code sent to your phone. That extra step can stop hackers cold, even if they somehow get your password.
To keep your digital treasures safer than the Louvre’s jewels:
Reports of the Louvre’s weak password might make for an easy punchline, but the truth is that millions of people make the same mistake every day—reusing simple passwords across dozens of accounts. Strong, unique passwords (and the right tools to manage them) are still one of the most powerful defenses against data theft and identity fraud.
As scams and breaches continue to evolve, your best defense is awareness and protection that adapts just as fast. McAfee’s built-in Scam Detector, included in all core plans, automatically detects scams across text, email, and video, blocks dangerous links, and identifies deepfakes—stopping harm before it happens.
The post The Louvre Used Its Own Name as a Password. Here’s What to Learn From It appeared first on McAfee Blog.
How do hackers hack phones? In several ways. But also, there are several ways you can prevent it from happening to you. The thing is that our phones are like little treasure chests. They’re loaded with plenty of personal data, and we use them to shop, bank, and take care of other personal and financial matters—all of which are of high value to identity thieves. However, you can protect yourself and your phone by knowing what to look out for and by taking a few simple steps. Let’s break it down by first understanding what phone hacking is, taking a look at some common attacks, and learning how you can prevent it.
Phone hacking refers to any method where an unauthorized third party gains access to your smartphone and its data. This isn’t just one single technique; it covers a wide range of cybercrimes. A phone hack can happen through software vulnerabilities, like the spyware campaigns throughout the years that could monitor calls and messages. It can also occur over unsecured networks, such as a hacker intercepting your data on public Wi-Fi. Sometimes, it’s as simple as physical access, where someone installs tracking software on an unattended device.
Hackers have multiple avenues of attacking your phone. Among these common methods are using malicious apps disguised as legitimate software, exploiting the vulnerabilities of unsecure public Wi-Fi networks, or deploying sophisticated zero-click exploits that require no interaction from you at all. The most common method, however, remains social engineering, where they trick you into giving them access. Let’s further explore these common hacking techniques below.
Whether hackers sneak it onto your phone by physically accessing your phone or by tricking you into installing it via a phony app, a sketchy website, or a phishing attack, hacking software can create problems for you in a couple of ways:
Some possible signs of hacking software on your phone include:
In all, hacking software can eat up system resources, create conflicts with other apps, and use your data or internet connection to pass your personal information into the hands of hackers.
This classic form of attack has been leveled at our computers for years. Phishing is where hackers impersonate a company or trusted individual to get access to your accounts or personal info or both. These attacks take many forms such as emails, texts, instant messages, and so forth, some of which can look really legitimate. Common to them are links to bogus sites that attempt to trick you into handing over personal info or that install malware to wreak havoc on your device or likewise steal information. Learning to spot a phishing attack is one way to keep yourself from falling victim to one.
Professional hackers can use dedicated technologies that search for vulnerable mobile devices with an open Bluetooth connection. Hackers can pull off these attacks when they are within range of your phone, up to 30 feet away, usually in a populated area. When hackers make a Bluetooth connection to your phone, they might access your data and info, yet that data and info must be downloaded while the phone is within range. This is a more sophisticated attack given the effort and technology involved.
In August of 2019, then CEO of Twitter had his phone hacked by SIM card swapping scam. In this type of scam, a hacker contacts your phone provider, pretends to be you, then asks for a replacement SIM card. Once the provider sends the new SIM to the hacker, the old SIM card is deactivated, and your phone number will be effectively stolen. This enables the hacker to take control of your phone calls, messages, among others. The task of impersonating someone else seems difficult, yet it happened to the CEO of a major tech company, underscoring the importance of protecting your personal info and identity online to prevent hackers from pulling off this and other crimes.
While a phone call itself cannot typically install malware on your device, it is a primary tool for social engineering, known as vishing or voice phishing. A hacker might call, impersonating your bank or tech support company, and trick you into revealing sensitive information like passwords or financial details. They might also try to convince you to install a malicious app. Another common tactic is the “one-ring” scam, where they hang up hoping you’ll call back a premium-rate number. To stay safe, be wary of unsolicited calls, never provide personal data, block suspicious numbers, and check that your call forwarding isn’t enabled.
Generally, a phone that is powered off is a difficult target for remote hackers. However, modern smartphones aren’t always truly off. Features like Apple’s Find My network can operate in a low-power mode, keeping certain radios active. Furthermore, if a device has been previously compromised with sophisticated firmware-level malware, it could activate upon startup. The more common risk involves data that was already stolen before the phone was turned off or if the device is physically stolen. While it’s an uncommon scenario, the only sure way to take a device offline and completely sever all power is by removing the battery, where possible.
Hacking a phone’s camera is referred to as camfecting, usually done through malware or spyware hidden within a rogue application. Once installed, these apps can gain unauthorized permission to access your camera and record video or capture images without your knowledge. Occasionally, vulnerabilities in a phone’s operating system (OS) have been discovered that could allow for this, though these are rare and usually patched quickly. Protect yourself by regularly reviewing app permissions in your phone’s settings—for both iOS and Android—and revoking camera access for any app that doesn’t absolutely need it. Always keep your OS and apps updated to the latest versions.
This is a long-standing debate with no simple answer. iPhones are generally considered more secure due to Apple’s walled garden approach: a closed ecosystem, a strict vetting process for the App Store, and timely security updates for all supported devices. Android’s open-source nature offers more flexibility but also creates a more fragmented ecosystem, where security updates can be delayed depending on the device manufacturer. However, both platforms use powerful security features like application sandboxing.
The most important factor is not the brand but your behavior. A user who practices good digital hygiene—using strong passwords, avoiding suspicious links, and vetting apps—is well-protected on any platform.
Detecting a phone hack early can save you from significant trouble. Watch for key red flags: your battery draining much faster than usual, unexpected spikes in your mobile data usage, a persistently hot device even when idle, or a sudden barrage of pop-up ads. You might also notice apps you don’t remember installing or find that your phone is running unusually slow. To check, go into your settings to review your battery and data usage reports for any strange activity. The most effective step you can take is to install a comprehensive security app, like McAfee® Mobile Security, to run an immediate scan and detect any threats.
Discovering that your phone has been hacked can be alarming, but acting quickly can help you regain control and protect your personal information. Here are the urgent steps to take so you can remove the hacker, secure your accounts, and prevent future intrusions.
While there are several ways a hacker can get into your phone and steal personal and critical information, here are a few tips to keep that from happening:
Your smartphone is central to your life, so protecting it is essential. Ultimately, your proactive security habits are your strongest defense against mobile hacking. Make a habit of keeping your operating system and apps updated, be cautious about the links you click and the networks you join, and use a comprehensive security solution like McAfee® Mobile Security.
By staying vigilant and informed, you can enjoy all the benefits of your mobile device with confidence and peace of mind. Stay tuned to McAfee for the latest on how to protect your digital world from emerging threats.
The post How Do Hackers Hack Phones and How Can I Prevent It? appeared first on McAfee Blog.
Scams are big business for cybercriminals, and they’re getting more sophisticated than ever. According to McAfee’s State of the Scamiverse 2025 report, the average person encounters 12 scams per day, while Americans see over 14 scam attempts daily, including three deepfake videos.
Fraudsters are leveraging AI-powered tools to create hyper-realistic deepfakes for as little as $5 and 10 minutes, making it harder than ever to distinguish between what’s real and what’s fake. The financial impact is staggering—87% of scam victims lose money, with one-third losing over $500, and nearly one in ten losing more than $5,000.
As a parent, one of my greatest concerns is ensuring my family doesn’t fall victim to these evolving scams.
So, here are five key ways to keep your loved ones safe in today’s Scamiverse.
Teaching kids (and adults) to be skeptical of what they see online is a crucial first step in scam prevention. Given the rise of deepfakes and AI-generated frauds, it’s essential to develop a questioning mindset:
With detected deepfakes surging tenfold globally and a 1,740% increase in North America alone, it’s more important than ever to show real-world examples of scams to kids and teens so they can recognize the signs.
Good digital habits can prevent many scams before they happen. Yet, 35% of scam victims say falling for a scam caused them moderate to significant distress, highlighting the importance of strong cyber hygiene:
Cybercriminals use the mosaic effect—piecing together publicly available information—to commit identity theft and financial fraud. Here’s how to lock down your digital footprint:
Phishing scams remain one of the most successful fraud tactics, often tricking victims into clicking on malicious links. According to McAfee, the most commonly reported scam types include:
To stay safe:
Staying informed is one of the best defenses against scams. With social media users sharing over 500,000 deepfakes in 2023, awareness is key. Here’s how to stay ahead:
Whether it’s deepfake impersonation scams, fraudulent investment schemes, or phishing texts, scammers are evolving rapidly. But with awareness, skepticism, and strong digital habits, you can help ensure your family stays protected from the ever-growing Scamiverse.
For more tips and security solutions, check out McAfee’s advanced protection tools to stay one step ahead of the fraudsters.
The post Protect Your Family From Scams With These 5 Key Online Safety Tips appeared first on McAfee Blog.
It’s an increasingly common surprise: a package shows up at your door with your name and your address…but you never ordered it.
These unsolicited deliveries may seem harmless, but they’re often tied to a scheme called a brushing scam. These scams occur year-round but tend to pick up around the holidays or peak shopping seasons, when shipping volume spikes and it’s easier for suspicious packages to blend in.
Below is everything you need to know: how brushing scams work, what they mean for your personal information, and the exact steps to take if one shows up at your doorstep.
A brushing scam is when sellers send you unsolicited items so they can post fake reviews using your name, boosting their product’s ranking and credibility without your consent.
A typical brushing scam looks like this:
In one sentence: Your delivery confirmation becomes their proof that a real customer received the item—even though you never ordered it.
The term comes from e-commerce, where sellers would “brush up” their sales by generating fake orders and reviews. Today, brushing scams are a global issue affecting major online marketplaces.
If the item feels random or unusually cheap, it fits the profile.
Personal Data Exposure
The biggest red flag is that someone had your name and address, and possibly more. Brushing scams often follow data breaches or third-party leaks.
Account Risk
Some platforms may temporarily flag or freeze your account if someone posts fake reviews under your name.
Misleading Products
Fake reviews inflate trust and push low-quality items higher in search results. That misleads other shoppers and props up fraudulent sellers.
Potential Safety Hazards
Some unsolicited items—cosmetics, supplements, electronics, or seeds—may be unsafe, expired, counterfeit, or banned.
Generally: No.
You are not legally required to return or pay for an unsolicited package. But reporting it helps platforms investigate fraudulent sellers.
This helps platforms identify abusive sellers.
Genuine reviews mention specific details; fake ones are vague, repetitive, or overly positive.
Avoid newly created storefronts with few verified reviews.
Why am I receiving random packages from overseas?
It’s often part of a brushing scam where sellers need a “delivered” status to post fake reviews.
Is a brushing scam identity theft?
Not exactly, but it does mean someone had access to your personal data, which increases your overall risk.
Should I throw the item away?
You can safely discard most brushing-scam items, but avoid using them and report the incident first.
Should I worry if I get seeds or soil?
Yes—never plant or dispose of unknown seeds improperly. Report them to the USDA or your state agriculture office.
Brushing scams may seem like a harmless freebie, but they’re a sign that your personal information was exposed and could potentially be misused.
Stay cautious, secure your accounts, report any unsolicited packages, and trust only reputable sellers. With simple steps, you can protect your identity, and avoid being pulled into a scammer’s fake review scheme.
The post Brushing Scams: What They Are and How to Stay Safe From Unsolicited Packages appeared first on McAfee Blog.
The holiday season often brings a rush of new gadgets—smartphones, tablets, laptops, and smart home devices—into households. One survey revealed that nearly 199 million U.S. adults planned to purchase tech products and services as gifts for the holiday season. For the tech-savvy among us, it also means becoming the go-to person for setting up, troubleshooting, and securing those shiny new devices. But while it’s great to help your loved ones get the most out of their tech, it’s just as important to ensure they’re protected from digital threats like malware, phishing, and privacy breaches.
This year, step up as the digital IT hero of the holidays by taking proactive measures to safeguard your family’s online life. Here’s a guide to help you create a safer digital environment for your loved ones by setting up their devices with robust cybersecurity protections.
One of the first steps in protecting new devices is ensuring that internet connections are secure. A Virtual Private Network (VPN) is essential for safeguarding your family’s data, especially when using public Wi-Fi networks at coffee shops, airports, or hotels. Without a VPN, any data you send or receive—such as login details, personal information, or banking credentials—can be intercepted by cybercriminals using simple hacking tools. A VPN encrypts your internet connection, making it much harder for anyone to spy on or steal your information, even on public networks. This layer of security is crucial to protect your privacy and keep your data safe from potential threats.
How to help:
Antivirus software plays a crucial role in protecting devices from malware, ransomware, and other cyber threats by continuously scanning for malicious activity and preventing harmful files from executing. It acts as a first line of defense, detecting and removing viruses before they can compromise your system or steal sensitive data.
How to help:
Passwords are the first and often most critical line of defense for online accounts, but unfortunately, many people still rely on weak or predictable combinations like “password123” or simple sequences of numbers. These easy-to-guess passwords leave accounts vulnerable to cybercriminals who use automated tools to crack them within minutes.
However, the threat doesn’t stop at weak passwords—data breaches pose an even greater risk. When large-scale breaches occur, they often expose millions of usernames and passwords to the public. Even strong, unique passwords can be compromised if they’ve been leaked in a breach, allowing attackers to use those credentials in credential-stuffing attacks, where they attempt to log in to multiple accounts using the same exposed password.
To counteract this, it’s critical to not only set strong, unique passwords for every account but also to enable multi-factor authentication (MFA) so that even if your password falls into the wrong hands, attackers can’t access your account without a second form of verification.
How to help:
Data loss can be catastrophic, whether it’s due to a hardware failure, theft, or ransomware attack. Setting up automatic backups ensures that your family’s important data—such as photos, videos, and documents—is safe, no matter what happens.
How to help:
New devices often come pre-loaded with a myriad of apps, many of which your family members may never use. Some of these could be bloatware or even pose security risks by running in the background and collecting data.
How to help:
By helping your family with these key cybersecurity steps, you’re not just setting up their devices—you’re providing them with the tools and knowledge to stay safe online. As the digital IT hero of the holidays, you’ll empower your loved ones to enjoy their new tech with confidence, knowing their data and privacy are protected.
The post How to Be Your Family’s Digital IT Hero for the Holidays appeared first on McAfee Blog.
It usually starts with something small.
You’re scrolling TikTok or Instagram, half-paying attention, when a Black Friday ad pops up. It looks like the brand you love—same logo, same photos, same “limited-time deal” language you’ve seen in real promos. The link takes you to a site that looks identical to the real one. The checkout page works. The confirmation email looks legit.
Then the payment clears, and the merchant name on your bank statement doesn’t match the store at all.
That moment, wait, what did I just buy from?, is becoming the defining holiday-shopping scam of 2025.
This year, fake ads and cloned storefronts aren’t sketchy one-offs or typo-filled red flags. They’re polished. They’re identical. And increasingly, they’re powered by AI.
McAfee’s 2025 holiday research found that nearly half of Americans (46%) have already encountered AI-altered or AI-generated scams while shopping. And with 96% of people planning to shop online, many doing so daily, scammers know this is peak opportunity.
Here’s how fraudsters are blending into the busiest shopping season of the year, what the data shows, and how to stay one step ahead.
A perfect storm is happening:
People are shopping more often.
Nearly half of U.S. adults expect to shop online daily or multiple times per day during the holidays.
People are rushed.
From early Black Friday “price drop” alerts to Cyber Monday countdowns, shoppers don’t slow down to verify what they’re seeing.
AI makes scam content nearly flawless.
McAfee found technology email scams surging ~85%, retail email scams rising ~50%, and fraudulent URLs climbing across the board—from counterfeit Apple support pages to fake Costco refund portals.
Holiday deals are already rolling out—and so are the scams.
McAfee’s 2025 holiday research shows major spikes in email scams (~50% increase), technology scams (~85% increase), and fake storefronts that mimic trusted retailers. AI tools are making these scams faster, more realistic, and harder to spot.
It’s not that shoppers suddenly got careless.
It’s that scammers suddenly got good.
This is the big one, and it’s getting cleaner every year.
Scammers lift entire storefronts:
The only giveaway? A URL that’s juuust slightly off—“target-sale.com” instead of “target.com,” or a link ending in “.shop” or “.store” rather than a brand’s normal domain.
Once you enter your payment info, it goes directly into a database that criminals resell or use to make purchases.
How to spot and avoid this scam: Skip the ad. Type the retailer’s name into your browser yourself. If it’s a real deal, you’ll find it on their actual site.
Short-form videos are now a prime scam vehicle.
Scammers steal influencer footage, use AI voice clones, or generate deepfake “promo” videos with celebrities offering huge holiday discounts. When someone clicks the link, it leads straight to a counterfeit store.
How to spot and avoid this scam: Check the creator’s account history. Real brands don’t drop one-off promo videos from accounts you’ve never seen before. Same as our initial advice, skip the ad entirely and go directly to the official brand website rather than clicking any links.
The classic delivery scam is back, with McAfee researchers finding dozens of examples of fake messages attempting to scam holiday shoppers.
You’ll receive a text saying a package can’t be delivered or that a small fee is needed to confirm your address.
McAfee found that 43% of people have encountered fake delivery notifications, and many victims say they entered credit card information thinking they were resolving a legitimate issue.
How to spot and avoid this scam: UPS, USPS, and FedEx will never send a clickable payment link in a text. If you’re wondering about a specific delivery, go directly to the site you ordered it from, or your original receipt in your email to find your tracking information.
These hit during the weeks leading up to the holidays.
Messages claim:
How to spot and avoid this scam:
No legitimate company will ever resolve account issues through gift cards or text-confirmation codes.
Not long ago, scam emails had broken English and pixelated logos.
Now scammers use generative AI to:
And people are noticing.
57% of shoppers say they’re more concerned about AI scams this year than last.
Yet 38% believe they can spot scams—even though 22% have fallen for one.
Confidence ≠ protection.
If something feels off—a message, a link, a charge on your bank statement—don’t panic. Most holiday scams rely on speed and confusion. Slowing down and taking a few simple steps can keep a bad situation from turning into real damage.
Close the tab, delete the message, and don’t click anything else.
Scammers often stack multiple pop-ups or redirects to pressure you into acting fast.
If you started typing in a password or card number but didn’t hit “submit,” back out.
If you did enter details, move to the next steps right away.
Use a strong, unique password—especially for accounts tied to:
A reused password is how one compromised login unlocks everything else. McAfee offers a password manager to help you make and store strong, unique passwords.
Fraud usually starts small: $1–$5 “test” charges, odd merchant names, or tiny withdrawals.
If you see anything suspicious, contact your bank and request:
Some fake sites drop malware or spyware quietly in the background.
A quick scan can detect:
McAfee offers a free antivirus trial that you can use to scan your device and check for compromises.
Reporting helps stop other shoppers from being targeted.
You can report scams to:
McAfee can automatically detect whether the link, message, or site you interacted with is malicious—and alert you if your information may have been exposed.
Tools like:
can help contain an issue before it turns into identity theft.
There’s always someone on your holiday list who doesn’t want more stuff, they want something useful. The friend who loves a clean inbox. The sibling who’s constantly traveling. The parent who keeps forwarding you suspicious texts asking, “Is this real?”
For them, security might actually be the most thoughtful gift you can give this year.
Online safety tools aren’t flashy, but they are the thing people reach for the moment they click the wrong link, lose a password, or get a sketchy delivery text. And with scams more believable than ever, digital protection has quietly become a new “practical essential,” like a good VPN or a reliable password manager.
Gifting McAfee means giving someone:
Scam protection that works quietly in the background
Scam Detector flags dangerous messages, deepfake-style content, and fake shopping sites before they ever interact with them.
Identity & financial monitoring
A huge help for anyone who’s been burned by fraud in the past — or is tired of checking bank statements manually.
Password security that doesn’t require them to remember anything
Perfect for the person who uses the same password everywhere (and you know exactly who I mean).
Device protection for laptops, phones, and tablets
Which is especially relevant for people shopping, traveling, or working remotely through the holiday season.
It’s practical. It’s protective. And unlike most presents, it’s something they’ll use all year.
The post How To Protect Yourself from Black Friday and Cyber Monday AI Scams appeared first on McAfee Blog.
In today’s fast-paced educational environment, productivity is a key determinant of academic success. Enter AI PCs—computers enhanced with artificial intelligence (AI) capabilities—that are reshaping how students interact with productivity tools. AI PCs are designed with built-in AI capabilities that optimize performance and user experience by leveraging machine learning algorithms to enhance software applications. This makes routine tasks more efficient and allows for a more personalized user experience.
For students, this means AI tools are becoming not just supplementary resources but integral parts of their academic toolkit. A new report, “The Dawn of the AI Era: Teens, Parents, and the Adoption of Generative AI at Home and School,” found that seven in 10 teenagers say they have used at least one type of generative AI tool, with 40% report using generative AI for school assignments.
From advanced writing assistants to research enhancers, these AI-driven machines have the power to elevate the academic experience. This blog post will explore how AI PCs integrate with AI tools to boost productivity and offer actionable tips to maximize these features for academic success.
ChatGPT, an AI language model developed by OpenAI, serves as a powerful research assistant, capable of summarizing articles, generating topic ideas, and answering questions on a wide range of subjects. When integrated into an AI PC, ChatGPT can be accessed directly from the desktop or through dedicated applications, providing students with on-demand research support. Several other AI tools can also greatly benefit students in research and writing, such as Google Bard, Jasper, and Copy.ai.
McAfee Tip: Use an AI tool like ChatGPT to brainstorm ideas and outline essays or research papers. For instance, if you’re writing a paper on climate change, ChatGPT can help you outline key points, suggest relevant sources, and even provide a summary of complex scientific articles.
Beyond research, AI tools can assist with writing tasks by generating content, offering suggestions, and even helping with creative projects. Its ability to understand context and generate coherent text means that students can use it for drafting essays, creating reports, or even composing emails.
McAfee Tip: Check with your school policies to ensure you remain compliant with their rules around AI usage. For example, use the tool to generate insights and ideas, but cross-check and cite any specific sources or information included in your work to maintain academic integrity.
Grammarly, an AI-powered writing assistant, is renowned for its grammar and style-checking capabilities. On an AI PC, Grammarly is not just a browser extension but a deeply integrated tool that offers real-time feedback on spelling, punctuation, and stylistic errors. This seamless integration ensures that students can produce polished and professional documents with ease.
McAfee Tip: Use Grammarly’s advanced features, such as clarity and engagement suggestions, to help enhance the readability of your work. Before submitting any paper, run it through Grammarly’s plagiarism checker to ensure that all sources are properly cited and that your work is original.
AI PCs can streamline study sessions by using tools to create comprehensive study guides, generate practice questions, and summarize textbook chapters. For example, AI PCs can integrate with note-taking apps, like Evernote and Microsoft OneNote, to organize lecture notes, create study guides, and sync information across devices. AI features can then assist in summarizing notes and organizing content for easier review.
McAfee Tip: Zotero and Mendeley can help students organize research papers, manage citations, and create bibliographies. Integration with Khan Academy and Coursera on AI PCs allows students to access and interact with educational content, complete with AI-driven recommendations for supplemental learning and practice.
For group projects, AI tools can enhance collaboration by providing a platform for drafting and reviewing content together. AI PCs with integrated ChatGPT can help in brainstorming sessions, while Grammarly ensures that all written contributions are cohesive and professionally presented. Integration with tools like Natural Reader and Otter.ai to convert text to speech and vice versa can help with reviewing study materials and transcribing spoken content into written form.
McAfee Tip: Utilize shared documents with built-in Grammarly and ChatGPT features to collaborate on essays or research papers. This allows for real-time feedback and adjustments, leading to a more polished final product.
In the realm of online research and media consumption, discerning authentic content from manipulated material is increasingly important. This is where McAfee Deepfake Detector comes into play. Integrated into AI PCs, this tool provides real-time alerts when it detects AI-generated audio within videos. By utilizing advanced AI technology, Deepfake Detector helps students quickly identify whether a video’s audio has been manipulated, right from their browser without extra steps.
McAfee Tip: When engaging with online videos for research or study, use Deepfake Detector to ensure the content is authentic. This tool helps you avoid falling for misleading or false information, which is crucial for maintaining the integrity of your academic work.
Ultimately, AI PCs are revolutionizing students’ daily academic routines by integrating advanced AI tools into everyday life. AI-driven tools are offering unprecedented support in writing, research, and creative projects, making them invaluable assets in achieving academic and professional success. By leveraging these capabilities, students can enhance their productivity, produce high-quality work, and prepare for future challenges with confidence.
The post How AI PCs Are Optimizing Productivity Tools for Students appeared first on McAfee Blog.
What is malware? A dictionary-like definition is “malicious software that attacks computers, smartphones, and other connected devices.”
In fact, “malware” is a mash-up of “malicious software.” It describes any type of software or code specifically designed to exploit a connected device or network without consent. And, unsurprisingly, hackers design most of it for financial gain.
Think of malware as an umbrella term that covers an entire host of “bad stuff,” such as:
Spyware that tracks activity, like what you type and where you type it. (Think snooping on your bank account logins.
Ransomware that holds devices or the data on them hostage, that hackers only release for a price. (And even so, payment is no guarantee you’ll get back your access.)
Adware that serves up spammy ads on your device. (The hacker gets paid for the number of “impressions” the ads have. The more they show up on people’s devices, the more they get paid.)
Botnet software, that hijacks a device into a remote-controlled network of other devices. (These networks are used to shut down websites or even shut down large portions of the internet, just to mention two of the things they can do.)
Rootkit that attacks that give hackers remote-control access to a device. (And with that control, they can wage all manner of attacks — on the device and on other devices too.)
Viruses that modify the way a device and its apps function. Also, they can effectively bring a device or network to a grinding halt. (Yes, viruses are a subset of malware. They can copy, delete, and steal data, among other things.)
You might know malware by its more commonly used name — viruses.
There’s a pretty good reason why people commonly refer to malware as a “virus.” Viruses have been on our collective minds for some time.
Viruses have a long history. You could call it “the original malware.” And depending on how you define what a virus is, the first one took root in 1971 — more than 50 years ago. It was known as Creeper, and rather than being malicious in nature, the creator designed it to show how a self-replicating program could spot other devices on a network, transfer itself to them, and find yet more devices to repeat the process. Later, the same programmer who created a refined version of Creeper developed Reaper, a program that could remove the Creeper program. In a way, Reaper could be considered the first piece of antivirus software.[i]
From there, it wasn’t until the 1980s that malware started affecting the broader population, a time when computers became more commonplace in businesses and people’s homes.
At first, malware typically spread by infected floppy disks, much like the “Brain” virus in 1986. While recognized today as the first large-scale computer virus, its authors say they never intended it to work that way. Rather, they say they created Brain as an anti-piracy measure to protect their proprietary software from theft. However, Brain got loose. It went beyond their software and affected computers worldwide. Although not malicious or destructive in nature, Brain most certainly put the industry, businesses, and consumers on notice. Computer viruses were a thing.[ii]
Another piece of malware that got passed along via floppy disks was the “PC Cyborg” attack that targeted the medical research community in and around 1989. There, the malware would lie in wait until the user rebooted their computer for the 90th time and was presented with a digital ransom note.[iii]
An early example of ransomware – Source, Wikipedia
Upon that 90th boot, PC Cyborg encrypted the computer’s files, which would only get unencrypted if the victim paid a fee, making it the first documented form of ransomware.
Shortly thereafter, the internet started connecting computers, which opened millions of doors for hackers as people went online. Among the most noteworthy was 1999’s “Melissa” virus, which spread by way of infected email attachments and overloaded hundreds of corporate and governmental email servers worldwide.
It was quickly followed in 2000 by what’s considered among the most damaging malware to date — ILOVEYOU, which also spread by way of an attachment, this one posing as a love letter. Specifically, it was a self-replicating worm that installed itself on the victim’s computer where it destroyed some info and stole other info, then spread to other computers. One estimate put the global cost of ILOVEYOU at $10 billion. It further speculated that it infected 10% of the world’s internet-connected computers at the time.[iv]
With that history, it’s no surprise that anti-malware software is commonly called “antivirus.”
Antivirus forms a major cornerstone of online protection software. It protects your devices against malware through a combination of prevention, detection, and removal. Our antivirus uses AI to detect the absolute latest threats — and has for several years now.
Today, McAfee registers more than a million new malicious programs and potentially unwanted apps (PUA) each day, which contributes to the millions and millions already in existence. Now with the arrival of AI-powered coding tools, hackers can create new strains at rates unseen before.
That’s another reason why we use AI in our antivirus software. We use AI to protect against AI-created malware. It does so in three ways:
Once again, it’s important to remind ourselves that today’s malware is created largely for profit. Hackers use it to gain personal and financial info, either for their own purposes or to sell it for profit. The files you have stored on your devices have a street value. That includes tax returns, financial docs, payment info, and so on. Moreover, when you consider all the important things you keep on your devices, like your photos and documents, those have value too. Should you get caught up in a ransomware attack, a hacker puts a price tag on them for their return.
Needless to say, and you likely know this already, antivirus is essential for you and your devices.
You’ll find our AI-powered antivirus in all our McAfee+ plans. Better yet, our plans have dozens of protections that block the ways hackers distribute malware. To name just a few, our Text Scam Detector blocks links to suspicious sites that host malware and other attacks — and our Web Protection does the same for your browser. It also includes our industry-first online protection score that shows you just how safe you are, along with suggestions that can make you safer still. Together, our McAfee+ plans offer more than just antivirus. They protect your devices, your privacy, and your identity overall.
[i] https://www.historyofinformation.com/detail.php?entryid=2860
[ii] https://www.historyofinformation.com/detail.php?id=1676
[iii] https://www.theatlantic.com/technology/archive/2016/05/the-computer-virus-that-haunted-early-aids-researchers/481965/
[iv] https://www.forbes.com/sites/daveywinder/2020/05/04/this-20-year-old-virus-infected-50-million-windows-computers-in-10-days-why-the-iloveyou-pandemic-matters-in-2020
The post What is Malware? appeared first on McAfee Blog.
If you think your Gmail account’s been hacked, you’ll want to act. And act quickly.
The fact is that your email has all manner of personal info in there. Receipts, tax correspondence, medical info, and so on. With a hacked account, that info might get deleted, shared, or used against you for identity theft.
Luckily, Google has mechanisms in place to restore a hacked Gmail account. We’ll walk through the steps here — and a few others that can keep you secure in the long term after you have your account back.
Several things can tip you off, including:
With varying degrees of certainty, those are some signs that your account has been hacked.
Also, many people have a Google Account linked with their Gmail password and login. Beyond email, that might include files in Google Drive, photos, a YouTube account, and other features that contain personal info. In those cases, that only increases the potential harm of a hacked account.
Additionally, services like Google Pay and Google Play complicate matters more in the event of a hacked account because they contain financial info.
If you see any unusual changes in those apps or services, that might be a sign of a hacked account as well.
If you think someone else has changed your password or deleted your account, head to Google’s account recovery page. It’ll take you through a multi-step process to restore your account.
With that, you’ll want to do some quick prep. First, do your best to begin the recovery process with a device that you typically use to access your account. Also, if possible, do it in a location where you typically access your account. This provides Google with identifiers that you are who you say you are.
After that, gather up your Gmail account passwords, old and current. The recovery page will ask for them, along with other questions. Do your best to answer each question the very best you can. There’s no penalty for a wrong answer and the more info you can provide, the better.
If you can log into your account, yet worry it’s been hacked, take these steps:
Next, run a virus scan on your device. Your password might have gotten compromised in one of several ways, including malware. This can remove any malware that might be spying on your device (and your passwords).
At this point, create a new password that’s strong and unique. Use at least 14 characters using a mix of upper- and lowercase letters, symbols, and numbers. Or have a password manager do that work for you.
And finally, set two-factor verification on your account if you aren’t already using it. This makes your account far tougher to hack, as two-factor verification requires a unique code to log in. One that only you receive. And just like with your password, never share your unique code. Anyone asking for it is a scammer.
By taking the steps we just covered, you’ve done two important things that can protect you moving forward. One is setting up a strong, unique password. The second is using two-factor verification.
The next thing is to get comprehensive online protection in place. Protection like you’ll find in our McAfee+ plans offers several features that can keep you and your accounts safe.
Once again, your password got compromised one way or another. It could have been spyware on your device. It could have been a phishing attack. It could have been a data breach. The list goes on. However, we refer to it as comprehensive online protection because it’s exactly that. In addition to antivirus, our McAfee+ plans have dozens of features that can protect your devices, identity, and privacy.
For example:
The important thing is this: if you think your Gmail account got hacked, act quickly. You might have much more than just your email linked to that account. Files, photos, and finances might be tied to it as well.
Even if something looks just slightly off, act as if your account got hacked. Log in, change your password, establish two-step verification if you haven’t, and take the other steps mentioned above. Above and beyond your email and all the personal info packed in there, your account can give a hacker access to plenty more.
The post How to Reset Your Gmail Password After Being Hacked appeared first on McAfee Blog.
What if I told you that the most important thing you need to keep your kids safe online doesn’t come in a box or via a download? And that it doesn’t require you to be monitoring or supervising their every move. And even better – it doesn’t cost any money!! Yep – you’d be interested, I’m sure. After almost 13 years as Cybermum, I’ve experienced plenty of ‘aha’ cybersafety moments. But, without doubt, one of the biggest learnings for me is that creating a family culture where there is calm, honest, and truly open communication is the best way to protect your kids online. In fact, it’s likely far more powerful than the latest apps or software, and here’s why…
I’m a big fan of trying to minimise the amount of time kids spend in front of a screen for so many reasons. There is a plethora of research to support how ‘too much’ screen time can adversely affect kids’ behaviour. A 2022 US study of K-12 educators in the US showed that 80% of educators believed that increased screen time worsened children’s behaviour. There are studies that show excessive (and early) screen time can potentially affect a child’s cognitive, linguistic, and social-emotional growth. And even some research shows that the effects of excessive screen time can be similar to the symptoms of autism.
But the reality is that screens aren’t going anywhere soon. We live in a digital world where you actually can’t go about your business without a device and a screen. When was the last time you tried going into a bank branch??? Instead, I believe we need to think of screens a little like we think of sugar. We know it’s not great for us, so we try and minimise our intake.
But how good would it be if our kids understood this perspective, so they also realised that too much screen time wasn’t ideal? Well, they can – weave it into family conversations!
When ‘digital parenting’ became a thing about 15 – 20 years ago, we were all told that we needed to constantly monitor our kids to ensure they weren’t visiting inappropriate websites or speaking to strangers online. I remember trying so hard to stay across the online movements of four kids – I’ve got to admit it was quite time-consuming and exhausting!! Full credit to those parents who put in the hours to keep their kids safe.
Fast forward to 2024 and there is now a comprehensive range of ‘parental control’ apps and software that can act as another set of ‘eyes and ears’ for parents. And while they can be great tools to have in your digital parenting toolbox, they are not the silver bullet. What happens when your child is visiting at another family’s house that doesn’t have parental controls set up? What happens if your child uses a friend’s device while travelling home on the bus to ‘get around’ the parental controls at home? And what about, if they work out how to turn them off?? Remember, are digital natives are quite savvy!!
But if you regularly talk online safety with your kids at home then you have a big head start here. In fact, your stress levels should be relatively low. When you make it a priority to talk to your kids about what they do online – in a non-judgemental way – and share your stories, the latest trends and risks then you are in a good place. If your kids know you understand their digital life, know that you can handle the tough stuff, and know with 100% confidence that you are NOT going to go berserk if they come to you with a problem then you do not need to worry about monitoring their every move. You’ve empowered them with knowledge and offered them a safety net – perfect!
Before I share my top tips with you I want to make it very clear that this is not an exercise in being a perfect parent. There is no such thing as a perfect parent – we are all on a journey and learning as we go. So, please don’t feel psyched out or worry that it’s too late. We’re all doing the best we can to raise our kids – so just keep on keeping on!
There are a few key things that I believe contribute to creating a top-notch communication culture in a family. Here are my top recommendations.
I learnt pretty early on in my parenting career that if you’re not being an active listener, you’re not really getting the full story. Active listening happens when you’re fully engaged with your child and is one of the best ways to communicate that you care and that you’re interested which in turn encourages them to open up more. Perfect! Here’s what I suggest:
Let’s be honest, very few of us are calm or relaxed 365 days of the year! But if you’re keen to maximise the chances that your kids will come to you if they do find themselves in a tricky situation then you need to ‘fake it till you make it’ my friends!
Conflict and heated discussions with teens are inevitable – I’ve definitely had my fair share! But it’s how you work through it that’s important. If you want a truly open and honest relationship with your child where they feel safe to talk about awkward things like sex, alcohol, cyberbullying, and even pornography, then you need to be ready to manage your own feelings and reactions when you hear things that you don’t expect or simply don’t like.
If you’re struggling to remain calm and deal with emotions from conversations with your teen then why not take some time to invest in yourself? Hit the road and walk it off, find some breathing exercises or a meditation on YouTube, or pick up the phone and call a friend. By role-modelling honest conversation and a calm approach, you’re teaching your children how to be respectful and calm and have open and tough conversations. What a life skill!
And if you can’t manage to remain calm and you lose your cool – simply apologise, give them a hug, and commit to doing better next time.
When I was growing up, I had a few friends who had very open relationships with their parents. Everything was discussed – nothing was off-limits! These friends all had a certain confidence, a knowing that they had someone in their corner who had their back, wouldn’t judge, and would be their ‘come what may’ for any situation. I was a little jealous!
Talking to your kids about sex, pornography, and cyberbullying can be really stressful. But there is so much research that shows that proactive conversations about tricky topics such as sex can be really beneficial. A review of research on British parents’ involvement in sex education found that they often felt embarrassed about broaching the subject with their kids. The same review compared this to countries such as Sweden where parents talked openly to their children about sex from an early age. It attributed the difference in approaches to the higher rates of teenage pregnancy and sexually transmitted diseases in England and Wales. Fascinating!
Start by teaching them the correct names for body parts. When they start preschool or school, you can teach them about respecting others and also about how to express their feelings. This will set them up for open and honest conversations and relationships.
Own the fact that it may feel really embarrassing or awkward when chatting to your kids about these topics. Perhaps make a joke of it. But assure them you’re going to do your best to help them navigate these issues and that you can absolutely handle it.
Why not break it up into small regular chats and take the pressure off? One big talk is overwhelming and could feel really awkward and pressured. A little bit of chatter often will feel more natural. Why not use films, books, or movies as a trigger for a conversation? The more natural and less contrived it feels, the more relaxed and receptive everyone will be.
Expressing disapproval or shock when your kids are sharing something tricky with you is the fastest way to shut down communication. So stop yourself! And if they do share something that surprises you, make sure you thank them and suggest you both talk about it more so you can better understand.
Now, if you have tweens or teens and you regret not prioritising your family’s communication culture earlier, do not stress. It’s never too late to make a difference! Yes, there might be a whole lot of awkwardness, but it will absolutely pass. Share stories of your online life, and news stories that you will start a conversation, ask them questions about their online life, and most importantly, be calm and don’t be critical or negative when they start sharing. Otherwise, it will be over ASAP.
You can absolutely handle this!
The post Top Strategies For Keeping Your Kids Safe Online appeared first on McAfee Blog.
Scams are big business for cybercriminals. In 2023, Aussies lost a whopping $2.7 billion in scams. Barely a week goes by without yet another brave story of someone who shares their own scam story in the hope that it will alert others to the calculating ways of cyber criminals. While the hefty financial losses are often the stories that catch our eye, the impact on a victim’s confidence and mental health can’t be underestimated.
As a mum of 4, one of my greatest concerns is that my boys don’t end up losing their hard-earned money to online scams. So, in the spirit of parenthood, I want to share with you some of the scam protection tips I share with my beloved boys.
Teaching your kids to be cautiously suspicious and question what they see online may feel like you’re bursting their bubble but I’m all about keeping it real and protecting them. As soon as your kids are old enough to interact online, I would start weaving in messages such as
And as they get older, make the messages more targeted and pose questions that will get them thinking:
And when your kids hit the teenage years and they are operating independently online, there is no point sugar-coating anything about being online. I regularly share news stories and social media posts about the latest scams with my crew as well as the brave stories of scam victims.
Sometimes it can be the little things that can cause us to become unstuck like not updating software or downloading an app without checking the reviews. In an ideal world, we’d all get an A++ with our cyber hygiene basics but, we are all human – so mistakes will be made, and routines will go awry. This is an example of someone who would get an A++ for cyber hygiene – I’m about to share this with my boys!
Ensure the software on all your devices is up to date. And yes, that includes your gaming console too! Remember, software updates are usually designed to address security weaknesses.
Every online account needs to have its own unique password. I’m a big fan of password managers to make this process easier to manage. Check out TrueKey – McAfee’s free password manager – not only will it help you generate humanely impossible passwords, but it will remember them also. All you need to do is remember one ‘master password’ – a complete no-brainer!
Only visit websites that are secure and start with a ‘https’. Simply look for the closed lock icon in the URL bar. Install top-notch security software on your devices. I’m clearly a fan of McAfee+ – McAfee’s full ID theft protection and premium security software. Not only does it include antivirus but identity monitoring, scam protection, social privacy manager as well as unlimited VPN usage too!
Only ever download apps from trusted marketplaces such as the AppStore or Google Play. Apps collect data so you want to ensure it is safe, so you don’t become a victim of identity theft. Dodgy apps, particularly banking apps, are a particularly lucrative way scammers try to get their hands on your money. So, always read the reviews and do your due diligence before downloading.
Never answer calls from a number you don’t know. Some phones will allow you to silence calls from unknown numbers. There are also some apps that have been developed to identify scam numbers but make sure you do your homework before downloading!
At the risk of stating the obvious, the less you share online the less information there is for scammers to find and use. Sharing too many specific details on your social media platforms or your dating profiles can help a scammer to build a profile. This is often known as the ‘mosaic effect’ and can be how scammers can successfully steal identities. Here’s what I suggest:
All social media profiles need to be set to private. Some platforms will also allow you to limit the viewing of your past posts – definitely do this. And always turn off live location.
Only accept follow or friend requests from people you know and trust. Teens may be tempted to accept requests from anyone in order to boost their ‘numbers’, but this is a dangerous game and no different than sharing details of your private life with complete strangers who may in fact be scammers.
All photos contain metadata that can give the precise location where the pic was taken. So, be cautious and post pics of events, gatherings, and holidays post-event.
Phishing scams are by far one of the most successful ways scammers can make their way into our lives. Quite simply, this is when a cybercriminal poses as a legitimate institution and ‘tricks’ an unsuspecting user into sharing personal information. The stolen identifying information is then used to access accounts and can result in identity theft and potential financial loss.
Now, this can happen via telephone however email, text, and social media messaging platforms are the most common routes. Commonly, cyber criminals will encourage potential victims to click on fraudulent links to access special deals, check account balances, or view receipts. Here are my top tips to avoid becoming a victim:
Links could contain malicious or nasty software so avoid clicking on them if possible. You can always hover over the link to see the actual web address it will take you to.
If a link is fraudulent and you’ve clicked on it and then shared personal information, you may be at risk of having the details you shared stolen. So let’s avoid that! Instead, always manually type the website address into your browser and make sure you are visiting the legitimate website.
If you’ve received an email from someone that contains a link that has piqued your interest, contact the person directly and verify they sent it. This is particularly relevant when making a payment.
One of the best ways to stay abreast of scams is to commit to staying informed. Scan the news headlines daily and subscribe to relevant tech newsletters and social media groups. With so many people affected by scams, tech journalists will often cover the latest scams. And pay it forward – if you hear of a scam doing the rounds, share the intel with friends and family members.
Whether it’s a romance scam, toll scam, or a false delivery scam, there’s no disputing that scammers are trying very hard to infiltrate every aspect of our lives. And yes, it can feel overwhelming but taking just a few simple steps will ensure that you (and your family) are in the best possible position to shut down those scammers!
The post The Top 5 Ways To Protect Your Family From Scams appeared first on McAfee Blog.
In our fast-moving digital world, today’s conversations can take on new meanings years down the line. Then you might find yourself explaining posts that no longer reflect who you are.
This reality makes it crucial to start a conversation in your family about social media archives. Teens and tweens are constantly posting, snapping, tweeting, and commenting every day. According to the latest research, 97% of teens go online daily, with many saying they are “almost constantly” connected.
With so much activity, it’s just a matter of time before some questionable content resurfaces, potentially compromising a job, scholarship, or personal relationship. Old social posts don’t just haunt celebrities; in today’s digital culture, everyone’s online activity is open to scrutiny.
1. Vet your content. Ask yourself some key questions: Is there anything in this post or comment that could hurt me in the future? Does this post defame a specific race, religion, or lifestyle? Is this content contributing to the conversation or just noise?
2. Be Careful with Humor: Not everyone shares your sense of humor. What seems funny today could be viewed differently in the future. Just look at how comedians and public figures are often held accountable for jokes or comments made years ago.
3. Don’t pick at it—purge it. No doubt, people change. You may not be the 20-something hothead who began tweeting or blogging nearly a decade ago, but your archives are still out and say otherwise. In her book, The Life-Changing Magic of Tidying Up, Japanese cleaning consultant Marie Kondo takes tidying to a whole new level, some of which we can apply here. 1) Don’t analyze everything and just pair down — purge. 2) Get rid of anything that doesn’t spark joy for you 3) Don’t ask yourself what you like about a photo or post, ask yourself ‘Why should this stay?’ 4) Keep only the content that makes you happy or inspires you. Chop everything else.
4. Use X’s advanced search. Some of us have tweeted out several novels worth of content. Who has time to go through that? Twitter has advanced search features that will help you quickly find questionable tweets. Just go to https://twitter.com/search-advanced and enter keywords and phrases, along with your user account name. This search will help isolate tweets that could be compromising.
5. Am I being true to who I am? Most tweens and teens are not asking themselves this question, but we can still encourage our kids to engage in this specific self-reflection. Encourage young publishers to think about what message and image they hope to project to go through their archives with that in mind. Encourage them to review everything about their profiles from their bio to the kinds of movies and books they’ve called out, to their Facebook groups. Ask: Is this still who you are? Are these still the interests you’d like to project?
6. Delete immediately:
7. Review likes and post privacy settings. Even the posts of others (that are marked public) that you like or comment on will show up on Google, which means others could judge you guilty by association. It may be time-consuming, but you can clean up your Facebook ‘like’ history in the Activity Log. If you want to share but still limit who can view your posts, McAfee’s Social Privacy Manager helps you adjust your social media privacy settings based on how public or private you want to be online.
8. Google yourself. See what comes up. Be sure to check images, videos, news, and more tabs. You just never know what content will make it into remote circles. If you find something surprising, contact the site host and request they remove the content.
The post Could Your Social Media History Come Back to Bite You? appeared first on McAfee Blog.
Almost every teenager in the United States (approximately 96%) reports using the internet daily. As students prepare to return to school after the summer break, ensuring their cybersecurity practices are up to date is essential to protect personal information from increasingly sophisticated cyber threats. By teaching proactive cybersecurity measures, parents can empower their children to maintain a secure online presence, fostering a safer digital environment for the entire family.
According to research conducted at Baylor University, students are estimated to spend a substantial average of eight to ten hours daily engaged with smartphones or other forms of technology. These devices need to be safeguarded because they are integral to daily life, facilitating communication, learning, and productivity.
Here are essential steps to safeguard computers, cell phones, and tablets:
One study found that young students knew not to share their passwords with others, but only about 13% of them created very strong passwords. Creating a complex password is crucial because it acts as a barrier against unauthorized access to personal accounts and sensitive information.
Phishing attacks are prevalent and can trick students into revealing sensitive information or downloading malware. These scams often mimic trusted sources like educational institutions or familiar online services, enticing recipients to click on malicious links or download attachments containing malware. Once engaged, these tactics exploit vulnerabilities to compromise devices, steal information, or gain unauthorized access to accounts, posing significant risks to personal and academic security.
To further enhance students’ defenses against phishing attacks, utilizing a scam protection tool can be invaluable. These tools are designed to automatically detect and alert users to potentially dangerous URLs embedded in texts, emails, or social media messages. Imagine receiving a suspicious link in what appears to be a package delivery notification or a bank alert—this tool’s AI technology swiftly identifies such threats and alerts you before you click, providing peace of mind against falling victim to phishing scams. As a proactive measure, it can even block access to risky websites if you inadvertently follow a scam link, effectively bolstering your defenses across various digital platforms.
A Pew Research Center survey found that the majority of U.S. teens use social media sites like TikTok (67%), Instagram (62%) and Snapchat (59%). Social media serves as a powerful tool for connecting, discovering, and exchanging information. However, oversharing can inadvertently expose us to threats posed by scammers, hackers, and data aggregators. To stay better protected on social media, consider these tips:
As students gear up for another school year, cybersecurity awareness should be a top priority. Staying vigilant and proactive is key to maintaining a secure digital environment for students at all educational levels. By implementing these cybersecurity tips, students can protect themselves against potential threats and focus more on their studies with peace of mind.
The post Cybersecurity Tips for Students Returning to School appeared first on McAfee Blog.
Probably like you, I’ve always struggled to find enough time to stay up to date with all my friends. So when I discovered social media in 2007 and joined Facebook, I was elated to have found a way to keep up with everyone. How I loved seeing snaps of my friends’ babies and kids. Hand on heart, it was joyous! However fast forward to 2024 and the ‘thinking’ around online sharing aka ‘sharenting’ has completely changed. No longer is sharing pics of our kids considered to be a safe and joyous past time. In fact, most experts now believe that sharing pics of our kids online may in fact be putting them in danger.
Despite the multitude of ‘mumfluencers‘ and parenting content creators on your social media feeds who normalise ‘sharenting’, some of the biggest players in the tech space have a very different approach. Mark Zuckerberg, founder of Meta, never shares pics of his daughters. In 2023, he did share a sweet family photo but he used emojis to cover his 2 older daughters’ faces. Although he doesn’t have kids of his own, Apple boss Tim Cooke has also spoken publicly about heavily encouraging his nephew to not be involved in social media. And this approach is also shared by many big names in Hollywood with celebrities like Kristen Bell, Gigi Hadid, and Orlando Bloom also blurring images or using emojis to help protect their kids’ privacy on social media.
Now, I’m not suggesting that we need to take all our parenting tips from tech giants and celebrities, but it does highlight a trend amongst high-profile individuals that I think is definitely worth noting. Could Zuckerberg’s use of emojis be a message that it is in fact the end user’s responsibility to protect themselves online? Or is it a result of firsthand knowledge of what happens when pictures of children end up in the wrong hands?
What Are The Risks With ‘Sharenting’ – Apart From Embarrassment?
While your teen may nominate embarrassment as the top reason for parents not to share pics online, the potential risks of ‘sharenting’ are far greater than simply avoiding the cringe. Here are the top ones to consider:
The minute you upload a pic online, you are effectively relinquishing ownership of it. There’s nothing to stop anyone from copying, altering, editing, or sharing any picture that you post online. You may also be surprised to know that when you share a picture on social media, you are agreeing to the site’s terms & conditions – even if you haven’t read them! These terms often include a licensing agreement which means that once you have posted an image to a social media platform like Facebook, you are granting Facebook ownership of the content through a licensing term. In short, you lose control over who sees your child and what they do with the image.
Cybercriminals are very skilled at putting together various ‘puzzle pieces’ to help steal an identity. If a parent is sharing regular happy snaps of key childhood events, it wouldn’t take a cybercriminal long to work out a child’s full name, birthday, hometown, or even school simply from the images, captions, and comments.
And once they’ve got their hands on the image and personal information, it takes little time for a skilled scammer to create fake profiles and an online identity. Once the fake identity has been created, applying for credit and setting up accounts becomes a breeze. According to the US Federal Trade Commission, identity theft of kids under 19 is a growing trend. In the first half of 2024, it accounted for 3% of all identity theft cases – up from 2% last year.
Unfortunately, there are some depraved individuals in this world who make it their life’s work to steal images of minors for sexual exploitation purposes. Images are often edited and manipulated and then shared or sold on child exploitation websites. The sophistication of artificial intelligence software now means that images can easily be easily manipulated and even animated. This is known as deepfake technology and it is a very big problem. In fact the Australian eSafety Commissioner estimates that 90% of deepfakes are explicit. Having your image manipulated and used as a pornographic deepfake would be devastating. The impact on their mental health would be profound and it could also have lasting negative effects on one’s personal and professional life.
In an ideal world, we would all follow the lead of Mark Zuckerberg and Hollywood celebs and not post any pic of our kids online. Remember, if there are no photos or personal details about your child online, then the problem goes away. But if you don’t think you can break the habit, then here’s what I strongly suggest you do from now on:
Take a moment before you upload and ask yourself whether the photo really needs to be shared on social media. Perhaps you could share it in a group chat with close family and friends instead? Think of it as a numbers game – the less you share, the less risk there is that the photo will end up in the wrong hands.
Every social media platform will have an option to allow you to only share images with your friends. Please set this up. Some will also give you the option to limit what can be shared from your posts – take this up too. And while you are at it, maybe give your friends list a once over. If you don’t even remember who someone is or have had limited contact, it might be time to delete!
Always scan your pics to ensure there are no identifying details. Your child’s name, school details, and birth date are all nuggets of gold for a cybercriminal who is trying to steal an identity. Always disable geotagging which will also get rid of any potential location data on an image. But don’t forget that all digital pics contain metadata which includes the location of the pic. This can be disabled but if that’s all too complicated, simply use a screenshot of an image instead of the original image and the problem goes away!
Adding a digital watermark to photos will make it much harder for deepfake creators to use your images. It becomes a more complicated procedure which could also possibly be traceable. There are several free apps that can easily help you add a watermark including my personal favourite Canva.
Now, if you’re reading this and feeling incredibly guilty about everything you’ve shared to date, please stop right there. Don’t beat yourself up. Parenting is a journey, and we are all learning and evolving as new information comes to light.
So, don’t panic. Instead, why not commit to rethinking your approach going forward? And if you have a spare hour or 2, go back over your social media posts and remove anything you aren’t sure about. And ensure all your settings are private!
You’ve got this!
The post Why Sharing Your Kids’ Pics Online Is Not A Good Idea appeared first on McAfee Blog.
As the back-to-school season approaches, equipping children with the tools and knowledge to navigate social media safely is crucial. In today’s digital age, social media plays a significant role in the lives of kids, offering both opportunities and challenges. Over 93% of teens in the U.S. use social media, and 68% of pre-teens also use social media.
From connecting with friends to showcasing their interests, social platforms offer many opportunities for self-expression and engagement. However, alongside the benefits come potential risks. How can parents be social media-savvy and help their kids stay safe on social media and empower them to proactively manage their digital footprints?
Digital footprints represent the traces of online activity individuals leave behind, which can significantly influence their online reputation and future prospects. Parents play a vital role in educating their children about the significance of being mindful of their online sharing and the potential consequences of their digital actions. By instilling awareness and responsibility in their children regarding their online presence, parents empower them to navigate the digital world more effectively and responsibly.
To proactively manage their digital footprints, parents and kids can:
Additionally, as a parent, you can take proactive measures to safeguard your child’s digital presence by implementing the following strategies:
As students prepare to return to school, it’s essential to have conversations about safe social media practices. By understanding the importance of managing digital footprints, controlling privacy settings, and maintaining a positive online reputation, kids can navigate social media safely and responsibly. By working together, parents can empower kids to thrive in the digital age while protecting their online identity.
The post A Guide for Parents to Help Kids Navigate Social Media Safely appeared first on McAfee Blog.
Your smart home hums right along. It sets your alarm, opens your garage door, pops up recipes on your refrigerator screen, turns up your lighting, and even spins selections as your in-house DJ. That’s to name just a few of the things it can do. Yet with all these connected conveniences, can smart homes get hacked?
The short answer is, unfortunately, yes. Yet you have plenty of ways you can prevent it from happening.
Smart homes and the Internet of Things (IoT) devices that populate them often offer prime targets for hackers. The reason? Many IoT smart home devices have poor security features in place. And because a home network is only as strong as its weakest point, smart home devices offer a ready means of entry. With that access to the network, a hacker has access to all the other devices on it…computers, tablets, smartphones, baby monitors, and alarm systems. Everything.
Recent research sheds light on what’s at stake. Cybersecurity teams at the Florida Institute of Technology found that companion apps for several big brand smart devices had security flaws. Of the 20 apps linked to connected doorbells, locks, security systems, televisions, and cameras they studied, 16 had “critical cryptographic flaws” that might allow attackers to intercept and modify their traffic. These flaws might lead to the theft of login credentials and spying, the compromise of the connected device, or the compromise of other devices and data on the network.[i]
Over the years, our research teams at McAfee Labs have uncovered similar security vulnerabilities in other IoT devices like smart coffee makers and smart wall plugs.
Let’s imagine a smart lightbulb with poor security measures. As part of your home network, a motivated hacker might target it, compromise it, and gain access to the other devices on your network. In that way, a lightbulb might lead to your laptop — and all the files and data on it.
In all, hackers have many reasons why they might break into your smart home.
You can take several steps to make your current smart home safer. Some of them involve protecting your devices, while others focus on protecting your home network.
Aside from protecting your devices, there’s protecting yourself. Comprehensive online protection software will protect your privacy and identity as well. Depending on your location and the plan you select, ours includes up to $2 million in identity theft coverage, plus features that clean up old and risky online accounts. Further features remove your personal info from the sketchiest of online data brokers and help you monitor all your transactions in one place — including retirement and investment accounts. It’s comprehensive protection for a reason.
Check out our Smart Home Security Guide. It offers further details on device protection and privacy advice for smart devices and smart speakers too. It’s free, and part of the McAfee Safety Series that covers topics ranging from online shopping and cyberbullying to identity protection and ransomware prevention.
[i] https://news.fit.edu/academics-research/apps-for-popular-smart-home-devices-contain-security-flaws-new-research-finds/
[ii] https://www.zdnet.com/article/hacker-leaks-passwords-for-more-than-500000-servers-routers-and-iot-devices/
[iii] https://docs.fcc.gov/public/attachments/DOC-401201A1.pdf
The post Is Your Smart Home Vulnerable to a Hack Attack? appeared first on McAfee Blog.
Reports filed with the U.S. Federal Trade Commission (FTC) put the risks in perspective — scammers squarely target older adults. In 2023, adults aged 60 and up filed over one-third of all fraud reports. Their reported losses? Close to $2 billion.
While scammers target all age groups, older adults offer them a particular advantage. Technology and everyday internet use came along later in their lives. They didn’t grow up with it like the rest of us did, making them less familiar with technology and more susceptible to attack. Moreover, their lifetime savings, home ownership, and retirement accounts make them attractive targets.
That’s much the case with our grandparents today. It’s little wonder hackers, scammers, and thieves go after them.
Figures courtesy of the FTC
However, your grandparents have a big advantage working in their favor. You.
Your knowledge, your expertise, and your overall comfort level with technology and the internet can help them steer clear of fraud. Have a chat about staying safe online. Or have a few chats over time. The advice you pass up can make all the difference.
Here are a few ways you can start:
As the year rolls on, so do the scams. Every scam has its season, from tax scams early in the year to shopping scams during the holidays. Current events play in too. In the wake of natural disasters, phony relief scams make the rounds on the internet. Encourage your grandparents to keep an eye on the news for the latest online scams so they have a better chance of recognizing fraudulent activity. Or better yet, give them a call when you get word of a new data breach or scam.
The secret to beating cybercriminals at their own game is to think like one. Encourage your grandparents to consider what can make them targets. Perhaps they have large retirement funds. Maybe their online bank account is secured with a password that they use for multiple online accounts. Have them think about how they’ve made it easier for a crook to take advantage of them. From there, they can tighten up their security as needed. A tool like our Protection Score can do this for them. It stops weak points and offers solutions for shoring them up.
Each account should get its own strong, unique password. Which is a lot of work, given all the accounts we keep. A password manager can help. It creates and securely stores strong, unique passwords for every account. (No more sticky notes with passwords on the monitor.)
Also, help them set up two-factor authentication on their accounts that offer it. It provides an extra layer of security, as it requires multiple forms of verification, such as a fingerprint scan or facial recognition. This, with strong, unique passwords, makes accounts terrifically tough to crack.
Hackers, scammers, and thieves all use phishing attacks to rope in victims. And today, they look increasingly convincing thanks to AI tools. And as we’ve covered here on our blocks, scammers can easily clone voices — even faces—on calls and video chats. Plenty more phishing attacks come by text, email, and phone calls. This is where your grandparents need to get savvy.
If they receive an email that appears to be from a business or even a family member, but they are asking them for their Social Security Number, passwords, or money, stop and think. Don’t click on anything or take any direct action from the message. Instead, go straight to the organization’s website and verify that the message is legitimate with customer service. If the message claims to be from a family member asking for financial help, contact them directly to ensure it’s not a scammer in disguise. In all, make sure they show great caution any time a seemingly “urgent” email, message, or call comes their way. Urgency is often a sign of a scam.
Today’s online protection goes far beyond antivirus. It protects people. Their devices, their identity, and their privacy.
Comprehensive online protection like our McAfee+ plans keep them safe from hackers, scammers, and thieves in several ways. Consider this short list of what comprehensive online protection like ours can do for your grandparents:
Scam Protection
Is that email, text, or message packing a scam link? Our scam protection lets your grandparents know before they click that link. It uses AI to sniff out bad links. And if they click or tap on one, no worries. It blocks links to malicious sites.
Web protection
Like scam protection, our web protection sniffs out sketchy links while they browse. So say they stumble across a great-looking offer in a bed of search results. If it’s a link to a scam site, they’ll spot it. Also like scam protection, it blocks the site if they accidentally hit the link.
Transaction Monitoring
This helps them nip fraud in the bud. Based on the settings they provide, transaction monitoring keeps an eye out for unusual activity on credit and debit cards. That same monitoring can extend to retirement, investment, and loan accounts as well. It can further notify them if someone tries to change the contact info on their bank accounts or take out a short-term loan in their name.
Credit Monitoring
This is an important thing to do in today’s password- and digital-driven world. Credit monitoring uncovers any inconsistencies or outright instances of fraud in credit reports. Then it helps put your grandparents on the path to setting them straight. It further keeps an eye on their credit reports overall by providing you with notifications if anything changes in their history or score.
Personal Data Cleanup
This provides your grandparents with another powerful tool for protecting their privacy. Personal Data Cleanup removes their personal info from some of the sketchiest data broker sites out there. And they’ll sell those lines and lines of info about them to anyone. Hackers and spammers included. Personal Data Cleanup scans data broker sites and shows which ones are selling their personal info. From there, it provides guidance for removing your data from those sites. Further, when part of our McAfee+ Advanced and Ultimate, it sends requests to remove their data automatically.
Identity Theft Coverage & Restoration
Say the unfortunate happens to your grandparents and they fall victim to identity theft. Our coverage and restoration plan provides up to $2 million in lawyer fees and reimbursement for lawyer fees and stolen funds. Further, a licensed expert can help them repair their identity and credit. In all, this saves them money and their time if theft happens.
The post How to Talk to Your Grandparents About Staying Safe Online appeared first on McAfee Blog.
If you’re the parent of a tween or teen, chances are they’re not the only ones going back to school. Their smartphones are going back too.
Our global research showed just how many tweens and teens use a smartphone. Plenty. Depending on the age band, that figure ranges anywhere from 76% to 93%, with some noteworthy variations between countries.
One of the top reasons parents give their child a phone is to stay in touch, so it likely follows that those phones will likely make their way into the classroom. Whether or not that’s the case for your child, back-to-school time is still a great time to help your child stay safer on their phone—and keep their phones safer too in the event of loss or theft.
Comprehensive online protection software can protect your phone in the same way that it protects your laptops and computers. Unfortunately, while many people use it on their laptops and computers, far fewer people use it on their phones—only about 42% of tweens and teens worldwide use it on their smartphones according to our most recent research.
Installing it can protect their privacy, keep them safe from attacks on public Wi-Fi, and automatically block unsafe websites and links, just to name a few things it can do. You can find our smartphone apps in both Google Play and the Apple App Store.
Updates do all kinds of great things for gaming, streaming, and chatting apps, such as adding more features and functionality over time. Updates do something else—they make those apps more secure. Hackers will hammer away at apps to find or create vulnerabilities, which can steal personal info or compromise the device itself. Updates will often include security improvements, in addition to performance improvements.
iPhones update apps automatically by default, yet you can learn how to turn them back on here if they’ve been set to manual updates. For Android phones, this article can help you set apps to auto-update if they aren’t set that way already.
Much the same goes for the operating system on smartphones too. Updates can bring more features and more security. iOS users can learn how to update their phones automatically in this article. Likewise, Android users can refer to this article about automatic updates for their phones.
Another finding from our latest global research is just how few people use a lock screen on their phones. Only 56% of parents said that they protect their smartphone with a password or passcode, and only 42% said they do the same for their child’s smartphone—a further 14% drop between parents and kids.
The issue here is clear. If an unlocked phone gets lost or stolen, all the information on it is an open book to a potential hacker, scammer, or thief. Enabling a lock screen if you haven’t already. It’s a simple feature found in both iOS and Android devices.
Preventing the actual theft of your phone is important too, as some hacks happen simply because a phone falls into the wrong hands. This is a good case for password or PIN protecting your phone, as well as turning on device tracking so that you can locate your phone or even wipe it remotely if you need to. Apple provides iOS users with a step-by-step guide for remotely wiping devices, and Google offers up a guide for Android users as well.
Strong, unique passwords offer another primary line of defense. Yet with all the accounts we have floating around, juggling dozens of strong and unique passwords can feel like a task—thus the temptation to use (and re-use) simpler passwords. Hackers love this because one password can be the key to several accounts. Instead, try a password manager that can create those passwords for you and safely store them as well.
Google Play and Apple’s App Store have measures in place to review and vet apps to help ensure that they are safe and secure. Third-party sites may not have that process in place. In fact, some third-party sites may intentionally host malicious apps as part of a broader scam. Granted, cybercriminals have found ways to work around Google and Apple’s review process, yet the chances of downloading a safe app from them are far greater than anywhere else. Furthermore, both Google and Apple are quick to remove malicious apps once discovered, making their stores that much safer.
One way that crooks can hack their way into your phone is via public Wi-Fi, such as at coffee shops, libraries, and other places on the go. These networks are public, meaning that your activities are exposed to others on the network—your banking, your password usage, all of it. One way to make a public network private is with a VPN, which can keep you and all you do protected from others on that Wi-Fi hotspot. Note that our VPN can turn on automatically for public Wi-Fi, protecting account credentials, search habits, and other activities online.
The same advice applies to these devices as well—strong online protection software, password management, VPN usage, and so on. What’s good for a smartphone is good for laptops and desktops too.
For laptops in particular, you can track these devices as well, just like a smartphone. The process differs from smartphones, yet it’s still quite straightforward. Windows and Mac users can enable the following settings—and you can click the links below for complete instructions from the source:
Putting these same protections in place on your laptops and desktops will help make your child, and your whole family, safer than before.
Note that on school-issued devices, your school district will likely have technology teams who manage them. As part of that, they typically have policies and restrictions in place to help keep them running safe and sound. If you have any questions about what kind of protections are in place on these school-issued devices, contact your school district.
While we’ve largely focused on protecting the phone itself, there’s also the importance of protecting the person who’s using it. In this case, your child—what they see, do, and experience on the internet. Device security is only part of the equation there.
Parents of tweens and teens know the concerns that come along with smartphone usage, ranging anywhere from cyberbullying, too much screen time, and simply wanting to know what their child is up to on their phone.
As you can imagine, each of these topics deserves its own treatment. The “Family Safety” section of our blog offers parents and their kids alike plenty of resources, and the list below can get you started on a few of the most pressing issues:
Without a doubt, while a child may get their first smartphone to “keep in touch,” that ownership blossoms into something far greater. And quite quickly. As they dive into the world of apps, social media, messaging, and gaming, take an interest, take it as an opportunity to spend time talking about their day and what it was like online.
By asking if they grabbed any cool pictures, what their favorite games are, and how their friends are when your child is texting them, questions like these can open a look into a world that would otherwise remain closed. This way, talking about the phone and what they’re doing on it becomes part of normal, everyday conversation. This can reap benefits down the road when your child encounters the inevitable bumps along the way, whether they’re dealing with a technical issue or something as difficult as cyberbullying or harassment. Talking about their life online on a regular basis may make them more apt to come forward when there’s a problem than they otherwise might.
In all, think of the smartphone as a fast pass into adulthood, thanks to how it puts the entirety of the internet right in your child’s hand. Protecting the device and the kid who’s using it will help ensure they get the absolute best out of all that potential.
The post Getting Your Kids Ready for School—And Their Smartphones Too appeared first on McAfee Blog.
How do you protect yourself when you use public Wi-Fi on your phone? For the 40% of people who say they use public Wi-Fi that way, it’s a good question to ask.
A recent study from Forbes found that plenty of people use public Wi-Fi — with 35% saying they use it at least four times a month.[i]
People have plenty of reasons for using public Wi-Fi on their phones. First off, they might want to save their cellular data usage. Maybe they want the speed it offers over a cell connection, like when they hop on a video call. In other cases, they might have a lousy cell signal indoors and want a better connection with Wi-Fi.
All are valid reasons for using public Wi-Fi. And all are reasons for knowing how to play it safe when you do.
In an ideal world, public Wi-Fi is quite safe. The operator has it set up with the latest protection protocols, like the WP3 standard. The operator also has current, updated network equipment. You’re using it to connect to a site that uses “https” for security. And there’s no hackers or snoops in the network mix.
Of course, you can’t count on any of that every time you use public Wi-Fi.
So, what are your options if you want or need a public Wi-Fi connection?
The readiest answer is to use a VPN. As a “virtual private network,” it runs your data connection through a secure, encrypted tunnel exclusive to you. This way, it shields you and what you do from any prying eyes on public Wi-Fi.
The important bit here is to go with a trusted VPN provider. Ironically, many VPNs out there put you at risk. Some collect user info, particularly free VPNs. This gets bought and sold, and sometimes falls victim to data breaches — putting all kinds of personal info at risk.[ii] Moreover, some so-called VPNs install malware on phones instead. Others serve up ads in return for the free service.
With that, choosing a secure and trustworthy VPN provider is a must. A VPN like ours has both your security and privacy in mind. In a VPN, look for:
Not every VPN offers these features. Selecting one that does gives you the protection you want paired with the privacy you want.
Turn off automatic connections.
Be choosy about the networks you connect to. Turning off automatic connections on your phone allows you to select the trusted networks you know best.
Keep your phone updated.
Set your operating system and apps to update automatically. Updates often include security fixes that shore up recently discovered shortcomings.
Watch out for extra taps to log in.
Hackers set up sketchy public Wi-Fi as bait. With it, they might siphon off personal info as you browse, bank, and shop. Others use it to install malware, like spyware that also steals personal info. Avoid any public Wi-Fi that asks you to download extra software or apps.
Prevent third parties from collecting your info.
Some internet service providers (ISPs) offer public Wi-Fi networks in various places. However, many ISPs track, gather, and sometimes share connection info. A VPN can put a stop to plenty of that, which makes this one more good reason to use one on public Wi-Fi.
Skip public Wi-Fi altogether.
If possible, use your data connection instead. Most mobile phone providers encrypt the traffic between cell towers and your device.
[i] https://www.forbes.com/advisor/business/public-wifi-risks/
[ii] https://www.cpomagazine.com/cyber-security/free-vpn-data-leak-exposed-over-360-million-user-records/
The post How Do I Protect Myself When Using Wi-Fi? appeared first on McAfee Blog.
A text pops up on your phone. It’s your pal, and the text says, “What’s the password again?” It might be for a video streaming app, a delivery service, or a music site. But is it really OK to share passwords?
The answer to that question takes a couple of forms.
For starters, that app, service, or site you’re sharing has terms of use. Those terms might allow for sharing. Others might not. From that standpoint, sharing might break those terms.
Secondly, sharing passwords with someone outside your household carries security risks. And that’s what we’ll focus on here.
One set of research found that 79% of Americans surveyed said they shared passwords. Video streaming came in at 35%, delivery services at 29%, and music streaming at 9%.[i]
Yet that same research revealed something else. Only 7% of Americans said they worried about getting hacked despite all that password sharing.
The broader use a password sees, the more vulnerable it is. And that has a couple of dimensions to it.
The first is the more obvious of the two. Reusing passwords across accounts can lead to identity theft and fraud. Say a hacker gets a hold of a password on the dark web or directly through a data breach. If it’s reused across accounts, all those accounts could get compromised. The same is largely true of passwords that have little variation between them. When not unique, a hacker can figure out the variation with relatively little effort.
The second is a bit more subtle. Sharing passwords with people outside the household means those passwords get used on devices outside of the household. The question then is, are those devices secure? Do the people who own them use online protection software to keep themselves safer online? If not, those passwords could get exposed. One example — a friend logs into a streaming site on unprotected Wi-Fi. A hacker monitors the traffic, skims the password, and sells it on the dark web.
So, for several reasons, sharing passwords is not OK. And it brings up an important point about passwords in general. We have a lot of them. Yet each one must be secure.
So, we’ve mentioned some of the security risks around passwords. Primary among them, weak and reused passwords.
It’s no wonder people go the route of easy-to-remember passwords they use again and again. According to Pew Research, American adults feel overwhelmed by the number of passwords they have to keep track of. Depending on the age group, that feeling ranges from 61% to 74%.[ii]
That sense of overwhelm takes shape in another interesting way. Increasingly, people are doing something about it. Faced with creating strong and unique passwords, more people let a password manager do the work for them. In 2019, only 20% of Americans surveyed said they used one. In 2023, that number leapt up to 32%.[iii] A solid 12% rise that now covers nearly a third of all Americans.
So, for anyone bogged down by passwords, a password manager offers an excellent solution.
And a safe one at that.
A password manager like ours helps you protect your accounts from hackers by securely creating and storing strong and unique passwords. The very kind of passwords that hackers hate. While you’re online, it auto-fills your info for faster logins. Best of all, you only have to remember a single password.
Don’t.
For one, sharing passwords might break the terms of use for the app, service, or site in question. Next, it can bring security issues with it as multiple people use it on multiple devices — ones that might or might not be secure.
On a related note, re-using passwords across several accounts increases your risk of getting hacked even more. Whether they’re weak and memorable or variations on a common theme, passwords like these make life easier for hackers.
As always, each of your accounts calls for a strong and unique password. And if you’re like the many who have dozens and dozens of accounts, a password manager can make that easy. And highly secure, too.
[i] https://www.thezebra.com/resources/home/dangers-of-sharing-passwords/
[ii] https://www.pewresearch.org/internet/2023/10/18/how-americans-protect-their-online-data/
[iii] Ibid.
The post Do You Share Passwords with Friends and Family? appeared first on McAfee Blog.
When it comes to passwords, most of us would love nothing more than to set it and forget it. But that’s exactly what hackers are hoping for — in fact, it makes their job a lot easier. This means the best line of defense is frequent password changes.
But how often should you create new passwords? Cybersecurity experts recommend changing your password every three months. There may even be situations where you should change your password immediately, especially if a cybercriminal has access to your account.
This article explores those exact situations and covers some of the best password practices you can use to help safeguard these important combinations of letters and numbers.
A good password can make it more difficult for hackers to access your accounts. But what exactly makes a strong password? Here are a few criteria.
A cybercriminal may use a variety of strategies to access your passwords. Here are some of their most common tactics.
When it comes to keeping your data secure, password complexity is just the beginning. Here are a few key steps for keeping your passwords safe.
With McAfee, you can continue enjoying the internet the way it was intended — free from hackers.
The post Everything You Need to Know to Keep Your Passwords Secure appeared first on McAfee Blog.
What is our real job as parents? Is it to ensure our kids get good grades? – Maybe. Or is it ensuring we can give them the latest and greatest clothing and devices? Mmmm, not really. When all is said and done, I believe our real job is to keep our kids safe, teach them to be independent, and set them up for success – both online and offline.
As first-generation digital parents, many of us are learning on the job. While we can still glean advice from our own parents on dealing with our teenager’s hormones and driving challenges, there’s no intergenerational wisdom for anything digital. So, it is inevitable that many of us parents feel unsure about how and why to be proactive about online safety.
With four grown boys, 12 nieces and nephews, and almost 13 years in this job talking to families about online safety, I’ve developed a pretty good understanding of how families want to live their lives online, their biggest concerns, and how they value safety and security. Here’s what I’ve learnt:
I’ve often dreamt about wrapping my boys in cotton wool and keeping them away from the real world. But unfortunately, that’s not how it works. The internet definitely has some hugely positive features for teens and tweens but there are some challenges too. Here is what parents are most concerned about:
1. Social Media
Without a doubt, tween and teen social media usage would currently be the biggest concern for most parents. In Australia, there is currently a move to delay children using social media to 16. The Prime Minister is a fan as are many state and territory leaders. There’s no doubt parents are concerned about the impact social media is having on their children’s mental health. Whether dealing with followers, friends, or FOMO (fear of missing out), harassment, or exposure to unhelpful, or even dangerous influencers, parents are worried and often feel helpless about how best to help their kids.
2. Bullying
Parents have every right to be concerned. Cyberbullying does happen. In fact, 1 child in 3 reports being the victim of cyberbullying according to a UNICEF study. And in a study conducted by McAfee in 2022 that does a deep dive into the various types of bullying, there’s no doubt that the problem is still very much a reality.
3. Inappropriate Content
There really isn’t anything you can’t find online. And therein lies the problem. With just a few clicks, a curious, unsupervised 10-year-old could access images and information that would be wildly inappropriate and potentially traumatic. And yes, I’m talking sex, drugs and rock and roll themes! There are things online that little, inexperienced eyes are just not ready for – I am not even sure I am either, to be honest!
4. Screen Time
While I think many parents still find the word screen time a little triggering, I think some parents now realise that not all screen time ‘was created equally’. It’s more about the quality and potential benefit of screen time as opposed to the actual time spent on the screen. For example, playing an interactive, good quality science game as opposed to scrolling on Instagram – clearly the game wins!
However, parents are still very concerned that screen time doesn’t dominate their kids’ lives and adversely affects their kids’ levels of physical activity, face-to-face time with family and friends, and their ability to sleep.
While there is no silver bullet here, being proactive about your family’s online security is THE best way of protecting your family members, minimising the risk of unpleasant interactions, and setting them up for a positive online experience. And it will also reduce your stress big time – so it’s a complete no-brainer!!
Here are 5 things you can kick off today that will have a profound impact on your family’s online security:
1. Talk, talk, talk!!
Yes, that’s right – simply talk! Engaging with your kids about their online lives – what they like to do, sites and apps they use and any concerns they have is one of the best ways to keep them safe. As is sharing your own stories. If your kids know that you understand the digital world, they will be far more likely to come to you if they experience any issues at all. And that’s exactly what we want!!
2. Parental Controls and Monitoring
Parental controls can work really well alongside a proactive educational approach to online safety. As well as teaching kids healthy digital habits, they can also help parents monitor usage, set limits, and even keep tabs on their kids’ whereabouts. Gold!! Check out more details here.
3. Social Media Safety
Undertake an audit of all family member’s privacy settings to ensure that are set to the highest level. This will ensure only trusted people can view and interact with your kids’ profiles. Also, remind your kids not to overshare as it could lead to their identities being stolen. And check out McAfee’s Social Privacy Manager which can help you manage more than 100 privacy settings on social media accounts in seconds.
4. Make a Plan In Case of Aggressive Behaviour
As a cup-half-full type, I’m not a fan of negativity but I am a fan of plans. So, I do recommend creating an action plan for your kids in case they encounter something tricky online, in particular bullying or aggressive behaviour. I recommend you tell them to take screenshots, disengage, tell someone they trust (ideally you), and report the behaviour to the relevant social media platform or app. In some cases, you could involve your child’s school however this obviously depends on the perpetrator.
5. Passwords please!
I know you have probably heard it before, but password management is such a powerful way of staying safe online. In an ideal world, every online account should have its own unique password. Why? Well, if your logins get stolen in a data breach then the cybercriminals will not be able to reuse them to log into any of your other accounts.
And while you’re at it, ensure all passwords are at least 8-10 characters long, and contain random symbols, numbers and both upper and lowercase letters. If all is too hard, simply engage a password manager that will both generate and remember all the passwords for you. What a relief!
And of course, it goes without saying that a big part of being safe online is having super-duper internet protection software that will give you (and your family members) the best chance of a safe and secure online experience. McAfee+’s family plans not only give you a secure VPN, 24/7 identity and financial monitoring and alerts but AI-powered text scam detection and advanced anti-virus that will protect each of your family members from fake texts, risky links, viruses, malware and more. Sounds like a plan to me!!
Till next time
Stay safe everyone!
Alex
The post What Security Means to Families appeared first on McAfee Blog.
Kids engage online far differently than adults. Between group chats, social apps, and keeping up with digital trends, their interests, and attention spans constantly shift, which means online privacy concerns get sidelined. Here are a few ways to move online privacy center stage.
Few things will put kids to sleep faster than talking with parents about online stuff like privacy. So, flip the script. Talk about the things they love online—shopping, TikTok, and group chats. Why? Because all that daily fun could come to a screeching halt should a bad actor get a hold of your child’s data. Establishing strong digital habits allows your child to protect what they enjoy including their Venmo account, video games, and midnight chatting. Doing simple things such as maximizing privacy settings on social networks, limiting their social circles to known friends, and refraining from oversharing, can dramatically improve digital privacy.
We say it often: The best way to keep your kids safe online is by nurturing a strong relationship with them. A healthy parent-child connection is at the heart of raising kids who can make good choices online. Connect with your child daily. Talk about what’s important to them. Listen. Ask them to show you their favorite apps. Soon, you’ll discover details about their online life and gain the trust you need to discuss difficult topics down the road.
According to the latest Data Breach Investigations Report (DBIR), which examined the state of cybersecurity in 2023, some 68% of global breaches, regardless of whether they included a third party or not, involved a non-malicious human action, such as a person making an error or becoming a victim of a social engineering attack. For that reason, consider putting an extra layer of protection between your family and cyberspace. A few ways to do that:
A good digital offense is the best way to guard yourself and your family against those out to misuse your data. Offensive tactics and habits include using strong passwords, maximizing privacy settings on social networks, using a VPN, and boosting security on the many IoT devices throughout your home.
Get in the habit of deep cleaning your technology and bring your kids into the routine. Here’s how:
It’s hard to slow down and get serious about online privacy if you’ve never experienced a breach or online theft of some kind. However, chances are, the dark side of online living will impact your family before long. Ready to go deeper? Dig into these cybersecurity tips for every age and stage.
The post How to Get Kids Focused on Their Online Privacy appeared first on McAfee Blog.
Falling in love in the internet age is a whole different ball game to the social-media-free ’70s, ’80s and ’90s. Awkward calls on the home phone, sending cards in the mail, and making mixtapes were all key relationship milestones back in the days of roller skates. But fast forward to the new millennium and dating is a whole different sport.
No longer are teens relying on their friends and family for introductions to new love interests, it’s all doable online thanks to the plethora of available dating apps and social media platforms. So it’s no surprise that research confirms that meeting online has officially displaced the traditional ways romantic partnerships were formed.
But how does it actually work? How do teens really connect online? Is it just about the dating apps? What about Instagram? Don’t they also use messaging apps to meet? And what does ‘benching’ and ‘beta-testing’ mean?
Ah, yes I know it can feel overwhelming but don’t stress – I got you! I’ve put together all the key information you need to know if you have kids who are starting their online dating journey.
When many of us think about online dating, we think about the major dating apps like Tinder and Bumble however that’s actually not where it all happens. In fact, many teens inform me that it really is all about Instagram, Snapchat, and increasingly, TikTok. I am reliably informed that these social media platforms give you a more authentic understanding of someone – great! But, in my opinion, there are potential safety issues with using social media to attract a mate. Particularly, if you have a young, inexperienced teen on your hands.
In order for people to be able to follow you on these platforms (and send you messages), you need to have your profile set to public. So, if you have a young, naïve teen who has their social media accounts set to public to ramp up their love life, then I consider this to be a safety concern. They can receive messages from anyone which is not ideal.
In 2024, chances are your teens will not meet a potential mate in real life (IRL) – it all happens online. But even on the rare chance they do first meet in person, or they eyeball someone they fancy across the school playground, the relationship will develop online. That’s where the magic happens!
So instead of multiple landline telephone calls to friends to ‘suss out’ their crush, they spend multiple hours researching their crush online. They’ll check out and dissect their photos and posts, find all their social media accounts, and then, depending on their level of courage, they may follow all their accounts. Colloquially, this is often referred to as ‘social media stalking’.
Once they’ve built up the courage, teens may start liking the posts of their crush. Some may even go back over old social media posts and photos from several years back to demonstrate their level of interest. This is known as ‘deepliking’. Some teens think this is an effective strategy, others consider this to be off-putting – each to their own!! But the goal here is to put yourself on the radar of your crush.
Now, once the ‘likes’ have gathered some momentum, the teen may decide it’s time to ‘slide into their crush’s DM’s’. Ah – there’s that expression. All it really means is that your teen will send a direct message to their love interest – usually on a social media app such as Instagram or TikTok.
But they may not even need to ‘slide into the DM’s’. I am reliably informed that if you like a few posts of a potential love interest and then, they like a few of yours, you’re flirting and there’s definitely a spark!! The love interest may then just be the one initiating interest.
Now, if there is a spark and the crush has replied, the next phase is messaging – and a lot of it! Potentially 1000’s of messages. I have first-hand experience of paying a telephone bill for someone (no names) who was super smitten with a girl in the days before unlimited data. All I can say is ouch!!!
Now this messaging may take place on a social media app, a messaging app such as WhatsApp, Messenger, or even via text. Or possibly even a combination of them all!! The key here is to keep the messaging going to suss out whether there is a vibe!
But the messaging stage is where it can get messy and confusing. It’s not unusual for teens to be messaging with several potential love interests at once – essentially keeping their options open. Some refer to this as ‘beta-testing’, I would refer to it as disrespectful and probably exhausting – but hey, I’m old school! But this is often a reality for many teens, and it can be quite demoralising to feel like you’re being ‘managed’.
Now, this is a big moment. When your teen and their crush have decided they are exclusive and officially a thing, the next step is to let the world know and make it official. So, they may choose to update their status on their social media platforms to ‘in a relationship’. But if they are after a softer launch, they may simply post a pic of each other, or even together.
Believe it or not, some teens may never actually meet in real life (IRL) but still be in a relationship. If this is the case then it’s more likely that sexting will be part of the relationship. Research shows that 1 in 3 Aussie teens (aged 14 to 17) have some experience with sexting ie sending, receiving, being asked, and asking for nude pics however I think in reality, it is likely more – not everyone answers surveys honestly!
So, yes sexting does happen and while I wish it just didn’t, we can’t put our heads in the sand. So, I encourage all parents to remind their kids that once they send an image they lose control of it, that not all relationships last forever, and that they should never be coerced into doing something they are not comfortable with. Stay tuned for further posts with more sexting tips!
At the risk of being a cynic, chances are your child’s teen relationships will probably not last a lifetime. So, how do you break up when you’re a digital native?
Well, before the break-up phase, ‘benching’ can occur. This happens when one partner no longer wants to meet up with the other in person. It may also be the moment when your teen’s messages are no longer returned – this is called LOR – left on read. Most of us would call this ghosting. But regardless of what you call it, it’s not a nice feeling.
Call me old fashioned but I am a big fan of breaking up with your love in person and my boys know that. Tapering off contact or telling someone that the relationship is over via text is disrespectful, in my opinion.
Helping kids through heartache is tough – I’ve been there!! If your teen is finding life post-relationship hard, why don’t you suggest they delete their social media apps for a week or 2? It’s hard to move on from someone when you are still receiving messages and/or seeing their notifications. It may even be worth unfriending or unfollowing the ex as well.
So, even though the landscape has changed, and the mixtapes have gone, please don’t forget that dating and romance can be super tricky when you are a teen. Not only are you dealing with matters of the heart but in the world’s biggest public forum – the internet. So be kind, gentle, and supportive! And be grateful for the simplicity of the ’70s, ’80s and ’90s.
Alex xx
The post How Teens Date in the Digital Age appeared first on McAfee Blog.
I often joke about how I wish I could wrap up my kids in cotton wool to protect them from all the challenges of the real world. When they were little, I would have loved to protect them from some of the trickier kids in the playground. But as they got older, it was all about the internet and of course, alcohol, drugs and fast cars!
Unfortunately, I don’t have solutions for all of the above parenting challenges but with over 12 years of experience as Cybermum, I know a thing or two about keeping kids safe online.
The CEOs of the world’s largest social media platforms were recently summoned to a Senate Judicial Committee hearing in Washington. The Kids Online Safety Act (KOSA) is still being heavily debated and representatives from Meta, Discord, TikTok, Snap and X, the company formerly known as Twitter, were invited to participate in the hearing. Designed to regulate social media and better protect children, the proposed bill has a lot of support but there is still a way to go before it takes its final shape and potentially becomes law.
In my opinion, there’s no question that governments worldwide need to play a bigger, more vocal role in this arena and insist on better protections for all social media users, particularly our kids. In 2019, Australia passed its own Online Safety Act and the UK did the same in 2023 with its Online Safety Law. And while these are all very important steps forward, I honestly believe that the role families play in teaching their kids about online safety is even more important.
I totally understand that teaching kids about online safety can just feel like another task on a never-ending to-do list. I’ve been there! But think of it like this. Haven’t you been talking to your kids about sun safety and road safety along the way? You know, dropping in little reminders and tips as you drop them at school or pick them up from a play date? Well, this is how you need to think about online safety. Focus on breaking it down into little chunks so it doesn’t feel hard.
Now that we have our mindset sorted, let me share my top tips for helping your kids stay safe while they are online.
As soon as your kids can pick up a device, your conversations about online safety need to start. Yes, I know it might seem ridiculous, but it is THE best way to help ‘mould and shape’ your offspring’s mind in a cyber-safe way. If your 2-year-old likes to play games on your iPad, it could be as simple as:
And when your kids get older, weave in more age-appropriate messages, such as:
Spending time online with your child from an early age is another great way of helping them understand the difference between good and bad content. And modelling good digital citizenship while you are online with your kids will help ‘mould and shape’ their understanding of how to interact safely and positively.
I’m a big fan of ensuring kids have clarity on boundaries and expectations, particularly when it comes to all things online. Your easiest fix here? A family technology agreement. I love a family technology agreement because it can be tailored to your kids, their ages and maturity levels. Check out my previous blog post on how to develop one for your family here. One final piece of advice here – don’t start introducing tech contracts during a family blow up. Please wait till everyone is calm otherwise I can assure you, you’ll encounter resistance from some family members!
There are a few key fundamental basics that I think every child needs to know to keep themselves safe online. Here are my top 5:
I would also include these basics in your family technology contract.
As your kids get older, it becomes harder to monitor their every move online. Yes, you can create bookmarks with ‘approved’ sites and install parental controls however it is inevitable that there will be an opportunity for unsupervised internet usage. But if you have helped your kids develop critical thinking skills then it is far more likely that they will be able to navigate the internet is a safe and responsible way.
Where to start? Always encourage a healthy scepticism and encourage them to not accept that everything they read online is true. When it is age-appropriate, help them to identify reliable sources, spot less reliable websites, and question the underlying purpose of the information that has been shared.
Taking some time to understand how your child spends their time online is the best way of truly understanding the risks and challenges they face. And when you understand the risks they face, you can help them prepare for them. So, join ALL the social media platforms your kids are on, play their games and download their messaging apps. Not only will you develop a better understanding of how to manage the privacy settings on each of the platforms, but the often very specific language used and the online culture can often form a big part of your child’s life. And the best part – if they know you understand their world, you will develop a little ‘tech cred’ which means that they will be more likely to come to you with any issues or problems that may face online. Awesome!
A set of good-quality parental controls can be a wonderful addition to any digital parenting toolkit. Many will allow you to filter the content your child sees, block certain websites, and even track your child’s browsing history and location. But please remember, no parental controls will ever replace an invested parent! Check out McAfee’s website for more information.
Now, I know that might feel like a lot but please don’t stress. Simply chunk it down and give yourself a new task every week such as joining a new social media platform or playing your child’s favourite online game. The most important thing to remember is to keep talking to your kids. Why not start the conversation by asking them for advice or, sharing something you saw online? Remember, your goal here is to get yourself some tech cred! Good luck!!
Alex xx
The post How to Keep Your Kids Safe Online appeared first on McAfee Blog.
Summer vacations are a time for families to relax, unwind, and create lasting memories together. Whether you’re heading to the beach, embarking on a road trip, or exploring new destinations, it’s important to prioritize the online safety of your loved ones. However, our Safer Summer Holidays Travel Report found that almost half (48%) of travelers admitted to being less security conscious when on holiday, such as by choosing to connect to Wi-Fi networks even though they look a bit suspicious (22%).
With the increasing prevalence of online threats and the growing reliance on technology, taking proactive steps to protect your family’s digital well-being is more crucial than ever. Here are some actionable tips to ensure a safe and enjoyable online experience during your summer adventures.
Teach your children about the importance of practicing safe online behavior and what safer online habits are. Explain the risks of sharing personal information online, interacting with strangers, and clicking suspicious links or attachments. Talk about the concept of “phishing” and how to recognize suspicious links or messages. Encourage open communication and make sure your children feel comfortable coming to you if they encounter any concerning or questionable content online.
When connecting to the internet while on vacation, be cautious about the Wi-Fi networks you use. Public Wi-Fi networks, such as those found in hotels, airports, and cafes, may not be secure and could expose your family to cyber threats like hacking and identity theft. That’s because they are often a missing layer of protection called encryption. Encryption acts like a secret code, scrambling the data as it travels from your device to the Wi-Fi router, so nobody else can understand it. Without this protection, hackers can easily sneak in and read the information you’re sending over the Wi-Fi network, putting your privacy and security at risk. If you do need to connect to a public Wi-Fi network, use a virtual private network (VPN) to encrypt your internet connection and protect sensitive data from prying eyes.
When traveling, it is essential to be cautious of certain payment methods, especially when dealing with vacation rentals, tours, or travel packages. Scammers often insist on wire transfers, gift cards, or cryptocurrency as the only acceptable forms of payment for accommodations. These payment methods are untraceable and nearly impossible to recover once sent. Exercise skepticism and avoid any requests for payment through these channels, as they are typically red flags indicating fraudulent activity. Instead, opt for secure and traceable payment methods, such as credit cards or reputable online payment platforms.
Take precautions to secure your devices against theft or loss while traveling. Use strong passwords or biometric authentication methods to lock your devices and prevent unauthorized access. Consider installing tracking apps or software that allow you to remotely locate, lock, or erase your devices in case they are lost or stolen. Additionally, avoid leaving your devices unattended in public places and always be vigilant of your surroundings.
While traveling, keep a close eye on your bank accounts, credit card statements, and other financial accounts. Check for unauthorized transactions or suspicious activity and immediately report any discrepancies to your financial institution. Consider enabling alerts or notifications on your accounts to receive real-time updates on account activity and detect any signs of fraud or unauthorized access.
Before you leave for vacation, ensure all devices within the family have the latest software updates. Cybercriminals often exploit vulnerabilities in outdated software to gain access to devices and steal sensitive information. Updates not only improve performance but also fix any security vulnerabilities that cybercriminals could exploit to gain unauthorized access to your devices and potentially compromise your sensitive information.
Before you embark on your vacation, take the time to set up parental controls on all your devices. Vacations might involve more downtime or long journeys, leading to increased screen time for children. Parental control features can allow you to restrict access to certain websites, apps, and content, allowing you to more effectively ensure that kids stay safe and engage with only appropriate content. Use these tools to create a safe online environment for your children and prevent them from stumbling upon inappropriate or harmful content. Our Social Privacy Manager can also help protect your child’s social media visibility and data.
With McAfee+ Family plans, you can safeguard up to 6 family members under one subscription with each member receiving individualized identity and privacy protection, secure VPN, and personalized notifications offering guidance on enhancing their online security. Rest assured, each family member can connect with confidence, knowing their personal information, online privacy, and devices are all securely protected.
Following these family-friendly cybersecurity tips, you can enjoy a safe and secure online experience during your summer vacations. Taking proactive steps to protect against cyber threats can help ensure peace of mind, knowing that your family’s online safety is safeguarded wherever your summer adventures may take you.
The post Family-Friendly Online Safety Tips for Summer Vacations appeared first on McAfee Blog.
Summer is synonymous with vacations, a time when families pack their bags, grab their sunscreen, and embark on exciting adventures. In the digital age, smartphones have become an indispensable part of our lives, serving as cameras, maps, entertainment hubs, and communication tools. While these devices enhance our travel experiences, they also become prime targets for theft or damage while we’re away from home. From keeping us connected with family and friends, assisting in navigation, capturing moments, to even helping us with language translation – it is a device of many conveniences. However, when you bring your smartphone while vacationing, like any other valuable item, it becomes a target for theft and damage. Not to mention the potential for high roaming charges.
Don’t let the fear of losing or damaging your valuable devices dampen your vacation spirit! By taking some simple precautions and implementing effective strategies, you can ensure that your family’s smartphones remain safe and secure throughout your travels. In this blog post, we’ll share essential tips and tricks for safeguarding your devices, so you can focus on creating unforgettable memories without any tech-related worries. This article will provide you with tips on how to protect your family’s smartphones while on vacation. We will cover strategies like enabling security settings, backing up data, checking for travel insurance policies, and utilizing helpful apps. Ensuring the safety of your devices will make your vacation more enjoyable and worry-free.
Traveling without smartphones seems almost impossible. However, having them on vacation puts them at risk. In tourist hotspots, where distractions are many, it is easy to lose or have your device stolen. Moreover, using public Wi-Fi networks can expose your smartphone to cyber attacks.
→ Dig Deeper: The Risks of Public Wi-Fi and How to Close the Security Gap
Therefore, it is vital to be proactive in securing both your smartphones and the data they contain. Not only will it save you from the high costs of replacing a lost or damaged phone, but it also prevents potential misuse of personal and financial information. Implementing even just a few of these safety measures can help ensure your family’s smartphones are well-protected during your vacation. So let’s dive into the practical steps you can take.
The first layer of protection for your phone should be a physical one. It starts with investing in a good quality, durable phone case. A waterproof case is always a good idea, especially if you’re planning on vacationing near the beach or a pool. A screen protector can also keep your screen from shattering or getting scratched. Remember, you’re more likely to drop your phone while on vacation as you juggle through maps, travel apps, and numerous photo opportunities.
Another aspect of physical protection is to be mindful of where you store your phone. Avoid leaving it in plain sight or unattended, which could invite potential thieves. Instead, carry it in a secure, zipped pocket or bag. If you’re staying at a hotel, consider using the safe to store your phone when not in use. Most importantly, be aware of your surroundings and keep your phone safely tucked away in crowded places.
McAfee Pro Tip: Activating the correct features can determine whether your personal data is lost permanently or if your device can swiftly recover. Install McAfee Mobile Security and learn more tips on what to do if your phone gets stolen on this blog.
Safeguarding your phone is not just about protecting the physical device—your personal and sensitive data deserves protection too. Before you leave for your vacation, make sure that your phone is password-protected. Optimally, use a complex password, fingerprint, or face recognition feature instead of a simple four-digit PIN. This singular step can deter any prying eyes from accessing your information if your phone is lost or stolen.
Ensure your phone’s software is up to date. Regular updates not only enhance the device’s performance but also incorporate vital security patches, fortifying its defenses against potential threats like malware. By staying vigilant and keeping your phone’s software current, you contribute to a more secure environment, minimizing the risk of unauthorized eyes accessing your valuable information in the event of a loss or theft.
Backing up your smartphone’s data before leaving for vacation can save you from a lot of stress. In case of loss, theft, or damage, having a backup ensures that you won’t lose your cherished photos, contacts, and other essential data. Most smartphones allow you to back up your data to the cloud. Make sure to do this over a safe, secure network and not on public Wi-Fi.
For Android users, Google provides an automatic backup service for things like app data, call history, and settings. You can check if this feature is enabled on your phone by going to the Google Drive App and checking in the Backups section. For iPhone users, iCloud Backup can help save most of your data and settings. To enable it, go to Settings, tap on your name, then tap iCloud and scroll down to tap iCloud Backup.
Without proper management, staying connected while abroad can result in expensive roaming charges. Before you leave, check with your mobile provider to understand the costs associated with using your phone abroad. Some providers offer international plans that you can temporarily switch to for your vacation. If your provider’s charges are too high, consider purchasing a local SIM card once you arrive at your destination or use an international data package.
Another way to avoid roaming charges is by using Wi-Fi. Most hotels, cafes, and many public spaces have free Wi-Fi available. However, again, public Wi-Fi is not always safe. So, avoid accessing sensitive information such as bank accounts, and before traveling, download maps and essential content before traveling to reduce the need for constant data usage. This is especially helpful for navigation apps. To protect your data in such situations, it’s advisable to use a Virtual Private Network (VPN).
Several apps can help protect your phone and its data during your vacation. Most smartphone operating systems offer a “Find My Phone” feature that can locate, lock, or erase your device if it is lost or stolen. Make sure this feature is enabled before you leave.
Again, antivirus apps can provide an extra layer of protection against virus and malware threats. Password manager apps can help you create and store complex, unique passwords for your accounts to enhance security.
VPN apps can protect your data from being intercepted when using public Wi-Fi networks. There are also apps that monitor your data usage and can alert you if you’re near your limit to avoid unexpected charges. Research and install these apps prior to your vacation for added security and peace of mind.
Your family’s smartphones are essential travel companions that deserve as much protection as any other valuable item during your vacation. By physically safeguarding the device, securing your data, backing up regularly, understanding roaming charges, and utilizing productive apps, you can enjoy a worry-free vacation. Remember, in the event of a mishap, having travel insurance can provide an extra layer of financial protection. So, before setting off, review your policy and check if it covers lost or stolen devices. In the end, preparation is key, so take the time to implement these safety measures and enjoy your vacation with peace of mind.
Above and beyond security settings and software, there’s you. Get in the habit of talking with your child for a sense of what they’re doing online. As a mom, I like to ask them about their favorite games, share some funny TikTok clips or cute photos with them, and generally make it a point to be a part of their digital lives. It’s great, because it gives you peace of mind knowing what types of things they are doing or interactions they are having online.
For those of you hitting the road in the coming weeks, enjoy your travels, wherever they take you!
The post How To Protect Your Family’s Smartphones While on Vacation appeared first on McAfee Blog.
My mother recently turned 80, so of course a large celebration was in order. With 100 plus guests, entertainment, and catering to organise, the best way for me to keep everyone updated (and share tasks) was to use Google Docs. Gee, it worked well. My updates could immediately be seen by everyone, the family could access it from all the devices, and it was free to use! No wonder Google has a monopoly on drive and document sharing.
But here’s the thing – hackers know just how much both individuals and businesses have embraced Google products. So, it makes complete sense that they use reputable companies such as Google to devise phishing emails that are designed to extract our personal information. In fact, the Google Docs phishing scam was widely regarded as one of the most successful personal data extraction scams to date. They know that billions of people worldwide use Google so an invitation to click a link and view a document does not seem like an unreasonable email to receive. But it caused so much grief for so many people.
Emails designed to trick you into sharing your personal information are a scammer’s bread and butter. This is essentially what phishing is. It is by far the most successful tool they use to get their hands on your personal data and access your email.
‘But why do they want my email logins?’ – I hear you ask. Well, email accounts are what every scammer dreams of – they are a treasure trove of personally identifiable material that they can either steal or exploit. They could also use your email to launch a wide range of malicious activities from spamming and spoofing to spear phishing. Complicated terms, I know but in essence these are different types of phishing strategies. So, you can see why they are keen!!
But successful phishing emails usually share a few criteria which is important to know. Firstly, the email looks like it has been sent from a legitimate company e.g. Microsoft, Amex, or Google. Secondly, the email has a strong ‘call to action’ e.g. ‘your password has been changed, if this is not the case, please click here’. And thirdly, the email does not seem too out of place or random from the potential victim’s perspective.
Despite the fact that scammers are savvy tricksters, there are steps you can take to maximise the chances your email remains locked away from their prying eyes. Here’s what I suggest:
Never respond to an unexpected email or website that asks you for personal information or your login details no matter how professional it looks. If you have any doubts, always contact the company directly to verify.
Make sure you have super-duper internet security software that includes all the bells and whistles. Not only does internet security software McAfee+ include protection for daily browsing but it also has a password manager, a VPN, and a social privacy manager that will lock down your privacy settings on your social media accounts. A complete no-brainer!
Avoid using public Wi-Fi to log into your email from public places. It takes very little effort for a hacker to position themselves between you and the connection point. So, it’s entirely possible for them to be in receipt of all your private information and logins which clearly you don’t want. If you really need to use it, invest in a Virtual Private Network (VPN) which will ensure everything you share via Wi-Fi will be encrypted. Your McAfee+ subscription includes a VPN.
Public computers should also be avoided even just to ‘check your email’. Not only is there a greater chance of spyware on untrusted computers but some of them sport key-logging programs which can both monitor and record the keys you strike on the keyboard – a great way of finding out your password!
Ensuring each of your online accounts has its own unique, strong, and complex password is one of the best ways of keeping hackers out of your life. I always suggest at least 10-12 characters with a combination of upper and lower case letters, symbols, and numbers. A crazy nonsensical sentence is a great option here but better still is a password manager that will remember and generate passwords that no human could! A password manager is also part of your McAfee+ online security pack.
Even if you have taken all the necessary steps to protect your email from hackers, there is the chance that your email logins may be leaked in a data breach. A data breach happens when a company’s data is accessed by scammers and customers’ personal information is stolen. You may remember the Optus, Medibank and Latitude hacks of 2022/23?
If you have had your personal information stolen, please be assured that there are steps you can take to remedy this. The key is to act fast. Check out my recent blog post here for everything you need to know.
So, next time you’re organising a big gathering don’t hesitate to use Google Docs to plan or Microsoft Teams to host your planning meetings. While the thought of being hacked might make you want to withdraw, please don’t. Instead, cultivate a questioning mindset in both yourself and your kids, and always have a healthy amount of suspicion when going about your online life. You’ve got this!!
Till next time,
Stay safe!
Alex
The post How To Prevent Your Emails From Being Hacked appeared first on McAfee Blog.
How do you manage your Facebook friends? Do you keep your list really tight and only include ‘active’ pals? Or do you accept everyone you’ve ever laid eyes on? I’m probably somewhere in between. But… if I have never had a personal conversation with them or ‘eyeballed’ them in the flesh, then they are not on my friend list!
On the average week, I usually receive a few friend requests. Some are from people who I may have just met or reconnected with when I’ve been out and about – lovely and totally acceptable! But I do also receive requests from people whom I have never met and then, even more bizarrely – requests from people who I am already friends with. Weird, yes, I agree! Now, my gut (and experience) tells me that these are fake accounts. Why? Well, I have never eyeballed any of these ‘new friends’ and, to top it off they have very little personal info on their profiles so that’s suspicious! And the requests from friends I already have? Well, unless I have heard directly from a friend that they are setting up a new Facebook account (very rare), these are likely fake accounts that scammers have set up to try and lure people known to the account holder to share private information. I recently mentioned my Facebook friend situation to my 20-year-old son who informed me he gets about 10 a week!
And while it can be annoying being harassed by randoms – as my kids would say – the issue is far bigger than that. Fake Facebook accounts are usually designed by clever cyber criminals who are trying to extract personal information from unsuspecting naive types – often kids and less tech-savvy types. And why do they want our personal information? It allows them to put together a profile that they can use to steal our identity so they can apply for loans, mobile phone plans, etc – but we’ll get to that later.
According to reports, Facebook deleted a whopping 27.67 billion fake accounts between October 2017 and mid 2023 – which is 3.5 times more than the total population of the entire planet! In early 2023, Facebook estimated that fake accounts represent approximately 4-5% of all active monthly users. Now, as of late 2023, there are over 3 billion active Facebook users which means there are around 150 million fake Facebook accounts. So, it’s highly likely that you (and your kids) will have been affected.
Experts believe that fake accounts fall into two categories, being operated either by a bot (aka web robot) or by an ill-intentioned human. But irrespective of type, there are several warning signs that an account is fake. If the account in question displays any of these signs, then avoid it at all costs:
Beauty
Bots and scammers will use beauty to lure in ‘friends’ and will often feature a pic of a gorgeously attractive girl or handsome guy on their pages. Why? We are only human – an enticing photo dramatically increases the chance of having a friend request accepted.
But remember, ‘real people’ aren’t flawless and perfectly formed. But if you still aren’t sure, why not use Google Image search to verify the pic? As soon as you upload it to Google, you’ll quickly find if there is someone else that belongs to that image.
However, AI image generators are also making this a little more complicated. These easy-to-use tools make it super easy for scammers to create alluring vaguely realistic images within minutes. And as these images are new, it’s very hard to find any data about the image making it harder to identify that the photo is not of a real person. All the scammer needs to do is provide 3 or more photos and the tool quickly generates an often appealing. So, please lock down your personal social media platforms so that cyber hackers can’t get their hands on your pics!
Not Many Pics But Too Many/Not Enough Friends
Bots and scammers tend not to post lots of photos. Their aim is to use minimum effort to create the illusion that a real person is behind the account, so they don’t bother too much with fleshing out a personal life.
But often, they will put a lot of effort into developing a fake friend list. This is always worth looking at. ‘Real’ Facebook users will usually have between 200 and 350 friends, so if the account in question has just a handful of friends, or instead several thousand then proceed with caution!
Weird (or No) Bio Information
If the biography information on the account seems fanciful or just plain unrealistic, then it’s likely not to be a legitimate account. I recently received a request from a US marine who had fought in every recent war, was a professional athlete, and had visited 30-plus countries in the last year! This fanciful detail had my alarm bells ringing and a reverse image search proved just that!
A lack of information in the About section is another red flag. ‘Real people’ usually like to enter their accomplishments and the schools/universities they attended in detail so they can connect more easily with old friends.
Sometimes scammers might attempt to flesh out this section by simply repeating a theme or city. For example: Works in Sydney, went to The University of Sydney, Lives in Sydney. And while it’s not a crime to work, live and study in Sydney – I did! – this coupled with an alluring picture and no friends does start to make you question the validity of the profile.
The Account Doesn’t Message
Bots can easily accept friend requests but can’t respond to messages. So, if you are unsure this is a great little test – just send a message and see what you get back!
Blank Wall
Blank walls are a dead giveaway for a fake account. If your possible ‘new friend’ has either no activity or just a few likes – then be suspicious!
The Account Name Doesn’t Match the URL
If the account name and URL don’t match then this is another red flag. When a genuine person’s Facebook account is hacked, a scammer (or new owner) may change the name on the account to better suit their new intentions. It’s important to note that stolen Facebook accounts can be bought and sold. For example, an account could be taken over by a scammer and then sold to someone who wants to become an influencer. The new owner, the influencer, has no need for the previous identity but simply wants the legitimacy (and friend list) of an established account.
As mentioned earlier, cyber hackers (or scammers) create fake Facebook accounts with the aim of trying to friend people and get access to their personal information. Identity theft is their motivation. They can profit from this private information by personally taking out loans or credit cards in someone else’s name. Or – and this is more likely – they on-sell the information so others can do so.
But fake Facebook accounts can also be created just to make money. Buying and selling Facebook fans is a multimillion-dollar business, as both companies and individuals pay big money to get fans and likes on their pages. And with the software to create these fake Facebook pages costing no more than $200, you can see how easily profits can be made.
What To Do If You Are Sure A Facebook Account Is Fake
Lastly, do NOT insist your kids delete their Facebook accounts because of the threat of fake accounts. Managing fake accounts is just part of living in our digital world. Our job is to teach our kids how to think critically so they can navigate the challenges of being online. Our biggest job as parents of digital natives is to teach them how to assess risks and navigate the challenges and obstacles. Whoever thought discussing a fake Facebook account could have so many benefits!
Take care.
Alex xx
The post How To Spot A Fake Facebook Account appeared first on McAfee Blog.
Got any ‘rizz’? Did you ‘slay’ that dinner? Is the ‘cozzie livs’ stressing you out?
If you do not comprehendo, then you wouldn’t be alone. As a mum of 4, I can attest that understanding teenage slang can be quite the feat – as soon as you finally understand a few terms, there’s more! And while you don’t want to seem too intrusive (or uncool) and constantly ask your kids to translate, you probably want to keep a handle on what’s going on – in case you need to get involved!!
Where Does Slang Come From and Why Do We Use It?
Nothing ever stays the same and that includes language. Slang happens when we shorten words. Think fab instead of fabulous; or when we combine words think chill and relax = chillax. It can also ‘evolve’ when we give words new, unexpected meanings eg cheugy – a term to often describe older generations when they make an effort but fail – harsh!!
And more often than not, words that end up becoming slang will become part of our everyday language. Did you know that the word ‘mad’ was in fact a slang word for angry that became popular around 100 years ago?
Emily Brewster, senior editor at Merriam Webster Dictionary believes that ‘slang can be used to have a special form of communication with a subset of people.’ And ‘by using words that are only understood by the small group of people there’s an intimacy that can develop.’ So, really it’s a type of bonding tool!!
What Slang Do You Need To Know Now
While slang can sometimes be geographic based, the rise of platforms like TikTok have meant that its far more universal than it was in pre-social media days. So, if you’re keen to know the top words your kids are using so you ensure all is well, then here’s your go-to guide with the top 20 slang words. Apologies in advance for the potentially lewd references!!
1. Addy – address
‘Can you send me your addy? I’ll be there soon.’
2. Based – when you agree with something; or when you want to recognize someone for being themselves
‘You’re going to that party? Based.’
3. Ate that – to successfully achieve something
‘I love that dress. You totally ate that look’ (the dress looked great on you)
4. Basic – average
A word to describe someone who is predictable or bland. It’s an insult.
5. Cappin – lying
‘He’s so cappin’ (he is so not telling the truth)
6. Cheugy – basic, out of date or trying too hard
‘My older brother still wears his uggs, that’s so cheugy!’
7. Cozzie Livs – the cost of living crises
An Australian slang expression that was nominated as Macquarie Dictionary’s word of the year in 2023.
‘I can’t go out tonight. Especially with the cozzie livs and all that jazz.’
8. Ded – so funny or embarrassing!
‘OMG. That pic has me ded’
9. Delulu – a short-hand term for delusional. It’s often used to describe someone in a humorous way who chooses to reject reality in favour of a more interesting interpretation of events.
‘She’s so delulu. She thinks she’s going to marry the lead actor in her favourite movie.’
10. Gas Up – to encourage or hype someone up.
‘My sister was feeling down so I gassed her up and reminded her just how great she is.’
11. Low key – The opposite of high key, it can mean slightly, occasionally, or even secretly.
‘I low key want a Poke bowl right now!’
12. High key – the opposite of ‘low key’. The term is used to when you really like something like something or want to emphasise it.
‘I high key love that brand’ (you’re a fan!)
13. IFKKYK – if you know you know.
It means if you weren’t there, you wouldn’t know. It could also refer to an inside joke.
‘Last night’s concert was amazing! IFKKYK’
14. No Cap – a term to emphasise that you’re not lying. A modern way of saying ‘I swear’
‘I saw him take the last biscuit. No cap’
15. Pop Off – when someone is doing well – often used in gaming.
‘Look at Ninja (streamer). He’s popping off on Fortnight’
16. Rizz – charisma. It can also describe one’s ability to attract a partner.
‘She’s got rizz!’
17. Roman Empire – something you love and think about all the time.
‘Visiting Paris is my Roman Empire’ or ‘America Ferrera’s Barbie monologue is my Roman Empire.’
18. Salty – annoyed or upset.
‘I don’t know why he is so salty’.
19. Simp – someone who tries too hard or goes above and beyond to impress the person they like.
‘He got her a ring after four dates. He’s such a simp!’
20. Slay – to do something exceedingly well.
‘He slayed that performance’.
So, next time your teen drops a phrase or acronym they think you can’t decipher, you will have NP (no problem) understanding what’s happening in your kids’ lives and absolutely no FOMO (fear of missing out)!
Good luck!!
Alex x
The post Teen Slang – What You Need To Know To Understand Your Teen appeared first on McAfee Blog.
AI scams are becoming increasingly common. With the rise of artificial intelligence and technology, fraudulent activity is becoming more sophisticated and sophisticated. As a result, it is becoming increasingly important for families to be aware of the dangers posed by AI scams and to take steps to protect themselves.
By taking these steps, you can help protect your family from AI scams. Educating yourself and your family about the potential risks of AI scams, monitoring your family’s online activity, using strong passwords, installing anti-virus software, and checking your credit report regularly can help keep your family safe from AI scams.
No one likes to be taken advantage of or scammed. By being aware of the potential risks of AI scams, you protect your family from becoming victims.
In addition, it is important to be aware of emails or texts that appear to be from legitimate sources but are actually attempts to entice you to click on suspicious links or provide personal information. If you receive a suspicious email or text, delete it immediately. If you are unsure, contact the company directly to verify that the message is legitimate. By being aware of potential AI scams keep your family safe from financial loss or identity theft.
You can also take additional steps to protect yourself and your family from AI scams. Consider using two-factor authentication when logging in to websites or apps, and keep all passwords and usernames secure. Be skeptical of unsolicited emails or texts never provide confidential information unless you are sure you know who you are dealing with. Finally, always consider the source and research any unfamiliar company or service before you provide any personal information. By taking these steps, you can help to protect yourself and your family from the dangers posed by AI scams.
monitor your bank accounts and credit reports to ensure that no unauthorized activity is taking place. Set up notifications to alert you of any changes or suspicious activity. Make sure to update your security software to the latest version and be aware of phishing attempts, which could be attempts to gain access to your personal information. If you receive a suspicious email or text, do not click on any links and delete the message immediately.
Finally, stay informed and know the signs of scam. Be your online accounts and look out for any requests for personal information. If something looks suspicious, trust your instincts and don’t provide any information. Report any suspicious activity to the authorities and make sure to spread the word to others from falling victim to AI scams.
This blog post was co-written with artifical intelligence (AI) as a tool to supplement, enhance, and make suggestions. While AI may assist in the creative and editing process, the thoughts, ideas, opinions, and the finished product are entirely human and original to their author. We strive to ensure accuracy and relevance, but please be aware that AI-generated content may not always fully represent the intent or expertise of human-authored material.
The post How to Protect Your Family From AI Scams appeared first on McAfee Blog.
The holiday shopping season, especially Black Friday and Cyber Monday, is a prime time for cybercriminals. McAfee Labs consistently observes a significant spike in malicious activity during this period, fueled by the combination of high web traffic, deals that create a sense of urgency, and a massive increase in card-not-present online transactions that create a perfect storm. Attackers exploit the chaos, knowing shoppers are often distracted and rushing to find the best Black Friday deals, making them more susceptible to phishing scams, fake websites, and malware designed to steal financial information.
As we gear up to feast with family and friends this Thanksgiving, and prepare our wallets for Black Friday and Cyber Monday, let’s look at how these two popular shopping events can impact your online security, and how to protect yourself from scammers.
The consequences of falling for a holiday scam can be devastating. Beyond the initial financial loss from a fraudulent purchase, victims often face the long-term nightmare of identity theft. According to the Federal Trade Commission (FTC), consumers reported losing $12.5 billion to fraud in 2024, with online shopping scams as the second most commonly reported incident. Recovering from identity theft is not just costly. It’s also incredibly time-consuming. On average, it can take victims months to clear their names and correct their credit reports, adding significant emotional stress during what should be a joyful season.
Historians trace the use of Black Friday to the 1960s, when Philadelphia police officers named the day after Thanksgiving as Black Friday because they had to work overtime to manage the mob of holiday shoppers and attendees to the traditional Army-Navy football game on Saturday. Later on, Shop.org coined the term Cyber Monday as a way for online retailers to participate in the Black Friday shopping frenzy.
Since the beginning of these two massive shopping holidays, both have seen incredible growth as more shoppers are turning to the Internet to participate in holiday bargain hunting. In the US, consumers reportedly spent $10.8 billion online on Black Friday 2024, a 10.2% increase from 2023, while Cyber Monday brought in a record $13.3 billion.
The uptick in online shopping activity provides cybercriminals the perfect opportunity to disrupt shoppers’ holiday activities and compromise their online security. During this festive season, it is best to take proactive measures to safeguard your digital presence.
Historically, Black Friday was initially focused on in-store shopping, while Cyber Monday centered on online deals. As such, each shopping event presented its own cyber risks:
As retailers embrace both in-store and online platforms, cyber fraudsters are blurring the lines to take their scams to both domains.
With the surge in online shopping during both shopping holidays, cybercriminals are also on high alert, crafting sophisticated scams to trick unsuspecting shoppers. It’s essential to approach every email or text message suspiciously, checking the sender’s information and avoiding clicking on unsolicited links.Thankfully, there are steps you can take to protect yourself when shopping online during Black Friday and Cyber Monday.
One of the most effective ways to protect your financial data is to avoid entering your actual debit or credit card number directly on websites. Instead, use payment methods that act as a buffer. Virtual credit cards, offered by many banks and privacy services, generate a unique, temporary card number for a single transaction or vendor, making your real account information useless to thieves if a site is breached.
Similarly, digital wallets such as PayPal, Apple Pay, and Google Pay use tokenization to mask your card details. When using browser extensions for coupons, be cautious. Only install trusted extensions and check their permissions.
Everyone wants to find the best price, but be wary of how you track those Black Friday deals. While some deal-tracking apps and browser extensions are helpful, others are privacy nightmares, requesting broad permissions to read all your browsing data.
Before installing any price tracker, carefully review the permissions it requests. Better yet, use well-known, reputable services or set up price alerts directly on major retail websites. Before you download any new app to your phone or computer, use a security solution with a safe-app check feature to ensure it doesn’t contain malware or spyware.
Keeping your digital data and identity safe during the holiday shopping fever might be the best gift you could give yourself and your family. Consider these top features:
Shopping for Cyber Monday deals on your phone can be convenient, but it requires extra caution. The biggest pitfall is using unsecured public Wi-Fi networks in places like coffee shops or malls, allowing criminals to intercept your data.
Another major threat is fraudulent shopping apps designed to steal your information. For another layer of protection, use mobile wallets like Apple Pay or Google Pay as they use tokenization to process payments without exposing your actual card number.
They can be, but social media is also rife with scams. Instead of clicking links in ads, go directly to the retailer’s official website to find the deal. Scammers often create fake storefronts on social platforms to steal your money and data.
Yes, many retailers start their Cyber Monday deals during the Black Friday weekend or earlier. However, be cautious of unsolicited emails announcing “early access.” Always verify these offers on the retailer’s actual website, as this is a common phishing tactic.
Only use QR codes from trusted sources. Criminals can place malicious QR code stickers over legitimate ones, redirecting you to a phishing site. When in a store, confirm the QR code is legitimate with an employee. When shopping online, only scan codes on a retailer’s official site or app.
Do not click any links in the email or text message. Scammers send fake shipping alerts to get you to click on malicious links or provide personal information. Instead, go to the retailer’s website and use your official order number to track your package directly.
Black Friday and Cyber Monday are prime opportunities for consumers to snag once-a-year deals and for cybercriminals to exploit their eagerness to save. However, being aware of the prevalent scams and knowing how to protect yourself can save you from falling prey to these ploys.
One effective way to do so is by investing in top-tier online protection solutions. McAfee offers award-winning cybersecurity solutions developed to shield you from the ever-evolving threats. Explore the features of our McAfee+ Ultimate and Total Protection plans and stay informed about the latest cyber threats with McAfee Labs.
Always strive to shop wisely and stay safe, and remember that if an offer seems too good to be true, it probably is.
The post Secure Your Black Friday & Cyber Monday Purchases appeared first on McAfee Blog.
FreshRSS