Login
The devastating wildfires sweeping through Southern California have left countless neighborhoods in ruins, forcing thousands to evacuate and destroying homes in their path. While many people across the nation are moved to support those affected, this goodwill often becomes a target for opportunistic cybercriminals. McAfee researchers have discovered that social media networks have been flooded with deceptive images, showing how cryptocurrencies can be used to make donations for fire relief efforts. We believe these to be scams trying to dupe consumers. McAfee CTO, Steve Grobman says, “It’s really unfortunate because it’s such a tragic event, and we’re seeing cybercriminals and scammers take advantage of the situation in a whole host of ways, from fake GoFundMe sites to fraudulent campaign donation pages.”
Figure 1. Cryptocurrency Donation Requests
Steve continues, “The use of generative AI has fueled the creation of fake content, like viral images of the Hollywood sign engulfed in flames, which our deepfake detection technology confirmed were AI-generated. These tools are helping scammers misrepresent reality and exploit public emotions. We’ve seen fake accounts impersonating celebrities like Emma Watson and Kim Kardashian, promoting nonexistent charities to deceive people into donating money.”
The average American encounters a staggering 14.4 scam messages and deepfakes daily through social media, text messages, and emails, according to McAfee’s latest “State of the Scamiverse” report.
Now, think about this: even in your everyday life, that’s a lot of noise to sift through. But when you’re in the chaos of recovering from a disaster like a wildfire—juggling insurance claims, emergency communications, and rebuilding your life—the sheer volume of scams adds another layer of overwhelm. It’s a perfect storm for distraction, making it even easier for cybercriminals to exploit your vulnerability. Here’s what you need to know to protect yourself from scams while providing genuine help to wildfire victims.
Natural disasters and major news events provide fertile ground for cybercriminals. Cliff Steinhauer, Director of Information Security at the National Cybersecurity Alliance, explains that people eager to help during a crisis can act emotionally, skipping necessary steps to verify the legitimacy of donation platforms or relief efforts.
Scammers watch disaster news closely to craft scams tailored to the event. The emotional urgency surrounding a catastrophe like the California wildfires increases the likelihood of falling victim to these attacks.
A recent McAfee survey found that 59% of Americans say they or someone they know has been the victim of an online scam. 84% of these people lost money to the scam, with an average loss of $1,471 – and nearly 1 in 10 scam victims lost over $5,000
Many scams during crises fall under the umbrella of social engineering, a tactic where attackers manipulate people into divulging sensitive information or funds. Here are some of the most common schemes to watch out for:
Scammers often create counterfeit websites or social media posts masquerading as legitimate charities. These pages may look convincing but divert donations into the hands of criminals.
Emails, texts, and phone calls pretending to be from government agencies or well-known charities may attempt to steal personal data or payment details.
Victims of disasters are especially vulnerable. Scammers might pose as organizations offering aid, only to harvest sensitive information like bank account details or steal identities.
Modern scammers use AI to craft phishing attempts that are harder to spot. Unlike older scams with obvious grammar mistakes, AI-generated messages can appear professional and persuasive.
Figure 2. Fake Celebrity Donation Requests
Whether you’re donating to wildfire relief efforts or seeking aid, these steps can help protect you:
Use trusted resources like Give.org or Charity Navigator to confirm the legitimacy of charities.
Platforms like GoFundMe now provide verified lists of fundraisers for disaster relief.
Be wary of websites with misspelled URLs or unusual domain extensions. Look for “https” and padlock symbols to confirm the site is secure.
Phishing attempts often come via unsolicited emails, texts, or social media ads. Instead of clicking, go directly to a charity’s official website by typing its address into your browser.
Not all paid advertisements on platforms like Facebook or Instagram are legitimate. Avoid providing personal or payment information through these channels without verification.
Be cautious of campaigns that fail to explain how your donation will be used. Reputable organizations are transparent about how funds are allocated.
Steve Grobman states, “If consumers want to help with relief efforts, they should always go to validated organizations and use payment methods with protections, like credit cards. Wiring money or using cryptocurrency can make it nearly impossible to recover funds if it turns out to be fraudulent. While many GoFundMe sites are legitimate, scammers exploit the platform’s low barrier to entry. Consumers should verify campaigns with the individuals or families they claim to support or stick to reputable charities.”
In the aftermath of California wildfires, staying vigilant is essential. While most people are dedicated to recovery and support, a few may attempt to exploit the situation. By learning to spot common scams and taking proactive steps, you can safeguard yourself and your community from additional harm. Use a robust and trustworthy scam detection tool. McAfee can block risky sites even if you accidentally click a link in a scam text. When it comes to text messages, our smart AI puts a stop to scams before you click—detecting any suspicious links and sending you an alert.
In an age where deepfake technology is becoming increasingly sophisticated, protecting yourself from manipulated videos, audio, and images is critical. McAfee Deepfake Detector is designed to safeguard individuals and organizations by identifying and alerting you to potential deepfakes, ensuring that you can trust what you see and hear online.
The post Scammers Exploit California Wildfires: How to Stay Safe appeared first on McAfee Blog.
Amid the devastation of the Los Angeles County wildfires – scorching an area twice the size of Manhattan – McAfee threat researchers have identified and verified a rise in AI-generated deepfakes and misinformation, including startling but false images of the Hollywood sign engulfed in flames.
Social media and local broadcast news have been flooded with deceptive images claiming the Hollywood sign is engulfed in flames, with many people alleging that the iconic landmark is “surrounded by fire.”
Figure 1. AI-generated image shared on Facebook on January 9th, 2025.
Fact check: The Hollywood sign is still standing and is intact. A live feed of the Hollywood sign clearly shows the sign is not currently in harm’s way or engulfed in flames.
Figure 2: Live view of the Hollywood sign taken at 3.29 PT on Friday, January 10th 2025.
McAfee researchers have examined dozens of images shared across X, Facebook, Tik Tok and Instagram, and have verified these are indeed AI-generated images and videos. In addition to analysis from our own threat researchers, McAfee’s image deepfake detection technology has flagged images shown here (and many more) of the Hollywood Hills as AI-generated, with the fire serving as a key factor in its analysis.
McAfee’s investigation traced many of the images back to Gemini, an AI-based image generation platform. This finding underscores the increasing sophistication of fake image synthesis, where fake images and videos can be created in mere seconds, but can be spread to more than a million views in just 24 hours, such as is the case with the social post shared on Facebook below.
Figure 3: Screenshot of deepfake video of Hollywood sign on fire. This video was discovered on Facebook and had already achieved 1.3 million views in 24 hours.
McAfee CTO, Steve Grobman states, “AI tools have supercharged the spread of disinformation and misinformation, enabling false content—like recent fake images of the Hollywood sign engulfed in flames—to circulate at unprecedented speed. This makes it critical for social media users to keep their guard up, approach viral posts with skepticism, and verify sources to distinguish fact from fiction.”
Figure 4. McAfee’s advanced AI models identifies images that have been modified or created using AI. The heatmap depicts areas that have been used to identify and confirm AI-usage.
AI-generated still images are incredibly easy to produce. In less than a minute, we were able to produce a convincing image of the Hollywood Hills sign on fire for free with AI image generating Android app (we have not published these images, only those found on social media). Many of these apps exist to choose from. Some do filter for violent and other objectionable content. However, images like the Hollywood Hills sign on fire, fall outside of normal guardrails. Additionally, the business model of many of these apps include free credits as a trial, making it quick and easy to create and share. AI image generation is a widely available and easily accessible tool used in many misinformation campaigns.
See below for more examples:
Figure 5. Examples on Instagram.
Upon closer inspection, some images had watermark images clearly labeled from Generative AI tools such as Grok. And while this might be an obvious telltale sign for some people, there are many others who are not familiar with or recognize such watermarks.
Figure 6. The Grok watermark is clearly visible in the image above.
There are several straightforward steps that you can take to spot a fake. We recommend a combination of healthy skepticism and awareness combined with the right technology, such as McAfee Deepfake Detector.
While not all AI is malicious or ‘bad’, this technology is commonly used by bad actors for malicious intent when it comes to deepfake scams, misinformation and disinformation. While the deepfakes outlined here appear to be without malicious intent – other than to misinform social media users – we could expect these to evolve where scammers create similar deepfakes as part of fake donation scams, and so we advise everyone to stay vigilant and learn more on how to spot deepfakes online:
Plenty of deepfakes can lure you into sketchy corners of the internet. Places where malware and phishing sites take root. Consider using comprehensive online protection software with McAfee+ and McAfee Deepfake Detector to keep safe. In addition to several features that protect your devices, privacy, and identity, they can warn you of unsafe sites too.
The post The Hollywood Sign is Not on Fire: Deepfakes Spread During L.A. Wildfires appeared first on McAfee Blog.
McAfee threat researchers have identified several consumer brands and product categories most frequently used by cybercriminals to trick consumers into clicking on malicious links in the first weeks of this holiday shopping season. As holiday excitement peaks and shoppers hunt for the perfect gifts and amazing deals, scammers are taking advantage of the buzz. The National Retail Federation projects holiday spending will reach between $979.5 and $989 billion this year, and cybercriminals are capitalizing by creating scams that mimic the trusted brands and categories consumers trust. From October 1 to November 12, 2024, McAfee safeguarded its customers from 624,346 malicious or suspicious URLs tied to popular consumer brand names – a clear indication that bad actors are exploiting trusted brand names to deceive holiday shoppers.
McAfee’s threat research also reveals a 33.82% spike in malicious URLs targeting consumers with these brands’ names in the run-up to Black Friday and Cyber Monday. This rise in fraudulent activity aligns with holiday shopping patterns during a time when consumers may be more susceptible to clicking on offers from well-known brands like Apple, Yeezy, and Louis Vuitton, especially when deals seem too good to be true – pointing to the need for consumers to stay vigilant, especially with offers that seem unusually generous or come from unverified sources.
McAfee threat researchers have identified a surge in counterfeit sites and phishing scams that use popular luxury brands and tech products to lure consumers into “deals” on fake e-commerce sites designed to appear as official brand pages. While footwear and handbags were identified as the top two product categories exploited by cybercrooks during this festive time, the list of most exploited brands extends beyond those borders:
By mimicking trusted brands like these, offering unbelievable deals, or posing as legitimate customer service channels, cybercrooks create convincing traps designed to steal personal information or money. Here are some of the most common tactics scammers are using this holiday season:
With holiday shopping in full swing, it’s essential for consumers to stay one step ahead of scammers. By understanding the tactics cybercriminals use and taking a few precautionary measures, shoppers can protect themselves from falling victim to fraud. Here are some practical tips for safe shopping this season:
McAfee’s threat research team analyzed malicious or suspicious URLs that McAfee’s web reputation technology identified as targeting customers, by using a list of key company and product brand names—based on insights from a Potter Clarkson report on frequently faked brands—to query the URLs. This methodology captures instances where users either clicked on or were directed to dangerous sites mimicking trusted brands. Additionally, the team queried anonymized user activity from October 1st through November 12th.
The image below is a screenshot of a fake / malicious / scam site: Yeezy is a popular product brand formerly from Adidas found in multiple Malicious/Suspicious URLs. Often, they present themselves as official Yeezy and/or Adidas shopping sites.
The image below is a screenshot of a fake / malicious / scam site: The Apple brand was a popular target for scammers. Many sites were either knock offs, scams, or in this case, a fake customer service page designed to lure users into a scam.
The image below is a screenshot of a fake / malicious / scam site: This particular (fake) Apple sales site used Apple within its URL and name to appear more official. Oddly, this site also sells Samsung Android phones.
The image below is a screenshot of a fake / malicious / scam site: This site, now taken down, is a scam site purporting to sell Nike shoes.
The image below is a screenshot of a fake / malicious / scam site: Louis Vuitton is a popular brand for counterfeit and scams. Particularly their handbags. Here is one site that was entirely focused on Louis Vuitton Handbags.
The image below is a screenshot of a fake / malicious / scam site: This site presents itself as the official Louis Vuitton site selling handbags and clothes.
The image below is a screenshot of a fake / malicious / scam site: This site uses too-good-to-be-true deals on branded items including this Louis Vuitton Bomber jacket.
The image below is a screenshot of a fake / malicious / scam site: Rolex is a popular watch brand for counterfeits and scams. This site acknowledges it sells counterfeits and makes no effort to indicate this on the product.
The post This Holiday Season, Watch Out for These Cyber-Grinch Tricks Used to Scam Holiday Shoppers appeared first on McAfee Blog.
As the Gallagher brothers reunite for the first live Oasis shows in 16 years, scammers have queued up phony ticket schemes to cash in.
With that, we’re advising fans to take extra care as they dash to buy seats for these long-awaited shows. McAfee Labs researchers have discovered over 2,000 suspicious tickets for the 2025 reunion tour on sale online, with prices ranging from £700-£1,845. McAfee is urging fans to be careful when purchasing tickets this weekend.
In the example below, the following offers appeared on a third-party reseller site several days before the opening sale of official tickets on August 31st.
Screenshot of apparent bogus offers for Oasis tickets.
The seller clearly had no seats, as tickets simply weren’t available to the public nor pre-release at that time.
Official tickets for the 2025 tour go on sale on August 31st at 9am in the UK and 8am in Ireland, and only through official ticket agents. So if you’re after tickets, head directly to the official Oasis site at https://oasisinet.com.
Official tickets available at oasisnet.com
Concert organizers have made two additional things clear. First, each household has a four-ticket limit per show. Second, any ticket resales must go at face value plus a booking fee.
Of benefit to fans, purchases made through official ticket agents have policies and refunds that protect buyers in the event of cancellations. Additionally, fans who buy tickets with a credit card might also find themselves further protected by Section 75 of the Consumer Credit Act. Keeping these things in mind can help you from getting snared by a scam.
To get genuine Oasis tickets, head over to https://oasisinet.com for info and links to official ticket agents. Make it your first and only starting point.
In the coming days and in the coming months leading up to the shows, expect to see all manner of ticket scams. Yet given the way that concert organizers have structured the shows, you can quickly spot an Oasis ticket scam by looking out for the following:
Scammers can easily create phony social media profiles and ads. Likewise, they can easily use them to sell phony tickets. As always, stick with official ticketing platforms. They sell legitimate tickets and offer legitimate purchase protection.
Related, scammers on social media and elsewhere online will require payment with bank transfers, gift cards, and even cryptocurrency — all payment methods that are tough to recoup in a scam. If you spot this, you’ve spotted a scam.
As pointed out, ticket resales will be at face value plus a booking fee. Any tickets of higher price, or lower for that matter, will be phonies.
Other scams we expect to see will revolve around Oasis merch – shirts, hats, phone cases, you name it. While we don’t have a view into what official merchandise sales will look like, scammers will certainly look to push their share of knockoff or non-existent merch online.
For fans looking for tour merch, you can shop safely with a few straightforward steps:
This is a great one to start with. Directly typing in the correct address for reputable online stores and retailers is a prime way to avoid scammers online. Watch out for sites that spoof legit sites by copying their look and feel, which use addresses that often look like legitimate addresses — but aren’t. You’ll see phony sites such as these crop up in search results and in social media ads and posts.
Secure websites begin their address with “https,” not just “http.” That extra “s” in stands for “secure,” which means that it uses a secure protocol for transmitting sensitive info like passwords, credit card numbers, and the like over the internet. It often appears as a little padlock icon in the address bar of your browser, so double-check for that. If you don’t see that it’s secure, it’s best to avoid making purchases on that website.
Credit cards are a good way to go. In the UK, Section 75 of the Consumer Credit Act protects purchases made with a credit card that cost between £100 and £30,000. In the U.S., the Fair Credit Billing Act offers protection against fraudulent charges on credit cards by giving you the right to dispute charges over $50 for undelivered goods and services or otherwise billed incorrectly. Your credit card companies might have their own policies that improve upon these Acts as well.
Comprehensive online protection with McAfee+ will defend against the latest virus, malware, spyware, and ransomware attacks plus further protect your privacy and identity. In addition to this, it can also provide strong password protection by generating and automatically storing complex passwords to keep your credentials safer from hackers and crooks who might try to force their way into your accounts. And, specific to all the Oasis scams that will inevitably pop up, online protection can help prevent you from clicking links to known or suspected malicious sites. In addition, select plans of McAfee+ offer up to $2 million in identity theft coverage along with identity restoration support and lost wallet protection if needed.
The post Wonderwall of Lies: How to Avoid Oasis Reunion Ticket Scams appeared first on McAfee Blog.
Deepfakes of Prince William and the UK Prime Minister are pushing investment scams on Facebook and Instagram.
Uncovered by Fenimore Harper Communications, a media research organization, the deepfakes take the form of ads that lead to a phony cryptocurrency platform.[i] According to Fenimore Harper, the equivalent of $27,000 U.S. dollars has been spent on these ads and they have reached more than 890,000 people.
In all, scammers fueled the ads with 14 different currencies as diverse as Columbian Pesos, Thai Bahm, Uruguayan Peso, Bangladeshi Taka, and United Arab Emirates Dirham.
In one of the ads, a fake Prime Minister Sir Keir Starmer announces a “national invest platform,” and “to make money on this official platform, all you need is a phone or computer.” Another ad claims that 45 individuals have been specially selected to earn “life-changing money” through a mysterious project.
Another ad features a fake Prince William saying, “I am pleased to announce that I, Prince William, and the entire royal family fully support Prime Minister Keir Starmer’s initiative and his new platform.”
Fenimore Harper says that some of the ads are still running. The organization said that it identified these ads using Meta’s own AI model, Llama 3.1 70B.
Fenimore Harper’s report then found that some of the ads directed people to a bogus cryptocurrency platform called “Immediate Edge.”
Once on the site, people were asked to provide basic contact info, followed by encouragement to make investments.
Fenimore Cooper found several negative reviews for the platform on Trustpilot, “mostly from victims complaining they lost their money or were hounded by scammers over the phone.”
Many of the links to the bogus platform appear to be dead now, even as some ads still appear to circulate.
As reported by The Independent, a spokesperson for Meta said, “Our systems detected and removed the vast majority of these adverts before this report was published. As part of our ads review process—which can include both automated and human reviews — we have several layers of analysis and detection, both before and after an ad goes live. It is against our policies to run ads that improperly use images of public or political figures for deceptive purposes, and we remove these ads when detected.”[ii]
A fake ad featuring Prime Minister Sir Keir Starmer in Fenimore Harper’s report shows that the deepfakes are low-grade. In their example, the scammers use previously aired footage of the Prime Minister dubbed over with AI voice-cloned audio. As in the case of many cheaper deepfakes, the lip-synching matches poorly.
With that, this scam echoes the Taylor Swift cookware deepfake scam we reported on earlier this year. It also used poorly dubbed AI voice-cloned audio atop clips of previously aired footage.
However, despite the low-quality deepfake, this scam sets itself apart with the way the scammers manipulated Google search results. Given that many people use search to research potential investments, the scammers made sure to give themselves favorable reviews.
According to Fenimore Harper, the scammers used SEO-hacking techniques so that the scammers could “place their own copy in Google’s ‘featured snippets’ … [making the] top result a glowing endorsement for the scam.”
Fenimore Harper says that the scammers further duped Google’s AI overview feature, which summarizes search results. In their example, people must scroll through several results that contain disinformation before they get to a credible source for reviews.
In all, it appears the scammers put extra thought and care into their scam. They did more than bank on a deepfake and a bogus site to lure in victims. They anticipated the next move for many victims, which was to hop on a search engine and see if the opportunity was legit.
Scammers have increasingly turned to AI deepfakes of celebrities and other public figures to push their scams. What’s new here is that we have a prime minister and a member of the royal family falling victim to a deepfake as part of the scam.
However, you can steer clear of online investment scams like these, whether they use AI deepfakes or not. Consider the following as apparent “opportunities” crop up online:
Go with a pro.
Working with an accredited financial adviser is always a sound step with any investment you choose to make, as is only investing funds you can afford to lose if the investment falls through.
Watch out for new, untried platforms.
Steer clear of investments that ask you to contribute money directly from one of your own accounts rather than via a reliable, verified platform.
Seek trusted research sources.
As we saw above, the top results in a search might not be the most credible source of info. When researching financial opportunities, look for established, trustworthy sources of review. Consult several sources as well.
Be wary of celebrity and pop culture tie-ins.
Regard any investment based on a pop culture reference like movies, memes, and shows with a highly critical eye. The same goes for public figures. It might very well be a scam built around buzz rather than a legitimate investment, such as it was with the Squid Game cryptocurrency scam we saw in 2021 and the more recent AI deepfake scams featuring a fake Elon Musk promoting bogus investments.
Use online protection software.
AI-powered online protection like you’ll find in our McAfee+ plans sniffs out links to suspicious sites that promote scams and contain malware. Scams like these take you to shady corners of the internet, and our protection will warn you before you tap or click — and block those sites if you tap or click by mistake.
[i] https://www.fenimoreharper.com/research/starmer-disinformation-meta-deepfakes
[ii] https://www.independent.co.uk/news/uk/home-news/starmer-prince-william-ai-deepfake-crypto-scam-b2595554.html
The post Deepfakes of Prince William Lure Social Media Users into an Investment Scam appeared first on McAfee Blog.
FreshRSS