A lawsuit from the Consumer Federation of America accuses Meta of misleading consumers about its efforts to combat scams advertisements on its platforms.

Co-Authored by Luiz Parente 

Your data might be safe today. But that doesn’t mean it’s safe forever. 

A growing number of sophisticated actors are collecting encrypted data now, with the goal of decrypting it later, when more powerful technology becomes available. 

This strategy is known as Harvest Now, Decrypt Later (HNDL). And it’s not a future problem. It’s already happening, according to research from our McAfee VPN team. 

For everyday people, that means private messages, financial records, and sensitive documents could be exposed years from now if protections don’t evolve today. 

That’s why security teams, including McAfee’s VPN engineers, are already working on ways to strengthen encryption for both today and what comes next. 

What “Harvest Now, Decrypt Later” Means 

At its core, HNDL is simple: Attackers collect encrypted data now, store it, and wait until they have the tools to unlock it later. 

Even though today’s encryption is incredibly strong, the strategy doesn’t rely on breaking it today. It relies on patience.  

A Simple Way to Think About It 

You put valuable belongings and documents in a safe at home that’s locked and secured. This works at preventing crimes of opportunity. But let’s say there’s a thief who steals the entire safe, knowing they have tools they can use later to access what’s inside. They wait, and once the tools are available, they break into your safe and access everything inside. 

That’s one way to think of HNDL. The safe is the encryption. The quantum computing is the tool they can use later.  

But in real life, you’d probably notice if your safe is gone. In the case of HNDL, if you’re not monitoring your data, you may not even notice encrypted information has been stolen to be decrypted.  

Key Terms Explained 

Term	What it means
Encryption	Scrambling data so others can’t read it
Quantum computing	A new type of computing that can break some encryption
HNDL	A strategy to collect encrypted data now and decrypt it later

Why This Matters Right Now 

This isn’t about whether your data is valuable today. It’s about whether it might be valuable later. 

Data with a long shelf life is especially at risk, including: 

• Financial records  
• Medical information  
• Private messages  
• Legal or identity documents  

Even something that feels low-stakes today could become sensitive in the future. 

And because the collection phase is already happening, the risk isn’t hypothetical. It’s already in motion. 

How This Affects VPNs (and what doesn’t change) 

VPNs remain one of the most effective ways to protect your data today. That hasn’t changed. 

But HNDL introduces a new layer of complexity. 

• What’s still strong: The encryption that protects your data in transit remains highly resilient.  
• Where the risk is: The “handshake” process (how a secure connection is established) is more vulnerable to future quantum attacks.  

In simple terms: Your data is well protected today, but parts of how that protection is set up may need to evolve for the future. 

What Quantum Computing Changes 

Traditional computers process information in a linear way. 

Quantum computers work differently. They can solve certain types of problems much faster, including the kinds of mathematical challenges that protect today’s encryption. 

That’s why attackers are willing to wait. 

Once quantum computing reaches a certain level, it could unlock data that was previously considered secure. 

What McAfee’s VPN Team is Working On 

McAfee’s VPN team is already preparing for this shift. 

• Evaluating quantum-safe encryption approaches  
• Exploring hybrid models that protect both now and long-term  
• Building toward a more resilient VPN experience  

This work builds on a broader privacy-by-design approach, where systems are designed to minimize risk from the start, not react after the fact. 

Because with HNDL, waiting isn’t an option. 

What You Can Do Now 

You don’t need to wait for quantum computing to take steps today. 

• Use a trusted VPN to encrypt your connection  
• Be mindful of long-term sensitive data you share online  
• Avoid unsecured public Wi-Fi when possible  
• Keep your apps and devices updated  

These steps help protect your data now while the industry builds toward future-ready security. 

How McAfee Helps Protect You 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done:  

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast 
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place 
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage 
• Safe Browsing helps block risky sites if you do click 
• Device Security helps detect malicious apps or downloads 
• Secure VPN keeps your data private, especially on public Wi-Fi   

Frequently Asked Questions (FAQs) 

FAQ

Q: Is my data safe right now?   A: In most cases, yes—today’s encryption is extremely strong and is designed to protect your data from current threats. If you’re using trusted security tools like a VPN, safe browsing protections, and device security, your data is actively protected while it’s in transit and in use. However, no system is risk-free. Data exposed through phishing, weak passwords, breaches, or unsecured networks may still be vulnerable. And with “Harvest Now, Decrypt Later,” even properly encrypted data could be collected today and targeted for decryption in the future.

Q: What is quantum-safe encryption?  A: Quantum-safe (or post-quantum) encryption refers to new types of cryptography designed to remain secure even against future quantum computers. Today’s encryption relies on math problems that are extremely difficult for classical computers to solve, but quantum computers could eventually solve some of them much faster. Quantum-safe approaches use different mathematical foundations that are believed to resist those capabilities. In practice, many companies are moving toward hybrid encryption, combining today’s proven methods with newer quantum-resistant techniques to protect data both now and long-term.

Q: Should I still use a VPN?  A: Yes. A VPN remains one of the most effective ways to protect your data today, especially on public or unsecured networks. It encrypts your internet traffic and helps prevent interception by hackers, internet providers, or other third parties. While VPN protocols are evolving to address future quantum risks, they still provide strong, essential protection against today’s threats.

Q: When will this become a real threat?  A: The risk unfolds in two phases. The collection phase is already happening today, where sophisticated actors gather encrypted data and store it. The decryption phase depends on when quantum computing advances far enough to break certain types of encryption, which could take years but is actively progressing. This means data with a long lifespan, such as financial records, personal communications, and sensitive documents, is most at risk because it only needs to remain valuable until those capabilities exist.

The post Why Hackers Are Collecting Data They Can’t Read Yet. And How to Stay Safe appeared first on McAfee Blog.

There’s a lot of love all over the world for GrapheneOS, the gold standard of mobile security. There’s very little love between the two guys at the center of its history.

Years before the figure skater became an Olympic superstar, a Chinese operative tried to stalk her father and monitored other US residents deemed dissidents against China. And that’s just the beginning.

Plus: Major data breaches at a gym chain and hotel giant, a disruptive DDoS attack against Bluesky, dubious ICE hires, and more.

You open your inbox and see it: Your cloud storage is full. 

There’s a warning about photos being deleted, your account being suspended, or a renewal failing. There’s a button to “fix it now.” Or a warning to “act today.” 

It looks routine. Maybe even urgent enough to click. 

That’s exactly the point. 

Cloud storage scams are making headlines again, building on patterns we flagged earlier this year in our State of the Scamiverse research.  

These emails have circulated steadily since 2025, often impersonating trusted brands like Apple, Microsoft, and Google. Many are timed to moments when people are already thinking about storage, backups, or subscriptions. 

The safest move is simple: pause and don’t click. If there’s a real issue, go directly to your account through the official app or website. 

You can also protect yourself with McAfee’s Scam Detector, which flags suspicious links and messages, including cloud storage scams, and explains why they may be risky. 

What Is A Cloud Storage Scam And How Does It Work? 

Cloud storage scams are phishing attacks designed to trick you into believing there’s an issue with your account so you’ll click a malicious link.

They often look like this, and include 3 key red flags:  

• Messages that create urgency like “act now or lose your data”  
• Generic greetings instead of your name  
• Links that don’t match the official domain  

How the scam works (step-by-step) 

Step	What happens	What to do	How McAfee helps
1. You receive a message	Email or text claims your storage is full or your account has an issue	Don’t click links directly from the message	Scam Detector flags suspicious messages before you interact
2. Urgency is introduced	Warning that files or photos will be deleted if you don’t act	Pause. Urgency is a red flag	Scam Detector identifies pressure-based scam patterns
3. You’re pushed to a link	Link mimics a real login or billing page	Go directly to the official website instead	Safe browsing tools help block malicious sites
4. You’re asked for info	Login credentials or payment details requested	Never enter info from a link you didn’t verify	Scam Detector explains why a page or link is risky
5. Data is captured	Scammers collect your data or payment	Monitor accounts and report suspicious activity	Identity monitoring alerts you if your data is exposed

 Why This Scam Works 

• Familiar brands: Messages often appear to come from trusted platforms like Apple iCloud or Google Drive  
• Emotional pressure: The threat of losing photos or files triggers quick decisions  
• Routine context: Storage alerts feel normal, so people don’t question them  

And that, my friends, is scam number one in this week’s This Week in Scams. 

Let’s get into what else is on our radar. 

FBI Report: Over $20 Billion Lost to Scams in 2025

New data from the FBI’s Internet Crime Complaint Center (ICC) shows just how large the scam economy has become. 

In 2025 alone: 

• Americans reported over $20.8 billion in losses  
• More than 1 million complaints were filed  
• That’s roughly 3,000 complaints per day  

This is where layered protection matters. It’s not just about catching one bad link. It’s about recognizing patterns across messages, platforms, and moments when something feels slightly off. 

How McAfee Protects You From Scams and Cyber Threats 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done:  

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast 
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place 
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage 
• Safe Browsing helps block risky sites if you do click 
• Device Security helps detect malicious apps or downloads 
• Secure VPN keeps your data private, especially on public Wi-Fi   

McAfee Safety Tips This Week 

As always, we have some best practices and safety tips for navigating life online: 

• Pause before clicking, especially when a message creates urgency  
• Go directly to websites or apps instead of using email links  
• Be skeptical of routine account alerts that push immediate action  
• Double-check sender addresses and URLs closely  
• Use tools like McAfee’s Scam Detector to flag suspicious links and messages before interacting  
• Turn on identity monitoring so you’re alerted if your data is exposed 

And we’ll be back next week with more scams making headlines. 

The post Cloud Storage Scam Emails and Record-Breaking Fraud Losses: This Week in Scams  appeared first on McAfee Blog.

A post-midnight revolt in the House sank the White House's efforts to extend Section 702—a spy program the FBI has used to look into members of Congress, protesters, and political donors.

Famously vengeful Knicks owner Jim Dolan has long spied on people at his iconic arenas. WIRED goes deep inside the operation that allegedly tracked a trans woman, lawyers, protesters, and more.

Your biggest risk may be a vendor you trust. How can SMBs map their third-party blind spots and build operational resilience?

Available for free to any company that wants to use it, the “completely anonymous” app puts the pressure on porn sites and social media platforms to start blocking access by minors.

6100 Series is an ultra-high-end firewall, delivering exceptional performance, line-rate threat protection, and modular scalability at AI-ready data centers.

An analysis by WIRED and Indicator found nearly 90 schools and 600 students around the world impacted by AI-generated deepfake nude images—and the problem shows no signs of going away.

OpenAI says its safeguards “sufficiently reduce cyber risk” for now, while GPT-5.4-Cyber is a new cybersecurity-focused model.

The UK designated Xinbi Guarantee as an enabler of crypto scammers and human trafficking weeks ago. Telegram is still hosting it in plain sight.

Wearable health devices are designed to give you more control over your body and your data. 

But in 2026, the bigger risk isn’t someone spying on your smartwatch or smartring in real time. It’s what happens if the data connected to that device gets exposed. 

Health data, login credentials, and behavioral patterns tied to wearables can become valuable signals for cybercriminals. And once that data is out, it can fuel everything from identity theft to highly targeted scams. 

Here’s what’s actually at risk, and how to protect yourself. 

What Is Wearable Health Data (and Why It Matters) 

Wearable health data refers to the personal information collected and stored by devices like fitness trackers, smartwatches, and connected medical monitors. 

This can include: 

• Heart rate and activity levels  
• Sleep patterns  
• Location data  
• Medical metrics (like glucose levels)  
• Account credentials tied to apps and dashboards  

On its own, this data may seem harmless. But combined, it creates a highly detailed profile of your habits, routines, and health status. 

The Real Risk in 2026 Isn’t the Device. It’s the Data. 

Early conversations around wearable security focused on device hacking or surveillance. 

Today, the bigger concern is data exposure. 

If wearable platforms, apps, or connected services are breached, your data could be: 

• Sold on the dark web  
• Used to impersonate you  
• Leveraged in targeted phishing or health-related scams  

And because this data is personal and specific, scams built from it can feel far more convincing than generic spam. 

How Exposed Wearable Data Can Lead to Scams 

When cybercriminals gain access to personal data, they don’t just sit on it. They use it. 

Here’s how that plays out: 

Scenario	What It Looks Like	Why It Works
Health-related phishing	“Your insurance claim was denied” or “Update your health profile”	Feels relevant and urgent
Account takeover attempts	Password reset emails tied to known apps	Uses real account signals
Personalized scams	Messages referencing routines, devices, or conditions	Builds trust quickly
Fake alerts or services	“Device security issue detected”	Mimics real product behavior

 

This is where the risk shifts from data privacy → real-world financial and identity impact. 

6 Smart Ways to Protect Your Wearable Data 

1)Install updates immediately
Security patches fix known vulnerabilities. Delaying updates leaves gaps open.  

2) Use layered protection, not just device settings
A VPN and security software help protect data in transit and block threats before they reach you.  

3) Strengthen your login credentials
Use strong, unique passwords and enable two-factor authentication wherever possible.  

4) Limit what you share
Review app permissions and only connect devices to services you trust.  

5) Verify every message or alert
If you receive a message tied to your device or health data, double-check the source before clicking.  

6) Monitor your accounts regularly
Small signs of unusual activity can be early indicators of larger issues. 

How McAfee Helps Protect Your Data Beyond the Device 

Protecting your wearable doesn’t stop at the device itself. It extends to what happens if your data is exposed or targeted. 

Identity Monitoring 

McAfee helps track your personal information across known breach sources and alerts you if your data appears where it shouldn’t. 

This gives you early warning if wearable-related accounts or associated data are compromised. 

Scam Detector 

If your data is exposed, scammers often follow. 

McAfee’s Scam Detector helps identify suspicious messages, links, and communications before you engage, and explains why something was flagged, so you can make informed decisions quickly. 

Together, these tools help protect not just your device, but the chain reaction that can follow a data breach. 

The post Can Your Wearable Health Monitors Be Compromised? appeared first on McAfee Blog.

More than 70 organizations, including the ACLU, EPIC, and Fight for the Future, say the AI smart glasses feature would endanger abuse victims, immigrants, and LGBTQ+ people.

Cisco Secure Firewall’s post-quantum cryptography roadmap: what’s available today, what’s coming, and how to start planning.

Last April, a hacker hijacked crosswalk announcements to mimic Mark Zuckerberg and Elon Musk. Records obtained by WIRED reveal how unprepared local authorities were.

Emails claiming to be from Social Security are making the rounds right now. 

They look official. They sound official. And they’re designed to get you to click before you think twice. 

The Social Security Administration’s Office of Inspector General is warning about a spike in messages that claim your Social Security statement is ready to download. The goal is simple. Get you to click a link or open an attachment. 

From there, things can go sideways fast. 

Before interacting with anything like this, it’s worth pausing and running it through a tool like McAfee’s Scam Detector. This is exactly the kind of message it’s built to flag. Something that looks legitimate, but feels just slightly off. 

How The Scam Works 

The email mimics official government communication, using logos, formatting, and language that feels familiar. It might say your statement is ready, your account needs attention, or you need to review a document. 

Once you click: 

• You may be sent to a fake website designed to capture your personal information  
• You may download malware without realizing it  
• Or you may be prompted to enter sensitive financial details  
• Either way, the goal is the same: get access to your identity. 

The Red Flags In These Emails 

• Messages claiming your social security statement is ready to download  
• Links or attachments labeled as official documents  
• Urgency pushing you to act quickly  
• Sender addresses that do not end in “.Gov”  

The biggest tell: Social Security does not send emails like this asking you to download statements or provide sensitive information. 

What To Do If You Get One 

• Do not click links or download attachments  
• Delete the email immediately  
• Access your account by going directly to the official SSA website  
• Report the message to the SSA Office of Inspector General  

If you already clicked: 

• Stop communication immediately  
• Contact your financial institutions  
• Monitor your accounts closely  
• Report the incident to the FTC or the FBI’s IC3  

And that, my friends, is scam number one in this week’s This Week in Scams. 

Let’s get into what else is on our radar. 

A Healthcare Data Breach That Could Lead to Follow-Up Scams 

Healthcare data breaches don’t always make headlines the same way big tech breaches do, but they can be just as serious. 

According to reporting from Fox News, CareCloud, a company that supports electronic health records for tens of thousands of providers, recently confirmed a security incident involving unauthorized access to one of its systems.  

The access lasted several hours. And while it’s still unclear whether any data was taken, that uncertainty is exactly what makes situations like this risky. 

Because even if you’ve never heard of the company, your doctor might use it. 

Why This Matters 

Healthcare data is incredibly valuable. It can include: 

• Names and social security numbers  
• Insurance details  
• Medical history  
• Billing information  

Unlike a credit card, you can’t just cancel your medical history. 

And when that kind of data is exposed or even potentially exposed, scammers often follow up with messages that feel highly specific and personal. 

What To Watch For Next 

After incidents like this, scammers often move quickly: 

• Emails or texts pretending to be your provider  
• Messages about billing issues or medical records  
• Requests to “verify” your information  
• Links to log in or update your account  

These scams work because they’re timed perfectly and feel relevant. 

This is another moment where Scam Detector can help flag suspicious links or messages before you engage, even when they reference real healthcare providers. 

How To Protect Yourself 

• Review medical bills and insurance statements for unfamiliar activity  
• Enable two-factor authentication on patient portals  
• Use strong, unique passwords  
• Avoid clicking links in unexpected healthcare-related messages  
• Consider identity monitoring to catch misuse early  

Where McAfee Steps In (So You Don’t Have to Guess) 

Scams today are layered. 

A fake email leads to stolen credentials. A breach leads to targeted phishing. And those follow-ups are getting harder to spot. 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done: 

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage
• Safe Browsing helps block risky sites if you do click
• Device Security helps detect malicious apps or downloads
• Secure VPN keeps your data private, especially on public Wi-Fi  

Safety Tips To Carry Into Next Week 

• Be cautious of emails that look official but create urgency  
• Never trust unsolicited messages asking for personal or financial information  
• Go directly to official websites instead of clicking links  
• Stay alert after any breach or security incident makes headlines  
• Use tools like McAfee that help you verify what’s real before you act  

Because the reality is, scams are designed to look legitimate. You shouldn’t have to figure it out on your own. We’re safer together. 

We’ll be back next week with more scams making headlines. 

The post Social Security Scam Emails and a Healthcare Data Breach: This Week in Scams appeared first on McAfee Blog.

Plus: Iran’s internet blackout hits the 1,000-hour mark, cryptocurrency scams result in a record amount of money stolen from Americans, and more.