Login
As we continue to evolve the field of AI, a new branch that has been accelerating recently is Agentic AI. Multiple definitions are circulating, but essentially, Agentic AI involves one or more AI systems working together to accomplish a task using tools in an unsupervised fashion. A basic example of this is tasking an AI Agent with finding entertainment events I could attend during summer and emailing the options to my family.
Agentic AI requires a few building blocks, and while there are many variants and technical opinions on how to build, the basic implementation typically includes a Reasoning LLM (Large Language Model) – like the ones behind ChatGPT, Claude, or Gemini – that can invoke tools, such as an application or function to perform a task and return results. A tool can be as simple as a function that returns the weather, or as complex as a browser commanding tool that can navigate through websites.
While this technology has a lot of potential to augment human productivity, it also comes with a set of challenges, many of which haven’t been fully considered by the technologists working on such systems. In the cybersecurity industry, one of the core principles we all live by is implementing “security by design”, instead of security being an afterthought. It is under this principle that we explore the security implications (and threats) around Agentic AI, with the goal of bringing awareness to both consumers and creators:
With the proliferation of Agentic AI, we will see both opportunities to make our life better as well as new threats from bad actors exploiting the same technology for their gain, by either intercepting and poisoning legitimate users AI Agents, or using Agentic AI to perpetuate attacks. With this in mind, it’s more important than ever to remain vigilant, exercise caution and leverage comprehensive cybersecurity solutions to live safely in our digital world.
The post Navigating cybersecurity challenges in the early days of Agentic AI appeared first on McAfee Blog.
New online threats emerge every day, putting our personal information, money and devices at risk. In its 2024 Internet Crime Report, the Federal Bureau of Investigation reports that 859,532 complaints of suspected internet crime—including ransomware, viruses and malware, data breaches, denials of service, and other forms of cyberattack—resulted in losses of over $16 billion—a 33% increase from 2023.
That’s why it is essential to stay ahead of these threats. One way to combat these is by conducting virus scans using proven software tools that constantly monitor and check your devices while safeguarding your sensitive information. In this article, we’ll go through everything you need to know to run a scan effectively to keep your computers, phones and tablets in tip-top shape.
Whether you think you might have a virus on your computer or devices or just want to keep them running smoothly, it’s easy to do a virus scan.
Each antivirus program works a little differently, but in general the software will look for known malware with specific characteristics, as well as their variants that have a similar code base. Some antivirus software even checks for suspicious behavior. If the software comes across a dangerous program or piece of code, the antivirus software removes it. In some cases, a dangerous program can be replaced with a clean one from the manufacturer.
Before doing a virus scan, it is useful to know the telltale signs of viral presence in your device. Is your device acting sluggish or having a hard time booting up? Have you noticed missing files or a lack of storage space? Have you noticed emails or messages sent from your account that you did not write? Perhaps you’ve noticed changes to your browser homepage or settings? Maybe you’re seeing unexpected pop-up windows, or experiencing crashes and other program errors. These are just some signs that your device may have a virus, but don’t get too worried yet because many of these issues can be resolved with a virus scan.
Free virus scanner tools, both in web-based and downloadable formats, offer a convenient way to perform a one-time check for malware. They are most useful when you need a second opinion or are asking yourself, “do I have a virus?” after noticing something suspect.
However, it’s critical to be cautious. For one, cybercriminals often create fake “free” virus checker tools that are actually malware in disguise. If you opt for free scanning tools, it is best to lean on highly reputable cybersecurity brands. On your app store or browser, navigate to a proven online scanning tool with good reviews or a website whose URL starts with “https” to confirm you are in a secure location.
Secondly, free tools are frequently quite basic and perform only the minimum required service. If you choose to go this path, look for free trial versions that offer access to the full suite of premium features, including real-time protection, a firewall, and a VPN. This will give you a glimpse of a solution’s comprehensive, multi-layered security capability before you commit to a subscription.
If safeguarding all your computers and mobile devices individually sounds overwhelming, you can opt for comprehensive security products that protect computers, smartphones and tablets from a central, cloud-based hub, making virus prevention a breeze. Many of these modern antivirus solutions are powered by both local and cloud-based technologies to reduce the strain on your computer’s resources.
This guide will walk you through the simple steps to safely scan your computer using reliable online tools, helping you detect potential threats, and protect your personal data.
When selecting the right antivirus software, look beyond a basic virus scan and consider these key features:
The process of checking for viruses depends on the device type and its operating system. Generally, however, the virus scanner will display a “Scan” button to start the process of checking your system’s files and apps.
Here are more specific tips to help you scan your computers, phones and tablets:
If you use Windows 11, go into “Settings” and drill down to the “Privacy & Security > Windows Security > Virus & Threat Protection” tab, which will indicate if there are actions needed. This hands-off function is Microsoft’s own basic antivirus solution called Windows Defender. Built directly into the operating system and enabled by default, this solution provides a baseline of protection at no extra cost for casual Windows users. However, Microsoft is the first to admit that it lags behind specialized paid products in detecting the very latest zero-day threats.
Mac computers don’t have a built-in antivirus program, so you will have to download security software to do a virus scan. As mentioned, free antivirus applications are available online, but we recommend investing in trusted software that is proven to protect you from cyberthreats.
If you decide to invest in more robust antivirus software, running a scan is usually straightforward and intuitive. For more detailed instructions, we suggest searching the software’s help menu or going online and following their step-by-step instructions.
Smartphones and tablets are powerful devices that you likely use for nearly every online operation in your daily life from banking, emailing, messaging, connecting, and storing personal information. This opens your mobile device to getting infected through malicious apps, especially those downloaded from unofficial stores, phishing links sent via text or email, or by connecting to compromised wi-fi networks.
Regular virus scans with a mobile security software are crucial for protecting your devices. Be aware, however, that Android and IOS operating systems merit distinct solutions.
Antivirus products for Android devices abound due to this system’s open-source foundation. However, due to Apple’s strong security model, which includes app sandboxing, traditional viruses are rare on iPhones and iPads. However, these devices are not immune to all threats. You can still fall victim to phishing scams, insecure Wi-Fi networks, and malicious configuration profiles. Signs of a compromise can include unusual calendar events, frequent browser redirects, or unexpected pop-ups.
Apple devices, however, closed platform doesn’t easily accommodate third-party applications, especially unvetted ones. You will most likely find robust and verified antivirus scanning tools on Apple’s official app store.
Before you open any downloaded file or email attachment, it’s wise to check it for threats. To perform a targeted virus scan on a single file, simply right-click the file in Windows Explorer or macOS Finder and select the “Scan” option from the context menu to run the integrated virus checker on a suspicious item.
For an added layer of security, especially involving files from unknown sources, you can use a web-based file-checking service that scans for malware. These websites let you upload a file, which is then analyzed by multiple antivirus engines. Many security-conscious email clients also automatically scan incoming attachments, but a manual scan provides crucial, final-line defense before execution.
Once the scan is complete, the tool will display a report of any threats it found, including the name of the malware and the location of the infected file. If your antivirus software alerts you to a threat, don’t panic—it means the program is doing its job.
The first and most critical step is to follow the software’s instructions. It might direct you to quarantine the malicious file to isolate the file in a secure vault where it can no longer cause harm. You can then review the details of the threat provided by your virus scanner and choose to delete the file permanently, which is usually the safest option.
After the threat is handled, ensure your antivirus software and operating system are fully updated. Finally, run a new, full system virus scan to confirm that all traces of the infection have been eliminated. Regularly backing up your important data to an external drive or cloud service can also be a lifesaver in the event of a serious infection.
The most effective way to maintain your device’s security is to automate your defenses. A quality antivirus suite allows you to easily schedule a regular virus scan so you’re always protected without having to do it manually. A daily quick scan is a great habit for any user; it’s fast and checks the most vulnerable parts of your system. Most antivirus products regularly scan your computer or device in the background, so a manual scan is only needed if you notice something dubious, like crashes or excessive pop-ups. You can also set regular scans on your schedule, but a weekly full scan is ideal.
These days, it is essential to stay ahead of the wide variety of continuously evolving cyberthreats. Your first line of defense against these threats is to regularly conduct a virus scan. You can choose among the many free yet limited-time products or comprehensive, cloud-based solutions.
While many free versions legitimately perform their intended function, it’s critical to be cautious as these are more often baseline solutions while some are malware in disguise. They also lack the continuous, real-time protection necessary to block threats proactively.
A better option is to invest in verified, trustworthy, and all-in-one antivirus products like McAfee+ that, aside from its accurate virus scanning tool, also offers a firewall, a virtual private network, and identity protection. For complete peace of mind, upgrading to a paid solution like McAfee Total Protection is essential for proactively safeguarding your devices and data in real-time, 24/7.
The post How To Do A Virus Scan appeared first on McAfee Blog.
We use our smartphones for everything under the sun, from work-related communication to online shopping, banking transactions, and social media. For this reason, our phones store a lot of personal data, including contacts, account details, and bank account logins.
High online usage also makes your devices vulnerable to viruses, a type of malware that replicate themselves and spread throughout the entire system. They can affect your phone’s performance or, worse, compromise your sensitive information so that hackers can benefit monetarily.
In this article, we will give you a rundown of viruses that can infect your phone and how you can identify and eliminate them. We will also provide some tips for protecting your phone from viruses in the first place.
iPhones and Android devices run on different operating systems, hence differences in how they resist viruses and how these affect each system.
While iOS hacks can still happen, Apple’s operating system is reputed to be highly resistant from viruses because of its design. By restricting interactions between apps, Apple’s operating system limits the movement of a virus across the device. However, if you jailbreak your iPhone or iPad to unlock other capabilities or install third-party apps, then the security restrictions set by Apple’s OS won’t work. This exposes your iPhone and you to vulnerabilities that cybercriminals can exploit.
Android phones, while also designed with cybersecurity in mind, rely on open-source code, making them an easier target for hackers. Additionally, giving users the capability to install third-party apps from alternative app stores such as the Amazon or Samsung Galaxy app stores makes Android devices open to viruses.
Cybercriminals today are sophisticated and can launch a variety of cyberattacks on your smartphone. Some viruses that can infect your phone include:
Ultimately, contracting a virus on your phone or computer comes down to your browsing and downloading habits. These are the most common ways it could happen:
Now that you know how your phone could be infected by a virus, look out for these seven signs that occur when malicious software is present:
Most pop-up ads don’t carry viruses but are only used as marketing tools. However, if you find yourself closing pop-up ads more often than usual, it might indicate a virus on your phone. These ads might be coming from apps in your library that you didn’t install. In this case, uninstall them immediately as they tend to carry malware that’s activated when the app is opened or used.
When you accidentally download apps that contain malware, your device has to work harder to continue functioning. Since your phone isn’t built to support malware, there is a good chance it will overheat.
If your contacts receive unsolicited scam emails or messages on social media from your account, especially those containing suspicious links, a virus may have accessed your contact list. It’s best to let all the recipients know that your phone has been hacked so that they don’t download any malware themselves or forward those links to anybody else.
An unusually slow-performing device is a hint of suspicious activity on your phone. The device may be slowing down because it is working harder to support the downloaded virus. Alternatively, unfamiliar apps might be taking up storage space and running background tasks, causing your phone to run slower.
Are you finding credit card transactions in your banking statements that you don’t recognize? It could be an unfamiliar app or malware making purchases through your account without your knowledge.
A sudden rise in your data usage or phone bill can be suspicious. A virus might be running background processes or using your internet connection to transfer data out of your device for malicious purposes.
An unusually quick battery drain may also cause concern. Your phone will be trying to meet the energy requirements of the virus, so this problem is likely to persist for as long as the virus is on the device.
You may have an inkling that a virus resides in your phone, but the only way to be sure is to check. An easy way to do this is by downloading a trustworthy antivirus app that will prevent suspicious apps from attaching themselves to your phone and secures any public connections you might be using.
Another way to check your phone is to follow these step-by-step processes, depending on the type of phone you use:
Once you have determined that a virus is present on your iPhone or Android device, there are several things you can do.
Caring for your phone is a vital practice to protect your information. Follow these tips to stay safe online and help reduce the risk of your phone getting a virus.
You have come to heavily rely on your smartphones for many online activities and storage of much of your personal data, including contacts, account details, and bank account logins. This puts your devices at high risk of being infected by viruses that impact not just your phone’s performance but also of being compromised by cybercriminals.
To help you protect your device and personal information, the award-winning McAfee Mobile Security solution regularly scans for threats transmitted through suspicious links in text messages, emails or downloads, and blocks them in real time. McAfee Mobile Security is a reputable security application that filters risky emails and phishing attempts so your inbox stays secure, while providing a secure virtual private network. It is also capable of spotting deepfake videos so you can stay ahead of misinformation. With McAfee, you can rest easy knowing your mobile phone is protected from the latest cyberthreats.
The post 7 Signs Your Phone Has a Virus and What You Can Do appeared first on McAfee Blog.
The modern family juggling act has never been more complex—or more dangerous. If you’re caring for aging parents while raising children, you’re part of what researchers call the “Sandwich Generation.” According to Pew Research, nearly half (47%) of adults in their 40s and 50s find themselves wedged between these dual responsibilities. But in today’s digital landscape, this demographic faces a uniquely modern threat: becoming the primary target of an unprecedented scam epidemic.
As a cybersecurity professional who has witnessed the evolution of online threats over two decades, I can tell you that today’s scam landscape is unlike anything we’ve seen before. The stakes are higher, the tactics more sophisticated, and the Sandwich Generation is squarely in the crosshairs.
McAfee’s recent State of the Scamiverse report paints a troubling picture of digital life in the UK. The statistics are staggering: 60% of Brits report either falling victim to an online scam or knowing someone who has. When these attacks succeed, the financial impact is severe—victims lose an average of £936, with some reporting devastating losses exceeding £7,980.
Perhaps most alarming is the speed at which these crimes unfold. A shocking 68% of victims said it took less than an hour to be defrauded, with 48% reporting that fraud occurred within just 30 minutes of engaging with a scammer. This isn’t the slow-burn con artistry of yesteryear—this is lightning-fast digital predation.
The financial losses, while significant, represent only part of the damage. The psychological impact cuts deeper than many realize. Our research shows that 32% of Brits who fell for online scams experienced moderate to significant distress, including anxiety, depression, and damaged self-esteem. For the Sandwich Generation, already stretched thin emotionally and financially, this psychological burden can be overwhelming.
Consider the compounding effects: 80% of scam victims reported that the experience impacted their self-esteem and ability to trust others. When you’re responsible for protecting not just yourself but also tech-savvy teenagers and digitally-vulnerable parents, this erosion of confidence can have far-reaching consequences for your entire family’s digital safety.
From a cybercriminal’s perspective, the Sandwich Generation represents the perfect storm of vulnerability. Here’s why you’re in their crosshairs:
Overwhelm and Distraction: Scam tactics are most effective when targets are tired, rushed, or mentally overloaded. The constant juggling act of work, children’s needs, and aging parents’ care creates exactly these conditions.
Multiple Attack Vectors: You’re not just protecting yourself—you’re managing the digital lives of three generations. Children who overshare on social media and parents who may trust too readily both create entry points for scammers.
The “Family Tech Lead” Burden: In most households, one person becomes the de facto IT support for everyone. If that’s you, you’re essentially protecting three generations of users with the cybersecurity knowledge and tools designed for one.
Time Poverty: When you’re constantly switching between helping with homework, managing medical appointments, and handling your own responsibilities, the careful scrutiny required to spot sophisticated scams becomes nearly impossible.
The repeat victimization rate is particularly concerning. Once scammers identify a successful target, they often share that information within criminal networks, leading to sustained harassment and repeated attempts.
Protecting Your Children (The Digital Natives)
Despite their technological fluency, young people face unique vulnerabilities:
Social Media Saturation: 28% of 18-24-year-olds receive scam messages via social media platforms. The integration of these platforms into daily life makes detection more challenging.
Gaming Community Exploitation: Scammers infiltrate gaming communities with fake giveaways, cryptocurrency cons, and phishing attempts disguised as game-related communications.
Celebrity Deepfake Scams: AI-generated celebrity endorsements for cryptocurrency schemes or investment opportunities are becoming increasingly sophisticated and harder to detect.
Overconfidence Bias: Young people often believe their digital nativity makes them immune to scams, leading to less cautious behavior online.
Protecting Your Parents (The Trusting Generation)
Older adults face different but equally serious threats:
Email-Based Attacks: 67% of over-55s encounter scams primarily through email, a medium they often trust more than social media.
Authority Impersonation: Tech support scams, fake government communications, and bank impersonation attempts exploit older adults’ respect for authority and institutions.
Voice Cloning Threats: 21% of Brits have encountered AI voice scams impersonating loved ones—a particularly dangerous development for older users who may be more trusting of familiar voices.
Isolation Exploitation: Scammers often target older adults during periods of loneliness or health concerns, when they’re more likely to engage with unexpected communications.
Mobile Device Security
Mobile scams have reached epidemic proportions in the UK, with 35% of Brits falling victim to SMS or call-based scams in the past year. The most common mobile threats include:
Package Delivery Scams (33%): “Your parcel couldn’t be delivered” texts that lead to fake websites designed to steal personal information or payment details.
Subscription Renewal Cons (23%): Messages claiming services like Netflix require payment information updates, leading to credential theft or unauthorized charges.
Social Engineering Openers (16%): Simple “Hey, how are you?” messages that gradually build trust before introducing investment or romance scams.
Computer and Email Security
Email remains the primary attack vector, with 32% of Brits falling victim to phishing attempts last year. The sophistication of these attacks has increased dramatically—while 78% of people believe they can spot scams, today’s emails often perfectly mimic legitimate communications.
Artificial intelligence has revolutionized scamming, with 21% of Brits encountering AI-generated scams. The challenge is significant: 53% of people admit that deepfakes are difficult to spot, and the technology improves daily.
Just as you have a fire escape plan, your family needs a comprehensive fraud response strategy. This should include:
Technology alone cannot solve this crisis. The most effective defense combines good security tools with open family communication and ongoing education. Regular conversations about online safety should be as normal as discussions about physical safety.
For Children: Focus on critical thinking skills rather than fear-based messaging. Teach them to question unexpected opportunities and verify information through multiple sources.
For Parents: Emphasize that asking for help with suspicious communications is a sign of wisdom, not weakness. Create an environment where they feel comfortable seeking guidance.
For Everyone: Establish family rules about financial communications—for example, agreeing that no family member will ever ask for money or personal information via text or email without prior verbal confirmation.
The scam landscape evolves constantly, driven by technological advancement and criminal innovation. As someone who has tracked these trends for two decades, I can tell you that the only constant is change. What worked last year may be ineffective today, and tomorrow will bring new challenges.
The key is building adaptable defenses: security awareness that can evolve with threats, technology solutions that update automatically, and family communication patterns that encourage ongoing vigilance without creating paranoia.
The Sandwich Generation faces unique challenges in today’s digital world, but you’re not powerless. By understanding the threat landscape, implementing appropriate security measures, and fostering open communication about online safety, you can protect your family’s financial security and emotional well-being.
Remember that in the UK today, encountering scam attempts isn’t rare—it’s daily. The goal isn’t to avoid all contact with potential threats but to recognize them quickly and respond appropriately. With the right preparation and tools, you can maintain your family’s digital confidence while staying one step ahead of the scammers.
Your role as the family’s digital guardian is challenging, but it’s also crucial. You’re not just protecting money—you’re protecting your family’s trust, confidence, and peace of mind in an increasingly connected world.
Stay vigilant, stay informed, and remember: when in doubt, pause, check, and verify. Your family’s digital safety depends on it.
The post How the Sandwich Generation Can Fight Back Against Scams appeared first on McAfee Blog.
Ah, summer. The season of sun-soaked beaches, bucket list adventures, and Instagram-worthy Aperol Spritzes. For many, it’s also a time of new connections—whether it’s a whirlwind vacation romance, a flirtatious chat over sangria, or that handsome stranger who slides into your DMs while you’re posting travel pics.
But while your heart may be on holiday, romance scammers are very much on the job.
Every summer, there’s a spike in cybercrime that preys on people’s heightened emotions, loneliness, and lowered guard while traveling. Romance scams aren’t just the stuff of Netflix documentaries or embarrassing Reddit threads—they’re a multi-billion dollar business. In fact, in the U.S. alone, consumers reported losing $1.3 billion to romance scams in 2023, according to the FTC. And those are just the ones who reported it.
Whether you’re vacationing in Ibiza or just swiping Tinder in Tuscany, here’s what you need to know to keep your love life and your bank account scam-free this summer.
Let’s break down the perfect storm:
Scammers love this combo. It gives them everything they need to make you feel special, disarmed, and emotionally invested—before making their move.
And don’t think these scams are limited to dating apps. They happen on Facebook, Instagram, TikTok, WhatsApp, Airbnb experiences, and yes, even LinkedIn. Love (and deception) finds a way.
No matter where you are in the world, these red flags are global. If your new summer fling is showing any of these signs, take a step back before you step deeper in:
They move too fast.
They say they love you after two days. They want to video call all the time. They talk about marriage before you’ve even exchanged last names. Classic sign of love bombing.
They avoid meeting in person or always have a reason to cancel.
Even if you’re in the same city, they’ll say they’re stuck at customs, quarantining, or detained by border patrol (yes, really). This isn’t just shady—it’s scripted.
They need money—urgently.
Hospital bill. Stolen passport. Emergency flight. Sick relative. Whatever it is, it’s always an emergency and always comes with a request for money, gift cards, or cryptocurrency.
They ask you to keep the relationship private.
“Let’s keep this just between us.” Translation? “Please don’t tell your smarter friends who would spot me a mile away.”
They want to take the chat off-platform.
If someone you met on a dating app pushes you onto WhatsApp, Telegram, or a private email chain quickly, it’s a red flag.
Summer brings out some unique variations on the classic romance scam, here are a number of the common types of travel romance scams.
The “Travel Buddy” Scam
You meet someone on a travel app or forum who wants to join your trip. They seem cool—until they ghost you after you book everything in their name. Or worse, they show up and mooch off you the entire time.
The “Local Lover” Scam
A charming local sweeps you off your feet. They say they want to visit you in your home country, but need help with a visa fee, plane ticket, or travel insurance.
The “Digital Dater” Abroad
You’re on vacation and your dating app blows up with matches. Coincidence? Hardly. Scammers geo-fence popular tourist zones because they know travelers are emotionally available and often disconnected from their usual guardrails.
The “Crypto Casanova”
You match with someone on a dating app who subtly mentions they’ve made loads of money on crypto. Soon, they offer to help you invest. Spoiler alert: the platform they send you to is fake. Your money is gone, and so are they.
You don’t have to be a digital hermit on your holiday. But you do need a bit of cyber street smarts. Here’s how to travel (and flirt) safely:
No sharing your hotel, flight info, or travel itinerary with someone you just met online. And definitely don’t post your boarding pass or hotel room number on socials.
Not for flights, food, phone credit, visas, crypto, or “emergencies.” If someone asks for money, it’s a scam. Every. Single. Time.
If someone seems too good to be true, screenshot their profile pics and run a reverse image search. If they’re stolen from a model or influencer, you’ll know quickly.
Stick with apps that offer verified profiles, video chat, and in-app messaging. The more friction between you and scammers, the better.
If something feels off, it probably is. Don’t let the vacation buzz cloud your common sense.
If someone claims to be in Paris but always replies at 3 a.m. Paris time? Red flag.
A few too many cocktails and you’re more likely to miss signs of manipulation or send info you shouldn’t. Scammers love an intoxicated target.
Let someone back home know who you’re talking to. Share screenshots if necessary. Having a second pair of eyes can save you.
Don’t send sensitive messages, share banking info, or access dating apps over public Wi-Fi. Use a VPN like McAfee Secure VPN if you must connect while on the go.
Romantic attention can feel flattering—especially if you’re traveling solo. But don’t confuse flattery with trust. If someone’s pushing boundaries, bail.
If your gut’s screaming “scam,” don’t ignore it. Cut contact immediately. Don’t argue, don’t explain. Just block and move on.
Report them to the platform.
Whether it’s a dating app or social media site, reporting helps stop them from targeting others.
Tell your bank if you sent money.
They may be able to freeze a transaction or help with fraud recovery.
Talk to someone.
Shame is what scammers count on. Speak up. You are not alone, and you are not stupid.
Look, summer romance can be amazing. I’m not here to kill the vibe. But don’t confuse intensity for intimacy, especially when someone is operating behind a screen. If you’re lucky, your summer fling ends with a postcard and a good story. If you’re not careful, it could end with an empty bank account, a broken heart, and a bruised ego.
Be bold. Be open. But above all be smart. McAfee’s Scam Detector, can help in the fight against scammers. Our scam detector catches suspicious text messages so you can reply with confidence. We’ll filter out risky emails and phishing attempts so your inbox stays secure. With our leading, cutting-edge protection, we’ll spots deepfake videos so you can stay ahead of misinformation. Love doesn’t need to be transactional. And real connections don’t pressure, isolate, or guilt-trip. This summer, protect your heart like your passport: with care, vigilance, and just the right amount of suspicion.
The post Love, Lies, and Long Flights: How to Avoid Romance Scams While Traveling This Summer appeared first on McAfee Blog.
Summer vacation season is upon us, and millions of families are booking accommodations for their dream getaways. But with the surge in travel bookings comes an unfortunate reality: accommodation scams are on the rise, and they’re becoming increasingly sophisticated. As a cybersecurity professional, I’ve seen how devastating these scams can be—not just financially, but emotionally, when your family vacation turns into a nightmare.
The good news? With the right knowledge and proactive measures, you can protect yourself and your family from these predators. Even better, if you do fall victim to a scam, there are specific steps you can take to minimize the damage and potentially recover your losses.
Travel accommodation fraud has skyrocketed in recent years. Scammers have become expert at creating convincing fake listings on legitimate platforms like Airbnb, Booking.com, and even creating entirely fraudulent websites that mimic well-known hotel chains. They steal photos from real properties, craft compelling descriptions, and even create fake reviews to lure unsuspecting travelers.
What makes these scams particularly insidious is the emotional investment. You’re planning a special family vacation, perhaps saving for months, and the excitement of finding what seems like the “perfect” place clouds your judgment. Scammers exploit this vulnerability ruthlessly.
I can tell you that prevention is always your best defense. Here are the warning signs that should make you pause before clicking “book now”:
If you’ve fallen victim to an accommodation scam, time is critical. Here’s what you need to do immediately:
One of the most effective ways to protect your family from travel scams and other online threats is to implement comprehensive digital protection. Solutions like McAfee’s family protection plans offer multiple layers of security that work together to keep scammers at bay.
Modern family protection services provide several key features that directly combat travel scams:
Real-Time Scam Protection: Advanced scam detection technology automatically identifies and blocks fraudulent websites, phishing emails, and suspicious links before you interact with them. This means if you accidentally click on a fake booking site, the protection software will warn you before you enter any personal information.
Secure VPN for Travel Research: When researching accommodations on public Wi-Fi networks (like those in airports or coffee shops), a VPN encrypts your connection, preventing scammers from intercepting your personal information or redirecting you to fake websites.
Financial Transaction Monitoring: Comprehensive protection plans monitor your bank accounts and credit cards for unusual activity (US only), sending immediate alerts if suspicious transactions occur. This early warning system can help you catch fraudulent charges within hours rather than weeks.
Identity Monitoring and Dark Web Surveillance: These services continuously scan the dark web and other sources where stolen personal information is traded, alerting you if your data appears in places it shouldn’t. This is particularly valuable since accommodation scammers often sell stolen personal information to other criminals.
Personal Data Cleanup: Many protection services help identify and remove your personal information from data broker sites that scammers often use to research potential victims and make their approaches more convincing.
For families, comprehensive protection plans typically cover up to six family members, providing each person with their own monitoring and protection while giving parents oversight of their children’s online activities. With identity theft coverage up to $2 million per family and 24/7 restoration assistance, these services provide both prevention and recovery support.
Twenty years in cybersecurity has taught me that the cost of prevention is always less than the cost of recovery. Whether it’s taking time to properly research accommodations, investing in comprehensive family protection software, or educating your family about scam tactics, these upfront investments pay dividends in peace of mind and financial security.
Travel scams prey on our excitement and trust during what should be joyful family times. By staying vigilant, using proper protection tools, and knowing how to respond quickly if something goes wrong, you can ensure your family’s summer vacation memories are made for all the right reasons.
Remember: legitimate accommodation providers want to build trust and will readily provide verification. If anyone pressures you to skip verification steps or pay through unusual methods, walk away. Your family’s safety and financial security are worth more than any “deal” that seems too good to be true.
Safe travels, and remember—the best vacation is one where the only surprises are pleasant ones.
The post What to Do If You Book a Hotel or Airbnb and It Turns Out to Be a Scam appeared first on McAfee Blog.
In a significant security incident, Coinbase, a leading cryptocurrency trading platform, recently disclosed a data breach impacting nearly 70,000 users. This breach, attributed to “insider wrongdoing,” exposed sensitive personal information. This post details how the breach occurred, what data was compromised, and, most importantly, provides crucial steps you can take to protect yourself from potential follow-on attacks and identity theft.
This comprehensive guide will delve into the specifics of this breach: how the “insider wrongdoing” facilitated the attack, precisely what information was exposed, and the immediate, actionable steps you can take to safeguard your digital assets and personal identity in the wake of this incident.
According to a filing with the Office of the Maine Attorney General, which mandates public disclosure for such incidents, a total of 69,461 individuals were affected by this breach. The incident itself occurred on December 26, 2024, though the first signs of the compromise were only detected on May 11, 2025. This timeline is not uncommon for data breaches, as it can often take months for criminal activity to be fully uncovered.
Coinbase’s official statement details the progression of the breach:
Criminals targeted our customer support agents overseas. They used cash offers to convince a small group of insiders to copy data in our customer support tools for less than 1% of Coinbase monthly transacting users. Their aim was to gather a customer list they could contact while pretending to be Coinbase—tricking people into handing over their crypto. They then tried to extort Coinbase for $20 million to cover this up.
In a firm stance against such criminal activity, Coinbase has publicly refused to pay the ransom. Instead, the company has established a substantial $20 million reward fund, offering it for information that leads to the arrest and conviction of the attackers responsible.
The attackers gained access to a range of sensitive user data. According to Coinbase, the compromised information includes:
• Personal Identifiers: Names, physical addresses, phone numbers, and email addresses.
• Financial Data (Masked): Masked Social Security numbers (last 4 digits only) and masked bank account numbers, along with some bank account identifiers.
• Identity Documents: Images of government-issued IDs (e.g., driver’s licenses, passports).
• Account Activity: Snapshots of account balances and transaction history.
• Limited Corporate Data: Documents, training materials, and communications accessible to support agents.
Crucially, Coinbase has confirmed that the attackers did not gain access to the following critical elements:
• Login credentials or two-factor authentication (2FA) codes.
• Private keys associated with user wallets.
• Any direct ability to move or access customer funds.
• Access to “Coinbase Prime” accounts.
• Access to any Coinbase or Coinbase customer hot or cold wallets.
To summarize the company’s own words, they’re “protecting their customers and standing up to extortionists” by taking several steps. Highlights of their response include:
• Affected Account Holder Notifications: Email notifications were dispatched to all affected account holders on May 15, 2025. Furthermore, “flagged accounts now require additional ID checks on large withdrawals and include mandatory scam-awareness prompts.”
• Enhanced Defenses: The company is significantly increasing its investment in insider-threat detection and automated response systems. They are also “simulating similar security threats to find failure points in any internal system.”
• Securing Support Operations: Coinbase plans to open a new support hub within the U.S. and implement “stronger security controls and monitoring across all locations.”
Additionally, Coinbase is actively collaborating with law enforcement agencies and intends to pursue criminal charges against the insiders involved, who were reportedly terminated immediately upon discovery of their involvement.
For one, the people holding the stolen data apparently attempted to extort the company—a ransom that the company says it will not pay, as covered above. With that, there’s the possibility the people involved might turn to other buyers or release the info on the dark web, whether for sale or for free.
As with any breach, expect follow-on scams in the wake of this breach, as a potential wave of scammers might pose as Coinbase employees. Some might use the stolen info to make the scam sound more credible, some might not. Regardless, this attack calls for extra vigilance on the part of Coinbase users and crypto holders in general.
Coinbase offered specific guidance for its users, which we’ll add to—all so Coinbase users and crypto traders in general can stay safer.
Coinbase suggests:
• Turn on withdrawal allow listing —Only permit transfers to wallets that you are confident you fully control and where the seed phrase is secure and was not provided to you or shared with anyone.
• Enable strong two-factor authentication —Hardware keys are best.
• Hang up on imposters —Coinbase will never ask for your password, 2FA codes, or to move funds to a “safe” wallet.
• Lock first, ask later —If something feels off, lock your account in-app and email security@coinbase.com.
Beyond Coinbase’s advice, McAfee offers robust solutions to further protect yourself:
Protect yourself from scammers
• McAfee Scam Detector: Our advanced Scam Detector technology is designed to identify and block scams across text messages, emails, and videos. This is particularly crucial after a breach, as scammers might send bogus “account alerts” with links to phishing sites. Scam Detector automatically detects these threats and blocks risky links, even if you accidentally click them.
• Reduce Your Digital Footprint: Limit the amount of personal information available to scammers. The more details they have about you, the more credible their phishing attempts can appear.
• McAfee Personal Data Cleanup: Many scammers gather information from data broker sites. Our Personal Data Cleanup service scans the riskiest data broker sites, identifies where your personal information is being sold, and, depending on your McAfee+ plan, can help you remove it.
• McAfee Social Privacy Manager: Social media platforms are notorious for being a source of personal information for scammers. McAfee Social Privacy Manager allows you to adjust over 100 privacy settings across your social media accounts in just a few clicks, significantly enhancing your online privacy.
These features are all included in our comprehensive McAfee+ plans.
Follow-on attacks after data breaches often involve identity theft. With pieces of personal info that they can puzzle together, thieves then try to open new accounts, lines of credit, and so forth in someone else’s name. Protection like the following, also included in our McAfee+ plans, can keep you safer.
Transaction Monitoring and Credit Monitoring help you spot any questionable financial activity quickly. Meanwhile, Security Freeze can prevent unauthorized access to existing credit card, bank, and utility accounts or from new ones being opened in your name.
And if identity theft unfortunately happens to you, up to $2 million in ID theft coverage & restoration can help you recover quickly.
Additionally, Identity Monitoring scans the dark web for your personal info, including email, government IDs, credit card and bank account numbers, and more. It helps keep your personal info safe, with early alerts if your data is found on the dark web, an average of 10 months ahead of similar services.
The Coinbase data breach serves as a stark reminder of the persistent threats in the digital world. While Coinbase is taking steps to address the breach, proactive personal security measures are paramount. By implementing the recommendations from both Coinbase and McAfee, you can significantly reduce your risk of falling victim to scams and identity theft. Stay vigilant, secure your accounts, and protect your digital life.
The post How to Protect Your Crypto After the Coinbase Breach appeared first on McAfee Blog.
At McAfee, we see the real faces behind the statistics. Our research shows, globally, people spend an average of 83 hours annually reviewing suspicious messages. We don’t just see numbers, we see the schoolteacher who was scammed out of Taylor Swift tickets, the new father who was duped by an IRS tax scam, and the life coach who was impacted by a SIM swap scam.
This is why we’re proud to announce that McAfee has joined the Global Anti-Scam Alliance (GASA) as a Foundation Member—because protecting people from scams isn’t just about technology. It’s about understanding the human cost of digital deception and working together to stop it.
Through our Scam Stories initiative and Keep It Real campaign, we’ve heard countless accounts from real people who’ve experienced the devastating impact of scams. Take Chris Carmack and Erin Slaver, who thought they were simply ordering custom patio cushions from what appeared to be a trustworthy small business. After paying through a special link, the cushions never arrived. Delays turned into excuses, messages went unanswered, and the seller’s account eventually disappeared along with their money.
What strikes us most about these stories isn’t just the financial loss—it’s the emotional aftermath. The embarrassment. The self-doubt. The way victims blame themselves for “falling for it,” when the reality is that today’s scams are sophisticated operations designed by professionals who exploit our trust and humanity.
We’re working to change that narrative. Being scammed isn’t a sign of weakness—it’s evidence of how advanced and manipulative these criminal enterprises have become. When we launched our Scam Stories campaign, we made a commitment: to end the stigma around being scammed and empower people to speak out, because silence is exactly what scammers count on.
The Global Anti-Scam Alliance represents something powerful: a coordinated, international response to a global threat. Nearly $1.026 trillion was lost by consumers worldwide last year in scams, with 78% of participants experiencing at least one scam in the last 12 months. These aren’t isolated incidents—they’re part of a sophisticated ecosystem that spans borders, platforms, and industries.
At McAfee, we bring unique strengths to this alliance:
Cutting-Edge Protection: Our AI-powered Scam Detector, now included in all core McAfee plans, automatically identifies scams across text, email, and video, including deepfake detection. We’re not just reacting to scams, we’re anticipating them.
Real-World Insight: Through our comprehensive scam research and our direct connection with victims through Scam Stories, we understand how scams actually impact people’s lives. This isn’t theoretical—it’s deeply personal.
Global Reach: We protect millions of users worldwide, giving us visibility into emerging scam trends across different regions and demographics. We’ve seen how scammers adapt their tactics and how victims respond.
Educational Mission: Beyond technology, we’re committed to raising awareness. Our partnership with FightCybercrime.org includes donating $50,000 in protection products to scam victims and the professionals who support them.
Online scams have evolved far beyond the obvious emails of the past. Today’s scammers use AI to create convincing deepfakes, exploit trusted brands, and craft personalized attacks that fool cybersecurity experts. A McAfee Labs study shows that for just $5 and in 10 minutes, the price of a latte, a scammer can create a realistic-looking deepfake video or AI voice scams.
“Last year alone, people lost more than $1 trillion to scams. That is not just a cybersecurity issue. It is a trust issue,” said Dan Huynh, Vice President of Business Development at McAfee and board member of the Global Anti-Scam Alliance (GASA). “We joined GASA because we believe collaboration amplifies impact. By uniting with others equally committed to stopping scams, we can drive greater change. It takes real coordination, shared insight, and urgency to protect people—and GASA is how we turn that commitment into action.”
This isn’t a problem that any one company, government, or organization can solve alone. It requires the kind of coordinated response that GASA represents, bringing together governments, consumer protection organizations, financial institutions, tech platforms, and cybersecurity leaders to share intelligence, shape policy, and deliver rapid, systemic action.
Joining GASA isn’t just about adding our name to a membership list. It’s about doubling down on our commitment to protect people, not just devices. In an always-online world. We’re bringing our advanced AI technology, our research insights, and our deep understanding of the human impact of scams to help build smarter, faster, more connected defenses.
We intend to work across borders and sectors to drive meaningful change. We intend to build tools that don’t just react but anticipate. And we intend to empower people with the clarity, context, and confidence they need to protect themselves in an increasingly complex digital world.
Most importantly, we’re committed to continuing our Scam Stories campaign, giving victims a voice, ending the shame that keeps people silent, and helping everyone understand that in today’s world, being scammed says nothing about your intelligence and everything about how sophisticated these criminal operations have become.
At McAfee, we’ve always believed that everyone should be able to live their lives online with confidence. By joining GASA, we’re taking that mission global—because when it comes to stopping scams, we’re all stronger together.
Learn more about McAfee’s scam protection at McAfee.com and share your story to help others stay safe at our Scam Stories page. Together, we can keep it real and keep each other safe.
The post Standing Together Against Scams: McAfee Joins the Global Anti-Scam Alliance appeared first on McAfee Blog.
German sportswear giant Adidas has confirmed a significant cybersecurity incident that compromised customer personal information through an attack on their customer service operations. The breach primarily exposed contact details of consumers who had previously interacted with Adidas’s help desk support system, though the company has assured customers that sensitive financial data including passwords, credit card numbers, and other payment information remained secure. While acknowledging the severity of the situation, Adidas emphasized their unwavering commitment to consumer privacy and security, expressing sincere regret for any anxiety or disruption the incident may have caused their customer base.
On May 27, 2025, German sportswear giant Adidas disclosed a significant data breach affecting their customer base. The breach didn’t originate from Adidas directly, but rather through a compromised third-party customer service provider—a scenario that’s becoming increasingly common in our interconnected business ecosystem.
According to Adidas’s official statement, an “unauthorized external party obtained certain consumer data through a third-party customer service provider.” The company immediately launched containment measures and began collaborating with leading information security experts to investigate the incident.
Fortunately, the stolen information reportedly did not include payment-related data or customer passwords. However, the attackers did gain access to customer contact information, which can still pose significant risks for affected individuals.
This breach highlights a critical vulnerability in modern business operations: supply chain security. Companies today rely on numerous third-party vendors for various services, from customer support to data processing. Each vendor represents a potential entry point for cybercriminals.
What makes these incidents particularly concerning is the trust relationship involved. When you provide information to Adidas, you’re not just trusting Adidas with your data. You’re implicitly trusting every company they work with. This creates an expanded attack surface that consumers often don’t consider.
From our experience investigating similar incidents, third-party breaches often go undetected longer than direct attacks because monitoring and security controls may be less stringent at vendor locations. This extended dwell time gives attackers more opportunities to exfiltrate data and potentially pivot to other systems.
While Adidas stated that payment information wasn’t compromised, the exposure of contact information creates several risks that consumers should understand:
Identity Theft Foundation Building: Contact information serves as a building block for identity theft. Criminals often combine data from multiple breaches to create comprehensive victim profiles.
Targeted Phishing Campaigns: With your name, email, and potentially phone number, scammers can craft highly convincing phishing messages that appear to come from Adidas or related services.
Social Engineering Attacks: Armed with your shopping preferences and contact details, attackers can impersonate customer service representatives to trick you into revealing additional sensitive information.
Secondary Account Compromise: If you use the same email for multiple accounts, this breach could be the first domino in a chain of compromises.
Here’s your immediate action plan:
1. Assume You’re Affected
Even if you haven’t received notification from Adidas yet, assume your information may have been compromised if you’ve been an Adidas customer. Companies often take weeks to identify all affected individuals.
2. Change Your Passwords Immediately
Start with your Adidas account, then move to any accounts that share the same password. Use strong, unique passwords for each account. This is non-negotiable. In 2025, password reuse is one of the fastest ways to turn a single breach into multiple compromised accounts.
3. Enable Two-Factor Authentication Everywhere
If you haven’t already, enable two-factor authentication (2FA) on all accounts that support it, starting with email, banking, and shopping accounts. This adds a crucial second layer of security.
4. Monitor Your Financial Accounts
Check bank statements, credit card bills, and investment accounts for any unusual activity. Set up account alerts if you haven’t already—many financial institutions offer real-time transaction notifications.
5. Review Your Credit Reports
You’re entitled to free credit reports from all three major bureaus annually. Consider spacing them out throughout the year for ongoing monitoring, or use a service that provides more frequent updates.
Implement a Defense-in-Depth Approach
No single security measure is perfect. Layer your defenses by combining strong passwords, 2FA, regular monitoring, and comprehensive security software.
Consider Credit Freezing
A security freeze prevents criminals from opening new accounts in your name. It’s free, reversible, and one of the most effective identity theft prevention tools available.
Stay Informed About Breach Trends
Bookmark the McAfee Blog and other and breach notification services. The faster you know about incidents affecting services you use, the quicker you can respond.
How McAfee+ Can Help Protect You
McAfee+ offers several features specifically designed to help individuals navigate the aftermath of data breaches:
Dark Web Monitoring
McAfee’s service monitors the dark web for your personal info, including email, government IDs, credit card and bank account info, and more. This can help keep your personal info safe with early alerts that show you if your data is found on the dark web, an average of 10 months ahead of similar services.
This is crucial because stolen data from breaches like Adidas often ends up for sale on dark web marketplaces. Early detection can help you take protective action before criminals have a chance to use your information.
Personal Data Cleanup
McAfee’s personal data cleanup service can scan some of the riskiest data broker sites and show you which ones are selling your personal info. It also provides guidance on how you can remove your data from those sites and, with select products, even manage the removal for you.
Data brokers collect and sell personal information to anyone willing to pay, including scammers and identity thieves. Reducing your exposure through these services limits the information available to criminals who might try to combine it with data from the Adidas breach.
Identity Monitoring and Restoration
McAfee’s Advanced plan provides identity monitoring, data removal, identity restoration, and identity theft insurance. Their monitoring covers up to 60 unique types of personal information and includes up to $2 million in identity theft coverage with professional recovery specialists.
AI-Powered Scam Protection
McAfee’s scam detector will alert you to suspicious text messages and emails that you receive. This is particularly valuable in the aftermath of a breach when criminals often launch targeted phishing campaigns using stolen contact information.
Comprehensive Financial Monitoring
Financial protection Services include transaction monitoring; financial account and payday loan monitoring; bank account takeover monitoring; safe cards. This helps detect unauthorized use of your financial accounts, which could occur if criminals combine information from multiple breaches.
The Adidas breach won’t be the last of its kind. As our digital ecosystem becomes more interconnected, these incidents will likely become more frequent. The key is building personal and organizational resilience through proactive security measures rather than reactive responses.
For consumers, this means adopting a security-first mindset in all digital interactions. Assume breaches will happen, prepare accordingly, and maintain tools and services that can help you detect and respond to threats quickly.
Act quickly: Don’t wait for official notification from Adidas. If you’re a customer, take protective action now.
Invest in comprehensive protection: Services like McAfee+ provide multiple layers of protection that work together to address different aspects of the post-breach threat landscape.
Stay vigilant: Monitor your accounts regularly and be skeptical of unsolicited communications, especially those claiming to be from Adidas or related to this incident.
Learn and adapt: Use this incident as motivation to improve your overall cybersecurity posture. Review your digital habits and make necessary improvements.
Remember, in cybersecurity, there’s no such thing as perfect protection—only degrees of risk reduction. The goal is to make yourself a harder target while maintaining the tools and knowledge necessary to respond quickly when incidents occur.
The Adidas breach serves as another reminder that in our interconnected world, your security is only as strong as the weakest link in the chain. By taking proactive steps and leveraging comprehensive protection services, you can significantly reduce your risk and impact from these increasingly common incidents.
The post Adidas Data Breach: What Consumers Need to Know and How to Protect Yourself appeared first on McAfee Blog.
Was that spinning head a mistake—or the whole point?
When McAfee dropped a new digital ad showing a woman lounging on a beach, only to have her head rotate a full 360 degrees, the internet lit up. Some viewers thought it was a post-production error. Others assumed it was a weird deepfake gone wrong. And while a few sharp-eyed commentators caught the joke right away, most were left wondering: was this brilliant marketing or a complete fail?
Spoiler: it was on purpose.
You may have seen the ad—the calm beach scene, the casual vibe, and then, the fully rotating head. Reactions ranged from confused to amused, with a handful of keen observers nodding in understanding.
We didn’t mess up.
With the help of our creative agency VSA, we developed a series of digital ads using generative AI to blur the line between real and surreal. The goal? To make a bigger point: AI is now capable of mimicking reality in subtle, clever ways that are increasingly hard to detect. That’s exactly why tools like McAfee’s Scam Detector matter more than ever.
“While the ads are clearly AI, the implication is that AI isn’t always so easy to spot,” said Anne-Marie Rosser, CEO of VSA. “It’s funny, and it creates empathy for the user since we’re all susceptible.”
And don’t worry—we didn’t hand everything over to the machines. McAfee and VSA’s full creative and design teams were instrumental in shaping every detail, from concept to execution. The AI was a tool. The vision came from real people.
These creative choices reflect our philosophy at McAfee: take cybersecurity seriously, but don’t always take yourself too seriously. Humor has the power to break through fear and shame—and ultimately, help people protect themselves better.
Alongside these eye-catching ads, we’re launching Scam Stories, a social campaign built around real voices. From concert ticket scams to spoofed customer service texts, people across the country are sharing their experiences using #KeepItReal and #MyScamStory—and we’re listening.
Some of those individuals, like actor Chris Carmack (of Grey’s Anatomy and The O.C.), have joined our campaign to share their own moments of being duped. Others, like cyber student Henry or life coach Cory, are helping us educate others by turning personal pain into public empowerment.
This campaign isn’t just about awareness—it’s about action. That’s why we’ve partnered with FightCybercrime.org, a nonprofit that helps people recognize, report, and recover from scams. We’re donating $50,000 worth of McAfee protection to people in FightCybercrime programs and to the volunteers who support them.
We’re also teaming up to expand education efforts through our Online Safety for Kids initiative—because building a safer internet starts early.
Scammers rely on silence, shame, and speed. But when we slow down, speak up, and share our stories, we take away their power.
The Keep It Real campaign is more than just a product launch. It’s a movement to stop the stigma around scams, help people protect their peace of mind, and remind you: if it can happen to Chris Carmack, it can happen to anyone.
So what’s your scam story? We’re listening.
The post Keep It Real: How McAfee Is Using AI to Fight AI—and End Scam Stigma appeared first on McAfee Blog.
When Grey’s Anatomy actor Chris Carmack and musician Erin Slaver tried to order custom patio cushions from what seemed like a trustworthy small business, they thought they were making a simple home upgrade.
But after clicking and paying through a special link, the cushions never arrived. Delays turned into excuses, messages went unanswered, and the seller’s account eventually disappeared—along with their money.
It was a scam. And like so many others, they were left frustrated, embarrassed, and unsure of what to do next.
Now, Chris and Erin are sharing their story—not just to warn others, but to help launch Scam Stories, a McAfee-led movement to end the stigma around being scammed, remind people that it can happen to anyone, and help keep everyone safer online.
Scammers win when we stay silent. At McAfee, we believe speaking out about your experience is a brave way to support your community and help others stay safe from scams.
Built-in partnership with FightCybercrime.org, the Scam Stories movement invites people to share their scam experiences, end the stigma around being scammed, and build a more informed, supportive community.
And Chris and Erin aren’t the only ones speaking up. Our campaign features stories from everyday people who’ve been scammed—and are now helping others by sharing what happened.
These scams happened fast—and could happen to anyone. Each one involved tactics that McAfee Scam Detector is designed to catch:
These stories are powerful reminders that scam prevention starts with awareness. And when people share what happened, it helps others recognize red flags and feel less alone.
FightCybercrime.org is a nonprofit dedicated to helping people recognize, report, and recover from cybercrime. Their tools, educational materials, and survivor support network make them an ideal partner in our mission.
Together with FightCybercrime.org, we’ll be expanding online safety education —and helping more people recover from scams with real support.
As part of our collaboration, McAfee is donating $50,000 worth of protection products to individuals going through FightCybercrime.org’s recovery programs and to the staff and volunteers who support them every day.
At McAfee, we believe that scam protection isn’t just about tools—it’s about empowering people with knowledge and support. And that starts by ending the stigma.
Scam Stories is here to change the narrative—from shame to strength. With help from public figures like Chris and Erin, and brave individuals across the country, we’re turning painful moments into teachable ones—and helping everyone stay safer online.
McAfee is collecting scam stories and encouraging people to share their experiences on social media using #MyScamStory and #KeepItReal.
Learn more and join the movement at www.mcafee.com/en-us/scam-stories.
No one should feel alone or ashamed after being scammed. And the more we talk about scams, the harder it is for scammers to succeed.
Scam Stories is here to change the narrative—from shame to strength.
The post Introducing Scam Stories: A McAfee Campaign to End Scam Stigma appeared first on McAfee Blog.
In today’s online world, scams are everywhere—and they’re harder to spot than ever. From sophisticated phishing texts and deepfake videos to emails that look just like messages from your bank or delivery provider, scammers are constantly evolving. And so are we.
Introducing McAfee’s Scam Detector: advanced scam detection technology built to spot and stop scams across text messages, emails, and videos. It’s included at no extra cost in all core McAfee plans for customers in the U.S., UK, and Australia—helping millions stay safer online without having to upgrade.
Scam messages are getting smarter and more frequent. McAfee Labs saw scam text volumes nearly quadruple between February and March 2025. Nearly half used cloaked links to disguise malicious intent. Scams mimicked toll charges, deliveries, payment services, and even messages from loved ones.
Scammers use urgency and fear to push people into quick decisions—and it’s working. That’s why Scam Detector was designed with AI-powered detection, educational guidance, and coverage that works across multiple platforms and devices.
McAfee’s Scam Detector flags ~1.5% of text messages analyzed as potential scams and ~1.8% of email messages analyzed as potential scams. The text scam detection model included in the initial release achieves greater than 99% accuracy.
1) Smarter text scam detection
2) AI-based scam analysis for email
3) Deepfake detection for video
4) On-demand Scam Check
5) Custom Sensitivity Settings
Choose the level of detection that works for you:
6) Safe Browsing Layer
Scam Detector uses on-device AI wherever possible. That means your messages and data aren’t sent to the cloud for analysis. And because scam protection is now included in all core McAfee plans, there’s no need for additional purchases.
Scam Detector is now included in all core plans:
Available for customers in the U.S., UK, and Australia, this new feature rolls out automatically in the McAfee app. No upgrade required.
McAfee’s Scam Detector is designed to help people stay safer by identifying scams, explaining why they were flagged, and giving users more confidence in their digital decisions.
In a time when scams are harder to detect than ever, it’s one more way McAfee is protecting people—not just devices.
Learn more at https://www.mcafee.com/en-us/scam-detector.
The post Introducing McAfee’s Scam Detector – Now Included in All Core Plans appeared first on McAfee Blog.
Cory considers himself pretty cautious. But like millions of people juggling packed schedules, one click on a hectic day proved costly.
The message looked legit. It said it was from his phone provider. It claimed someone was trying to access his account and urged him to verify via a link. He tapped. And just like that, his phone went dark.
“I was in the middle of a busy day and clicked without thinking. My phone stopped working almost immediately.”
What Cory didn’t know was that the message wasn’t from his real cell company—it was from a scammer. The link gave them everything they needed to hijack his phone number.
In minutes, someone walked into a brick-and-mortar phone store, bought a new device, and ported Cory’s number to it. That gave them access to two-factor authentication codes, texts, and more.
“Suddenly I couldn’t call, text, or access anything that used my phone number. It was terrifying.”
As a life coach, Cory communicates with clients constantly—often by text. The idea that someone could impersonate him wasn’t just inconvenient. It was threatening.
“I’m a life coach—I talk to clients all day. The thought that someone could impersonate me or access those conversations was awful.”
He had to print out directions just to get to a Verizon store and spent nearly six hours recovering his phone number. Though he reset passwords in time to avoid deeper harm, billing issues lingered for months.
“It was one click. That’s all it took. I’ll never forget how fast it happened.”
SIM swap scams—like the one Cory experienced—are rising. The scary part? They often start with a single click. That’s where McAfee’s Scam Detector can make all the difference.
If Cory had access to McAfee’s Scam Detector, here’s how it could have helped:
Cory’s story is a powerful reminder: even careful people can get caught. The right protection gives you time to pause—and tools to act.
To stay ahead of similar scams, here are four critical tips:
1. Never click links in texts from unknown numbers.
Even if it looks like it’s from your phone carrier. Always verify through official apps or websites.
2. Turn on multi-factor authentication using an app—not just SMS.
Scammers target phone numbers for a reason. Authenticator apps like Google Authenticator or Duo offer stronger security.
3. Use McAfee’s Scam Detector for real-time protection.
Whether it’s a text, email, or link, McAfee can spot scam language and risky behavior before you’re compromised.
4. Report suspicious texts and lock down your account.
Call your carrier immediately if your service cuts off suddenly or you see suspicious account changes.
Cory’s quick click could have ended much worse. But what matters most is what happened after. He acted fast. He reset passwords. And now, he speaks out to help others recognize the signs.
“Slow down. Trust your gut. It’s okay to pause and double-check—even when you’re in a hurry.”
Scammers count on your rush. Slowing down—and having the right tools—can make all the difference.
If you’ve experienced a scam, your story can help others avoid the same fate. You’re not alone.
Visit our Scam Stories hub to read more scam stories or share your own.
The post Cory’s Scam Story: A Fake Text Nearly Took His Identity appeared first on McAfee Blog.
Brittany C., a dedicated teacher, had been planning a special night for months. After saving up steadily, she landed four prized tickets to Taylor Swift’s Eras Tour for her and her closest friends.
But days before the show, she logged into her account—and the tickets were gone.
“I’d been saving for months. I was so excited—and then I logged in and the tickets were just… gone. It felt like someone reached through the screen and took that night away from me.”
Like many of us, Brittany had received plenty of “your data was part of a breach” emails over the years. But she never expected what happened next.
A few days before the tickets disappeared, she had clicked on what she now realizes was a suspicious link. “I clicked one weird link. Nothing happened at the time, so I didn’t think twice,” she said. But that link was the scammer’s way in.
Using her reused password and without two-factor authentication on her account, the attacker was able to log in and transfer the tickets out—all without Brittany’s knowledge.
The emotional toll hit fast. “The stress was overwhelming,” she says. “Friends had made travel plans, taken time off. I felt like I’d let everyone down.”
After a long back and forth with the online ticket sales platform, Brittany managed to recover the tickets. But the damage was done. The experience reshaped how she thinks about online safety.
“You can be careful and still get caught. I’m only human—and that’s exactly what scammers count on.”
Brittany’s experience is a textbook example of how a small slip can spiral into a high-stakes scam. McAfee’s Scam Detector is designed to catch those mistakes before they snowball.
If she had McAfee’s Scam Detector, here’s how it could have helped:
With Scam Detector watching her back, Brittany could have known that the link was dangerous before clicking—and avoided the gut-wrenching scramble to reclaim her tickets.
Here are four essential tips to help protect your digital accounts and event tickets:
1. Never reuse passwords.
Use a password manager to create strong, unique passwords for each account—especially ticketing and banking platforms.
2. Always turn on two-factor authentication.
It’s one of the easiest ways to block unauthorized logins—even if someone has your password.
3. Think before you click.
If a message or link seems off, don’t open it. Use McAfee’s Quick Check to scan suspicious links before interacting.
4. Use scam detection software for extra protection.
Tools like McAfee’s Scam Detector offer real-time alerts and background scanning to help prevent phishing, credential theft, and social engineering attacks.
Scams can happen to anyone—even people who do everything right. Brittany’s story is a reminder that vigilance matters, but so does visibility.
By telling your story, you’re helping others spot the signs of scams and take steps to protect themselves.
At McAfee, we believe there’s no shame in being scammed—only power in sharing.
Visit our scam stories hub to read more real scam stories or share your own to help end scam stigma.
The post Brittany’s Scam Story: Eras Tour Chaos appeared first on McAfee Blog.
Henry A. had been trying for weeks to score a ticket to see Tyler, the Creator in Dallas. Even without a confirmed seat, he headed to the venue hoping for a miracle. And that’s when the message came in—someone nearby claimed to have extra tickets.
The seller said he was just outside too. The price? Reasonable enough. The tone? Casual and confident. All Henry had to do was send half the money to hold the tickets.
Minutes later, he sent the full $280.
“I was already in line—excited, hopeful, and just trying to get in. That made me an easy target.”
At first, the offer felt legitimate. The seller even said his girlfriend was wary of strangers, which seemed believable. But after Henry sent the full amount, the conversation took a turn.
“He said his girlfriend didn’t trust me, then suddenly wanted full payment. Then it was someone else offering more. That’s when I knew.”
The seller began stalling. Then came a screenshot—another buyer offering a higher price. He pressured Henry to pay more. When Henry refused, the seller blocked him.
Just like that, the tickets were gone. So was the money. And Henry and his friend never made it into the show.
“I sent $280 and got blocked. We never made it inside.”
It wasn’t just the lost money—it was the emotional rollercoaster. The disappointment. The feeling of being tricked right at the door.
Scams like Henry’s are becoming more common—especially around live events. That’s why McAfee’s Scam Detector is built to flag shady behavior before it costs you.
If Henry had been using McAfee’s Scam Detector, here’s how it could’ve helped:
“If I’d had something flagging the account or even the language in the messages, it might’ve stopped me in time.”
Want to protect yourself from last-minute ticket scams? Follow these smart tips:
1. Don’t pay up front without protection.
Always use secure payment methods that offer fraud protection—never cash apps or peer-to-peer services for strangers.
2. Use scam detection tools before sending money.
Paste messages or links into McAfee’s Quick Check to analyze them for red flags.
3. Watch for changing terms or pressure tactics.
If someone shifts the deal mid-conversation, it’s a red flag. Real sellers don’t change the price last minute or ask for more money after payment.
4. Trust your instincts—and the tech.
Scammers rely on urgency and excitement. Having McAfee Scam Detector on your phone adds a digital gut check when your real one is clouded.
Henry is already spreading the word on social media, warning other fans about concert scams. Now we’re helping amplify his voice—because awareness is one of the most powerful forms of protection.
“I’m already trying to warn others on social media. Concert scams are real—and they’re getting more common.”
Have a scam story of your own? Don’t keep it to yourself. By sharing what happened, you can help someone else avoid the same fate.
Visit our scam stories hub to read more or share your experience. Together, we can end scam stigma and stop scammers in their tracks.
The post Henry’s Scam Story: The Social Media Con appeared first on McAfee Blog.
Bradley K. was a brand-new dad, sleep-deprived and juggling life with a newborn, when he received a phone call that would change everything. The caller claimed to be from the IRS and said Bradley owed back taxes. If he didn’t pay immediately, they warned, he could be arrested.
Unfortunately, it was a tax scam—and one that cost him $800 and left him shaken for months.
Like many Americans, Bradley had just filed his taxes. When the call came through, it seemed believable. The caller knew personal information, spoke with a local accent, and used aggressive tactics to demand fast action.
“I had just filed my taxes, so when they told me there was a problem, it didn’t seem completely far-fetched.”
Under pressure and running on little sleep, Bradley didn’t stop to verify. He didn’t call his dad—who also happened to be his accountant. Instead, he sent $800 and unknowingly gave scammers access to his bank account.
“I was running on barely any sleep with a newborn, and I wasn’t thinking as clearly as I normally would have.”
It wasn’t until days later that a friend told him the truth: the IRS never calls demanding immediate payment. By then, it was too late. The money was gone, and Bradley was left feeling embarrassed and anxious.
“Even now, almost a year later, I’m constantly on edge, making sure nothing else has been stolen.”
Bradley’s experience is exactly why we created McAfee’s Scam Detector—a smart, AI-powered tool that identifies scams across email, text, and even video.
If Bradley had received a scam follow-up message or email while using McAfee’s Scam Detector, the tool could have flagged it automatically—before he ever opened it. He could have also used the Quick Check feature to paste in the message or phone transcript and receive an instant scam analysis.
Key features that could have protected Bradley:
Best of all? McAfee’s Scam Detector is included at no extra cost with McAfee core plans.
Here’s how to avoid tax scams like the one that targeted Bradley:
1) Know the IRS will never call you to demand payment.
If someone says you owe money and threatens arrest, it’s a scam. The IRS contacts people by mail first.
2) Use McAfee’s Scam Detector for real-time protection.
Scan any suspicious email, text, or message using Quick Check before clicking or responding.
3) Always take a pause before acting.
Scammers rely on urgency. Take a breath, verify the claim independently, and talk to someone you trust.
4) Keep scam protection up to date.
Enable scam alerts across your devices to stay one step ahead. McAfee Scam Detector works across smartphones, laptops, and tablets.
Bradley’s story is just one of thousands. But too often, people stay silent out of shame or embarrassment. That silence helps scammers win.
At McAfee, we believe in highlighting real scam stories—not to scare people but to empower them. These aren’t victims. They’re survivors.
Have a story of your own? You’re not alone—and your experience could help someone else.
Visit our Scam Stories Hub to share your story and help stop scams in their tracks.
The post Bradley’s Scam Story: New Dad vs Fake IRS Call appeared first on McAfee Blog.
Welcome to the first edition of This Week in Scams, a new weekly series from McAfee breaking down the latest fraud trends, headlines, and real-time threats we’re detecting across the digital landscape.
This week, we’re spotlighting the FBI’s shocking new cybercrime report, the rise of AI-generated deepfakes, and a sophisticated Gmail impersonation scam flagged by Google. We’re also seeing a surge in location-specific toll scams and fake delivery alerts—a reminder that staying ahead of scammers starts with knowing how they operate.
Let’s dive in.
$16.6 Billion Lost to Online Scams in 2024
The FBI’s latest Internet Crime Report is here—and the numbers are staggering. Americans lost $16.6 billion to online scams last year, up from $12.5 billion in 2023. Older adults and crypto investors were hit especially hard, but the agency warns the real total is likely much higher, since many victims never report the crime.
Read more
AI-Powered Deepfake Scams Get More Convincing
Deepfake-enabled fraud has already caused more than $200 million in financial losses in just the first quarter of 2025.
McAfee researchers estimate the average American sees three deepfakes per day, many of which are designed to mimic real people, services, or news stories. Whether it’s fake crypto pitches, job offers, or social media stunts—seeing is no longer believing.
Read more
Google Warns Users of Sophisticated Email Scam
Google is alerting Gmail users to a new type of phishing email that looks like it comes from Google itself. These messages often appear in legitimate email threads and pass all typical security checks, but lead victims to a cloned Google login page designed to steal credentials. The scam highlights how attackers are evolving to outsmart traditional filters.
Read more
McAfee Researchers have observed a recent surge in the following scam types:
Fake Delivery Notifications: Scammers impersonate delivery services like USPS, UPS, and FedEx, sending fake tracking links that install malware or steal payment info
Invoice Scams: Fraudulent messages that claim you owe money for a product or service, often accompanied by a fake invoice PDF or request for payment via phone
Cloud Storage Spoofs: Emails that pretend to be from Google Drive, Dropbox, or OneDrive, prompting you to “log in” to view shared files. The links lead to phishing sites designed to capture your credentials.
Toll Text Scams: Personalized smishing messages that claim you owe a toll and link to fake payment sites. These messages often use location data—like your area code or recent city visits—to appear legitimate. McAfee Labs saw toll scam texts spike nearly 4x between January and February.
This week, Steve Grobman, executive vice president and chief technology officer at McAfee, said the toll scam is effective because it hits all the correct social points for a consumer.
These scams often rely on urgency and familiarity—pretending to be something you trust or expect—to get you to act quickly without double-checking.
Thanks for reading—See you next week with more scam alerts, insights, and protection tips from the McAfee team.
The post This Week in Scams: $16.6 Billion Lost, Deepfakes Rise, and Google Email Scams Emerge appeared first on McAfee Blog.
Job scams are on the rise. And asking the right questions can help steer you clear of them.
That rise in job scams is steep, according to the U.S. Federal Trade Commission (FTC). Recent data shows that reported losses have grown five times over between 2020 and 2024. In 2024 alone, reported losses hit half a billion dollars, with unreported losses undoubtedly pushing actual losses yet higher.
Last week, we covered how “pay to get paid” scams account for a big chunk of online job scams. Here, we’ll cover a couple more that we’ve seen circulating on social media and via texts—and how some pointed questions can help you avoid them.
Some job scammers pose as recruiters from job agencies who reach potential victims the same way legitimate agencies do—by email, text, and networking sites. Sometimes this leaves people with their guard down because it’s not unheard of at all to get contacted this way, “out of the blue” so to speak.
Yet one of the quickest ways to spot a scammer is when the “recruiter” asks to pay a fee for the matchmaking, particularly if they ask for it up front. Legitimate headhunters, temp agencies, and staffing agencies typically get paid by the company or business that ultimately does the hiring. Job candidates don’t pay a thing.
Another form of scam occurs during the “onboarding” process of the job. The scammer happily welcomes the victim to the company and then informs them that they’ll need to take some online training and perhaps buy a computer or other office equipment. Of course, the scammer asks the victim to pay for all of it—leaving the victim out of hundreds of dollars and the scammer with their payment info.
One way you can spot a job scam is to press for answers. Asking pointed questions about a company and the job it’s offering, just as you would in any real interview, can reveal gaps in a scammer’s story. In effect, scammers are putting on an acting job, and some don’t thoroughly prepare for their role. They don’t think through the details, hoping that victims will be happy enough about a job prospect to ask too many questions.
If the hiring process moves quicker than expected or details about a job seem light, it’s indeed time to ask questions. Here are a few you can keep handy when you start to wonder if you have a scam on your hands …
This is a great place to start. Legitimate employers write up job listings that they post on their website and job sites. In those descriptions, the work and everything it entails gets spelled out to the letter. A real employer should be able to provide you with a job description or at least cover it clearly over the course of a conversation.
This one can trip up a scammer quickly. A scammer might avoid giving a physical address. Likewise, they might offer up a fake one. Either a non-answer or a lie can readily call out a scam by following up the question with a web search for a physical address. (Resources like the Better Business Bureau can also help you research a company and its track record.)
Asking about co-workers, bosses, reporting structures and the like can also help sniff out a scam. Real employers, once again, will have ready answers here. They might even start dropping names and details about people’s tenure and background. Meanwhile, this is one more place where scammers might tip their hand because they haven’t made up those details.
This question alone can offer a telltale sign. Many job scams move through the hiring process at relative breakneck speed—skipping past the usual interview loops and callbacks that many legitimate jobs have. Scammers want to turn over their victims quickly, so they’ll make the “hiring process” quick as well. If it feels like you’re blazing through the steps, it could be a scam.
Every business has a story, even if it’s still in its startup days. Anyone in a recruiting or hiring position will have a good handle on this question, as they will on any follow-up questions about the company’s mission or goals. Again, vagueness in response to these kinds of questions could be a sign of a scam.
Whether it’s through social media sites like Facebook, Instagram, and the like, scammers often reach out through direct messages. Recruiters stick to legitimate business networking sites like LinkedIn. Companies maintain established accounts on recruiting platforms that people know and trust, so view any contact outside of them as suspicious.
Scammers use the “hiring process” to trick people into providing their personal info with malicious links. Web protection, included in our plans, can steer you clear of them. Likewise, our Scam Detector scans URLs in your text messages and alerts you if they’re sketchy. If you accidentally click a bad link, both web and text scam protection will block a risky site.
Many scammers get your contact info from data broker sites. McAfee’s Personal Data Cleanup scans some of the riskiest data broker sites, shows you which ones are selling your personal info, and, depending on your plan, can help you remove it. Our Social Privacy Manager lowers your public profile lower still. It helps you adjust more than 100 privacy settings across your social media accounts in just a few clicks, so your personal info is only visible to the people you want to share it with.
The post Interviewing for a Job? Spot a Scam with These Questions appeared first on McAfee Blog.
How does this job offer sound? When you pay, you get paid. Sounds fishy, right? In fact, it’s one of the fastest-growing job scams out there right now.
Looking at job scams overall, a data from the U.S. Federal Trade Commission (FTC) shows that job scam reports have nearly tripled between 2020 and 2024. Further, reported losses grew more than five times—spiking to $501 million in 2024.
In all, job scams are more common and more costly than ever.
And leading those losses is a new breed of job scam, where victims indeed “pay to get paid.”
The FTC has dubbed these “pay to get paid” scams as “gamified job scams” or “task scams.” Given the way these scams work, the naming fits. The work feels like a gamey task—and the only winner is the scammer.
It all plays out like this:
You get a job offer by text or private message. The scammer offers you “work” involving “app optimization” or “product boosting,” which they often describe in loose, hazy terms.
You accept the offer. Then the scammer sets you up with an account on an app or platform where you get tasked to “like” or “rate” sets of videos or product images online.
You get to work. The app or platform is fake, yet it looks like you’re racking up commissions as you click and complete sets of tasks. At this point the scammer might dole out a small payment or two, making you think the job truly is legit.
The scammer sets the hook. Here’s where the gamey “pay to get paid” part comes in—if you want more “work,” you must pay for it. At this point, the scammer requires a “deposit” for your next set of tasks. Like a video game, the scammer sweetens the deal by saying the next set can “level up” your earnings.
You get scammed. You make the deposit, complete the task set, and try to get your earnings from the app or platform—only to find that the scammer and your money are gone. It was all fake.
Based on what we’ve seen in the past, these scams borrow from other “easy money” con games found on payment apps. “Easy money” scams build slowly as scammers build a false sense of trust with victims by making small returns on small investments over time. Finally, with the con set, the scammer asks for a huge amount and disappears with it. “Pay to get paid” scams can work much the same way.
A few things to keep in mind about this scam as well:
Step one—ignore job offers over text and social media
A proper recruiter will reach out to you by email or via a job networking site. Moreover, they’ll give you clear details about a possible job, and they’ll answer any questions you have just as clearly.
Quite the opposite, scammers write vague texts and private messages. They’re often big on hype but short on details. Asking questions about the job will get you similarly vague answers. Ignore these offers.
Step two—look up the company
In the case of online job offers in general, look up the company. Check out their background and see if it’s an actual company—and see if that matches up with what that recruiter is telling you.
In the U.S., you have several resources that can help you answer that question. The Better Business Bureau (BBB) offers a searchable listing of businesses in the U.S., along with a brief profile, a rating, and even a list of complaints (and company responses) waged against them. Spending some time here can quickly shed light on the legitimacy of a company.
For a listing of businesses with U.S. and international locations, organizations like S&P Global Ratings and the Dun and Bradstreet Corporation can provide background info as well.
Lastly, check out the company’s website. See if it has a job listing that matches the one you’re offered. Legwork like this can help uncover a scam.
Step three—refuse to pay
As simple as it sounds, don’t pay to get paid.
Any case where you’re asked to pay to up front, with any form of payment, refuse. A legitimate employer will never ask you to invest or deposit a small amount of money with the promise of a big return. And a legitimate employer will provide you with things like training or equipment to do the job you’re qualified for.
Online protection software like ours can help keep you far safer from job scams and scams in general. Specific to job scams, here are just a few ways it can help:
The post “Pay to Get Paid” – The New Job Scam That’s Raking in Millions Right Now appeared first on McAfee Blog.
In today’s digital age, online payment platforms like PayPal have become essential tools for our everyday transactions. Unfortunately, they’ve also become prime targets for cybercriminals looking to steal personal information and money. McAfee Labs has uncovered a concerning trend with a spike in PayPal-related scams, with February 2025 seeing a dramatic seven-fold increase in fraudulent emails compared to January.
While PayPal works diligently to protect its users, scammers are constantly evolving their tactics. The recent surge has been traced to a single, highly effective campaign where attackers send official-looking emails with “Action Required” warnings, demanding users update their account details within 48 hours or face account suspension.
Figure 1. Phishing email example which generated over 600+ emails in a single day
Unlike some scams, which target multiple communication channels, McAfee Labs found that this particular campaign has focused primarily on email.
Scammers use several approaches when impersonating PayPal, including:
Learning to spot these scams can save you from becoming a victim. Watch for these warning signs:
These emails (see below) threatened account suspension or incentivize users, creating urgency to manipulate recipients into clicking malicious links.
Figure 2. While some scams threaten the user with account closures, others incentivize them with payments for surveys
Other common scenarios include fake gift card promotions, phony invoices with unauthorized charges, and bogus billing corrections requiring you to call non-official phone numbers.
Now for the most important part – here’s how you can keep yourself safe:
Remember, cybercriminals rely on creating a sense of panic and urgency to cloud your judgment. Taking a moment to verify communications through official channels is your best defense against these increasingly sophisticated scams. Online protection with McAfee+ will keep you one step ahead of phishing scams.
The post Stolen with a Click: The Booming Business of PayPal Scams appeared first on McAfee Blog.
As Tax Day looms and last-minute taxpayers feel the pressure, a surge of IRS scams is on the rise.
Research by our McAfee Labs team projects a fresh wave of sophisticated tax scams as the stress of peak filing season sets in, with bogus text messages leading the way.
Nearly half of taxpayers complete their taxes between mid-March and April 15, which gives scammers ample opportunity to cash in as people rush their filings with the IRS.
Based on our data from 2024, here’s what we can expect in the coming days:
In addition to posing as the IRS, scammers will pose as tax prep and tax software companies as well. Just as in years past, taxpayers can further expect scams built around quick refunds and easy filing solutions that are actually fronts for scams. Yet whatever guise scammers put on, their aim remains the same. They want to dupe taxpayers out of their personal and financial info.
Tax season is high season for scammers because so much personal info gets gathered and shared online. With that, many taxpayers have their guard down. They expect to see messages, ads, and so forth about their taxes, which can make them more willing to share some of their most personal info. That’s where scammers step in. They want to:
Looking at this list, you can see what makes tax scams so damaging. Many of them target our most precious of personal info—our Social Security Numbers (SSNs).
A stolen SSN opens the door to some of the most painful forms of identity theft, like imposter fraud, insurance fraud, employment fraud, and more. These follow-on attacks can cause great harm to a victim’s finances and reputation in ways that can take months, or even years, to repair.
In effect, tax scams deliver a one-two punch.
It begins by baiting the victim with a phony message from a scammer posing as the IRS, a tax prep business, or a tax software company. That might come by email, a direct message on social media, or even in paid search results.
Largely, scammers bait victims with texts. Mobile attacks indeed dominate the preferred contact method, just as we called out. Here, scammers often use link shorteners to disguise fraudulent links. (You’ve likely seen plenty of link shorteners like bit.ly and goo.gl. They make it easier to share long addresses, but the flipside is that there’s no quick way to tell where they really take you.)
In some cases, scammers attempt to trick taxpayers by weaving “irs.gov” into the web address. Below you can see one example, where the domain isn’t “irs.gov.” It’s actually “entes-tax[dot]com,” which leads to a scam site.
Scam texts that weave “irs.gov” into a malicious link
As for the text itself, scammers send urgent-sounding messages about tax returns like, “Your refund is on hold, contact the IRS immediately.” Other scammers use fear, leveling threats like jail time for non-payment. In other cases, scammers threaten to revoke things like driver’s licenses and business licenses, or even immigration status. According to the IRS, these are common signs of a scam. The IRS never uses threats or tactics like these to resolve tax issues.
The second punch comes by clicking the link in these messages, which leads to IRS copycat scam sites. And they can look convincing. The most sophisticated of them mirror the look and feel of the official IRS website and use URLs that look “close enough” to an IRS URL, which can trick anyone who doesn’t examine them closely.
Example of a fake IRS claim website
And that’s where the damage gets done. Under the false pretense of receiving a refund or making a payment, the scammers collect that precious personal info we talked about, which can cause short- and long-term fallout for victims.
The same approach works for scammers who pose as tax prep services and tax software companies. The texts and websites look different, yet they’re still part of a scheme for collecting the same types of personal and financial info.
Clever as these scams are, you can avoid them. The first step is awareness. By reading this article and sharing it with others, you spread the word about these scams and just how rampant they are.
From there, you can take several more steps that can keep you far safer during tax time:
The post Your Phone Is the #1 Target in a New Wave of IRS Scams, McAfee Finds appeared first on McAfee Blog.
Al Roker never had a heart attack. He doesn’t have hypertension. But if you watched a recent deepfake video of him that spread across Facebook, you might think otherwise.
In a recent segment on NBC’s TODAY, Roker revealed that a fake AI-generated video was using his image and voice to promote a bogus hypertension cure—claiming, falsely, that he had suffered “a couple of heart attacks.”
“A friend of mine sent me a link and said, ‘Is this real?'” Roker told investigative correspondent Vicky Nguyen. “And I clicked on it, and all of a sudden, I see and hear myself talking about having a couple of heart attacks. I don’t have hypertension!”
The fabricated clip looked and sounded convincing enough to fool friends and family—including some of Roker’s celebrity peers. “It looks like me! I mean, I can tell that it’s not me, but to the casual viewer, Al Roker’s touting this hypertension cure… I’ve had some celebrity friends call because their parents got taken in by it.”
While Meta quickly removed the video from Facebook after being contacted by TODAY, the damage was done. The incident highlights a growing concern in the digital age: how easy it is to create—and believe—convincing deepfakes.
“We used to say, ‘Seeing is believing.’ Well, that’s kind of out the window now,” Roker said.
Al Roker isn’t the first public figure to be targeted by deepfake scams. Taylor Swift was recently featured in an AI-generated video promoting fake bakeware sales. Tom Hanks has spoken out about a fake dental plan ad that used his image without permission. Oprah, Brad Pitt, and others have faced similar exploitation.
These scams don’t just confuse viewers—they can defraud them. Criminals use the trust people place in familiar faces to promote fake products, lure them into shady investments, or steal their personal information.
“It’s frightening,” Roker told his co-anchors Craig Melvin and Dylan Dreyer. Craig added: “What’s scary is that if this is where the technology is now, then five years from now…”
Nguyen demonstrated just how simple it is to create a fake using free online tools, and brought in BrandShield CEO Yoav Keren to underscore the point: “I think this is becoming one of the biggest problems worldwide online,” Keren said. “I don’t think that the average consumer understands…and you’re starting to see more of these videos out there.”
According to McAfee’s State of the Scamiverse report, the average American sees 2.6 deepfake videos per day, with Gen Z seeing up to 3.5 daily. These scams are designed to be believable—because the technology makes it possible to copy someone’s voice, mannerisms, and expressions with frightening accuracy.
And it doesn’t just affect celebrities:
While the technology behind deepfakes is advancing, there are still ways to spot—and stop—them:
And most importantly, be skeptical of celebrity endorsements on social media. If it seems out of character or too good to be true, it probably is.
McAfee’s Deepfake Detector, powered by AMD’s Neural Processing Unit (NPU) in the new Ryzen AI 300 Series processors, identifies manipulated audio and video in real time—giving users a critical edge in spotting fakes.
This technology runs locally on your device for faster, private detection—and peace of mind.
Al Roker’s experience shows just how personal—and persuasive—deepfake scams have become. They blur the line between truth and fiction, targeting your trust in the people you admire.
With McAfee, you can fight back.
The post ‘Seeing is Believing is Out the Window’: What to Learn From the Al Roker AI Deepfake Scam appeared first on McAfee Blog.
We’re thrilled to share that McAfee has earned two prestigious AV-TEST Awards: Best Advanced Protection and Best Performance for Consumer Users.
“We are honored to receive both the Best Advanced Protection and the Best PC Performance awards,” said McAfee’s Chief Technology Officer, Steve Grobman. “AV-TEST is a renowned institute with an excellent reputation for independent analysis and quality assurance, and this recognition reinforces our leadership in online protection. As our digital world continues to evolve, so do the tactics of cybercriminals. With McAfee’s AI-powered threat protection, we can stay one step ahead and keep our customers safe from scams without compromising PC performance.”
These awards recognize our commitment to delivering powerful protection from malware, data stealers, and other threats—without slowing down your devices. Throughout 2024, McAfee consistently excelled in AV-TEST’s rigorous evaluations, standing out for both threat detection and system efficiency.
As the only vendor to top both categories in 2024, McAfee is proud to provide trusted protection that enhances—not hinders—your PC’s performance.
McAfee Total Protection isn’t just antivirus software—it’s an all-in-one digital safety solution designed to keep your identity, devices, and privacy protected across unlimited devices. Here’s a breakdown of what’s inside:
With McAfee Total Protection, you get real-time defense powered by artificial intelligence to block viruses, malware, and phishing scams before they can reach you. It works across all your compatible devices—Windows, macOS, iOS, and Android—so you’re covered wherever you go.
Our Secure VPN uses bank-grade encryption to shield your personal info and browsing activity, especially on public Wi-Fi.
Keep your online accounts secure with our built-in password manager, which stores, generates, and auto-fills strong passwords across devices. That means one less thing to remember—and a lot more peace of mind.
Protect yourself and your loved ones with the award-winning solution that topped both protection and performance rankings in 2024. Start your free trial of McAfee Total Protection today.
The post McAfee Wins AV-TEST Awards for Best Advanced Protection and Best Performance appeared first on McAfee Blog.
Authored by Dexter Shin
Cybercriminals are constantly evolving their techniques to bypass security measures. Recently, the McAfee Mobile Research Team discovered malware campaigns abusing .NET MAUI, a cross-platform development framework, to evade detection. These threats disguise themselves as legitimate apps, targeting users to steal sensitive information. This blog highlights how these malware operate, their evasion techniques, and key recommendations for staying protected.
In recent years, cross-platform mobile development frameworks have grown in popularity. Many developers use tools like Flutter and React Native to build apps that work on both Android and iOS. Among these tools, Microsoft provides a framework based on C#, called Xamarin. Since Xamarin is well-known, cybercriminals sometimes use it to develop malware. We have previously found malware related to this framework. However, Microsoft ended support for Xamarin in May 2024 and introduced .NET MAUI as its replacement.
Unlike Xamarin, .NET MAUI expands platform support beyond mobile to include Windows and macOS. It also runs on .NET 6+, replacing the older .NET Standard, and introduces performance optimizations with a lightweight handler-based architecture instead of custom renderers.
As technology evolves, cybercriminals adapt as well. Reflecting this trend, we recently discovered new Android malware campaigns developed using .NET MAUI. These Apps have their core functionalities written entirely in C# and stored as blob binaries. This means that unlike traditional Android apps, their functionalities do not exist in DEX files or native libraries. However, many antivirus solutions focus on analyzing these components to detect malicious behavior. As a result, .NET MAUI can act as a type of packer, allowing malware to evade detection and remain active on devices for a long time.
In the following sections, we will introduce two Android malware campaigns that use .NET MAUI to evade detection. These threats disguise themselves as legitimate services to steal sensitive information from users. We will explore how they operate and why they pose a significant risk to mobile security.
McAfee Mobile Security already detects all of these apps as Android/FakeApp and protects users from these threats. For more information about our Mobile Product, visit McAfee Mobile Security.
While we found multiple versions of these malicious apps, the following two examples are used to demonstrate how they evade detection.
First off, where are users finding these malicious apps? Often, these apps are distributed through unofficial app stores. Users are typically directed to such stores by clicking on phishing links made available by untrusted sources on messaging groups or text messages. This is why we recommend at McAfee that users avoid clicking on untrusted links.
The first fake app we found disguises itself as IndusInd Bank, specifically targeting Indian users. When a user launches the app, it prompts them to input personal and financial details, including their name, phone number, email, date of birth, and banking information. Once the user submits this data, it is immediately sent to the attacker’s C2 (Command and Control) server.
Figure 1. Fake IndusInd Bank app’s screen requesting user information
As mentioned earlier, this is not a traditional Android malware. Unlike typical malicious apps, there are no obvious traces of harmful code in the Java or native code. Instead, the malicious code is hidden within blob files located inside the assemblies directory.
Figure 2. Blob contains malicious code
The following code snippet reveals how the app collects and transmits user data to the C2 server. Based on the code, the app structures the required information as parameters before sending it to the C2 server.
Figure 3. C# code responsible for stealing user data and sending it to the C2 server
In contrast to the first fake app, this second malware is even more difficult for security software to analyze. It specifically targets Chinese-speaking users and attempts to steal contacts, SMS messages, and photos from their devices. In China, where access to the Google Play Store is restricted, such apps are often distributed through third-party websites or alternative app stores. This allows attackers to spread their malware more easily, especially in regions with limited access to official app stores.
Figure 4. Distribution site and fake X app targeting Chinese-speaking users
One of the key techniques this malware uses to remain undetected is multi-stage dynamic loading. Instead of directly embedding its malicious payload in an easily accessible format, it encrypts and loads its DEX files in three separate stages, making analysis significantly more difficult.
In the first stage, the app’s main activity, defined in AndroidManifest.xml, decrypts an XOR-encrypted file and loads it dynamically. This initial file acts as a loader for the next stage. In the second stage, the dynamically loaded file decrypts another AES-encrypted file and loads it. This second stage still does not reveal the core malicious behavior but serves as another layer of obfuscation. Finally, in the third stage, the decrypted file contains code related to the .NET MAUI framework, which is then loaded to execute the main payload.
Figure 5. Multi-stage dynamic loading
The main payload is ultimately hidden within the C# code. When the user interacts with the app, such as pressing a button, the malware silently steals their data and sends it to the C2 server.
Figure 6. C# code responsible for stealing images, contacts, and SMS data
Beyond multi-stage dynamic loading, this malware also employs additional tricks to make analysis more difficult. One technique is manipulating the AndroidManifest.xml file by adding an excessive number of unnecessary permissions. These permissions include large amounts of meaningless, randomly generated strings, which can cause errors in certain analysis tools. This tactic helps the malware evade detection by disrupting automated scanners and static analysis.
Figure 7. AndroidManifest.xml file with excessive random permissions
Another key technique is encrypted socket communication. Instead of using standard HTTP requests, which are easier to intercept, the malware relies on TCP socket connections to transmit data. This approach makes it difficult for traditional HTTP proxy tools to capture network traffic. Additionally, the malware encrypts the data before sending it, meaning that even if the packets are intercepted, their contents remain unreadable.
One more important aspect to note is that this malware adopts various themes to attract users. In addition to the fake X app, we also discovered several dating apps that use the same techniques. These apps had different background images but shared the same structure and functionality, indicating that they were likely created by the same developer as the fake X app. The continuous emergence of similar apps suggests that this malware is being widely distributed among Chinese-speaking users.
Figure 8. Various fake apps using the same technique
The rise of .NET MAUI-based malware highlights how cybercriminals are evolving their techniques to avoid detection. Some of the techniques described include:
With these evasion techniques, the threats can remain hidden for long periods, making analysis and detection significantly more challenging. Furthermore, the discovery of multiple variants using the same core techniques suggests that this type of malware is becoming increasingly common.
Users should always be cautious when downloading and installing apps from unofficial sources, as these platforms are often exploited by attackers to distribute malware. This is especially concerning in countries like China, where access to official app stores is restricted, making users more vulnerable to such threats.
To keep up with the rapid evolution of cybercriminal tactics, users are strongly advised to install security software on their devices and keep it up to date at all times. Staying vigilant and ensuring that security measures are in place can help protect against emerging threats. By using McAfee Mobile Security, users can enhance their device protection and detect threats related to this type of malware in real-time.
Glossary of Terms
Indicators of Compromise (IOCs)
APKs:
C2:
The post New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI appeared first on McAfee Blog.
Cybercriminals are getting smarter. They’re now using a development toolkit called .NET MAUI to create fake apps that look and feel like the real thing—banking apps, dating apps, and even social media. But instead of helping you, these apps secretly steal your private info.
We break down the full research from McAfee Labs here:
.NET MAUI is a tool used by developers to build apps that work on many devices—like phones, tablets, and computers—all from one set of code.
That’s great for app creators. But now, hackers are using it too. While McAfee is able to detect this malware, the decision to build with .NET MAUI helps hide their dangerous code from most antivirus software. Think of it like a thief wearing an invisibility cloak—unless you’re really looking, you won’t see them.
Hackers are creating apps that look like they’re from real companies. For example, one fake app pretended to be IndusInd Bank, asking users to enter sensitive information like:
Once you hit submit, that info goes straight to the hacker’s server.
Figure 1. Fake IndusInd Bank app’s screen requesting user information
Normal Android apps have code in a format security tools can scan. These fake apps hide their code in binary files so it can’t be easily detected. That lets them stay on your phone longer—stealing quietly in the background.
In another case, hackers made an app that pretended to be a social media platform. This one targeted Chinese-speaking users and was even trickier than the fake bank app.
Here’s what it did:
And instead of using regular internet traffic, it sent stolen data through secret encrypted channels—so even if someone intercepted it, they couldn’t read it.
Figure 2. Various fake apps using the same technique
These apps aren’t in the Google Play Store. Instead, hackers are sharing them on:
So if someone sends you a link to a cool new app that’s not from the Play Store—be extra careful.
Here are a few easy ways to stay safe:
Hackers are getting creative, but you can stay one step ahead. These new .NET MAUI-based threats are sneaky—but they’re not unstoppable.
With smart habits and the right tools, you can keep your phone and your personal info safe. Want real-time protection on your phone? Download McAfee+ and get ahead of the latest threats.
The post New Android Malware Sneaks Past Security by Pretending to Be Real Apps appeared first on McAfee Blog.
The collapse of genetic testing giant 23andMe has raised serious privacy concerns for millions of people who shared their DNA with the company. Once valued at $6 billion, the company has filed for bankruptcy and is now selling off assets—including, potentially, your genetic data.
If you’ve ever used 23andMe to explore your ancestry or health traits, now is the time to take action.
Here’s what’s going on, what it means for your data, how to delete your account, and steps you can take to better protect your online privacy going forward.
23andMe, once a pioneer in at-home genetic testing, has fallen into financial distress after a series of challenges, including a massive data breach in 2023 that exposed personal information of nearly 7 million users, according to TechCrunch. The company’s value plummeted by more than 99%, leading to mass board resignations and a March 2024 bankruptcy filing.
Now, as 23andMe prepares to sell off its assets under court supervision, its massive database of customer DNA—reportedly from more than 15 million users—is on the table. Despite the company’s assurances that its privacy policy remains in effect, experts and privacy advocates warn that your sensitive genetic data could end up in the hands of third parties, including pharmaceutical companies or even law enforcement agencies.
If you used 23andMe, yes.
Genetic data is some of the most personal information you can share. It can reveal details about your ancestry, health risks, and even family secrets. With 23andMe not covered by HIPAA (the federal health privacy law), your DNA data isn’t protected the way medical records at a doctor’s office would be, The Harvard Gazette reports.
Although 23andMe claims it won’t share individual-level data without consent, it does reserve the right to sell or transfer personal information as part of a bankruptcy or acquisition. That means your data could be bought by another company—one with different privacy practices or intentions.
California residents, in particular, have the legal right to delete their data under the Genetic Information Privacy Act (GIPA) and the California Consumer Privacy Act (CCPA).
If you’re ready to take action, here’s how to delete your genetic data and revoke research permissions through your 23andMe account:
Your DNA isn’t the only personal data at risk. From email addresses and home addresses to phone numbers and even shopping habits, data brokers are collecting and selling your information online—often without your knowledge or consent.
That’s why it’s critical to take control of your digital footprint. All McAfee+ plans provide the ability to scan the web for details of your personal information. McAfee’s Online Account Cleanup scans for accounts you no longer use and helps you delete them, along with your personal info. McAfee’s Personal Data Cleanup, takes this a step further, by scanning data broker sites for your personal information, and requesting the removal of you details from those sites.
Combined, these tools can give you back control over your privacy. All our McAfee+ plans include scans to find your accounts and direct you on how to remove your data.
Bottom Line: If you’ve ever used 23andMe, your genetic data could be at risk of being transferred or sold. Take action now by deleting your account and revoking permissions. And to keep the rest of your personal data protected, use tools like McAfee+ to keep your personal data safe online.
The post How to Delete Your Data from 23andMe and Protect Your Privacy appeared first on McAfee Blog.
Online scams are evolving faster than ever, with cybercriminals using AI, deepfake technology, and social engineering to trick unsuspecting users.
In the past year, Americans have been targeted by an average of 14 scam messages per day, and deepfake scams have surged 1,740% in North America, according to McAfee’s State of the Scamiverse report.
These scams go beyond simple phishing emails—scammers now impersonate trusted companies, friends, and even loved ones, making it critical to recognize the warning signs before falling victim.
Here’s how you can spot an online scam and protect yourself:
Scams are scary, but you can prevent yourself from falling for one by knowing what to look for. Here are a few tell-tale signs that you’re dealing with a scammer.
If you get a message that you’ve won a big sum of cash in a sweepstakes you don’t remember entering, it’s a scam. Scammers may tell you that all you need to do to claim your prize is send them a small fee or give them your banking information.
When you enter a real sweepstakes or lottery, it’s generally up to you to contact the organizer to claim your prize. Sweepstakes aren’t likely to chase you down to give you money.
Scammers will often ask you to pay them using gift cards, money orders, cryptocurrency (like Bitcoin), or through a particular money transfer service. Scammers need payments in forms that don’t give consumers protection.
Gift card payments, for example, are typically not reversible and hard to trace. Legitimate organizations will rarely, if ever, ask you to pay using a specific method, especially gift cards.
When you have to make online payments, it’s a good idea to use a secure service like PayPal. Secure payment systems can have features to keep you safe, like end-to-end encryption.
Scammers may try to make you panic by saying you owe money to a government agency and you need to pay them immediately to avoid being arrested. Or the criminal might try to tug at your heartstrings by pretending to be a family member in danger who needs money.
Criminals want you to pay them or give them your information quickly — before you have a chance to think about it. If someone tries to tell you to pay them immediately in a text message, phone call, or email, they’re likely a scammer.
Many scammers pretend to be part of government organizations like the Internal Revenue Service (IRS). They’ll claim you owe them money. Criminals can even use technology to make their phone numbers appear legitimate on your caller ID.
If someone claiming to be part of a government organization contacts you, go to that organization’s official site and find an official support number or email. Contact them to verify the information in the initial message.
Scammers may also pretend to be businesses, like your utility company. They’ll likely say something to scare you, like your gas will be turned off if you don’t pay them right away.
Most legitimate organizations will thoroughly proofread any copy or information they send to consumers. Professional emails are well-written, clear, and error-free. On the other hand, scam emails will likely be full of grammar, spelling, and punctuation errors.
It might surprise you to know that scammers write sloppy emails on purpose. The idea is that if the reader is attentive enough to spot the grammatical mistakes, they likely won’t fall for the scam.
There are certain scams that criminals try repeatedly because they’ve worked on so many people. Here are a few of the most common scams you should watch out for.
A phishing scam can be a phone or email scam. The criminal sends a message in which they pretend to represent an organization you know. It directs you to a fraud website that collects your sensitive information, like your passwords, Social Security number (SSN), and bank account data. Once the scammer has your personal information, they can use it for personal gain.
Phishing emails may try anything to get you to click on their fake link. They might claim to be your bank and ask you to log into your account to verify some suspicious activity. Or they could pretend to be a sweepstakes and say you need to fill out a form to claim a large reward.
During the coronavirus pandemic, new phishing scams have emerged, with scammers claiming to be part of various charities and nonprofits. Sites like Charity Navigator can help you discern real groups from fake ones.
These scams also became much more prominent during the pandemic. Let’s say you’re preparing to fly to Paris with your family. A scammer sends you a message offering you an insurance policy on any travel plans you might be making. They’ll claim the policy will compensate you if your travel plans fall through for any reason without any extra charges.
You think it might be a good idea to purchase this type of insurance. Right before leaving for your trip, you have to cancel your plans. You go to collect your insurance money only to realize the insurance company doesn’t exist.
Real travel insurance from a licensed business generally won’t cover foreseeable events (like travel advisories, government turmoil, or pandemics) unless you buy a Cancel for Any Reason (CFAR) addendum for your policy.
Grandparent scams prey on your instinct to protect your family. The scammer will call or send an email pretending to be a family member in some sort of emergency who needs you to wire them money. The scammer may beg you to act right away and avoid sharing their situation with any other family members.
For example, the scammer might call and say they’re your grandchild who’s been arrested in Mexico and needs money to pay bail. They’ll say they’re in danger and need you to send funds now to save them.
If you get a call or an email from an alleged family member requesting money, take the time to make sure they’re actually who they say they are. Never wire transfer money right away or over the phone. Ask them a question that only the family member would know and verify their story with the rest of your family.
You get an email from a prince. They’ve recently inherited a huge fortune from a member of their royal family. Now, the prince needs to keep their money in an American bank account to keep it safe. If you let them store their money in your bank account, you’ll be handsomely rewarded. You just need to send them a small fee to get the money.
There are several versions of this scam, but the prince iteration is a pretty common one. If you get these types of emails, don’t respond or give out your financial information.
Your online experience is rudely interrupted when a pop-up appears telling you there’s a huge virus on your computer. You need to “act fast” and contact the support phone number on the screen. If you don’t, all of your important data will be erased.
When you call the number, a fake tech support worker asks you for remote access to your device to “fix” the problem. If you give the scammer access to your device, they may steal your personal and financial information or install malware. Worse yet, they’ll probably charge you for it.
These scams can be pretty elaborate. A scam pop-up may even appear to be from a reputable software company. If you see this type of pop-up, don’t respond to it. Instead, try restarting or turning off your device. If the device doesn’t start back up, search for the support number for the device manufacturer and contact them directly.
Scammers will often pose as popular e-commerce companies by creating fake websites. The fake webpages might offer huge deals on social media. They’ll also likely have a URL close to the real business’s URL but slightly different.
Sometimes, a criminal is skilled enough to hack the website of a large online retailer. When a scammer infiltrates a retailer’s website, they can redirect where the links on that site lead. This is called formjacking.
For example, you might go to an e-commerce store to buy a jacket. You find the jacket and put it in your online shopping cart. You click “check out,” and you’re taken to a form that collects your credit card information. What you don’t know is that the checkout form is fake. Your credit card number is going directly to the scammers.
Whenever you’re redirected from a website to make a payment or enter in information, always check the URL. If the form is legitimate, it will have the same URL as the site you were on. A fake form will have a URL that’s close to but not exactly the same as the original site.
These scams are similar to tech support scams. However, instead of urging you to speak directly with a fake tech support person, their goal is to get you to download a fake antivirus software product (scareware).
You’ll see a pop-up that says your computer has a virus, malware, or some other problem. The only way to get rid of the problem is to install the security software the pop-up links to. You think you’re downloading antivirus software that will save your computer.
What you’re actually downloading is malicious software. There are several types of malware. The program might be ransomware that locks up your information until you pay the scammers or spyware that tracks your online activity.
To avoid this scam, never download antivirus software from a pop-up. You’ll be much better off visiting the website of a reputable company, like McAfee, to download antivirus software.
Dealing with credit card debt can be extremely stressful. Scammers know this and try to capitalize off it. They’ll send emails posing as credit experts and tell you they can help you fix your credit or relieve some of your debt. They might even claim they can hide harmful details on your credit report.
All you have to do is pay a small fee. Of course, after you pay the fee, the “credit expert” disappears without helping you out with your credit at all. Generally, legitimate debt settlement firms won’t charge you upfront. If a credit relief company charges you a fee upfront, that’s a red flag.
Before you enter into an agreement with any credit service, check out their reputation. Do an online search on the company to see what you can find. If there’s nothing about the credit repair company online, it’s probably fake.
Admitting that you’ve fallen for an online scam can be embarrassing. But reporting a scammer can help stop them from taking advantage of anyone else. If you’ve been the victim of an online scam, try contacting your local police department and filing a report with the Federal Trade Commission (FTC).
Several other law enforcement organizations handle different types of fraud. Here are a few examples of institutions that can help you report scams.
Fraudsters shouldn’t stop you from enjoying your time online. Just by learning to spot an online scam, you can greatly strengthen your immunity to cybercrimes.
For an even greater internet experience, you’ll want the right tools to protect yourself online. McAfee+ can help you confidently surf the web by providing all-in-one protection for your personal info and privacy. This includes identity protection — which comes with 24/7 monitoring of your email addresses and bank accounts — and antivirus software to help safeguard your internet connection.
Get the peace of mind that comes with McAfee having your back.
The post How to Recognize an Online Scammer appeared first on McAfee Blog.
It’s the month of top seeds, big upsets, and Cinderella runs by the underdogs. With March Madness basketball cranking up, a fair share of online betting will be sure to follow—along with online betting scams.
Since a U.S. Supreme Court ruling in 2018, individual states can determine their own laws for sports betting. Soon after, states leaped at the opportunity to legalize it in some form or other. Today, nearly 40 states and the District of Columbia have “live and legal” sports betting, meaning that people can bet on single-game sports through a retail or online sportsbook or a combination of the two in their state.
And it has made billions of dollars for the government.
If you’re a sports fan, this news has probably been hard to miss. Or at least the outcome of it all has been hard to miss. Commercials and signage in and around games promote several major online betting platforms. Ads have naturally made their way online too, complete with all kinds of promo offers to encourage people to get in on the action. However, that’s also opened the door for scammers who’re looking to take advantage of people looking to make a bet online, according to the Better Business Bureau (BBB). Often through shady or outright phony betting sites.
Let’s take a look at the online sports betting landscape, some of the scams that are cropping up, and some things you can do to make a safer bet this March or any time.
Among the 30 states that have “live and legal” sports betting, 19 offer online betting, a number that will likely grow given various state legislation that’s either been introduced or will be introduced soon.
If you’re curious about what’s available in your state, this interactive map shows the status of sports betting on a state-by-state level. Further, clicking on an individual state on the map will give you yet more specifics, such as the names of retail sportsbooks and online betting services that are legal in the state. For anyone looking to place a bet, this is a good place to start. It’s also helpful for people who are looking to get into online sports betting for the first time, as this is the sort of homework that the BBB advises people to do before placing a sports bet online. In their words, you can consider these sportsbooks to be “white-labeled” by your state’s gaming commission.
However, the BBB stresses that people should be aware that the terms and conditions associated with online sports betting will vary from service to service, as will the promotions that they offer. The BBB accordingly advises people to closely read these terms, conditions and offers. For one, “Gambling companies can restrict a user’s activity,” meaning that they can freeze accounts and the funds associated with them based on their terms and conditions. Also, the BBB cautions people about those promo offers that are often heavily advertised, “[L]ike any sales pitch, these can be deceptive. Be sure to read the fine print carefully.”
Where do scammers enter the mix? The BBB points to the rise of consumer complaints around bogus betting sites:
“You place a bet, and, at first, everything seems normal. But as soon as you try to cash out your winnings, you find you can’t withdraw a cent. Scammers will make up various excuses. For example, they may claim technical issues or insist on additional identity verification. In other cases, they may require you to deposit even more money before you can withdraw your winnings. Whatever you do, you’ll never be able to get your money off the site. And any personal information you shared is now in the hands of scam artists.”
If there’s a good reason you should stick to the “white labeled” sites that are approved by your state’s gaming commission, this is it. Take a pass on any online ads that promote betting sites, particularly if they roll out big and almost too-good-to-be-true offers. These may lead you to shady or bogus sites. Instead, visit the ones that are approved in your state by typing in their address directly into your browser.
In addition to what we mentioned above, there are several other things you can do to make your betting safer.
In addition to choosing a state-approved option, check out the organization’s BBB listing at BBB.org. Here you can get a snapshot of customer ratings, complaints registered against the organization, and the organization’s response to the complaints, along with its BBB rating, if it has one. Doing a little reading here can be enlightening, giving you a sense of what issues arise and how the organization has historically addressed them. For example, you may see a common complaint and how it’s commonly resolved. You may also see where the organization has simply chosen not to respond, all of which can shape your decision whether to bet with them or not.
Credit cards are a good way to go. One reason why is the Fair Credit Billing Act, which offers protection against fraudulent charges on credit cards by giving you the right to dispute charges over $50 for goods and services that were never delivered or otherwise billed incorrectly. Your credit card companies may have their own policies that improve upon the Fair Credit Billing Act as well. Debit cards don’t get the same protection under the Act.
Comprehensive online protection software will defend you against the latest virus, malware, spyware, and ransomware attacks plus further protect your privacy and identity. In addition to this, it can also provide strong password protection by generating and automatically storing complex passwords to keep your credentials safer from hackers and crooks who may try to force their way into your accounts. And, specific to betting sites, online protection can help prevent you from clicking links to known or suspected malicious sites.
With online betting cropping up in more and more states for more and more people, awareness of how it works and how scammers have set up their presence within it becomes increasingly important. Research is key, such as knowing who the state-approved sportsbooks and services are, what types of betting are allowed, and where. By sticking to these white-label offerings and reading the fine print in terms, conditions, and promo offers, people can make online betting safer and more enjoyable.
Editor’s Note: If gambling is a problem for you or someone you know, you can seek assistance from a qualified service or professional. Several states have their own helplines, and nationally you can reach out to resources like http://www.gamblersanonymous.org/ or https://www.ncpgambling.org/help-treatment/.
The post How to Protect Yourself from March Madness Scams appeared first on McAfee Blog.
Authored by Aayush Tyagi and M, Mohanasundaram
*Bold = Term Defined in Appendix
In this blog, we discuss how malware authors recently utilized a popular new trend to entice unsuspecting users into installing malware. This blog is meant as a reminder to stay cautious during a hype cycle. It’s a common trap and pitfall for unassuming consumers.
Figure 1: DeepSeek Google Search Trend from 1st January to 7th March
Malware creators frequently exploit trending search terms through hashtags and SEO manipulation to boost visibility and climb search rankings. This tactic, known as SEO poisoning, helps drive traffic to malicious sites, increasing downloads or earning rewards through affiliate programs. Recently, “AI” (Artificial Intelligence) has been one of the most popular keywords leveraged in these scams. Earlier this year, “DeepSeek” also gained traction, even surpassing “Nvidia” at its peak in search interest.
Let’s look at how we got here. Artificial Intelligence (AI) tools are transforming the world at an unprecedented pace, right before our eyes. In recent years, we’ve witnessed remarkable advancements in Generative AI, from the development of highly successful frontier of LLM’s (Large Language Models) such as ChatGPT, Gemini, LLaMA, Grok, etc., to their applications as coding assistants (GitHub Co-pilot or Tabnine), meeting assistants, and voice cloning software among the more popular ones.
These tools are pervasive and easily available at your fingertips. In today’s world AI isn’t just a complicated term utilized by select organizations, it’s now adopted by every household in one way or another and is reshaping entire industries and economies.
With the good comes the bad, and unfortunately AI has enabled an accelerated ecosystem of scammers adopting these tools – examples are:
Besides the application of AI tools that empower scammers, there is the good old use case of piggybacking on popular news trends, where popular search terms are used to bait gullible users (read our blog on how game cracks are used as lures to deliver malware). One such popular news-worthy term that is being abused is DeepSeek, which McAfee discussed early this year.
The launch of the DeepSeek-R1 model (by DeepSeek, a Chinese company) generated significant buzz. The model is claimed to have been innovated so that the cost of building and using the technology is a fraction1 of the cost compared to other Generative AI models such as OpenAI’s GPT-4o or Meta’s Llama 3.1. Moreover, the R1 model was released in January 2025 under an Open-Source license.
Within a few days of the release of the DeepSeek-R1 model, the Deepseek AI assistant—a chatbot for the R1 model—was launched on the Apple App Store and later the Google Play Store. In both app stores, Deepseek’s chatbot, which is an alternative to OpenAI’s ChatGPT, took the No. 1 spot and has been downloaded over 30 million times.
This stirred up the curiosity of many who wanted to experiment with the model. The interest spiked to a point where the DeepSeek website wasn’t available at times due to the sheer volume of people trying to set up accounts or download their app. This sense of excitement, anxiety, and impatience is exactly what scammers look for in their victims. It wasn’t shortly after the term went “viral” that scammers saw an opportunity and began cloaking malware disguised as DeepSeek. Various malware campaigns followed, which included Crypto-miners, fake installers, DeepSeek impersonator websites, and fake DeepSeek mobile apps.
At McAfee Labs, we work hard to keep you safe, but staying informed is always a smart move. When navigating trending news stories, it’s important to stay cautious and take necessary precautions. We continuously track emerging threats across multiple platforms—including Windows, macOS, Android, iOS, and ChromeOS—to ensure our customers remain protected. While we do our part, don’t forget to do yours: enable Scam Protection, Web Protection, and Antivirus in your preferred security product.
McAfee products offer advanced AI-powered protection across all tiers—Basic, Essential, Premium, Advanced, and Ultimate. Our AI-Suite includes features like AI-powered Antivirus, Text Scam Detection, Web Protection, VPN, and Identity Protection, providing comprehensive security.
Check out McAfee Scam Detector, which enhances our ability to combat a wide range of scams and is included in our products at no extra cost.
For more tips on avoiding scams and staying safe online, visit the McAfee Smart AI Hub at mcafee.ai. You can also explore the latest insights on the State of the Scamiverse on McAfee’s blog and stay up to date on scam prevention strategies.
Together, we can outsmart scammers and make the internet safer for everyone.
In the rest of this article, we use simple examples to delve into more technical details for those seeking more analysis details.
McAfee Labs uncovered a variety of DeepSeek-themed malware campaigns attempting to exploit its popularity and target tech savvy users. Multiple malware families were able to distribute their latest variants under the false pretense of being DeepSeek software.
Figure 2: Attack Vector
Users encounter some threats while searching for information about DeepSeek AI on the internet. They encountered websites offering DeepSeek installers for different platforms, such as Android, Windows and Mac. McAfee Labs found a number of such installers were trojanized or just repackaged applications. We identified multiple instances of Keyloggers, Crypto miners, Password Stealers, and Trojan Downloaders being distributed as DeepSeek installers.
Figure 3: DeepSeek Installers
In Figure 3, we encountered fake installers, which distribute Third-Party software, such as winManager (highlighted in red) and Audacity (highlighted in blue).
In the simplest abuse of the DeepSeek name, certain affiliates were able to spike their partner downloads and get a commission based on pay-per-install partner programs. Rogue affiliates use this tactic to generate revenue through forced installations of partner programs.
Additionally similar software installers were also observed utilizing the DeepSeek Icon to appear more believable or alternatively use click ads and modify browser settings (such as modify the search engine) with the goal of generating additional ad revenue.
Figure 4: winManager (left) and Audacity (right)
The Deepseek icon was also misused by multiple Android applications to deceive users into downloading unrelated apps, thereby increasing download counts and generating revenue.
Figure 5: Android files abusing DeepSeek’s Logo
We also encountered DeepSeek-Themed Fake-Captcha Pages. This isn’t new and has been a popular technique used as recently as 6 months ago by LummaStealer
Fake captcha – is a fake webpage, asking users to verify that they are human, but instead, tricks the user into downloading and executing malicious software. This malware can steal login credentials, browser information etc.
Figure6: Fake Captcha Page
In this instance, the website deepseekcaptcha[.]top pretends to offer a partnership program for content creators. They are utilizing the technique called ‘Brand Impersonation’, where they’re using DeepSeek’s Icons and color scheme to appear as the original website.
Figure 7: deepseekcaptcha[.]top
Once the user registers for the program, they’re redirected to the fake captcha page.
Figure 8: Fake Captcha Page hosted on the website
Here, as shown above, to authenticate, the user is asked to open the verification window by pressing the Windows + R key and then pressing CTRL + V to verify their identity.
The user would observe a screen as shown in figure 9.
Figure 9: Windows Run panel after copying the CMD
On clicking ‘OK’, malware will be installed that can steal browser and financial information from the system.
McAfee’s Web Advisor protects against such threats. In this instance, the fake captcha page was blocked and marked as suspicious before it could be accessed. Even if you aren’t a McAfee customer, check out browser plugin for free.
Figure 10: McAfee blocking malicious URL
In this section we talk about a *Cryptominer malware that was masquerading as DeepSeek. By blocking this initial payload, we prevent a chain of events (Fig 11.) on the computer that would have led to reduced performance on the device and potentially expose your device to further infection attempts.
Some examples names used by the initial loader are were:
Figure 11: CryptoMiner KillChain
Once installed, this malware communicates with its *C&C (Command and Control) to download and execute a *PowerShell script. Figure 12 (a) and (b) show the malware connecting it’s IP address to download chunks of a script file which is then stored to the AppData\Roaming folder as installer.ps1
Figure 12(a): Sample connects to C&C IP Address
Figure 12(b): Installer.ps1 stored in Roaming folder
An attempt is made to bypass system policies and launch the script
Figure 13: Base64 Encoded Malicious Code
Figure 14: PowerShell code for Process Injection.
Malware attempts to maintain persistence on the Victim’s computer.
Figure 15: Creating Run Key entry to maintain persistence
Figure 16: HTTP response that contains additional parameters
[{“address”:”494k9WqKJKFGDoD9MfnAcjEDcrHMmMNJTUun8rYFRYyPHyoHMJf5sesH79UoM8VfoGYevyzthG86r5BTGYZxmhENTzKajL3″,”idle_threads”:90,”idle_time”:1,”password”:”x”,”pool”:”pool.hashvault.pro:443″,”task”:”FALLEN|NOTASK”,”threads”:40}]
Figure 17: Notepad.exe being executed with additional parameters
Figure 18: Wallet status for the captured wallet address
The attacker purposely mines Monero Cryptocurrency, as it prioritizes anonymity, making it impossible to track the movements of funds. This makes it a popular coin by a number of crypto-miners
PowerShell is a cross-platform command-line shell and scripting language developed by Microsoft, primarily used for task automation and configuration management and streamlined administrative control across Windows, Linux, and macOS environments worldwide.
A cryptominer is software or hardware that uses computing power to validate cryptocurrency transactions, secure decentralized networks, and earn digital currency rewards, often straining system resources and raising energy consumption. When used in the context of malware, it is unauthorized software that covertly uses infected devices to mine cryptocurrency, draining resources, slowing performance, increasing energy costs, and often remaining difficult to detect or remove.
This is a term used to describe a technique where malware injects and overwrites legitimate processes in memory, thereby modifying their behavior to run malicious code and bypassing security measures. The target processes are typically trusted processes.
C&C (Command and Control) is a communication channel used by attackers to remotely issue commands, coordinate activities, and data from compromised systems or networks.
This term refers to the techniques that malware or an attacker uses to maintain long-term access to a compromised system, even after reboots, logouts, or security interventions. Persistence ensures that the malicious payload or backdoor remains active and ready to execute even if the system is restarted or the user tries to remove it.
In malware, a payload is the main malicious component delivered or executed once the infection occurs, enabling destructive activities such as data theft, system damage, resource hogging or unauthorized control and infiltration.
XMRig is an open-source cryptocurrency mining software primarily used for mining Monero. It was originally developed as a legitimate tool for miners to efficiently utilize system resources to mine Monero using CPU and GPU power. However, due to its open-source nature and effectiveness, XMRig has become a popular tool for cryptominers.
Monero (XMR) is a privacy-focused cryptocurrency that prioritizes anonymity, security, and decentralization. Launched in April 2014, Monero is designed to provide untraceable and unlinkable transactions, making it difficult for outside parties to monitor or track the movement of funds on its blockchain. It operates on a decentralized, peer-to-peer network but with enhanced privacy features.
The post Look Before You Leap: Imposter DeepSeek Software Seek Gullible Users appeared first on McAfee Blog.
In a digital landscape hungry for the next big thing in Artificial Intelligence, a new contender called DeepSeek recently burst onto the scene and has quickly gained traction for its advanced language models.
Positioned as a low-cost alternative to industry giants like OpenAI and Meta, DeepSeek has drawn attention for its rapid growth, affordability, and potential to reshape the AI landscape.
Unfortunately, a recent investigation by McAfee Labs found that the same hype is now fueling a barrage of malware attacks disguised as DeepSeek software and updates.
Here’s a breakdown of those research findings:
It starts with a user searching online to find DeepSeek to use for themselves. Innocent enough. The problem comes from malicious results that promise access to DeepSeek, but actually steal data and infect computers.
McAfee Labs’ blog post pulls back the curtain on three main deception methods:
1. Fake “DeepSeek” Installers
2. Unrelated Third-Party Software Installs
3. Fake Captcha Pages
McAfee’s experts underscore the importance of careful online habits and shares best practices to keep threats at bay:
FreshRSS 
Windows + R and paste something you can’t see in full, don’t do it.
McAfee Labs’ findings reveal just how adaptable—and opportunistic—cybercriminals can be when fresh digital gold rushes emerge. By following basic security practices and staying skeptical about anything that seems too good to be true, you can explore new AI frontiers without handing over the keys to your device.
When in doubt, stop, do your due diligence, and only download from verified sources. Your curiosity about the latest tech trends shouldn’t come at the cost of your personal data or system security.
The post Bogus ‘DeepSeek’ AI Installers Are Infecting Devices with Malware, Research Finds appeared first on McAfee Blog.
Tax season is already stressful for many Americans, and to make matters worse, it’s also a golden opportunity for scammers.
According to a new 2025 tax season survey conducted by McAfee, nearly half (48%) of people say they, or someone they know, has received a message via email, social media, phone call, or text message falsely claiming to be from the IRS or an official state tax authority.
And when these deceptive messages and other manipulative AI practices work, research reveals it costs — a lot.
Gen Z adults (18-24) surveyed by McAfee reported experiencing the most scams, with nearly 40% saying they or someone they know has been scammed.
While young adults face high rates of attempted fraud, older adults (65-74) are still at greater risk of large financial losses. Among men in that age group who lost money in such a scam, 40% reported losing between $751 and $1,000, and half of the women lost between $2,501 and $5,000.
Meanwhile, the steepest losses overall were reported by those aged 45-54, with 10% saying they lost more than $10,000.
Criminals have long relied on phishing emails and fraudulent calls to obtain personal information—especially during tax season. Today, AI is raising the stakes.
Deepfake audio lets scammers sound exactly like IRS agents, and AI-generated phishing emails perfectly replicate official communications from reputable tax preparation services.
In fact, more than half (55%) of Americans say they’ve noticed scam attempts becoming more realistic than in previous years, and 87% worry AI is making them even harder to detect.
Here’s how a typical tax scam might play out: It often starts with an urgent text or email claiming your refund was rejected—or that you owe back taxes and must pay immediately. These messages can look and sound incredibly convincing, prompting recipients to click a malicious link or call a fake helpline.
Once scammers have your attention, they’ll ask for personal or financial information—like your Social Security number, bank details, or a credit card—to “fix” the supposed problem. Of course, it’s all a ploy to steal your identity or your cash.
McAfee highlights several tactics that have emerged in these AI-driven scams:
Tax scams show no signs of slowing down in 2025. Whether you’re part of Gen Z, a senior, or somewhere in between, it pays to stay vigilant.
By recognizing the signs of a scam, safeguarding your personal information, and taking proactive steps, you can help ensure your refund ends up where it belongs: in your pocket.
The post Financial Losses from Tax Scams Top $1,000 on Average—and Gen Z is a Growing Target appeared first on McAfee Blog.
Scams are big business for cybercriminals, and they’re getting more sophisticated than ever. According to McAfee’s State of the Scamiverse 2025 report, the average person encounters 12 scams per day, while Americans see over 14 scam attempts daily, including three deepfake videos.
Fraudsters are leveraging AI-powered tools to create hyper-realistic deepfakes for as little as $5 and 10 minutes, making it harder than ever to distinguish between what’s real and what’s fake. The financial impact is staggering—87% of scam victims lose money, with one-third losing over $500, and nearly one in ten losing more than $5,000.
As a parent, one of my greatest concerns is ensuring my family doesn’t fall victim to these evolving scams.
So, here are five key ways to keep your loved ones safe in today’s Scamiverse.
Teaching kids (and adults) to be skeptical of what they see online is a crucial first step in scam prevention. Given the rise of deepfakes and AI-generated frauds, it’s essential to develop a questioning mindset:
With detected deepfakes surging tenfold globally and a 1,740% increase in North America alone, it’s more important than ever to show real-world examples of scams to kids and teens so they can recognize the signs.
Good digital habits can prevent many scams before they happen. Yet, 35% of scam victims say falling for a scam caused them moderate to significant distress, highlighting the importance of strong cyber hygiene:
Cybercriminals use the mosaic effect—piecing together publicly available information—to commit identity theft and financial fraud. Here’s how to lock down your digital footprint:
Phishing scams remain one of the most successful fraud tactics, often tricking victims into clicking on malicious links. According to McAfee, the most commonly reported scam types include:
To stay safe:
Staying informed is one of the best defenses against scams. With social media users sharing over 500,000 deepfakes in 2023, awareness is key. Here’s how to stay ahead:
Whether it’s deepfake impersonation scams, fraudulent investment schemes, or phishing texts, scammers are evolving rapidly. But with awareness, skepticism, and strong digital habits, you can help ensure your family stays protected from the ever-growing Scamiverse.
For more tips and security solutions, check out McAfee’s advanced protection tools to stay one step ahead of the fraudsters.
The post Protect Your Family From Scams With These 5 Key Online Safety Tips appeared first on McAfee Blog.
The internet is brimming with content designed to entertain, inform—and sometimes deceive. The latest tool in a cybercriminal’s arsenal? Deepfakes. From fabricated celebrity endorsements to fraudulent job interviews, AI-generated deepfake scams are growing at an alarming rate. As deepfake technology becomes more advanced, it’s harder than ever to discern real from fake—until it’s too late.
According to McAfee’s latest “State of the Scamiverse” report, deepfake scams have become an everyday reality. The average American now encounters 2.6 deepfake videos daily, with younger adults (18-24) seeing even more – about 3.5 per day. And for less than the cost of a latte and in under 10 minutes, scammers today can create shockingly convincing deepfake videos of anyone: your mom, your boss, or even your child.
At McAfee, we’re committed to helping users navigate this evolving threat landscape with cutting-edge protection tools. Understanding how deepfake scams work and how to safeguard yourself is the first step in staying ahead of cybercriminals.
Deepfake scams exploit the power of AI to create hyper-realistic audio, video, and images that can impersonate anyone—from politicians to CEOs, from family members to Hollywood stars. These fake videos and voices have been used to:
Our research shows that people encounter nearly three deepfakes a day online and that the number is growing, making the urgency to combat these scams greater than ever.
Figure 1: AN AI-Generated image of the Pope went viral online.
Deepfake scams typically follow a predictable pattern:
While deepfake technology is becoming increasingly sophisticated, there are still ways to identify AI-generated deception:
To stay one step ahead of cybercriminals, consider these safety measures:
Deepfake scams are not just a futuristic concern—they are a real and present danger. Cybercriminals will continue refining their tactics, but with the right awareness and security tools, you can outsmart them.
McAfee remains at the forefront of AI-driven security solutions, ensuring you have the protection you need in an increasingly deceptive digital world.
Stay one step ahead of deepfake threats. Download McAfee+ today and take control of your online security.
The post Data Shows You’ll Encounter A Deepfake Today—Here’s How To Recognize It appeared first on McAfee Blog.
Look both ways for a new form of scam that’s on the rise, especially if you live in Dallas, Atlanta, Los Angeles, Chicago, or Orlando — fake toll road scams. They’re the top five cities getting targeted by scammers.
We’ve uncovered plenty of these scams, and our research team at McAfee Labs has revealed a major uptick in them over the past few weeks. Fake toll road scams have nearly quadrupled at the end of February compared to where they were in January.
Figure 1. A chart showing the increasing frequency and volume of toll road scam messages
The scams play out like this:
Ping. You get a text notification. It says you have an unpaid tab for tolls and that you need to pay right away. And like many scams, it contains a link where you can pay up. Of course, that takes you to a phishing site that asks for your payment info (and sometimes your driver’s license number or even your Social Security number), which can lead to identity fraud and possibly identity theft.
Here’s one example that our Labs team tracked down. Pay close attention to the link. It follows the form of a classic scammer trick by altering the address of a known company so that it looks legit.
Figure 2. A screenshot showing an example of a Toll Roads scam text
The scam messages come in multiple varieties, however, so it’s important to stay vigilant of both your text and email inboxes. McAfee Labs found, for example, that some text messages and emails included PDFs while others included links using popular URL shortener services such as bit.ly, shorturl.at, qrco.de, and short.gy. The use of URL shorteners can also falsely create a sense of security when people recognize the popular format and don’t see typos or suspicious parts of the full URL.
Figure 3. A screenshot of a toll road scam text that urges recipients to open a PDF
Additionally, these scammers put in a lot of effort to create legitimate-looking web pages and notices. Note how the following example does its best to look like branded digital letterhead. And, as usual, it uses urgent language about fines and legal action to help make sure you “Pay Now.”
Figure 4. An example of a PDF included in a scam toll road text message
They work. Scammers target their victims by matching them with the toll payment service in their city or state, which makes the scam look extra official. For example, a scammer would use an “E-ZPass” email to target someone in Orlando, our #5 city for toll road scams, which is one of the 19 states that E-ZPass serves. In southern California, victims get hit with phony texts from scammers posing as “The Toll Roads,” which is a payment service in that region.
The apparent legitimacy combined with the emotional sense of urgency creates the perfect snare for scammers.
Now, about those URLs to phishing sites. We mentioned that scammers take the URLs of known toll payment services and add some extra characters to them. In other cases, they’ve latched on to the root term “paytoll” as well. Our research team dug up several examples of fake toll sites, including:
Of course, don’t follow any of those links. And something else about those links — you can see scammers dot-top, dot-vip, and dot-xin. These domains are cheap, available, and easy to purchase, which makes them attractive to scammers.
According to McAfee Labs research, the following U.S. cities are experiencing the most of these scam texts:
Figure 5. The top cities where toll road scams are most prevalent
The scam has gotten so out of hand that the U.S. Federal Trade Commission (FTC) has issued a warning about it. They offer up the following advice:
We’ll add to that too, with:
The following images show additional phishing pages and links McAfee found in relation to different toll road scams.
The post Fake Toll Road Scam Texts are Everywhere. These Cities are The Most Targeted. appeared first on McAfee Blog.
Authored By Sakshi Jaiswal
McAfee Labs recently observed a surge in phishing campaigns that use fake viral video links to trick users into downloading malware. The attack relies on social engineering, redirecting victims through multiple malicious websites before delivering the payload. Users are enticed with promises of exclusive content, ultimately leading them to fraudulent pages and deceptive download links.
Figure 1: Geo Heatmap showing McAfee customer encounters over the past 3 weeks.
1. Upon executing the PDF file, the displayed page appears to be part of a phishing scam leveraging clickbait about a “viral video” to lure users into clicking suspicious links. The document contains blue hyperlinked text labeled as “Watch ➤ Click Here To Link (Full Viral Video Link)” and a deceptive video player graphic, giving the illusion of a playable video.
Figure 2: PDF Image
2. The user clicks on “Watch ➤ Click Here To Link (Full Viral Video Link)“, which redirects them to a webpage (gitb.org) displaying fake “viral video leaked” content, excessive ads, and fake notifications to lure users. It promotes adult content, gambling, and misleading download buttons, which are common indicators of phishing or malware traps.
Figure 3: Redirected Webpage
3. This further redirects to malicious URL “hxxps[:]//purecopperapp.monster/indexind.php?flow_id=107&aff_click_id=D-21356743-1737975550-34G123G137G124-AITLS2195&keyword=Yourfile&ip=115.118.240.109&sub=22697121&source=157764”
Figure 4: Redirected Webpage2
4. And then redirected to below URL: “hxxps[:]//savetitaniumapp.monster/?t=d6ebff4d554677320244f60589926b97” which presents a password-protected download link hosted on Mega.nz, requiring the user to manually copy and paste the URL.
Figure 5: Redirected Webpage with download link
5. Upon checking the URL, it displays a loading screen while preparing the malicious file for download and then shows a downloadable file named 91.78.127.175.zip with a size of 26.7 MB.
Figure 6: Screenshot of a ZIP file download from MEGA
6. Download is completed and stored in downloads folder
Figure 7: Zip file downloaded
7. A ZIP archive (91.78.127.175.zip, 26.7 MB) file contains a password protected .7z file with .png file containing the password.
Figure 8: Files inside ZIP archive
8. The extracted .7z archive contains setup.msi, which is the actual malware payload.
Figure 9: setup.msi file
Upon execution of setup.msi, the malware:
1. Displays a CAPTCHA image to deceive users. upon clicking “OK,” it begins dropping files in the %Roaming% directory.
Figure 10: Screenshot of CAPTCHA image
2. Drops files into the %Roaming% directory.
Figure 11: Dropped multiple files in %Roaming%
Figure 12: Process Tree
McAfee intercepts and blocks this infection chain at multiple stages.
URL blocking of the fake video pages.
Figure 13: McAfee Blocking URL
Figure 14: McAfee PDF file Detection
This campaign highlights how cybercriminals exploit social engineering tactics and clickbait content to distribute malware. Users should remain cautious when encountering suspicious video links. To stay protected against phishing attacks and malware infections, McAfee recommends:
The post The Dark Side of Clickbait: How Fake Video Links Deliver Malware appeared first on McAfee Blog.
We’re thrilled to share some exciting news—McAfee has been recognized on Forbes’ prestigious list of America’s Best Midsize Employers for 2025! This recognition is a testament to our incredible employees, whose passion and commitment make McAfee not just an industry leader, but also a truly exceptional place to work.
“A great workplace isn’t just about what we do—it’s about who we are and the purpose we share,” said Justin Hastings, Chief People Officer at McAfee. “This award reflects our dedication to fostering an environment where employees feel valued, empowered, and connected. Whether through our innovation, career development, or our strong sense of community, we strive to make McAfee a place where talent thrives, driven by our mission to keep our customers safe in their digital lives.”
Forbes and Statista, a global data and business intelligence firm, compiled this list based on feedback from over 217,000 employees across various industries in the U.S. The ranking considers both direct feedback from McAfee team members and public perceptions of our workplace culture, with personal employee experiences carrying the most weight.
At McAfee, we believe that a great workplace isn’t just about the work—it’s about the people. This recognition underscores our ongoing commitment to fostering a culture where employees feel valued, empowered, and inspired. Whether it’s through innovative projects, professional growth opportunities, or a strong sense of community, we strive to make McAfee a place where talent thrives.
Our spot within the top 300 of 500 companies, shows that our collective dedication to excellence, inclusivity, and collaboration is making an impact.
This achievement wouldn’t be possible without our amazing employees who bring their best every day. Your contributions drive our success, and this recognition is as much yours as it is McAfee’s.
As we continue to push boundaries in cybersecurity, we remain committed to ensuring McAfee is a company where talent grows, ideas flourish, and people love coming to work.
It’s an exciting time to be part of Team McAfee! As we continue to grow and innovate, we’re always looking for passionate individuals who want to help create a safer online world.
If you’re looking for a workplace where your ideas matter, your contributions are valued, and you can thrive in a dynamic, mission-driven environment, we’d love to have you on board. Explore opportunities to join us today!
The post McAfee Named One of America’s Best Employers by Forbes appeared first on McAfee Blog.
Social media connects us to friends, trends, and news in real time—but it also opens the door to scammers looking to exploit trust and curiosity. From fake giveaways to impersonation scams, fraudsters use sophisticated tactics to trick users into handing over personal information, money, or access to their accounts.
Even the most internet-savvy users can fall victim to these deceptive schemes. That’s why it’s crucial to recognize the red flags before it’s too late. Whether it’s a DM from a “friend” in trouble, a deal that seems too good to be true, or a sudden request to verify your account, scammers prey on urgency and emotion to pull you in.
Here’s a look at some of the most common social media scams—and how you can stay one step ahead to protect yourself and your accounts.
Fraudsters use various tactics to lure unsuspecting users into their schemes, including:
Recognizing these red flags can help you stay safe:
Follow these precautions to reduce your risk of falling victim:
If you suspect you’ve fallen victim to a social media scam, take immediate action:
Social media scams are becoming more sophisticated, but you can protect yourself by staying informed and cautious.
Always verify messages, be skeptical of too-good-to-be-true offers, and use strong security measures to safeguard your accounts.
By recognizing these scams early, you can avoid financial loss and keep your personal information safe online.
McAfee helps protect you from online threats with advanced security tools, including identity monitoring, safe browsing features, and real-time malware protection. Stay one step ahead of scammers with trusted cybersecurity solutions.
The post The 9 Most Common Social Media Scams—and How to Spot Them Before It’s Too Late appeared first on McAfee Blog.
Typos. Too-good-to-be-true offers. Urgent warnings.
Scammers are getting smarter—and more convincing. New research from the Federal Trade Commission (FTC) reveals that Americans lost a staggering $12.5 billion to fraud in 2024, a 25% increase from the previous year. The median reported loss was $497, with imposter scams alone accounting for nearly $3 billion in losses.
Fraud isn’t just increasing—it’s hitting certain areas harder than others. Florida, Georgia, and Delaware ranked as the top three states with the highest per-capita fraud reports, while California led in total reports with over 500,000 cases.
And where are these scams happening? Scammers are reaching victims through phone calls, text messages, and social media, with social media emerging as one of the most lucrative platforms for fraud—70% of fraud reports linked to social media resulted in financial losses.
With scammers using increasingly sophisticated tactics, knowing how to spot red flags in emails and links is more critical than ever.
Here’s how to protect yourself from the latest phishing threats.
Simple Steps to Check a Link Before Clicking
How to Protect Yourself from Phishing Attacks
Preventative Measures
What to Do if You Clicked a Suspicious Link
Phishing attacks are becoming more deceptive, but staying informed and cautious can protect you. Always verify links and emails before clicking, and use trusted cybersecurity tools like McAfee+ to keep your accounts and data safe.
Stay vigilant—don’t let scammers catch you off guard!
The post Avoid Being Scammed: How to Identify Fake Emails and Suspicious Links appeared first on McAfee Blog.
Cryptocurrency offers exciting opportunities—but it’s also a favorite playground for scammers.
With the rapid rise of deepfake technology and deceptive AI-driven schemes, even seasoned investors can fall victim to fraud. According to McAfee’s State of the Scamiverse report, deepfake scams are on the rise, with the average American now encountering 2.6 deepfake videos daily. And younger adults (18-24) see even more – about 3.5 per day.
From fake investment opportunities to phishing attempts, bad actors are more sophisticated than ever.
The recent wave of Trump-themed meme coins—more than 700 copycats attempting to mimic the real thing—highlights just how rampant crypto scams have become. If even the president’s cryptocurrency isn’t safe from impersonators, how can everyday investors protect themselves?
By knowing the red flags, you can safeguard your money and personal data from crypto scammers.
Scammers often lure victims with guaranteed returns or impossibly high profits. If an investment promises “risk-free” earnings or sounds like a financial miracle, run the other way—legitimate investments always carry some level of risk.
Example: A Ponzi scheme disguised as a crypto investment fund may claim to offer “10% daily profits” or “instant payouts.” In reality, they use new investors’ money to pay early participants—until the scam collapses.
Fraudsters frequently impersonate public figures—from Elon Musk to Donald Trump—to promote fake coins or crypto investments. The explosion of Trump-themed meme coins shows how easily scammers exploit famous names. Even if a project appears linked to a well-known figure, verify through official channels.
Example: A deepfake video featuring a celebrity “endorsing” a new crypto token. McAfee’s research found that nearly 3 deepfake videos per day are encountered by the average American, many of them tied to scams.
Scammers often set up fraudulent crypto exchanges or wallet apps that look legitimate but are designed to steal your money. They might advertise low fees, special bonuses, or exclusive access to new coins.
How to Protect Yourself:
Always use well-established exchanges with a proven track record.
Look for HTTPS encryption and verify the URL carefully.
Research if the platform is licensed and regulated.
Scammers thrive on urgency. They’ll push you to act immediately before you have time to think critically. Whether it’s a limited-time pre-sale or a “secret investment opportunity,” don’t let fear of missing out (FOMO) cloud your judgment.
Example: “Only 10 spots left! Invest now before prices skyrocket!”—Classic scam tactics designed to trigger impulsive decisions.
No legitimate crypto project will ever ask for:
Example: A fake customer support email pretending to be from Coinbase, asking you to confirm your wallet password—this is a phishing attempt!
Do Your Research: Always Google the project’s name + “scam” before investing.
Check Regulatory Status: See if the platform is licensed (DFPI, SEC, or other regulators).
Verify Official Websites & Socials: Scammers create lookalike websites with small typos—double-check URLs!
Use Cold Storage: Store your assets in a hardware wallet to protect against hacks.
Use tools like McAfee+: To monitor for potential scams and get warnings for potential deepfakes and other scam red flags.
Crypto offers incredible potential—but with great opportunity comes risk. Scammers are always evolving, using deepfake videos, phishing, and fraudulent investment schemes to trick even the savviest investors. By staying informed and following basic security practices, you can avoid getting caught in the next big crypto scam.
The post How to Spot a Crypto Scam: The Top Red Flags to Watch For appeared first on McAfee Blog.
It started with a DM.
For five months, 25-year-old computer programmer Maggie K. exchanged daily messages with the man she met on Instagram, convinced she had found something real.
When it was finally time to meet in person, he never showed. Instead, he claimed he missed his flight and needed money to rebook. Desperate to finally see him, she sent the cash.
Then, silence. His accounts vanished. He hadn’t just ghosted her—he had never existed at all.
“I ignored my gut feeling… I sent him $1,200. Then he disappeared,” Maggie told McAfee, hoping that her story would educate others. “When I reported the scam, the police told me his images were AI-generated. He wasn’t even a real person. That was the scariest part – I had trusted someone who never even existed.”
These scams work because they prey on trust and emotions. And they aren’t just targeting the naïve; anyone, even tech professionals as Maggie’s case shows, can be fooled.
McAfee’s latest research reveals more than half (52%) of people have been scammed out of money or pressured to send money or gifts by someone they met online.
And romance scams aren’t just happening in dating apps anymore. Social media, messaging platforms and AI chatbots are fuelling an explosion of online romance fraud.
McAfee’s findings highlight a staggering rise in:
With 62% of people saying they’ve used dating apps, social media, or messaging platforms to connect with potential partners, scammers have a bigger pool of victims than ever before.
Younger users are the most active online daters, with 31% of 18-24-year-olds currently using online dating platforms. Tinder is the most popular dating app overall (46%), with its highest engagement among 18-24-year-olds (73%). Just over 40% of respondents said they use Instagram, 29% use Snapchat and 25% use TikTok to meet potential partners. But these platforms also present new risks, as fake apps designed to steal personal information lurk in app stores.
McAfee researchers found nearly 11,000 attempts to download fraudulent dating apps in recent months. The most impersonated?
Downloading a fake app could expose your login credentials, financial information or even install malware onto your device.
And once money is lost, its rarely recovered, as scammers use cryptocurrency, untraceable gift cards and offshore accounts to move stolen funds.
McAfee researchers urge anyone looking for love online to stay vigilant by following these critical safety measures:
1) Watch for “love bombing.” Scammers overwhelm victims with affection early on to gain trust.
2) Verify their identity. Use reverse image searches and insist on live video calls which AI-generated scammers avoid.
3) Never send money. No real partner will pressure you for financial help—especially when you’ve never met.
4) Be wary of celebrity DMs. If a famous figure suddenly messages you, it’s likely a scam.
5) Avoid suspicious links. McAfee blocked over 321,000 fraudulent dating sites—avoid clicking on unknown links or apps.
6) Use online protection tools. Tools like McAfee+ can detect and block suspicious messages, phishing attempts, and AI-generated fraud in real time. McAfee+ offers maximum identity, privacy, and device protection to detect and prevent fraudulent activity before it causes harm.
The post AI chatbots are becoming romance scammers—and 1 in 3 people admit they could fall for one appeared first on McAfee Blog.
McAfee has been named the top brand in the Antivirus and Security Software category in TIME and Statista’s 2024 World’s Best Brands list, ranking above all major industry competitors.
The list, which surveyed over 22,000 U.S. consumers, ranks brands based on trust, awareness, and customer satisfaction across 66 industries.
TIME’s World’s Best Brands of 2024 rankings highlight consumer preferences across industries, from tech to retail. The inclusion of cybersecurity in the list speaks to a broader trend: digital safety is no longer just a concern for businesses and IT professionals—it’s a household necessity.
Recent data supports this shift. A global McAfee study found that 59% of people have fallen victim to an online scam or know someone who has, with 87% of those affected losing money—an average loss of $1,366 USD. As the financial and personal stakes of online security continue to rise, consumers are looking for trusted brands that offer comprehensive, easy-to-use protection.
For those looking to strengthen their digital defenses, McAfee+ provides award-winning security that protects against malware, scams, and online fraud—allowing consumers to browse, shop, and connect with confidence.
The post McAfee Named #1 Antivirus and Security Software Brand in TIME’s 2024 World’s Best Brands appeared first on McAfee Blog.
Cybercriminals will always try to cash in on a good thing, and football is no exception. Online scammers are ramping up for the big game with all types of schemes designed to rip you off and steal your personal info—but you have several ways you can beat them at their game.
Like shopping holidays, tax season, and even back-to-school time, scammers take advantage of annual events that get people searching for deals and information online. You can include big games and tournaments in that list too.
Specific to this big game, you can count on several types of scams to rear their heads this time of year—ticket scams, merchandise scams, betting scams, and phony sweepstakes as well. They’re all in the mix, and they’re all avoidable. Here, we’ll break them down.
As of two weeks out, tickets for the big game on the official ticketing website were going for $6,000 or so, and that was for the so-called “cheap seats.” Premium seats in the lower bowl 50-yard line, sold by verified resellers, were listed at $20,000 a pop or higher.
While the game tickets are now 100% mobile, that hasn’t prevented scammers from trying to pass off phony tickets as the real deal. They’ll hawk those counterfeits in plenty of places online, sometimes in sites like your friendly neighborhood Craigslist.
So if you’re in the market for tickets, there are certainly a few things to look out for:
If you plan on enjoying the game closer to home, you may be in the market for some merch—a hat, a jersey, a tee, or maybe some new mugs for entertaining when you host the game at your place. With all the hype around the game, out will come scammers who set up bogus online stores. They’ll advertise items for sale but won’t deliver—leaving you a few dollars lighter and the scammers with your payment information, which they can use on their own for identity fraud.
You can shop safely with a few straightforward steps:
This is a great one to start with. Directly typing in the correct address for reputable online stores and retailers is a prime way to avoid scammers online. In the case of retailers that you don’t know much about, the U.S. Better Business Bureau (BBB) asks shoppers to do their research and make sure that retailer has a good reputation. The BBB makes that easier with a listing of retailers you can search simply by typing in their name.
If you feel like doing extra sleuthing, look up the address of the website and see when it was launched. A visit to the Internet Corporation for Assigned Names and Numbers (ICANN) at ICANN.org gives you the option to search a web address and see when it was launched, along with other information about who registered it. While a recently launched site is not an indicator of a scam site alone, sites with limited track records may give you pause if you want to shop there—particularly if there’s a chance it was just propped up by a scammer.
Look for the lock icon in your browser when you shop.
Secure websites begin their address with “https,” not just “http.” That extra “s” in stands for “secure,” which means that it uses a secure protocol for transmitting sensitive info like passwords, credit card numbers, and the like over the internet. It often appears as a little padlock icon in the address bar of your browser, so double-check for that. If you don’t see that it’s secure, it’s best to avoid making purchases on that website.
Credit cards are a good way to go. One reason why is the Fair Credit Billing Act, which offers protection against fraudulent charges on credit cards by giving you the right to dispute charges over $50 for goods and services that were never delivered or otherwise billed incorrectly. Your credit card companies may have their own policies that improve upon the Fair Credit Billing Act as well. Debit cards don’t get the same protection under the Act.
Comprehensive online protection software will defend against the latest virus, malware, spyware, and ransomware attacks plus further protect your privacy and identity. In addition to this, it can also provide strong password protection by generating and automatically storing complex passwords to keep your credentials safer from hackers and crooks who may try to force their way into your accounts. And, specific to the scams floating around this time of year, online protection can help prevent you from clicking links to known or suspected malicious sites.
It’s hard to watch sports these days without odds and stat lines popping up onto the screen, along with a fair share of ads that promote online betting. If you’re thinking about making things interesting with some betting, keep a few things in mind:
As it is every year, you’ll see kinds of sweepstakes and giveaways leading up to the game, plenty of them legitimate. Yet as they do, scammers will try and blend in by rolling out their own bogus promotions. Their aim: to part you from your cash or even your personal information.
A quick way to sniff out these scams is to take a close look at the promotion. For example, if it asks you to provide your bank information to send you your prize money, count on it being a scam. Likewise, if the promotion asks you to pay to claim a prize in some form or other, it’s also likely someone’s trying to scam you.
In all, steer clear of promotions that ask something for something in return, particularly if it’s your money or personal information.
As it is of late, all kinds of scams will try to glom onto the big game this year. And some of the best advice for avoiding them is not to give in to the hype. Scammers prey on scarcity, a sense of urgency, and keyed-up emotions in general. Their hope is that these things may make you less critical and more likely to overlook things that would otherwise seem sketchy or too good to be true. Staying focused as you shop, place a wager, or otherwise look to round out your enjoyment of the big game is some of your absolute best defense against scammers right now, and any time.
The post Super Scams – Beat the Online Scammers Who Want to Sack Your Big Game appeared first on McAfee Blog.
Beyoncé has officially announced her Cowboy Carter world tour, and the excitement is through the roof! With her last tour selling out in record time, fans know they need to act fast to secure their tickets. Unfortunately, that urgency is exactly what scammers prey on.
In 2022 alone, Americans lost nearly $8.8 billion to fraud, and ticket scams are one of the most common ways scammers cash in on eager fans. But don’t worry—we’ve got you covered. Before you rush to buy tickets to Beyoncé’s latest tour, here’s how to spot and avoid ticket scams so you don’t get left outside the stadium with nothing but regret.
Ticket scams come in different forms, but the most common ones include:
Scammers know how to create a sense of urgency, often advertising tickets to sold-out events at too-good-to-be-true prices. If you’re desperate to see Beyoncé, it’s easy to get caught up in the rush—but staying cautious can save you from getting scammed.
The best way to avoid being scammed is to buy only from reputable sources like official ticketing platforms (Ticketmaster, Live Nation, AXS) or directly from the event’s website. However, if you’re looking elsewhere, be on the lookout for these red flags:
When an event sells out, scammers flood social media with offers. Platforms like Facebook Marketplace, Instagram, and Craigslist are filled with fake ticket sellers. If you didn’t get tickets during the official sale, be cautious about where you’re looking.
Pro Tip: Follow Beyoncé’s official social media pages and event organizers for updates. Sometimes, extra dates or official resale opportunities become available.
Scammers often advertise tickets below face value to lure in victims. While real fans sometimes sell their tickets at a discount, it’s a huge red flag if the price is way lower than expected.
Pro Tip: If you’re buying from an individual, check their profile carefully. Look for signs of a fake account, such as recently created pages or multiple listings in different cities.
Some scammers go the extra mile, creating entire websites that mimic real ticket platforms. These fake sites not only sell counterfeit tickets but may also steal your credit card information.
Pro Tip: Always type in the official ticketing site’s URL manually or search for it on Google. Avoid clicking links from unknown sources, and double-check that the site uses “HTTPS” and has no misspellings in the URL.
Even if you get a real ticket, that doesn’t mean it’s yours alone. Some scammers sell the same ticket to multiple people, leading to chaos when multiple buyers show up at the event.
Pro Tip: Only buy from platforms that offer verified resale tickets with guarantees, like StubHub, SeatGeek, or VividSeats.
Some scammers sell general admission tickets as if they were premium seats. You may think you’re getting front-row access, only to find out you overpaid for a standing-room ticket.
Pro Tip: Always confirm the seat location with the seller. Many venues have seating charts available online, so check before purchasing.
Scammers hack into Ticketmaster accounts and transfer tickets to themselves, effectively locking the rightful owner out of their seats. Victims often receive a flood of emails, including notifications of ticket transfers they never authorized. By the time they realize what’s happened, their tickets are gone, likely resold by the scammer.
Pro Tip: To prevent this, ensure your Ticketmaster account is secure by using a strong password, enabling two-factor authentication, and being wary of suspicious login attempts or phishing emails.
To make sure you don’t fall victim to a ticket scam, follow these golden rules:
Buy from official sources – Beyoncé’s official website, Ticketmaster, and AXS are your safest bets.
Use a credit card – If something goes wrong, you can dispute the charge.
Be wary of social media sellers – If you’re buying from a stranger, research their profile and history first.
Check the URL – Make sure you’re on the real ticketing website before purchasing.
Avoid high-pressure sales tactics – Scammers want you to act fast—don’t fall for it!
Beyond ticket scams, cybercriminals also use major events like Beyoncé’s tour to spread malware and phishing attacks. McAfee’s comprehensive online protection can help keep your devices and personal information safe by blocking malicious websites, preventing identity theft, and alerting you to potential fraud.
Beyoncé’s Cowboy Carter tour is one of the most anticipated events of the year, and everyone wants to be part of the experience. But scammers know this too, and they’re out in full force. By staying smart, sticking to verified ticket sources, and being wary of deals that seem too good to be true, you can avoid scams and secure your spot at one of the biggest concerts of 2025.
Stay safe, Beyhive—and get ready to enjoy the show!
The post Buying Tickets for Beyoncé’s Cowboy Carter Tour? Don’t Let Scammers Ruin Your Experience appeared first on McAfee Blog.
The rise of AI-driven cyber threats has introduced a new level of sophistication to phishing scams, particularly those targeting Gmail users.
Criminals are using artificial intelligence to create eerily realistic impersonations of Google support representatives, Forbes recently reported. These scams don’t just rely on misleading emails; they also include convincing phone calls that appear to come from legitimate sources.
If you receive a call claiming to be from Google support, just hang up—this could be an AI-driven scam designed to trick you into handing over your Gmail credentials.
Here’s everything you need to know about the scam and how to protect yourself:
Hackers have devised a multi-step approach to trick users into handing over their Gmail credentials. Here’s how the scam unfolds:
The attack often begins with a phone call from what appears to be an official Google support number. The caller, using AI-generated voice technology, convincingly mimics a real Google representative. Their tone is professional, and the caller ID may even display “Google Support,” making it difficult to immediately recognize the scam.
Once engaged, the scammer informs the victim that suspicious activity has been detected on their Gmail account. They may claim that an unauthorized login attempt has occurred, or that their account is at risk of being locked. The goal is to create a sense of urgency, pressuring the victim to act quickly without thinking critically.
To appear credible, the scammer sends an email that looks almost identical to a real Google security notification. The email may include official-looking branding and a request to verify the user’s identity by entering a code. The email is designed to look so authentic that even tech-savvy individuals can be fooled.
If the victim enters the verification code, they inadvertently grant the attacker full access to their Gmail account. Since the scammer now controls the two-factor authentication process, they can lock the real user out, change passwords, and exploit the account for further attacks, including identity theft, financial fraud, or spreading phishing emails to others.
This scam is particularly dangerous because it combines multiple layers of deception, making it difficult to spot. Unlike standard phishing emails that may contain poor grammar or suspicious links, AI-enhanced scams:
To protect yourself from AI-powered scams, follow these essential security measures:
1. Be Skeptical of Unsolicited Calls from “Google”
Google does not randomly call users about security issues. If you receive such a call, hang up immediately and report the incident through Google’s official support channels.
2. Verify Security Alerts Directly in Your Account
If you receive a message stating that your account has been compromised, do not click any links or follow instructions from the email. Instead, go directly to your Google account’s security settings and review recent activity.
3. Never Share Verification Codes
Google will never ask you to provide a security code over the phone. If someone requests this information, it is a scam.
4. Enable Strong Authentication Methods
5. Regularly Monitor Your Account Activity
Check the “Security” section of your Google account to review login activity. If you see any unrecognized sign-ins, take immediate action by changing your password and logging out of all devices.
6. Use a Password Manager
A password manager helps create and store strong, unique passwords for each of your accounts. This ensures that even if one password is compromised, other accounts remain secure.
If you believe your account has been compromised, take these steps immediately:
As AI technology advances, cybercriminals will continue to find new ways to exploit users. By staying informed and implementing strong security practices, you can reduce the risk of falling victim to these sophisticated scams.
At McAfee, we are dedicated to helping you protect your digital identity. Stay proactive, stay secure, and always verify before you trust.
For more cybersecurity insights and protection tools, check out McAfee+.
The post How to Make Sure Your Gmail Account is Protected in Light of Recent AI Scams appeared first on McAfee Blog.
Video games are a favorite pastime for millions of kids and teenagers worldwide, offering exciting challenges, epic battles, and opportunities to connect with friends online. But what happens when the search for an edge in these games—like cheats or special hacks—leads to something far more dangerous?
McAfee Labs has uncovered a growing threat aimed at gamers, especially kids, who unknowingly download malware disguised as game hacks, software cracks, and cryptocurrency tools.
Here’s what you need to know about this sneaky scam and how to stay safe:
Popular games like Minecraft, Roblox, Fortnite, Apex Legends, and Call of Duty are among those targeted by these scams. Gamers searching for cheats to gain an advantage—like seeing through walls, speeding up characters, or unlocking premium items—are being lured to malicious links. These links often appear on GitHub, a platform where developers share and collaborate on code, or in YouTube videos claiming to offer step-by-step instructions.
GitHub is typically trusted by programmers and tech enthusiasts, but cybercriminals exploit this trust by uploading malware that masquerades as game hacks. By naming their repositories after popular games or tools, scammers trick users into downloading malware instead of the promised cheat software.
The process starts when someone searches online for free cheats or cracked software—like tools to unlock premium features of Spotify or Adobe—and stumbles upon a GitHub repository or a YouTube video. These repositories often look convincing, with professional descriptions, screenshots, and even licenses designed to appear legitimate.
Figure 1: Attack Vector
Once users follow the instructions, they’re often asked to disable their antivirus software or Windows Defender. The reasoning provided is that antivirus programs will mistakenly identify the hack or crack as dangerous. In reality, this step clears the way for malware to infect their device.
Instead of receiving a functional cheat, victims unknowingly install a dangerous program known as Lumma Stealer or similar malware variants. This software quietly:
Each week, new repositories and malware variants appear as older ones are detected and removed. This cycle makes it difficult for platforms like GitHub to completely eliminate the threat.
Kids and teens are prime targets because they often lack experience in identifying online scams. The promise of features like “Aimbots” (to improve shooting accuracy) or “Anti-Ban” systems (to avoid getting caught by game administrators) makes these fake downloads even more tempting. Scammers exploit this curiosity and eagerness, making it easier to trick young gamers into infecting their devices.
Figure 2: YouTube Video containing malicious URL in description.
McAfee Labs offers these tips to avoid falling victim to these scams:
The takeaway? Scammers will go to great lengths to exploit the interests and habits of gamers. And unfortunately, this isn’t the first time we’ve seen such malware attacks targeting gamers. By educating yourself and your family about these threats, you can play smarter and stay safer online. Always remember: no cheat or crack is worth compromising your security.
Read the full report from McAfee Labs outlining our research and findings on this malware risk. Learn more about how you can protect yourself with McAfee+.
The post Scam Alert: Fake Minecraft, Roblox Hacks on YouTube Hide Malware, Target Kids appeared first on McAfee Blog.
The artificial intelligence arms race has a new disruptor—DeepSeek, a Chinese AI startup that has quickly gained traction for its advanced language models.
Positioned as a low-cost alternative to industry giants like OpenAI and Meta, DeepSeek has drawn attention for its rapid growth, affordability, and potential to reshape the AI landscape.
But as the buzz around its capabilities grows, so do concerns about data privacy, cybersecurity, and the implications of feeding personal information into AI tools with uncertain oversight.
DeepSeek’s AI models, including its latest version, DeepSeek-V3, claim to rival the most sophisticated AI systems developed in the U.S.—but at a fraction of the cost.
According to reports, training its latest model required just $6 million in computing power, compared to the billions spent by its American counterparts. This affordability has allowed DeepSeek to climb the ranks, with its AI assistant even surpassing ChatGPT as the top free app on Apple’s U.S. App Store.
What makes DeepSeek’s rise even more surprising is how abruptly it entered the AI race. The company originally launched as a hedge fund before pivoting to artificial intelligence—an unusual shift that has fueled speculation about how it managed to develop such advanced models so quickly. Unlike other AI startups that spent years in research and development, DeepSeek seemed to emerge overnight with capabilities on par with OpenAI and Meta.
However, DeepSeek’s meteoric rise has sparked skepticism. Some analysts and AI experts question whether its success is truly due to breakthrough efficiency or if it has leveraged external resources—potentially including restricted U.S. AI technology. OpenAI has even accused DeepSeek of improperly using its proprietary tech, a claim that, if proven, could have major legal and ethical ramifications.
One of the biggest concerns surrounding DeepSeek isn’t just how it handles user data—it’s that it reportedly failed to secure it altogether.
According to The Register, security researchers at Wiz discovered that DeepSeek left a database completely exposed, with no password protection, allowing public access to millions of chat logs, API keys, backend data, and operational details.
This means that conversations with DeepSeek’s chatbot, including potentially sensitive information, were openly available to anyone on the internet. Worse still, the exposure reportedly could have allowed attackers to escalate privileges and gain deeper access into DeepSeek’s infrastructure. While the issue has since been fixed, the incident highlights a glaring oversight: even the most advanced AI models are only as trustworthy as the security behind them.
Here’s why caution is warranted:
DeepSeek specifically states in its terms of service that it collects, stores, and has permission to share just about all the data you provide while using the service.
Figure 1. Screenshot of DeepSeek Privacy Policy shared on LinkedIn
It specifically notes collecting your profile information, credit card details, and any files or data shared in chats. What’s more, that data isn’t stored in the United States, which has strict data privacy regulations. DeepSeek is a Chinese company with limited required protections for U.S. consumers and their personal data.
If you’re using AI tools—whether it’s ChatGPT, DeepSeek, or any other chatbot—it’s crucial to take steps to protect your information:
As AI chatbots like DeepSeek gain popularity, safeguarding your personal data is more critical than ever. With McAfee’s advanced security solutions, including identity protection and AI-powered threat detection, you can browse, chat, and interact online with greater confidence—because in the age of AI, privacy is power.
The post Explaining DeepSeek: The AI Disruptor That’s Raising Red Flags for Privacy and Security appeared first on McAfee Blog.
Identity theft is a growing concern, and Data Privacy Week serves as an important reminder to safeguard your personal information. In today’s digital age, scammers have more tools than ever to steal your identity, often with just a few key details—like your Social Security number, bank account information, or home address.
Unfortunately, identity theft claims have surged in recent years, jumping from approximately 650,000 in 2019 to over a million in 2023, according to the Federal Trade Commission (FTC). This trend underscores the urgent need for stronger personal data protection habits.
So, how do scammers pull it off, and how can you protect yourself from becoming a victim?
How Do Scammers Steal Your Identity?
Scammers are resourceful, and there are multiple ways they can access your personal information. The theft can happen both in the physical and digital realms.
When scammers steal your identity, they often leave behind a trail of unusual activity that you can detect. Here are some common signs that could indicate identity theft:
If you suspect that your identity has been stolen, time is of the essence. Here’s what you need to do:
While you can’t completely eliminate the risk of identity theft, there are several steps you can take to protect yourself:
Identity theft can be a stressful and overwhelming experience, but by acting quickly and taking proactive steps to protect your personal information, you can minimize the damage and reclaim your identity.
The post How Scammers Steal Your Identity and What You Can Do About It appeared first on McAfee Blog.
We’re excited to announce the release of McAfee’s Personal Data Cleanup, a new feature that finds and removes your personal info from data brokers and people search sites. Now, you can feel more confident by removing personal info from data broker sites and keeping it from being collected, sold, and used to: advertise products to you, fill your email box with spam, and can even give criminals the info they need to steal your identity. Let’s look at why we’re offering McAfee Personal Data Cleanup, how it protects your privacy, and why it’s a great addition to the online protection we already offer.
There’s so much to enjoy when you live a connected life – free email, online stores that remember what you like, social media that connects you to friends and influencers. It’s a world of convenience, opportunity, and incredible content. It’s also a world where your data is constantly collected.
That’s right, companies are collecting your personal data. They’re called data brokers and they make money by selling information that specifically identifies you, like an email address. They sell this information to marketers looking to target you with ads. Criminals can also use it to build profiles in service of stealing your identity and accessing your accounts. This activity takes place behind the scenes and often without consumers’ knowledge. There are also data brokers known as people search sites that compile and sell info like home addresses, emails, phones, court records, employment info, and more. These websites give identity thieves, hackers, stalkers, and other malicious actors easy access to your info. Regardless of how your data is being used, it’s clear that these days a more connected life often comes at the cost of your privacy.
In a recent survey of McAfee customers, we found that 59% have become more protective of their personal data over the past six months. And it’s no wonder. Over the past two years, trends like telehealth, remote working, and increased usage of online shopping and financial services have meant that more of your time is being spent online. Unsurprisingly, more personal data is being made available in the process. This leads us to the most alarming finding of our survey – 95% of consumers whose personal information ends up on data broker sites had it collected without their consent.
We created Personal Data Cleanup to make it easy for you to take back your privacy online. McAfee’s Personal Data Cleanup regularly scans the riskiest data broker sites for info like your home address, date of birth, and names of relatives. After showing where we found your data, you can either remove it yourself or we will work on your behalf to remove it. Here’s how it works:
Ready to take back your personal info online? Personal Data Cleanup is available immediately with most of our online protection plans. If you have an eligible subscription, you can start using this new feature through McAfee Protection Center, or you can get McAfee online protection here.
The post Introducing Personal Data Cleanup appeared first on McAfee Blog.
Authored by Anuradha, Sakshi Jaiswal
In 2024, scams in India have continued to evolve, leveraging sophisticated methods and technology to exploit unsuspecting individuals. These fraudulent activities target people across demographics, causing financial losses and emotional distress. This blog highlights some of the most prevalent scams this year, how they operate, some real-world scenarios, tips to stay vigilant and what steps to be taken if you become a victim.
This blog covers the following scams:
Scam Tactics:
Fraudsters on WhatsApp employ deceptive tactics to steal personal information, financial data, or gain unauthorized access to accounts. Common tactics include:
Case 1: In the figure below, a user is being deceived by a message originating from the +244 country code, assigned to Angola. The message offers an unrealistic investment opportunity promising a high return in just four days, which is a common scam tactic. It uses pressure and informal language, along with a link for immediate action.
Case 2: In the figure below, a user is being deceived by a message originating from the +261 country code, assigned to Madagascar. The message claims that you have been hired and asks you to click a link to view the offer or contact the sender which is a scam.
Case 3: In the figure below, a user is being deceived by a message originating from the +91 country code, assigned to India. Scammers may contact you, posing as representatives of a legitimate company, offering a job opportunity. The recruiter offers an unrealistic daily income (INR 2000–8000) for vague tasks like searching keywords, which is suspicious. Despite requests, they fail to provide official company details or an email ID, raising credibility concerns. They also ask for personal information prematurely, a common red flag.
Case 4: In the figure below, a user is being deceived by a message originating from the +84 country code, assigned to Vietnam. The offer to earn money by watching a video for just a few seconds and providing a screenshot is a common tactic used by scammers to exploit individuals. They may use the link to gather personal information, or your action could lead to phishing attempts.
Case 5: In the figure below, a user is being misled by a message originating from the country codes +91, +963, and +27, corresponding to India, Syria, and South Africa, respectively. The message claims to offer a part-time job with a high salary for minimal work, which is a common tactic used by scammers to lure individuals. The use of popular names like “Amazon” and promises of easy money are red flags. The link provided might lead to phishing attempts or data theft. It’s important not to click on any links, share personal details, or respond to such unsolicited offers.
Case 6: The messages encourage you to post fake 5-star reviews for businesses in exchange for a small payment, which is unethical and often illegal. Scammers use such tactics to manipulate online ratings, and the provided links could lead to phishing sites or malware. Avoid engaging with these messages, clicking on the links, or participating in such activities.
How to Identify WhatsApp Scams:
Impact:
Prevention:
Scam Tactics:
How to Identify Instant Loan Scam:
Impact:
Prevention:
Voice-cloning scams use advanced AI technology to replicate the voices of familiar people, such as friends, family members, or colleagues, to manipulate victims into transferring money or providing sensitive information.
Scam Tactics:
How to Identify AI Voice-Cloning Scams:
Impact:
Prevention
Scam Tactics
Scammers use various methods to deceive victims into revealing credit card information or making unauthorized payments:
How to identify Credit card scam:
Impact:
Prevention:
Scam Tactics:
In fake delivery scams, fraudsters pose as delivery services to trick you into providing personal information, card details, or payment. Common tactics include:
How to Identify Fake Delivery Scams:
Impact:
Prevention:
Scam Tactics:
Scammers pose as police officers or government officials, accusing victims of being involved in illegal activities like money laundering or cybercrime. They intimidate victims by threatening arrest or legal action unless immediate payment is made to “resolve the matter.”
How to Identify Digital Arrest Scam:
Impact: Daily losses from such scams run into lakhs, as victims panic and transfer money or provide sensitive information under pressure.
Prevention:
What to Do if You Fall Victim
If you’ve fallen victim to any of the mentioned scams—Digital Arrest Scam, Instant Loan Scam, Voice Cloning Scam, WhatsApp Scam, Fake Delivery Scam or Credit Card Scam—it’s important to take immediate action to minimize damage and protect your finances and personal information. Here are common tips and steps to follow for all these scams:
As scams in India continue to grow in number and sophistication, it is crucial to raise awareness to protect individuals and businesses from falling victim to these fraudulent schemes. Scams such as phishing, fake job offers, credit card scams, loan scams, investment frauds and online shopping frauds are increasingly targeting unsuspecting victims, causing significant financial loss and emotional harm.
By raising awareness of scam warning signs and encouraging vigilance, we can equip individuals to make safer, more informed decisions online. Simple precautions, such as verifying sources, being cautious of unsolicited offers, and safeguarding personal and financial information, can go a long way in preventing scams.
It is essential for both individuals and organizations to stay informed and updated on emerging scam tactics. Through continuous awareness and proactive security measures, we can reduce the impact of scams, ensuring a safer and more secure digital environment for everyone in India.
The post Rising Scams in India: Building Awareness and Prevention appeared first on McAfee Blog.
Data Privacy Week is here, and there’s no better time to shine a spotlight on one of the biggest players in the personal information economy: data brokers. These entities collect, buy, and sell hundreds—sometimes thousands—of data points on individuals like you. But how do they manage to gather so much information, and for what purpose? From your browsing habits and purchase history to your location data and even more intimate details, these digital middlemen piece together surprisingly comprehensive profiles. The real question is: where are they getting it all, and why is your personal data so valuable to them? Let’s unravel the mystery behind the data broker industry.
Data brokers aggregate user info from various sources on the internet. They collect, collate, package, and sometimes even analyze this data to create a holistic and coherent version of you online. This data then gets put up for sale to nearly anyone who’ll buy it. That can include marketers, private investigators, tech companies, and sometimes law enforcement as well. They’ll also sell to spammers and scammers. (Those bad actors need to get your contact info from somewhere — data brokers are one way to get that and more.)
And that list of potential buyers goes on, which includes but isn’t limited to:
These companies and social media platforms use your data to better understand target demographics and the content with which they interact. While the practice isn’t unethical in and of itself (personalizing user experiences and creating more convenient UIs are usually cited as the primary reasons for it), it does make your data vulnerable to malicious attacks targeted toward big-tech servers.
Most of your online activities are related. Devices like your phone, laptop, tablets, and even fitness watches are linked to each other. Moreover, you might use one email ID for various accounts and subscriptions. This online interconnectedness makes it easier for data brokers to create a cohesive user profile.
Mobile phone apps are the most common way for data brokerage firms to collect your data. You might have countless apps for various purposes, such as financial transactions, health and fitness, or social media.
A number of these apps usually fall under the umbrella of the same or subsidiary family of apps, all of which work toward collecting and supplying data to big tech platforms. Programs like Google’s AdSense make it easier for developers to monetize their apps in exchange for the user information they collect.
Data brokers also collect data points like your home address, full name, phone number, and date of birth. They have automated scraping tools to quickly collect relevant information from public records (think sales of real estate, marriages, divorces, voter registration, and so on).
Lastly, data brokers can gather data from other third parties that track your cookies or even place trackers or cookies on your browsers. Cookies are small data files that track your online activities when visiting different websites. They track your IP address and browsing history, which third parties can exploit. Cookies are also the reason you see personalized ads and products.
Data brokers collate your private information into one package and sell it to “people search” websites. As mentioned above, practically anyone can access these websites and purchase extensive consumer data, for groups of people and individuals alike.
Next, marketing and sales firms are some of data brokers’ biggest clients. These companies purchase massive data sets from data brokers to research your data profile. They have advanced algorithms to segregate users into various consumer groups and target you specifically. Their predictive algorithms can suggest personalized ads and products to generate higher lead generation and conversation percentages for their clients.
We tend to accept the terms and conditions that various apps ask us to accept without thinking twice or reading the fine print. You probably cannot proceed without letting the app track certain data or giving your personal information. To a certain extent, we trade some of our privacy for convenience. This becomes public information, and apps and data brokers collect, track, and use our data however they please while still complying with the law.
There is no comprehensive privacy law in the U.S. on a federal level. This allows data brokers to collect personal information and condense it into marketing insights. While not all methods of gathering private data are legal, it is difficult to track the activities of data brokers online (especially on the dark web). As technology advances, there are also easier ways to harvest and exploit data.
As of March 2024, 15 states in the U.S. have data privacy laws in place. That includes California, Virginia, Connecticut, Colorado, Utah, Iowa, Indiana, Tennessee, Oregon, Montana, Texas, Delaware, Florida, New Jersey, and New Hampshire.[i] The laws vary by state, yet generally, they grant rights to individuals around the collection, use, and disclosure of their personal data by businesses.
However, these laws make exceptions for certain types of data and certain types of collectors. In short, these laws aren’t absolute.
Some data brokers let you remove your information from their websites. There are also extensive guides available online that list the method by which you can opt-out of some of the biggest data brokering firms. For example, a guide by Griffin Boyce, the systems administrator at Harvard University’s Berkman Klein Center for Internet and Society, provides detailed information on how to opt-out of a long list of data broker companies.
Yet the list of data brokers is long. Cleaning up your personal data online can quickly eat up your time, as it requires you to reach out to multiple data brokers and opt-out.
Rather than removing yourself one by one from the host of data broker sites out there, you have a solid option: our Personal Data Cleanup.
Personal Data Cleanup scans data broker sites and shows you which ones are selling your personal info. It also provides guidance on how you can remove your data from those sites. And if you want to save time on manually removing that info, you have options. Our McAfee+ Advanced and Ultimate plans come with full-service Personal Data Cleanup, which sends requests to remove your data automatically.
If the thought of your personal info getting bought and sold in such a public way bothers you, our Personal Data Cleanup can put you back in charge of it.
[i] https://pro.bloomberglaw.com/insights/privacy/state-privacy-legislation-tracker/
The post How Data Brokers Sell Your Identity appeared first on McAfee Blog.
Romance scams have surged in sophistication, preying on emotions and exploiting the trust of victims in the digital age.
The latest case involving a French woman who believed she was romantically involved with actor Brad Pitt is a stark reminder of the vulnerabilities we face online. But this incident, unfortunately, does not stand alone. Scammers continue to exploit celebrity fame to defraud unsuspecting victims, using deepfakes and other manipulative tactics. Recent examples include:
The most recent Brad Pitt impersonation scam follows a straightforward but insidious pattern of manipulation. Here’s how the scam unfolded step by step:
The Initial Contact: Anne, a French interior decorator, downloaded Instagram during a family ski trip. Shortly after, she was approached by a scammer pretending to be Brad Pitt’s mother, who claimed her son needed someone like Anne in his life.
Building Trust: The scammer, posing as Pitt, used AI-generated photos and emotionally charged messages to gain Anne’s trust. The fake Brad Pitt “knew how to talk to women,” according to Anne, creating a sense of intimacy and connection.
Figure 1. These fake images were used in a fake Brad Pitt romance scam.
The Financial Request: The scammer fabricated a crisis, claiming Pitt needed $1 million for a kidney treatment but couldn’t access his funds due to his ongoing divorce from Angelina Jolie. Playing on Anne’s empathy, the fraudster requested financial help.
The Emotional Manipulation: At the time, Anne was going through her own divorce and had recently received a settlement. Believing she was aiding someone in need, she transferred $850,000 to the scammer.
The Scam Unravels: The hoax came to light after Pitt publicly debuted his relationship with Ines de Ramon at the Venice Film Festival. This contradiction exposed the deception and ended the scam.
Brad Pitt recently spoke out, according to Variety, condemning the scammers for taking “advantage of the strong bond between fans and celebrities.”
Romance scammers often exploit online dating platforms, social media, and fan communities to identify potential victims. Being aware of the warning signs can help you identify and avoid romance scams:
Unrealistic Claims: If someone’s story seems too good to be true, it likely is. For example, a Hollywood star personally reaching out on a fan site is improbable. Celebrities rarely engage in direct, personal communication with fans, especially through unofficial platforms like fan sites, due to time constraints, security concerns, and the sheer volume of fan interactions.
Urgent Requests for Money: Scammers often fabricate crises requiring immediate financial assistance.
Reluctance to Meet in Person: Excuses to avoid face-to-face meetings or video calls can signal deception.
Inconsistencies in Their Story: Contradictory details or vague answers are common red flags.
Pressure to Keep the Relationship Secret: Scammers may isolate victims by discouraging them from discussing the relationship with friends or family.
While the tactics of romance scammers can be sophisticated, there are steps you can take to safeguard your heart and your finances:
Verify Identities: Use reverse image searches to check if profile pictures are stolen. Research their claims and background.
Be Cautious with Personal Information: Avoid sharing sensitive details, such as financial information or passwords.
Avoid Sending Money: Never transfer funds to someone you haven’t met in person, regardless of their story.
Keep Conversations Public: Use the messaging platform of the dating site or social media app rather than moving to private communication.
Watch Out For in AI: Artificial intelligence (AI) has made it much easier for scammers to create deepfake audio and video to create even more realistic romance scams. McAfee’s Ultimate Guide to AI Deepfakes can help you learn how to spot and protect yourself from deepfakes.
Trust Your Instincts: If something feels off, listen to your intuition, which can pick up on subtle inconsistencies or red flags that your conscious mind may overlook, acting as an early warning system.
Figure 2. An AI-generated image that circulated widely showed the Pope wearing a designer coat.
If you believe you are being targeted by a romance scam, take the following steps:
Cease Communication: Stop interacting with the individual immediately.
Report the Incident: Notify the dating platform or social media site, and report the scam to your local authorities or organizations like the FTC.
Protect Your Accounts: Change passwords and monitor your financial accounts for suspicious activity.
Seek Support: Talk to trusted friends or family members about the situation.
Raising awareness about romance scams is essential in preventing others from falling victim. Share information about common tactics and red flags with your loved ones, particularly those who may be more vulnerable, such as elderly family members or friends navigating online dating for the first time.
While the promise of romance can be enticing, it’s crucial to approach online relationships with caution and awareness.
By recognizing red flags, protecting your personal information, and reporting suspicious activity, you can safeguard yourself and others from the emotional and financial devastation of romance scams.
The post Breaking Down the Brad Pitt Scam: How it Happened and What We Can Learn appeared first on McAfee Blog.
Authored by Aayush Tyagi
Video game hacks, cracked software, and free crypto tools remain popular bait for malware authors. Recently, McAfee Labs uncovered several GitHub repositories offering these tempting “rewards,” but a closer look reveals something more sinister. As the saying goes, if it seems too good to be true, it probably is.
GitHub is often exploited for malware distribution due to its accessibility, trustworthiness, and developer-friendly features. Attackers can easily create free accounts and host repositories that appear legitimate, leveraging GitHub’s reputation to deceive users.
McAfee Labs encountered multiple repositories, offering game hacks for top-selling video games such as Apex Legends, Minecraft, Counter Strike 2.0, Roblox, Valorant,
Fortnite, Call of Duty, GTA V and or offering cracked versions of popular software and services, such as Spotify Premium, FL Studio, Adobe Express, SketchUp Pro, Xbox Game Pass, and Discord to name a few.
These attack chains begin when users would search for Game Hacks, cracked software or tools related to Cryptocurrency on the internet, where they would eventually come across GitHub repositories or YouTube Videos leading to such GitHub repositories, offering such software.
We noticed a network of such repositories where the description of software keeps on changing, but the payload remains the same: a Lumma Stealer variant. Every week, a new set of repositories with a new malware variant is released, as the older repositories are detected and removed by GitHub. These repositories also include distribution licenses and software screenshots to enhance their appearance of legitimacy.
Figure 1: Attack Vector
These repositories also contain instructions on how to download and run the malware and ask the user to disable Windows Defender or any AV software, before downloading the malware. They provide the reasoning that, since the software is related to game hacks or by-passing software authentication or crypto-currency mining, AV products will detect and delete these applications.
This social engineering technique, combined with the trustworthiness of GitHub works well in the favor of malware authors, enabling them to infect more users.
Children are frequently targeted by such scams, as malware authors exploit their interest in game hacks by highlighting potential features and benefits, making it easier to infect more systems.
As discussed above, the users would come across malicious repositories through searching the internet (highlighted in red).
Figure 2: Internet Search showing GitHub results.
Or through YouTube videos, that contain a link to the repository in the description (highlighted in red).
Figure 3: YouTube Video containing malicious URL in description.
Once the user accesses the GitHub repository, it contains a Distribution license and other supporting files, to trick the user into thinking that the repository is genuine and credible.
Figure 4: GitHub repository containing Distribution license.
Repositories also contain a detailed description of the software and installation process further manipulating the user.
Figure 5: Download instructions present in the repository.
Sometimes, the repositories contain instructions to disable AV products, misleading users to infect themselves with the malware.
Figure 6: Instructions to disable Windows Defender.
To target more children, repositories contain a detailed description of the software; by highlighting all the features included within the package, such as Aimbots and Speed Hacks, and how easily they will be able to gain an advantage over their opponents.
They even mention that the package comes with advance Anti-Ban system, so their account won’t be suspended, and that the software has a popular community, to create a perception that, since multiple users are already using this software, it must be safe to use and that, by not using the software, they are missing out.
Figure 7: Features mentioned in the GitHub repository.
The downloaded files, in most cases, were Lumma Stealer variants, but observing the latest repositories, we noticed new malware variants were also being distributed through the same infection vector.
Once the user downloads the file, they get the following set of files.
Figure 8: Files downloaded from GitHub repository.
On running the ‘Loader.exe’ file, as instructed, it iterates through the system and the registry keys to collect sensitive information.
Figure 9: Loader.exe checking for Login credentials for Chrome.
It searches for crypto wallets and password related files. It searches for a list of browsers installed and iterates through user data, to gather anything useful.
Figure 10: Loader.exe checking for Browsers installed on the system.
Then the malware connects to C2 servers to transfer data.
Figure 11: Loader.exe connecting to C2 servers to transfer data.
This behavior is similar to the Lumma Stealer variants we have seen earlier.
McAfee blocks this infection chain at multiple stages:
Figure 12: McAfee blocking URLs
Figure 13: McAfee blocking the malicious file
In conclusion, the GitHub repository infection chain demonstrates how cybercriminals exploit accessibility and trustworthiness of popular websites such as GitHub, to distribute malware like Lumma Stealer. By leveraging the user’s desire to use game hacks, to be better at a certain video game or obtain licensed software for free, they trick users into infecting themselves.
At McAfee Labs, we are committed to helping organizations protect themselves against sophisticated cyber threats, such as the GitHub repository technique. Here are our recommended mitigations and remediations:
As of publishing this blog, these are the GitHub repositories that are currently active.
| File Type | SHA256/URLs |
| URLs | github[.]com/632763276327ermwhatthesigma/hack-apex-1egend |
| github[.]com/VynnProjects/h4ck-f0rtnite | |
| github[.]com/TechWezTheMan/Discord-AllinOne-Tool | |
| github[.]com/UNDERBOSSDS/ESET-KeyGen-2024 | |
| github[.]com/Rinkocuh/Dayz-Cheat-H4ck-A1mb0t | |
| github[.]com/Magercat/Al-Photoshop-2024 | |
| github[.]com/nate24321/minecraft-cheat2024 | |
| github[.]com/classroom-x-games/counter-str1ke-2-h4ck | |
| github[.]com/LittleHa1r/ESET-KeyGen-2024 | |
| github[.]com/ferhatdermaster/Adobe-Express-2024 | |
| github[.]com/CrazFrogb/23fasd21/releases/download/loader/Loader[.]Github[.]zip | |
| github[.]com/flashkiller2018/Black-Ops-6-Cheats-including-Unlocker-Tool-and-RICOCHET-Bypass | |
| github[.]com/Notalight/h4ck-f0rtnite | |
| github[.]com/Ayush9876643/r0blox-synapse-x-free | |
| github[.]com/FlqmzeCraft/cheat-escape-from-tarkov | |
| github[.]com/Ayush9876643/cheat-escape-from-tarkov | |
| github[.]com/Ayush9876643/rust-hack-fr33 | |
| github[.]com/ppetriix/rust-hack-fr33 | |
| github[.]com/Ayush9876643/Roblox-Blox-Fruits-Script-2024 | |
| github[.]com/LandonPasana21/Roblox-Blox-Fruits-Script-2024 | |
| github[.]com/Ayush9876643/Rainbow-S1x-Siege-Cheat | |
| github[.]com/Ayush9876643/SonyVegas-2024 | |
| github[.]com/123456789433/SonyVegas-2024 | |
| github[.]com/Ayush9876643/Nexus-Roblox | |
| github[.]com/cIeopatra/Nexus-Roblox | |
| github[.]com/Ayush9876643/m0dmenu-gta5-free | |
| github[.]com/GerardoR17/m0dmenu-gta5-free | |
| github[.]com/Ayush9876643/minecraft-cheat2024 | |
| github[.]com/RakoBman/cheat-apex-legends-download | |
| github[.]com/Ayush9876643/cheat-apex-legends-download | |
| github[.]com/cIiqued/FL-Studio | |
| github[.]com/Ayush9876643/FL-Studio | |
| github[.]com/Axsle-gif/h4ck-f0rtnite | |
| github[.]com/Ayush9876643/h4ck-f0rtnite | |
| github[.]com/SUPAAAMAN/m0dmenu-gta5-free | |
| github[.]com/atomicthefemboy/cheat-apex-legends-download | |
| github[.]com/FlqmzeCraft/cheat-escape-from-tarkov | |
| github[.]com/Notalight/h4ck-f0rtnite | |
| github[.]com/Notalight/FL-Studio | |
| github[.]com/Notalight/r0blox-synapse-x-free | |
| github[.]com/Notalight/cheat-apex-legends-download | |
| github[.]com/Notalight/cheat-escape-from-tarkov | |
| github[.]com/Notalight/rust-hack-fr33 | |
| github[.]com/Notalight/Roblox-Blox-Fruits-Script-2024 | |
| github[.]com/Notalight/Rainbow-S1x-Siege-Cheat | |
| github[.]com/Notalight/SonyVegas-2024 | |
| github[.]com/Notalight/Nexus-Roblox | |
| github[.]com/Notalight/minecraft-cheat2024 | |
| github[.]com/Notalight/m0dmenu-gta5-free | |
| github[.]com/ZinkosBR/r0blox-synapse-x-free | |
| github[.]com/ZinkosBR/cheat-escape-from-tarkov | |
| github[.]com/ZinkosBR/rust-hack-fr33 | |
| github[.]com/ZinkosBR/Roblox-Blox-Fruits-Script-2024 | |
| github[.]com/ZinkosBR/Rainbow-S1x-Siege-Cheat | |
| github[.]com/ZinkosBR/Nexus-Roblox | |
| github[.]com/ZinkosBR/m0dmenu-gta5-free | |
| github[.]com/ZinkosBR/minecraft-cheat2024 | |
| github[.]com/ZinkosBR/h4ck-f0rtnite | |
| github[.]com/ZinkosBR/FL-Studio | |
| github[.]com/ZinkosBR/cheat-apex-legends-download | |
| github[.]com/EliminatorGithub/counter-str1ke-2-h4ck | |
| Github[.]com/ashishkumarku10/call-0f-duty-warz0ne-h4ck | |
| EXEs | CB6DDBF14DBEC8AF55986778811571E6 |
| C610FD2A7B958E79F91C5F058C7E3147 | |
| 3BBD94250371A5B8F88B969767418D70 | |
| CF19765D8A9A2C2FD11A7A8C4BA3DEDA | |
| 69E530BC331988E4E6FE904D2D23242A | |
| 35A2BDC924235B5FA131095985F796EF | |
| EB604E2A70243ACB885FE5A944A647C3 | |
| 690DBCEA5902A1613CEE46995BE65909 | |
| 2DF535AFF67A94E1CDAD169FFCC4562A | |
| 84100E7D46DF60FE33A85F16298EE41C | |
| 00BA06448D5E03DFBFA60A4BC2219193 | |
| C2 Domains | 104.21.48.1 |
| 104.21.112.1 | |
| 104.21.16.1 |
The post GitHub’s Dark Side: Unveiling Malware Disguised as Cracks, Hacks, and Crypto Tools appeared first on McAfee Blog.
Inauguration Day has come and gone, and the peaceful transfer of power couldn’t have happened without the intricate systems that ensure the integrity of the electoral process—specifically, cybersecurity.
Behind the scenes, a vast network of digital defenses worked to protect elections from disinformation, cyberattacks, and manipulation, all of which pose increasing threats in today’s digital age. From securing ballots to combating deepfakes, these measures play a critical role in upholding trust in democracy and making days like Inauguration Day possible.
In the digital age, elections face unprecedented threats designed to undermine public trust and disrupt democratic processes. Among the most common challenges are:
These threats highlight the urgent need for robust cybersecurity measures to protect the democratic process.
To counter these threats, governments and organizations have implemented advanced strategies and technologies:
These measures are critical in securing the journey from Election Day to Inauguration Day, building public confidence in the democratic process.
As you consume news about the inauguration and the new administration, it’s more important than ever to be vigilant about fake news. Fake news crops up in plenty of places on social media. And it has for some time now. In years past, it took the form of misleading posts, image captions, quotes, and the sharing of outright false information in graphs and charts. Now with the advent of AI, we see fake news taken to new levels of deception:
It’s critical to be wary of disinformation, intentionally misleading information manipulated to create a flat-out lie, as well as misinformation, which may include social posts that unknowingly get facts wrong.
To combat misinformation and AI deepfakes, it’s key to:
Deepfakes don’t just spread false information—they often lead users to phishing sites or malware. With tools like McAfee+, you can navigate the digital landscape with confidence.
The post From Election Day to Inauguration: How Cybersecurity Safeguards Democracy appeared first on McAfee Blog.
McAfee Total Protection users can feel even more secure online knowing that AV-Comparatives has named it the best in 2024 for both real-world protection and overall speed.
The two awards – the 2024 Real-World Protection Gold Award and the Best Overall Speed Gold Award – underscore McAfee’s commitment to providing powerful security without compromising PC performance, a critical combination at a time when 59% of people globally report falling victim to an online scam or knowing someone who has, with 87% of these individuals losing money—an astounding average loss of $1,366 USD.
“We are honored to receive both the Best Real-World Protection and the Best PC Performance awards,” said McAfee Chief Technology Officer Steve Grobman. “AV-Comparatives is a renowned institute with a reputation for analysis and quality assurance that stands tall, and this recognition further reinforces our leadership in online protection. With our AI-powered threat protection, we remain committed to staying one step ahead of cybercriminals while having the lowest impact on PC performance, so that people can enjoy their online lives with confidence.”
Each year, AV-Comparatives rigorously tests leading consumer security products to evaluate their effectiveness in real-world scenarios as well as their impact on system performance. McAfee’s standout results reflect the strength of its:
Protect yourself and your family today with McAfee Total Protection, which includes the award-winning anti-malware technology, scam protection, identity monitoring, Secure VPN, password management, and safe browsing capabilities for all-in-one security.
Get started with a free trial of McAfee Total Protection here. McAfee’s award-winning technology is also available in McAfee+ Premium, McAfee+ Advanced, and McAfee+ Ultimate.
Read the full report on AV-Comparatives’ awards here.
The post AV-Comparatives Crowns McAfee as 2024’s Leader in Online Protection and Speed appeared first on McAfee Blog.
Private tech companies gather tremendous amounts of user data. These companies can afford to let you use social media platforms free of charge because it’s paid for by your data, attention, and time.
Big tech derives most of its profits by selling your attention to advertisers — a well-known business model. Various documentaries (like Netflix’s “The Social Dilemma”) have tried to get to the bottom of the complex algorithms that big tech companies employ to mine and analyze user data for the benefit of third-party advertisers.
Tech companies benefit from personal info by being able to provide personalized ads. When you click “yes” at the end of a terms and conditions agreement found on some web pages, you might be allowing the companies to collect the following data:
For someone unfamiliar with privacy issues, it is important to understand the extent of big tech’s tracking and data collection. After these companies collect data, all this info can be supplied to third-party businesses or used to improve user experience.
The problem with this is that big tech has blurred the line between collecting customer data and violating user privacy in some cases. While tracking what content you interact with can be justified under the garb of personalizing the content you see, big tech platforms have been known to go too far. Prominent social networks like Facebook and LinkedIn have faced legal trouble for accessing personal user data like private messages and saved photos.
The info you provide helps build an accurate character profile and turns it into knowledge that gives actionable insights to businesses. Private data usage can be classified into three cases: selling it to data brokers, using it to improve marketing, or enhancing customer experience.
To sell your info to data brokers
Along with big data, another industry has seen rapid growth: data brokers. Data brokers buy, analyze, and package your data. Companies that collect large amounts of data on their users stand to profit from this service. Selling data to brokers is an important revenue stream for big tech companies.
Advertisers and businesses benefit from increased info on their consumers, creating a high demand for your info. The problem here is that companies like Facebook and Alphabet (Google’s parent company) have been known to mine massive amounts of user data for the sake of their advertisers.
To personalize marketing efforts
Marketing can be highly personalized thanks to the availability of large amounts of consumer data. Tracking your response to marketing campaigns can help businesses alter or improve certain aspects of their campaign to drive better results.
The problem is that most AI-based algorithms are incapable of assessing when they should stop collecting or using your info. After a point, users run the risk of being constantly subjected to intrusive ads and other unconsented marketing campaigns that pop up frequently.
To cater to the customer experience
Analyzing consumer behavior through reviews, feedback, and recommendations can help improve customer experience. Businesses have access to various facets of data that can be analyzed to show them how to meet consumer demands. This might help improve any part of a consumer’s interaction with the company, from designing special offers and discounts to improving customer relationships.
For most social media platforms, the goal is to curate a personalized feed that appeals to users and allows them to spend more time on the app. When left unmonitored, the powerful algorithms behind these social media platforms can repeatedly subject you to the same kind of content from different creators.
Here are the big tech companies that collect and mine the most user data.
Users need a comprehensive data privacy solution to tackle the rampant, large-scale data mining carried out by big tech platforms. While targeted advertisements and easily found items are beneficial, many of these companies collect and mine user data through several channels simultaneously, exploiting them in several ways.
It’s important to ensure your personal info is protected. Protection solutions like McAfee’s Personal Data Cleanup feature can help. It scours the web for traces of your personal info and helps remove it for your online privacy.
McAfee+ provides antivirus software for all your digital devices and a secure VPN connection to avoid exposure to malicious third parties while browsing the internet. Our Identity Monitoring and personal data removal solutions further remove gaps in your devices’ security systems.
With our data protection and custom guidance (complete with a protection score for each platform and tips to keep you safer), you can be sure that your internet identity is protected.
The post What Personal Data Do Companies Track? appeared first on McAfee Blog.
The devastating wildfires sweeping through Southern California have left countless neighborhoods in ruins, forcing thousands to evacuate and destroying homes in their path. While many people across the nation are moved to support those affected, this goodwill often becomes a target for opportunistic cybercriminals. McAfee researchers have discovered that social media networks have been flooded with deceptive images, showing how cryptocurrencies can be used to make donations for fire relief efforts. We believe these to be scams trying to dupe consumers. McAfee CTO, Steve Grobman says, “It’s really unfortunate because it’s such a tragic event, and we’re seeing cybercriminals and scammers take advantage of the situation in a whole host of ways, from fake GoFundMe sites to fraudulent campaign donation pages.”
Figure 1. Cryptocurrency Donation Requests
Steve continues, “The use of generative AI has fueled the creation of fake content, like viral images of the Hollywood sign engulfed in flames, which our deepfake detection technology confirmed were AI-generated. These tools are helping scammers misrepresent reality and exploit public emotions. We’ve seen fake accounts impersonating celebrities like Emma Watson and Kim Kardashian, promoting nonexistent charities to deceive people into donating money.”
The average American encounters a staggering 14.4 scam messages and deepfakes daily through social media, text messages, and emails, according to McAfee’s latest “State of the Scamiverse” report.
Now, think about this: even in your everyday life, that’s a lot of noise to sift through. But when you’re in the chaos of recovering from a disaster like a wildfire—juggling insurance claims, emergency communications, and rebuilding your life—the sheer volume of scams adds another layer of overwhelm. It’s a perfect storm for distraction, making it even easier for cybercriminals to exploit your vulnerability. Here’s what you need to know to protect yourself from scams while providing genuine help to wildfire victims.
Natural disasters and major news events provide fertile ground for cybercriminals. Cliff Steinhauer, Director of Information Security at the National Cybersecurity Alliance, explains that people eager to help during a crisis can act emotionally, skipping necessary steps to verify the legitimacy of donation platforms or relief efforts.
Scammers watch disaster news closely to craft scams tailored to the event. The emotional urgency surrounding a catastrophe like the California wildfires increases the likelihood of falling victim to these attacks.
A recent McAfee survey found that 59% of Americans say they or someone they know has been the victim of an online scam. 84% of these people lost money to the scam, with an average loss of $1,471 – and nearly 1 in 10 scam victims lost over $5,000
Many scams during crises fall under the umbrella of social engineering, a tactic where attackers manipulate people into divulging sensitive information or funds. Here are some of the most common schemes to watch out for:
Scammers often create counterfeit websites or social media posts masquerading as legitimate charities. These pages may look convincing but divert donations into the hands of criminals.
Emails, texts, and phone calls pretending to be from government agencies or well-known charities may attempt to steal personal data or payment details.
Victims of disasters are especially vulnerable. Scammers might pose as organizations offering aid, only to harvest sensitive information like bank account details or steal identities.
Modern scammers use AI to craft phishing attempts that are harder to spot. Unlike older scams with obvious grammar mistakes, AI-generated messages can appear professional and persuasive.
Figure 2. Fake Celebrity Donation Requests
Whether you’re donating to wildfire relief efforts or seeking aid, these steps can help protect you:
Use trusted resources like Give.org or Charity Navigator to confirm the legitimacy of charities.
Platforms like GoFundMe now provide verified lists of fundraisers for disaster relief.
Be wary of websites with misspelled URLs or unusual domain extensions. Look for “https” and padlock symbols to confirm the site is secure.
Phishing attempts often come via unsolicited emails, texts, or social media ads. Instead of clicking, go directly to a charity’s official website by typing its address into your browser.
Not all paid advertisements on platforms like Facebook or Instagram are legitimate. Avoid providing personal or payment information through these channels without verification.
Be cautious of campaigns that fail to explain how your donation will be used. Reputable organizations are transparent about how funds are allocated.
Steve Grobman states, “If consumers want to help with relief efforts, they should always go to validated organizations and use payment methods with protections, like credit cards. Wiring money or using cryptocurrency can make it nearly impossible to recover funds if it turns out to be fraudulent. While many GoFundMe sites are legitimate, scammers exploit the platform’s low barrier to entry. Consumers should verify campaigns with the individuals or families they claim to support or stick to reputable charities.”
In the aftermath of California wildfires, staying vigilant is essential. While most people are dedicated to recovery and support, a few may attempt to exploit the situation. By learning to spot common scams and taking proactive steps, you can safeguard yourself and your community from additional harm. Use a robust and trustworthy scam detection tool. McAfee can block risky sites even if you accidentally click a link in a scam text. When it comes to text messages, our smart AI puts a stop to scams before you click—detecting any suspicious links and sending you an alert.
In an age where deepfake technology is becoming increasingly sophisticated, protecting yourself from manipulated videos, audio, and images is critical. McAfee Deepfake Detector is designed to safeguard individuals and organizations by identifying and alerting you to potential deepfakes, ensuring that you can trust what you see and hear online.
The post Scammers Exploit California Wildfires: How to Stay Safe appeared first on McAfee Blog.
Amid the devastation of the Los Angeles County wildfires – scorching an area twice the size of Manhattan – McAfee threat researchers have identified and verified a rise in AI-generated deepfakes and misinformation, including startling but false images of the Hollywood sign engulfed in flames.
Social media and local broadcast news have been flooded with deceptive images claiming the Hollywood sign is engulfed in flames, with many people alleging that the iconic landmark is “surrounded by fire.”
Figure 1. AI-generated image shared on Facebook on January 9th, 2025.
Fact check: The Hollywood sign is still standing and is intact. A live feed of the Hollywood sign clearly shows the sign is not currently in harm’s way or engulfed in flames.
Figure 2: Live view of the Hollywood sign taken at 3.29 PT on Friday, January 10th 2025.
McAfee researchers have examined dozens of images shared across X, Facebook, Tik Tok and Instagram, and have verified these are indeed AI-generated images and videos. In addition to analysis from our own threat researchers, McAfee’s image deepfake detection technology has flagged images shown here (and many more) of the Hollywood Hills as AI-generated, with the fire serving as a key factor in its analysis.
McAfee’s investigation traced many of the images back to Gemini, an AI-based image generation platform. This finding underscores the increasing sophistication of fake image synthesis, where fake images and videos can be created in mere seconds, but can be spread to more than a million views in just 24 hours, such as is the case with the social post shared on Facebook below.
Figure 3: Screenshot of deepfake video of Hollywood sign on fire. This video was discovered on Facebook and had already achieved 1.3 million views in 24 hours.
McAfee CTO, Steve Grobman states, “AI tools have supercharged the spread of disinformation and misinformation, enabling false content—like recent fake images of the Hollywood sign engulfed in flames—to circulate at unprecedented speed. This makes it critical for social media users to keep their guard up, approach viral posts with skepticism, and verify sources to distinguish fact from fiction.”
Figure 4. McAfee’s advanced AI models identifies images that have been modified or created using AI. The heatmap depicts areas that have been used to identify and confirm AI-usage.
AI-generated still images are incredibly easy to produce. In less than a minute, we were able to produce a convincing image of the Hollywood Hills sign on fire for free with AI image generating Android app (we have not published these images, only those found on social media). Many of these apps exist to choose from. Some do filter for violent and other objectionable content. However, images like the Hollywood Hills sign on fire, fall outside of normal guardrails. Additionally, the business model of many of these apps include free credits as a trial, making it quick and easy to create and share. AI image generation is a widely available and easily accessible tool used in many misinformation campaigns.
See below for more examples:
Figure 5. Examples on Instagram.
Upon closer inspection, some images had watermark images clearly labeled from Generative AI tools such as Grok. And while this might be an obvious telltale sign for some people, there are many others who are not familiar with or recognize such watermarks.
Figure 6. The Grok watermark is clearly visible in the image above.
There are several straightforward steps that you can take to spot a fake. We recommend a combination of healthy skepticism and awareness combined with the right technology, such as McAfee Deepfake Detector.
While not all AI is malicious or ‘bad’, this technology is commonly used by bad actors for malicious intent when it comes to deepfake scams, misinformation and disinformation. While the deepfakes outlined here appear to be without malicious intent – other than to misinform social media users – we could expect these to evolve where scammers create similar deepfakes as part of fake donation scams, and so we advise everyone to stay vigilant and learn more on how to spot deepfakes online:
Plenty of deepfakes can lure you into sketchy corners of the internet. Places where malware and phishing sites take root. Consider using comprehensive online protection software with McAfee+ and McAfee Deepfake Detector to keep safe. In addition to several features that protect your devices, privacy, and identity, they can warn you of unsafe sites too.
The post The Hollywood Sign is Not on Fire: Deepfakes Spread During L.A. Wildfires appeared first on McAfee Blog.
In a world where deepfake scams and misinformation are increasingly pervasive, McAfee is taking a bold step forward with major enhancements to its AI-powered deepfake detection technology. By partnering with AMD and harnessing the Neural Processing Unit (NPU) within the latest AMD Ryzen AI 300 Series processors announced at CES, McAfee Deepfake Detector is designed to empower users to discern truth from fiction like never before.
As deepfake technology becomes more sophisticated, so too does the challenge of identifying manipulated content. Nearly two-thirds of people globally report rising concerns over deepfakes, emphasizing the need for tools that can accurately detect falsified content.
To address this growing issue, McAfee introduced its cutting-edge AI technology, now supercharged through its collaboration with AMD, McAfee Deepfake Detector can deliver detection in seconds to help consumers navigate videos increasingly riddled with misinformation.
Cybercriminals are leveraging AI to manipulate audio and video, creating hyper-realistic deepfakes that are difficult to identify with the naked eye. McAfee’s Deepfake Detector uses advanced Convolution Neural Network models—AI tools specifically trained to identify manipulated or AI-generated audio within videos.
This groundbreaking technology is aimed at not only enhancing online safety but also setting a new standard for AI-powered tools.
McAfee’s partnership with AMD takes deepfake detection to the next level. By leveraging the 50 TOPS of performance in the latest AMD Ryzen AI 300 Series processors, McAfee Deepfake Detector achieves lightning–fast detection of deepfakes. This collaboration announced at CES marks a significant leap forward in balancing AI performance with user privacy, giving consumers the best of both worlds: robust protection and peace of mind.
This newest generation of AMD mobile processors represents huge leaps forward not just in compute and graphics performance but also in AI capabilities and experiences, all powered by the world’s most advanced family of processors1. McAfee Deepfake Detector leverages AMD XDNA 2 architecture providing up to a 5X increase in NPU power vs. the previous generation2, confirming continued AMD leadership in innovation and performance in this new category of AI PC computing.
McAfee’s Deepfake Detector integrates effortlessly into the user’s workflow, ensuring that everyone—from professionals to casual users—can access next-level protection without technical hurdles.
As deepfake technology evolves, McAfee Deepfake Detector is a game-changer in the fight against misinformation and scams. By combining AI-powered detection with the cutting-edge AMD Ryzen AI 300 Series processors and NPU technology, McAfee delivers:
Stay one step ahead of deepfake threats. Whether you’re a professional, a consumer, or simply navigating the digital world, McAfee empowers you to discern truth from fiction—designed for a safer, more secure online experience.
1 Based on node size. As of January 2024, AMD Ryzen AI 300 Series processors are amongst the most advanced series of processors based on 4nm node size, whereas available competitive (non-AMD) x86 laptop processors are based on 7nm TSMC process.
2 Based on engineering specifications as of May 2024 comparing total TOPS capacity for Ryzen AI 300 Series processor’s NPU to Ryzen 7040 Series processor’s NPU.
The post McAfee Deepfake Detector: Fighting Misinformation with AMD AI-Powered Precision appeared first on McAfee Blog.
You know that “Hi, how are you?” text from a stranger? It’s one of the top scams worldwide—right along with those fake delivery notices that try to reel you in a scam site with a fishy link. Now you have extra protection against them and all other kinds of scams with our new McAfee Scam Detector.
The time’s right for it too. Those scam stats above came from our latest research, which also uncovered just how often people get hit with scams and how costly they can be. 59% of Americans said they or someone they know has fallen for an online scam in the last 12 months, with scam victims losing an average of $1,471 to the scam.
Now here’s where our Scam Detector comes in. It helps stop scammers in their tracks with real-time protection against fake emails, suspicious texts, and deepfake videos that look incredibly real. By design, it helps you protect what scammers want — your money and your personal info.
McAfee Scam Detector starts with McAfee Smart AI, the same technology that already powers our online protection. From there, it helps keep you safe from email, text message, and video scams:
The best part is that we do this automatically. Once it’s set up, McAfee Scam Detector goes to work immediately. No need to copy, paste, or second-guess if a message is fake — we take care of it all for you, all in real-time. If we spot something sketchy, it lets you know, whether that’s on your mobile app, email inbox, or video platform.
Also, it lets you know what’s suspicious and why. That’s important to us. When it comes to scams, “knowing one when you see one” goes a long way toward keeping yourself safer online. Explaining why something’s dangerous can help you spot threats even when you’re on devices without McAfee-powered protection.
Soon, McAfee Scam Detector will be included in all McAfee+, McAfee Total Protection, and McAfee LiveSafe plans at no extra cost. It protects you wherever you’re online. Whether you’re using a phone, laptop, tablet, or Chromebook, our Scam Detector keeps you safe.
The post Introducing McAfee Scam Detector— Stop Scams Before They Strike appeared first on McAfee Blog.
As CES kicks off in Las Vegas, McAfee proudly stands at the forefront of innovation, showcasing our leadership in AI and our commitment to driving transformative breakthroughs in tech. Here are the key highlights of McAfee’s participation at CES 2025:
At CES, we are announcing McAfee Scam Detector – the most comprehensive protection against text, email, and video scams. Today’s scams are smarter, sneakier, and more convincing than ever. We’re helping consumers take back control with AI-powered scam detection to stop scammers in their tracks.
Tuesday Spotlight:
Dan Huynh, McAfee’s VP of Business Development, joins a panel of business leaders to explore the capabilities of AI-powered PCs. From enhanced video and photo editing to faster computing speeds and improved security, this session delves into how AI PCs are reshaping work, play, and creativity.
McAfee has announced an exciting partnership with AMD to combat deepfake scams and misinformation. The McAfee Deepfake Detector now leverages the Neural Processing Unit (NPU) in AMD Ryzen AI 300 Series processors, enabling faster and more accurate detection of manipulated content.
Qualcomm is also showcasing McAfee’s Deepfake Detector technology at CES, with demos running on their high-performance, low-powered AI silicon. These demonstrations highlight McAfee’s commitment to tackling the growing threat of malicious AI deepfakes.
Thursday Spotlight:
German Lancioni, McAfee’s Chief AI Scientist, takes the stage to discuss using AI as a tool against AI-generated disinformation. This session will tackle the question: How can people trust what they see in a world of malicious AI deepfakes?
As CES 2025 unfolds, McAfee is proud to lead the charge in addressing the challenges and opportunities that AI brings to our increasingly digital world. Through groundbreaking innovations, strategic partnerships, and thought leadership, we’re not just imagining the future of tech—we’re actively shaping it.
We invite you to join us and our partners at CES to experience our cutting-edge technologies firsthand, engage with experts, and learn how McAfee is redefining security in the age of AI. Together, we’re building a safer, smarter, and more trusted digital landscape for everyone. Stay tuned for more updates as we continue to push the boundaries of what’s possible.
The post McAfee Shines at CES 2025: Redefining AI Protection for All appeared first on McAfee Blog.
