Reading view

Is That Delivery Text Real? How to Spot Package Smishing and Delivery Scams

You’re expecting a package. 

Maybe it’s a birthday gift. Maybe it’s a purchase from a major shopping event. Maybe it’s something you forgot you ordered three days ago. 

Then your phone buzzes. 

Your package couldn’t be delivered.  There’s a problem with your shipping address. 

A small fee is required before delivery can continue. 

“Click here immediately.”

The message feels plausible because so many of us are constantly waiting for packages. And scammers know it. 

According to McAfee’s State of the Scamiverse report, fake delivery and shipping notices are the single most commonly reported scam consumers encounter today, with 31% of people saying they’ve received one. Americans also receive an average of 14 scam messages every day across texts, email, social media, phone calls, and other channels.  

Delivery scams have become one of the internet’s most successful forms of phishing because they exploit something simple: people are already expecting the message. 

Here’s how to spot and stop these scams:

What Is a Delivery Scam? 

A delivery scam is a fraudulent message that pretends to come from a shipping company, retailer, postal service, or delivery provider. 

The goal is usually one of three things: 

  • Steal personal information  
  • Steal financial information  
  • Trick victims into downloading malware or visiting malicious websites  

These scams often impersonate organizations such as: 

  • USPS  
  • UPS  
  • FedEx  
  • DHL  
  • Amazon  
  • Royal Mail  
  • Australia Post  
  • Other local or regional delivery services  

Most delivery scams arrive through text messages, which is why they’re often called package smishing scams. 

What Is Smishing? 

Smishing is a type of phishing attack delivered through SMS text messages. 

The term combines: 

  • SMS (Short Message Service)  
  • Phishing 

Instead of arriving through email, the scam arrives directly on your phone and attempts to create a sense of urgency that encourages immediate action. 

Common examples include: 

  • “Your package could not be delivered.”  
  • “Delivery attempt failed.”  
  • “Update your shipping address.”  
  • “Pay a small customs fee.”  
  • “Confirm delivery information.” 
McAfee's Scam Detector lets you know when delivery messages are scams.
McAfee’s Scam Detector lets you know when delivery messages are scams.

Delivery Scam Red Flags and What to Do 

If You See This Red Flag  Why It’s Suspicious  What To Do 
A package alert when you’re not expecting a delivery  Scammers send messages in bulk hoping someone is waiting for a package  Ignore the message and do not click links 
A request to pay a small fee before delivery  Legitimate carriers rarely collect delivery fees through text messages  Visit the carrier’s official website directly 
A message claiming your address needs verification  Common tactic used to steal personal information  Check shipment status through your retailer or carrier account 
A shortened or unusual link  Scammers often disguise malicious websites  Avoid clicking and manually type the carrier’s website address 
Pressure to act immediately  Urgency is designed to override caution  Pause and verify independently 
Requests for passwords, payment information, or verification codes  Legitimate carriers will not ask for this through text messages  Delete the message and report it as spam 
A delivery app or file download request  May install malware on your device  Never download software from a text message 

Accidentally Clicked a Delivery Scam? Do This Immediately 

What Happened  What To Do 
You only clicked the link  Close the page and do not enter any information 
You entered login credentials  Change your password immediately and enable two-factor authentication 
You entered payment information  Contact your bank or credit card provider right away 
You downloaded a file or app  Delete it and run a security scan 
You’re unsure what information was exposed  Monitor accounts closely for unusual activity 

How McAfee Can Help  

With McAfee+, multiple layers work together before any damage is done:  

  • Scam Detector flags suspicious texts, emails, links, QR codes, and even deepfake videos before you engage 
  • Secure VPN keeps your data private, especially on public Wi-Fi  
  • Web Protection helps block risky sites, even if you do accidentally click  helps block risky sites, even if you do accidentally click   
  • Password Manager doesn’t just help you make unique, strong passwords, it keeps them stored and organized for you
  • Device Security helps detect malicious apps or downloads   
  • Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast   
  • Personal Data Cleanup helps remove your information from sites selling it. 
  • Online Account Cleanup assists in taking down your old, forgotten accounts across the web 
  • Social Privacy Manager helps you monitor and change privacy settings across your social platforms in just a few clicks 

Together, these protections are designed to address the broader range of online risks people face every day. 

The post Is That Delivery Text Real? How to Spot Package Smishing and Delivery Scams appeared first on McAfee Blog.

  •  

7 Shopping Scams Americans Report Seeing Most: This Week in Scams

Last week, McAfee warned that economic pressure and AI are creating ideal conditions for online shopping scams. 

This week, that warning got another real-world example. 

New reporting revealed that cloned shopping websites have appeared in AI-generated search results, potentially directing consumers to convincing fake storefronts designed to steal payment information and personal data.  

The incident reinforces what McAfee’s latest research found ahead of Prime Day: shoppers are moving faster, trusting deals more readily, and encountering increasingly sophisticated scams. 

Before the summer’s biggest shopping events kick into high gear, let’s get into the sales and Prime Day scams to be aware of and other cybersecurity news making headlines This Week in Scams. 

The Top 7 Shopping Scams to Watch for This Prime Day 

McAfee’s latest research found consumers most frequently encounter the following scams during major sales events: 

  1. Fake shipping confirmations and order updates (34%)  
  2. Delivery company impersonation scams (32%)  
  3. Requests for payment or account information (27%)  
  4. Suspicious account verification alerts (26%)  
  5. Retailer impersonation scams (25%)  
  6. Fake urgency and expiring deal messages (24%)  
  7. Suspicious discount codes and flash-sale offers (22%)  

These scams work because they exploit moments when consumers are already expecting packages, tracking orders, comparing prices, and making quick purchasing decisions. 

McAfee's latest research found consumers most frequently encounter the following scams during major sales events:  Fake shipping confirmations and order updates (34%)   Delivery company impersonation scams (32%)   Requests for payment or account information (27%)   Suspicious account verification alerts (26%)   Retailer impersonation scams (25%)   Fake urgency and expiring deal messages (24%)   Suspicious discount codes and flash-sale offers (22%)  

Prime Day Shopping Safety Checklist 

In McAfee’s new consumer research40% of Americans surveyed said they would trust a lower priced deal without verifying it. That means as costs are climbing, shoppers are less likely to second guess a too-good-to-be-true deal that could be a scam.   

“What the data reflects is that economic pressure has effectively done some of the scammer’s work for them,” says McAfee’s Head of Threat Research Abhishek Karnik.  

“When consumers are already primed to move quickly and prioritize price over authenticity, it takes far less effort to push them toward a bad click or a fraudulent purchase.”  

And reporting that fake shopping sites have appeared in ChatGPT results shows that scammers are adapting to ensure they show up wherever consumers search for products, including AI-powered search experiences. 

That means it’s more important than ever for shoppers to know the red flags, common scams, and protection measures to find deals safely. 

Safety Checklist 

Before making a purchase: 

✓ Verify the website URL 

✓ Compare prices across multiple retailers 

✓ Research unfamiliar sellers 

✓ Be skeptical of discounts exceeding 50-70% 

✓ Never trust a shopping link sent by text 

✓ Use a credit card instead of bank transfer, crypto, or gift cards 

✓ Check independent reviews 

✓ Verify shipping alerts directly through the retailer 

Other Scam and Security News This Week 

Nintendo Investigates Third-Party Employee Data Incident 

According to Kotaku, Nintendo is investigating an alleged data exposure involving TinyPulse, a third-party employee survey platform. An extortion group claiming responsibility for the incident says it possesses employee information and internal communications and demanded a $2 million ransom. Nintendo said its own systems were not compromised and that no customer financial or payment information was accessed. 

Madison Square Garden Data Allegedly Posted Online 

According to 404 Media, hackers linked to the ShinyHunters group have allegedly published data stolen from Madison Square Garden after an extortion attempt. Sample files reviewed by the outlet reportedly contained personal information, talent records, and contact details connected to sports personalities and business operations. 

Novo Nordisk Reports Clinical Trial Data Breach 

According to Yahoo Finance, Novo Nordisk disclosed a data breach involving individuals participating in clinical trials. The company is currently assessing the scope of the exposure while also managing ongoing supply constraints affecting its GLP-1 medications, including Wegovy. 

How McAfee Can Help  

With McAfee+ Premium, multiple layers work together before any damage is done:  

  • Scam Detector flags suspicious texts, emails, links, QR codes, and even deepfake videos before you engage 
  • Secure VPN keeps your data private, especially on public Wi-Fi  
  • Web Protection helps block risky sites, even if you do accidentally click  helps block risky sites, even if you do accidentally click   
  • Password Manager doesn’t just help you make unique, strong passwords, it keeps them stored and organized for you
  • Device Security helps detect malicious apps or downloads   
  • Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast   
  • Personal Data Cleanup helps remove your information from sites selling it. 
  • Online Account Cleanup assists in taking down your old, forgotten accounts across the web 
  • Social Privacy Manager helps you monitor and change privacy settings across your social platforms in just a few clicks 

Together, these protections are designed to address the broader range of online risks people face every day. 

Plus, click here to get McAfee’s limited-time deals on real-time protection this Amazon Prime Day, from June 23 to June 26.

The post 7 Shopping Scams Americans Report Seeing Most: This Week in Scams appeared first on McAfee Blog.

  •  

How to Protect Yourself from Doxxing and Lock Down Your Data

Woman gamer confused at computer

You post an opinion about a contentious issue on social media. Within hours, strangers have shared your home address, your employer’s phone number, and photos of your children’s school. Your inbox floods with threats. Someone calls your workplace demanding that you be fired. A crowd shows up outside your house. What started as online speech has become a safety crisis that follows you everywhere. You’ve been doxed.

If you’re looking for real answers about how to prevent doxxing before it happens or how to respond if you’re already facing harassment, this guide provides actionable strategies to lock down your digital footprint and protect your personal information. 

Key Takeaways

  • Protect yourself from doxxing by reducing exposed data on social media, data broker sites, and public records
  • Secure your accounts with strong passwords, multi-factor authentication, and privacy-focused security tools like a VPN or antivirus protection
  • Platform-specific strategies help prevent doxxing on Discord, Twitter, and other high-risk spaces
  • If you’ve been doxxed, act immediately to document everything, remove content, and involve authorities when threats escalate

What Is Doxing?

Doxxing (sometimes spelled doxing) is the act of publicly exposing someone’s personal information online without their consent. Doxxing is often intended to harass, intimidate, or cause real‑world harm. This information can include a home address, phone number, workplace, family details, or other identifying data.

For a foundational understanding of what doxxing is, why it’s escalating, real‑world examples, and how the law treats doxxing, see our full guide on what is doxxing.

How Do People Get Doxxed? 

Your digital footprint is a jigsaw puzzle spread across the internet, with each piece alone being harmless: a tagged photo here, a WHOIS domain record there, a mention of your hometown in an old forum post. Doxers piece together these fragments using open-source intelligence techniques like reverse image searches, username lookups, and metadata analysis.

Much of the information used in doxing also comes from data brokers, which aggregate public records and purchased data sets. Plus, there are information leaks from data breaches: billions of stolen email addresses, passwords, and personal details circulating on dark web forums.

That data can be cross-referenced with your online purchases, domain registrations, avatars, usernames, and even your writing style. Then there’s what you share and what others share about you on social media. In effect, you are leaving a trail of breadcrumbs every time you interact online. 

Taken together, all these pieces create a detailed profile that doxers weaponize. Once they have your information, they post it on social media, anonymous forums, or dedicated harassment sites along with inflammatory language urging others to contact you.

Campaigns are coordinated across platforms, escalating from online harassment to email and text message threats, and sometimes physical confrontations or swatting attempts that put you in immediate danger.

How to Protect Yourself From Doxing

You shouldn’t have to make yourself invisible online, but you can significantly reduce the information available to potential doxers and make yourself a harder target. Here’s what to do:

Lock Down Your Social Media Accounts

Starting with your social media accounts, go through your privacy settings on every platform you use and maximize protection:

Immediate actions:

  • Set all accounts to private or restrict visibility to friends/followers only
  • Hide your friend lists, location data, and tagged photos from public view
  • Remove personal details like phone numbers, email addresses, birth dates, and hometown from your profile
  • Disable location services and strip metadata from photos before posting
  • Turn off check-ins and location tagging features

Audit Your Digital History:

  • Search your own name and review what appears publicly
  • Delete or edit old posts that mention your home address, children’s schools, or exact workplace
  • Ask family and friends not to tag you in posts that reveal your location or personal details
  • Review and untag yourself from photos that expose identifying information

Platform-Specific Settings:

  • Facebook: Restrict who can see your friends list, past posts, and profile information; disable facial recognition; review tags before they appear on your profile
  • Instagram: Make your account private, disable activity status, restrict comments, and carefully review follower requests before accepting
  • Twitter/X: Protect your tweets, disable photo tagging, hide sensitive content behind warnings, and enable two-factor authentication on a separate device
  • Discord: Use a unique username not tied to other accounts, disable DMs from non-friends, never share your Discord tag publicly, and avoid voice chat in public servers where your voice can be recorded

Remove Your Data from People-Finder Data Broker Sites

Data brokers are companies that mine the internet and public records for financial and credit reports, social media accounts, and more. They then sell that data to advertisers, companies, or individuals who may use it to doxx you.

You might be surprised by how much sensitive information is available to anyone who wants it. Data brokers often have contact information including real names, current and former addresses, birth dates, phone numbers, social media profiles, political affiliations, and other information most consider private.

There are two ways you can remove your personal information from data brokers or people-finder sites: manually or with an automated solution

The Manual Approach:

While you can remove your private information from many data broker sites, they tend to make the process tedious and frustrating. You’ll need to:

  • Identify which sites have your information (search for yourself on sites like Whitepages, Spokeo, BeenVerified, PeopleFinder)
  • Submit individual opt-out requests to each site
  • Follow unique removal processes for each broker (some require email verification, others need physical mail)
  • Re-check periodically as your information may reappear

The Automated Solution:

McAfee Personal Data Cleanup makes this process dramatically easier. Enter your name, date of birth, and home address, and we’ll scan it across high-risk data broker sites and help you remove it automatically.

If you plan to employ other automated data broker removal services, verify that they are reputable before handling over your information. 

Secure WHOIS Records and Domain Privacy

If you own a website, your WHOIS record publicly lists your name, address, phone number, and email unless you take action. Use WHOIS privacy protection (also called domain privacy) through your registrar to replace your personal details with the registrar’s contact information, keeping your personal data out of public domain records. Most registrars offer this service for free or a nominal fee.

Fortify Your Account Security

Anyone who gains access to your email or social media accounts through phishing or a data breach could expose your private conversations, documents, and personal details. Protect yourself with robust security measures: 

Use Strong, Unique Passwords:

  • Use passwords with at least 12-16 characters. Avoid personal information like pet names, birthdates, or family members
  • Never reuse passwords across accounts
  • Use a password manager to generate and store complex passwords securely
  • Change passwords immediately if a service you use reports a data breach

Use Multi-Factor Authentication (MFA):

  • Enable MFA on all critical accounts (email, social media, banking, work accounts)
  • Use app-based authenticators (Google Authenticator, Authy) rather than SMS when possible
  • Store backup codes in a secure location separate from your primary device

Be Vigilant against Phishing:

  • Be suspicious of unexpected emails, texts, or messages requesting login credentials
  • Always verify the sender before clicking links or providing information
  • Check URLs carefully. Phishing sites often use slight misspellings
  • Never enter credentials on a site you reached via a link in an email

Secure Your Document Storage

Keep sensitive documents, such as tax records, passport scans, and financial statements, out of easily searchable email folders or cloud storage that might be compromised. If you store them digitally, use encrypted storage with strong access controls.

Use Privacy and Security Tools

No single tool can prevent all doxing, but layered protection makes a big difference. 

Identity Monitoring Services:

Consider using identity monitoring services that alert you when your personal information appears in new data breaches, on the dark web, or elsewhere it shouldn’t be. Early detection will allow you to act before the information is weaponized.

Comprehensive security suite:

A comprehensive security suite such as McAfee+ helps protect your devices from phishing attacks, malicious websites, and malware that could compromise your accounts. 

Virtual Private Network (VPN):

When browsing on public Wi-Fi networks, your data is at greater risk of being intercepted. A virtual private network gives you an additional layer of protection by hiding your IP address and browsing activities when you’re on an unsecured network.

Encrypted Messaging:

For sensitive conversations, use end-to-end encrypted messaging apps like Signal or WhatsApp rather than standard SMS or unencrypted email.

Educate Your Family, Friends, and Colleagues

You might take every precaution, but if your partner posts a photo of your new house with the address or your colleague tags you in a work event with the location, your efforts are undermined. 

Have honest conversations:

  • Explain why you’re cautious about personal information online
  • Share specific examples of what information should stay private
  • Encourage those close to you to adopt similar privacy practices

Set Family Guidelines:

For the digitally active, younger adults and teens in your family who may not fully understand the risks of oversharing, set family guidelines about what can be posted publicly and what should remain offline. 

Workplace Training:

If you work in education, government, or a high-visibility field, suggest brief safety training sessions for staff to recognize and respond to doxing threats.

What to Do if You’ve Already Been Doxxed

If your information is already out there and you’re facing harassment, here’s how to respond quickly and effectively.

1. Assess the immediate situation

If you’re receiving threats, someone is showing up at your home with the intent to harm, or you believe you’re at risk of swatting, contact local law enforcement immediately. Your physical safety comes first. 

2. Document Everything Thoroughly

Create comprehensive evidence:

  • Take screenshots of every post, message, and webpage that shares your information or threatens you. 
  • Take note of URLs, usernames, timestamps, and platform names 
  • Save original messages and emails. Don’t just screenshot; save the actual files.
  • Record any phone calls if legally permitted in your jurisdiction
  • Keep a detailed timeline of events

These pieces of evidence are essential for pursuing legal action, getting content removed from platforms, and demonstrating the severity of the harassment to law enforcement. 

3. Get Your Content Removed

Platform Reporting:

Use the reporting tools on every platform where your private information has been illegally shared. Platforms can be slow to act, but be persistent and keep submitting reports and escalating through support channels. Clearly cite violations of the platform’s terms of service (most prohibit doxxing), and invoke your legal right to have your personal details removed. 

Remove Data from Website Operators:

If your personal information appears on websites or forums, contact the site administrators directly and request removal. Many will comply, especially if the information was posted without your consent.

Remove Data from Search Results:

Google offers a removal request process for certain types of content:

  • Doxing content (name, address, phone number)
  • Non-consensual intimate images
  • Financial information like bank account numbers
  • Government identification numbers

Submit removal requests through Google’s removal request page.

4. File a Police Report

Consider involving authorities in cases involving:

  • Explicit threats of violence
  • Stalking (repeated, unwanted contact that causes fear)
  • Swatting attempts
  • Targeted campaigns that severely disrupt your life
  • Hacking or unauthorized access to your accounts

Prepare for law enforcement:

  • Bring all your documentation (screenshots, timelines, messages)
  • Be prepared to explain what doxxing is and how it’s affecting you
  • If local police aren’t responsive, reach out to specialized cybercrime units at the state or federal level
  • Consider consulting a lawyer familiar with online harassment cases who can advocate on your behalf

5. Seek Support and Expert Guidance

Don’t face this alone. Seek support from your family, trusted friends, and professionals. Crisis communications organizations or reputation management professionals should be able to offer guidance or connect you with legal resources.

Platform-Specific Protection: Discord, X (Twitter), and Beyond

Different platforms present unique doxxing risks. Here’s how to protect yourself on high-risk spaces:

How to Avoid Getting Doxxed on Discord

Discord’s voice chat and community-focused structure create specific vulnerabilities:

Account Security:

  • Use a unique username not connected to other social media accounts or your real name
  • Enable two-factor authentication
  • Never share your email address, phone number, or Discord tag publicly
  • Use Discord’s privacy settings to limit who can DM you (friends only)

Voice Chat Precautions:

  • Be aware that voice chat can be recorded without your knowledge in public servers
  • Avoid discussing personal details, location information, or identifiable stories
  • Consider using voice modulation software for high-risk conversations

Server Safety:

  • Only join servers from trusted communities
  • Be cautious about clicking links in Discord (they can lead to IP-grabbing sites)
  • Report suspicious users immediately to server moderators

How to Prevent Doxxing on Twitter

Twitter’s public nature and engagement-driven algorithm make it a prime target for harassment campaigns:

Profile Protection:

  • Protect your tweets (make account private) if you’re at high risk
  • Remove location information from your profile and tweets
  • Don’t use your full legal name as your display name
  • Disable photo tagging to prevent being tagged in revealing photos

Engagement Strategies:

  • Be cautious about what you share publicly, especially during controversial discussions
  • Don’t share photos that reveal your location, workplace, or home
  • Block aggressive users immediately—don’t engage
  • Report coordinated harassment to Twitter’s support team

Advanced Privacy:

  • Use a separate email address for your Twitter account that doesn’t contain your real name
  • Turn on login verification (two-factor authentication)
  • Regularly review connected apps and revoke access to any you don’t recognize or use

How to Avoid Getting Doxxed as a Creator or Public Profile (TikTok, YouTube, Twitch)

Creators and public‑facing accounts face unique risks because content, schedules, and personal details are often shared at scale:

Account & Identity Separation:

  • Use creator accounts that are completely separate from personal email addresses and phone numbers
  • Never link personal social media accounts in public bios or “about” sections
  • Use business contact emails that don’t contain your real name
  • Enable two‑factor authentication on all creator platforms and connected email accounts

Content & Filming Precautions:

  • Be mindful of what appears in the background of photos and videos (windows, street signs, landmarks)
  • Avoid showing mail, packages, or documents with identifying information
  • Delay posting content shot in real‑time to prevent location tracking
  • Disable automatic location tagging and metadata whenever possible

Livestream & Interaction Safety:

  • Avoid sharing schedules, routines, or future travel plans publicly
  • Use chat moderation tools and trusted moderators during live streams
  • Immediately ban users who ask probing personal questions
  • Be cautious with donation messages or alerts that may reveal personal information

Take Control of Your Digital Footprint Today

Doxxing has become an escalating threat in our increasingly connected digital world. But you’re not powerless. By taking proactive steps to reduce your exposed data, secure your accounts, and understand how to respond if targeted, you significantly reduce your risk and increase your ability to protect yourself and your loved ones.

Start with the basics: tighten your social media settings, remove your information from data broker sites, and secure your accounts with strong passwords and multi-factor authentication. Consider installing identity monitoring services, security software, and privacy features to detect threats early and give you time to respond. McAfee+ can help you stay one step ahead of anyone trying to weaponize your information.

If you’ve been doxxed, document everything, report to platforms persistently, and involve law enforcement when threats escalate. You don’t have to face this alone; support resources and professionals are available to help you through the process.

The post How to Protect Yourself from Doxxing and Lock Down Your Data appeared first on McAfee Blog.

  •  

GTA Cheat Users Exposed in Breach as Minecraft Malware Hits 116,000 Players

One gaming cyberattack this week exposed nearly 64,000 users. 

Another has already infected more than 116,000 players.  

Both are connected by the same common gaming behavior: looking for a cheat, mod, or shortcut. 

This week in scam news, a popular Grand Theft Auto V cheat service was hacked, exposing tens of thousands of users. At the same time, McAfee researchers uncovered a massive malware campaign spreading through fake Minecraft mods, cheats, and game clients. 

The takeaway is simple: some of the biggest threats facing gamers aren’t happening inside games. They’re hiding in the downloads, websites, and tools players use around them. 

Let’s start with the GTA breach. 

GTA Cheat Service Breach Exposes Nearly 64,000 Users 

Atlas Menu, a cheat service for Grand Theft Auto V, was reportedly hacked, exposing data belonging to nearly 64,000 users. 

According to reports, the leaked information included: 

  • Email addresses 
  • Usernames 
  • Scrambled passwords 
  • IP addresses 
  • Customer support tickets

The hacker who claimed responsibility later posted the data online. 

Why This Matters 

Many players think of cheats as harmless tools that unlock special abilities, provide advantages, or simply make games more entertaining. 

But unofficial cheat services often operate outside the protections offered by legitimate gaming platforms. 

That means users may be: 

  • Sharing personal information with unknown developers 
  • Downloading unverified software 
  • Exposing themselves to malware 
  • Putting gaming accounts at risk 

And that brings us to an even bigger threat. 

Minecraft Malware Campaign Has Already Infected 116,000 Players 

McAfee researchers recently uncovered a large-scale malware operation targeting gamers searching for Minecraft mods, clients, and cheats. 

The campaign is called WeedHack. 

What Is WeedHack? 

WeedHack is a type of Malware-as-a-Service (MaaS). 

That means cybercriminals package malware into a subscription service that other attackers can use. 

Researchers found that: 

  • More than 116,000 victims have been infected since January 
  • The campaign continues to add roughly 2,000 to 3,000 new victims every day 
  • More than 3,800 malicious files have been identified 
  • More than 240 malicious download URLs have been linked to the operation 

Premium versions reportedly cost as little as $5 per month and include tools that allow attackers to remotely access victims’ devices and webcams. 

What WeedHack Can Steal 

Once installed, the malware can collect: 

  • Minecraft account credentials and session IDs 
  • Discord, Steam, and Telegram credentials 
  • Browser passwords and cookies 
  • Cryptocurrency wallet information 
  • Screenshots and device information 
  • Files stored on a victim’s computer 

Premium versions can also provide: 

  • Live webcam access 
  • Live screen sharing 
  • Remote keyboard and mouse control 
  • Keylogging capabilities 
  • Full remote access to the infected device

Get the full explainer here. 

How McAfee+ Advanced Helps Protect Gamers 

Gaming malware campaigns rely on three things: 

  1. Getting users to visit malicious websites 
  2. Convincing them to download infected files 
  3. Encouraging them to ignore security warnings  

With McAfee+ Advanced, multiple layers work together before any damage is done:  

  • Scam Detector flags suspicious texts, emails, links, QR codes, and even deepfake videos before you engage 
  • Secure VPN keeps your data private, especially on public Wi-Fi  
  • Web Protection helps block risky sites, even if you do accidentally click  helps block risky sites, even if you do accidentally click   
  • Password Manager doesn’t just help you make unique, strong passwords, it keeps them stored and organized for you
  • Device Security helps detect malicious apps or downloads   
  • Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast   
  • Personal Data Cleanup helps remove your information from sites selling it. 
  • Online Account Cleanup assists in taking down your old, forgotten accounts across the web 
  • Social Privacy Manager helps you monitor and change privacy settings across your social platforms in just a few clicks 

Together, these protections are designed to address the broader range of online risks people face every day.

Other Scam and Cybersecurity News This Week 

Here are some other important headlines to be aware of: 

Carnival Data Breach Impacts Nearly 6 Million Customers 

Carnival Corporation disclosed a data breach affecting nearly six million customers after a social engineering attack allowed an unauthorized individual to gain access to part of the company’s IT systems. 

Exposed information may include: 

  • Names 
  • Addresses 
  • Email addresses 
  • Phone numbers 
  • Dates of birth 
  • Government-issued identification numbers

Affected customers should be alert for phishing emails, fake customer support calls, and identity theft attempts. 

Instagram AI Support Tool Exploit Raises Security Questions 

Instagram says it has fixed an issue that reportedly allowed attackers to manipulate its AI-powered support chatbot and gain access to other users’ accounts. 

According to reports, attackers were allegedly able to influence the account recovery process and associate new email addresses with targeted accounts. 

The incident highlights a growing challenge for AI-powered customer support systems: convenience cannot come at the expense of identity verification. 

AI Voice Cloning Scams Continue to Surge 

Voice cloning scams continue to grow as AI tools make it easier than ever to imitate friends, family members, and coworkers. 

According to FBI data cited this week, Americans lost more than $893 million to AI-related scams last year. 

These scams included: 

  • Voice cloning attacks 
  • AI-generated phishing emails 
  • Romance scams 
  • Other AI-assisted fraud schemes 

If someone calls claiming to be a loved one in distress and urgently requests money, verify the situation through another communication channel before taking action. 

McAfee Safety Tips This Week 

Whether you’re downloading a Minecraft mod or answering an unexpected phone call, the same rule applies: 

Slow down before you click, download, or share information. 

Here are a few ways to stay safer: 

  • Download mods, clients, and game tools only from trusted sources. 
  • Be skeptical of download links shared in YouTube comments, Discord servers, or social media posts. 
  • Never disable antivirus software to install a game mod. 
  • Enable multi-factor authentication on gaming, Discord, and email accounts. 
  • Use unique passwords for gaming accounts. 
  • Treat “free cheats,” exclusive hacks, and too-good-to-be-true downloads with caution. 

We’ll be back next week with more scams making headlines. 

The post GTA Cheat Users Exposed in Breach as Minecraft Malware Hits 116,000 Players appeared first on McAfee Blog.

  •  

Do Windows PCs and Macs Need Antivirus Software? How McAfee Goes Beyond Built-In Security

Couple looking at computers

Your Windows PC or Mac already includes built-in security features, and that’s a good thing. These tools provide an important first layer of protection against malware and other common threats users encounter every day. 

But today, staying safe online is about much more than blocking viruses.  

Scam texts arrive daily. Phishing emails imitate trusted brands. Fake websites are designed to steal passwords and payment information. Personal details can appear on data broker sites. AI Deepfakes are more convincing than ever. And most households use multiple devices, from laptops and phones to tablets and Chromebooks. 

That’s why McAfee+ Advanced combines device security with scam protection, identity monitoring, personal info removal, web protection, and secure VPN to help protect the many parts of your digital life. 

Let’s break down what built-in security does, and what McAfee does differently: 

What Built-In Security Does Well 

Both Windows 11 and macOS include a range of built-in security features designed to help protect your device. Depending on your operating system and the apps you use, these may include: 

  • Malware detection and removal  
  • Firewalls  
  • Browser warnings about suspicious websites  
  • Password management tools  
  • Privacy and app permission controls  

Together, these features provide an important first layer of protection and help many users stay safer online.  

Why Many People Want More Than Basic Device Protection 

Built-in security tools are primarily focused on protecting the device itself. However, today’s online threats often target something even more valuable: your identity, your money, and your personal information. 

Recent McAfee research found that Americans receive an average of 14 scam messages every day, and more than three in four have encountered an online scam. 

Threats now commonly include: 

  • Scam texts pretending to be banks, toll agencies, and delivery companies  
  • Fake job offers via text, email, or social media 
  • Phishing emails  
  • QR code scams  
  • AI-generated voice and video impersonations  
  • Identity theft via smishing and quishing, including hijacking entire social profiles 
  • Exposure of personal information on data broker sites  

These risks can follow you across all your devices, not just the computer sitting on your desk. 

Built-In Security vs. McAfee Protection 

Here are the key differences between built-in security alone, vs additional protection like McAfee.  

Built-In Security Has  McAfee+ Advanced Adds 
Detecting viruses and malware  Scam protection for suspicious texts, emails, links, QR codes, and deepfakes 
Basic privacy controls  Secure VPN to protect your connection on public Wi-Fi 
Saving passwords  Password manager with unique password generation and storage. 
Warning about some risky websites  Web Protection to help block dangerous sites before they load 
Security on one device  Antivirus coverage across your PCs, Macs, phones, and tablets 
Doesn’t have this support  Identity monitoring, so you know when your SSN and other info is exposed. Plus personal info removal, so your old data isn’t left spread out across the web. 

Why McAfee Stands Out: Speed and Comprehensive Protection 

Unlike the old stereotype that stronger protection means a slower computer, independent testing shows McAfee is also the lightest on performance.  

In the latest AV-Comparatives PC Performance Test, McAfee Total Protection posted the lowest system impact score of all 20 products tested: just 3.3, compared with the industry average of 12.8.  

It also earned the highest possible rating, ADVANCED+. That means McAfee is not just adding more layers of protection. It is doing so while staying out of your way. 

For consumers looking for security that goes beyond basic antivirus to help protect against scams, identity theft, privacy risks, and threats across all their devices, that combination is hard to ignore. 

Protection Across All Your Devices 

Most people no longer rely on a single computer. A typical household may use: 

  • Windows PCs  
  • Macs  
  • iPhones  
  • Android phones  
  • Tablets  
  • Chromebooks

Managing security separately on every device can be difficult. McAfee+ Advanced is designed to provide coverage across your devices under one subscription, helping simplify online protection for individuals and families. 

How McAfee+ Advanced Goes Beyond Built-In Security 

With McAfee+ Advanced, multiple layers work together before any damage is done:  

  • Scam Detector flags suspicious texts, emails, links, QR codes, and even deepfake videos before you engage 
  • Secure VPN keeps your data private, especially on public Wi-Fi  
  • Web Protection helps block risky sites, even if you do accidentally click  helps block risky sites, even if you do accidentally click   
  • Password Manager doesn’t just help you make unique, strong passwords, it keeps them stored and organized for you
  • Device Security helps detect malicious apps or downloads   
  • Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast   
  • Personal Data Cleanup helps remove your information from sites selling it. 
  • Online Account Cleanup assists in taking down your old, forgotten accounts across the web 
  • Social Privacy Manager helps you monitor and change privacy settings across your social platforms in just a few clicks 

Together, these protections are designed to address the broader range of online risks people face every day. 

So, Do Windows PCs and Macs Need Antivirus Software? 

Built-in security tools provide an important starting point, but with scam attempts becoming more convincing and personal information more widely exposed, many people need a more comprehensive approach to staying safe online. 

McAfee+ Advanced combines device security, scam protection, identity monitoring, privacy tools, and VPN coverage to help you browse, bank, shop, and connect with greater confidence. 

The post Do Windows PCs and Macs Need Antivirus Software? How McAfee Goes Beyond Built-In Security appeared first on McAfee Blog.

  •  

1 in 3 Targeted by Travel Scams and Rising Costs are Making it Worse

You’re comparing airfare on your phone, watching prices climb by the hour, when a deal pops up that feels just good enough to grab. The timer’s ticking. The price looks right. You don’t want to miss it. 

You’re comparing airfare on your phone, watching prices climb by the hour, when a deal pops up that feels just good enough to grab. The timer’s ticking. The price looks right. You don’t want to miss it. 

That moment, when you’re rushing to lock something in, is exactly where scams thrive. 

New McAfee research shows that more than 1 in 3 Americans have encountered a travel-related cyberthreat, and 41% of those impacted lost money, often exceeding $500. 

This shows a screenshot of a fake Booking.com website detected by McAfee that was attempting to trick users into running malicious script/code
This shows a screenshot of a fake Booking.com website detected by McAfee that was attempting to trick users into running malicious script/code

At the same time, rising travel costs and time pressure are pushing people to make faster, riskier decisions. Those are the exact conditions scammers rely on. 

That’s where protection has to show up earlier. 

McAfee’s Scam Detector lets you check suspicious links, messages, and booking sites before you click, so you can pause and verify instead of giving scammers the edge. 

Travel Scams, Red Flags, and How McAfee Protects You 

Travel Scam Type  Key Red Flags  How McAfee Helps 
Fake travel deals  Prices far below market, pressure to “book now,” sites you’ve never heard of  Scam Detector flags suspicious links and explains why they’re risky, so you can avoid fake deals before you book 
Fake booking confirmations  Unexpected messages about bookings you didn’t make, mismatched sender details  Scam Detector analyzes messages before you engage, helping you avoid fake confirmations 
Fake airline/hotel websites  Slight URL changes, poor design, being pushed to pay immediately or off-platform  Safe Browsing helps block risky sites before you enter payment details, reducing the chance of fraud 
Payment requests outside platforms  Asked to pay via wire transfer, crypto, or direct payment instead of official platforms  Scam Detector flags suspicious payment requests, helping you avoid sending money to scammers 
QR code scams  QR codes posted in public with no clear source or context  Scam Detector checks QR links before they open, so you don’t land on malicious sites 
Customer service impersonation  Calls or messages asking for login credentials or payment info  Scam Detector detects deepfake AI audio impersonation attempts, helping you avoid sharing sensitive information 
AI-generated listings  Photos that look overly polished, details that don’t quite match up  Scam Detector identifies suspicious content patterns, helping you spot listings that aren’t real 
Public Wi-Fi attacks  Open networks with no password or security prompts  VPN helps protect your data on public networks, keeping your personal information private 

The Findings From Our 2026 Travel Research 

McAfee Labs found that many travel scams work because they look familiar and spread fast.  

TripAdvisor was the most commonly impersonated travel app, cloned at roughly three times the rate of other major platforms like Kayak, Expedia, and Booking.com.  

In some cases, thousands of scam detections traced back to just a handful of fake apps, showing how quickly a convincing scam can take off when travelers are racing to book. 

Top 5 Ways Rising Travel Costs Are Driving Risky Decisions 

Our 2026 travel survey shows how rising prices and lastminute pressure are changing traveler behavior, often in ways scammers exploit. 

1. Booking faster than usual
90% feel pressure to act quickly  

2. Choosing cheaper deals without verifying
32% would book before confirming legitimacy  

3. Ignoring red flags
33% admit they’ve done it  

4. Trusting messages that look legitimate
41% trust airline/hotel messages without verifying  

5. Clicking links without checking the source
20% click first, verify later (or not at all)  

Top 5 Ways Costs Drive Risk

The Travel Scams People Are Most Likely to Fall For

According to our consumer survey findings, those who reported falling for a travel scam said these were the methods scammers used to trick them:

1. Fake travel deals or promotions (15%)

2. Scam booking confirmations or updates (15%)

3. Manipulated accommodation listings or photos (15%)

4. Payment requests outside official platforms (11%)

5. Fake vacation rental listings (10%)

6. Fake airline or hotel websites (9%)

7. Customer service impersonation (9%)

The Travel Scams People Are Most Likely to Fall For

8 Ways Travelers Put Themselves at Risk Without Realizing It

These common traveler behaviors are popular avenues for criminals to steal your information, data, and money.

1. Connecting to public Wi-Fi (63%)  

2. Scanning QR codes without verifying (62%)  

3. Using airport Wi-Fi (49%)  

4. Trusting travel-related messages (41%)  

5. Logging into financial apps on public Wi-Fi (22%)  

6. Sharing travel plans in real time (22%)  

7. Clicking travel links without verifying (20%)  

8. Using shared/public computers (15%)  

8 Ways Travelers Put Themselves at Risk Without Realizing It

How McAfee Protects You Before, During, and After Your Trip 

As prices rise and decisions happen in real time, it’s easy to prioritize convenience over caution. But that’s exactly the moment when small checks matter most. 

Stage of Travel  What’s Happening  How McAfee Helps 
Before You Book  Comparing deals, clicking promotions, booking flights and hotels under time pressure  Scam Detector checks links, messages, and booking sites before you click, helping you avoid fake deals and scam listings 
During Your Trip  Connecting to public Wi-Fi, scanning QR codes, receiving travel updates and alerts  VPN helps secure your connection on public Wi-Fi, while Scam Detector flags suspicious messages and unsafe links in real time 
After Your Trip  Accounts remain active, travel data stored across platforms, potential exposure from breaches  Identity Monitoring alerts you if your personal information appears online, helping you act quickly before damage spreads 

With McAfee+ Advanced, multiple layers work together so you’re not left figuring it out after the damage is done.  

Spend more time on your vacation, and less time worrying about scammers who want your vacation fund. 

The post 1 in 3 Targeted by Travel Scams and Rising Costs are Making it Worse appeared first on McAfee Blog.

  •  

How to Spot Fake Court Texts and Celebrity Deepfake Ads: This Week in Scams

A text that looks like it came straight from a courthouse is making the rounds across the U.S. And yes, I got it too. 

First things first, that’s a scam. And to be clear: DON’T SCAN THAT QR CODE. 

It’s the same playbook as last year’s toll road scams, just dressed up with a little more authority and a lot more pressure. 

Before doing anything, our team ran it through McAfee’s Scam Detector. It immediately flagged the message as suspicious, and that’s exactly the kind of moment this tool is built for. When something feels just real enough to second guess, it gives you a clear signal before you click, scan, or spiral. 

This shows how Scam Detector immediately flagged the text message and court image as suspicious.  
A screenshot showing Scam Detector in action.

This court notice scam has ramped up and changed shape since we first covered it in March. So let’s get into how it works: 

How the scam works 

The text claims you’ve missed a payment, violated a law, or have some kind of outstanding “case.” It then pushes you to scan a QR code or click a link to resolve it quickly. 

From there, one of two things usually happens: 

  1. You’re taken to a fake payment page designed to steal your money, or 
  2. You’re prompted to download something that gives scammers access to your device or data  

Either way, the goal is the same: get you to act fast before you have time to question it. 

Here's the fake text our author received
Here’s the scam text I got in California. You’ll notice it looks exactly like the others across the country. 

The red flags in this message 

  • Urgent, threatening language about fines, penalties, or legal action  
  • Vague accusations with no real details about what you supposedly did  
  • Official-looking formatting like case numbers, clerk signatures, and judge names  
  • Copy-paste consistency across states: McAfee employees in New York and California received nearly identical messages with the same names  

There are reports of this scam popping up nationwide, but the rule is simple: law enforcement does not text you to demand payment or resolve legal issues. 

What to do if you scanned the QR code 

First, don’t panic. Then: 

  • Do not pay anything or enter personal information  
  • Do not delete apps you were told to install (this can make it harder to detect what happened)  
  • Run a device scan using a trusted security tool like McAfee’s free antivirus  
  • Keep an eye on your financial accounts and logins for unusual activity  

And that, my friends, is scam number one in this week’s This Week in Scams (new format, we’re experimenting a little).  

Let’s get into what else is on our radar. 

Deepfake Celebrity Ads Are Targeting Seniors on Social Media. Here’s What a New Study Found.  

If you saw our story last year about Al Roker speaking out after scammers used an AI-generated version of him to promote a fake hypertension cure, or the shocking case of a French woman who lost nearly $900,000 to fraudsters posing as Brad Pitt, you already know just how convincing celebrity deepfake scams have become. 

Now, new reporting suggests these scams are reaching older adults at enormous scale. 

According to a new study from the Center for Countering Digital Hate, just 30 of the most active scam advertisers on Facebook generated an estimated 215 million ad impressions over the past year. Nearly 73% of those impressions were shown to adults over 65. 

The fake ads used AI-generated versions of well-known figures including Donald Trump, Joe Biden, Oprah Winfrey, Steve Harvey, and Brad Pitt to promote fake government benefits, miracle health products, and bogus financial offers. 

These are some of the AI-generated and photoshopped images used by scammers last year to convince a woman she was dating Brad Pitt.
These are some of the AI-generated and photoshopped images used by scammers last year to convince a woman she was dating Brad Pitt.

What McAfee’s Data Says About Celebrity Deepfake Scams 

This aligns closely with McAfee’s 2025 Most Dangerous Celebrity: Deepfake Deception List. 

Our research found that: 

  • 72% of Americans have seen a fake celebrity or influencer endorsement online  
  • 39% have clicked on one of these ads or posts  
  • 1 in 10 lost money or personal information  
  • Average losses reached $525 per victim  

The celebrities most commonly exploited in the U.S. included Taylor Swift, Scarlett Johansson, Jenna Ortega, and Sydney Sweeney, while Brad Pitt also ranked prominently on the global list.  

Why These Scams Work So Well 

Celebrity deepfake scams exploit something simple: trust. 

When a familiar face appears in your social feed, whether it is Al Roker recommending a health product or Brad Pitt asking for help, your guard naturally drops. 

And AI is making these fakes harder to detect. 

McAfee’s 2026 State of the Scamiverse found that Americans now encounter an average of three deepfakes every day, yet more than one in three say they are not confident they can identify one. 

In other words, scammers are weaponizing the faces people know best to make fraud feel familiar. 

How to Spot a Deepfake on Social Media 

Celebrity deepfakes are designed to look convincing, but there are still clues that something is off. If you see a video of Oprah Winfrey, Al Roker, or Brad Pitt promoting a miracle cure, government benefit, or investment opportunity, pause before you click. 

Here are some of the biggest red flags to watch for: 

Red Flag   What to Look For   
Too-good-to-be-true offers  The video promises free grocery money, secret Medicare benefits, guaranteed investment returns, or miracle health cures. 
Out-of-character endorsements  A celebrity appears to promote a random supplement, financial opportunity, or government program that seems unrelated to their normal work. 
Robotic or unnatural voice  The speech sounds overly smooth, lacks natural pauses, or has strange pacing and tone. 
Lip-sync issues  The celebrity’s mouth movements do not perfectly match the words being spoken. 
Unnatural facial expressions  Blinking, smiling, and head movements appear stiff, overly polished, or slightly off. 
Urgent language  The ad pressures you to “Act now,” “Claim your benefits today,” or “Limited spots available.” 
Suspicious links  Clicking leads to a website you do not recognize or that does not match the company or organization being referenced. 
No confirmation elsewhere  Trusted news outlets and the celebrity’s verified accounts do not mention the same announcement or offer. 

When in doubt, go directly to the celebrity’s verified social account or search trusted news sources to confirm the information. And if something feels off, trust your instincts. In the age of AI, seeing is no longer believing. 

How McAfee Helps You Stay Ahead of These Scams 

McAfee+ Advanced gives you multiple layers working together so you’re not left figuring it out in the moment: 

  • Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage  
  • Safe Browsing helps block risky sites if you do click or scan  
  • Device Security helps detect and remove malicious apps or downloads  
  • Identity Monitoring alerts you if your personal info shows up where it shouldn’t, so you can act fast  
  • Personal Data Cleanup helps remove your information from data broker sites, making you a harder target in the first place  
  • Secure VPN keeps your data private, especially on public Wi-Fi  

Safety tips to carry into next week 

  • Slow down when a message creates urgency. That’s the hook  
  • Don’t scan QR codes or click links from unexpected texts  
  • Go directly to official websites instead of using links sent to you  
  • Use tools that flag scams in real time so you don’t have to guess  
  • Don’t trust celebrity endorsements posted to social media unless they come directly from a celebrity’s official page 

The reality is, these scams are designed to look normal. You shouldn’t have to be an expert to spot them. That’s why McAfee’s here to help. 

We’ll be back next week with more scams making headlines. 

The post How to Spot Fake Court Texts and Celebrity Deepfake Ads: This Week in Scams appeared first on McAfee Blog.

  •  

The New Grad’s Guide to Job and Recruitment Scams

blogging on social media

Graduation season should be about launching your career, not dodging scams.

But for many new grads, the job search now comes with a hidden risk: fake recruiters, fraudulent job offers, and convincing messages designed to steal money, personal information, or both.

The threat is larger than many people realize. According to McAfee’s 2026 State of the Scamiverse report, 76% of Americans have encountered a scam, and the average person receives 14 scam messages every day through text, email, and social media. Americans now spend an estimated 114 hours each year trying to figure out what is real online and what is not.

Young adults are among the most heavily targeted groups. Nearly 3 in 10 people ages 18 to 24 (28%) report receiving conversational scams that begin with casual outreach such as “Hey, how are you?” or a “wrong number” text. Those same tactics increasingly appear in fake recruiter messages, LinkedIn outreach, and texts promoting remote job opportunities.

Today’s job scams can look highly professional. Scammers build polished LinkedIn profiles, clone legitimate company websites, and even use AI-generated interviews to appear credible. Many scams unfold quickly, with nearly half completed in less than an hour, creating pressure to act before candidates have time to verify what is real.

That’s where tools like McAfee’s Scam Detector come in—flagging suspicious emails, texts, links, and messages before you engage, so you can tell what’s real before you click. 

Here’s how to avoid job scams and stay safe with McAfee: 

How Job Scams Actually Work

Step

What Happens

Red Flags

What Scammers Want

1. The Outreach

You’re contacted via email, text, or social media about a job

Unsolicited offer, vague role, overly enthusiastic recruiter

Your attention

2. The Build-Up

They walk you through interviews or onboarding steps

No video calls, inconsistent details, fast timeline

Your trust

3. The Ask

They request personal info or payment

SSN requests, bank info, “training fees”

Identity + money

4. The Trap

They escalate the situation or disappear

More payment requests or sudden silence

Continued financial gain

A Real Example: How People Get Pulled In

Even experienced professionals fall for these scams.

In one case, a tech expert with decades of experience lost $13,000 after accepting what looked like a legitimate part-time role reviewing products.

The opportunity seemed real:

  • A polished website
  • Structured onboarding
  • A small initial payout

Then came the shift. He was told he needed to deposit money to continue working and kept paying more to “unlock” earnings that never came.

This type of advance fee scam is increasingly common in job fraud, and it works because it builds trust first.

What the Data Says

Recent graduates are entering the workforce at a time when scams are more sophisticated, more personalized, and harder to spot than ever before. McAfee’s 2026 State of the Scamiverse report highlights why younger job seekers should be especially cautious.

Young Adults Face Higher Risk

  • Younger adults report the highest rates of repeat scam victimization. McAfee’s research found that scam victims under 35 are more likely than older adults to be targeted again, suggesting that early-career professionals may be especially vulnerable as they navigate job searches, salaries, and onboarding for the first time.

Scam Messages Are Constant

  • Americans receive 14 scam messages per day on average.
  • 76% of Americans say they have encountered an online scam.
  • People spend 114 hours per year, nearly three full workweeks, trying to determine what is real and what is fake online.

Professional Platforms Are Not Immune

  • 7% of respondents reported encountering scams on LinkedIn.
  • 44% have replied to suspicious messages that contained no link at all.

Many modern scams begin with a simple message such as “I came across your profile” or “We’d like to discuss an opportunity,” rather than an obviously suspicious URL.

Job Scams Move Fast

  • The average scam unfolds in just 38 minutes.

Scammers often create urgency by claiming a role is limited, an offer will expire quickly, or onboarding must begin immediately.

AI Makes Fake Recruiters More Convincing

  • 35% of Americans are not confident they can spot deepfake scams.
  • McAfee predicts job scams will become increasingly personalized as scammers use AI to create tailored outreach, onboarding documents, and contracts that closely match a candidate’s background.

Job Scams Are a Growing Financial Threat

  • FTC-reported job scam losses rose nearly 40% year over year, increasing from $543 million in 2024 to $752 million in 2025.

For new graduates eager to land their first job, the lesson is simple: if an opportunity seems rushed, asks for money, or feels too good to be true, take a step back and verify before you respond.

Where McAfee Comes In

Job scams don’t just happen in one moment. They unfold in stages—first a message, then a conversation, then a request for information or money.

That’s why protection needs to work the same way: across the entire experience. McAfee’s comprehensive protection helps you stay ahead of job scams at every step:

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done:

  • Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast
  • Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place
  • Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage
  • Safe Browsing helps block risky sites if you do click
  • Device Security helps detect malicious apps or downloads
  • Secure VPN keeps your data private, especially on public Wi-Fi   

The Biggest Red Flags to Watch For

These patterns show up again and again in job scams:

Red Flag

What It Looks Like

Why It’s a Problem

What to Do Instead

Requests for Sensitive Information Too Early

Asked for your Social Security number, banking info, or ID details early in the process

Scammers use this to steal your identity or access your accounts

Only share sensitive info after accepting a verified job—and through secure onboarding systems

You’re Asked to Pay to Work

Fees for training, equipment, onboarding, or background checks

Legitimate employers don’t charge candidates to get hired

Walk away immediately—this is one of the clearest signs of a scam

The Job Sounds Too Good to Be True

High pay, low hours, minimal experience required, vague responsibilities

Designed to hook attention and lower your guard

Research typical salaries and ask detailed questions about the role

The Hiring Process Moves Too Fast

Immediate job offers or rushed decisions without interviews

Real hiring processes involve multiple steps and evaluations

Be cautious of offers that skip standard hiring steps

No Real Interaction

Communication only via email or chat, refusal to do video or phone calls

Scammers avoid real-time interaction to stay anonymous

Request a video call or verify the recruiter through official company channels

How to Protect Yourself

You don’t need to overcomplicate it. Stick to a few grounded habits:

  • Verify the company independently: Search the company, check official sites, confirm recruiter identities
  • Keep communication on trusted platforms: Be cautious with offers coming from unexpected channels
  • Never pay upfront for a job: That’s a dealbreaker
  • Pause before sharing personal information: Especially early in the process
  • Use tools that flag risks automatically: Scam Detector helps catch what looks legitimate, but isn’t

What to Do If You Think It’s a Scam

If something feels off:

  • Stop communication immediately
  • Do not send money or personal information
  • Report the scam to the FTC
  • Monitor your accounts for suspicious activity

If you’ve already shared sensitive information, act quickly to secure your accounts.

With McAfee’s comprehensive protection, you’re not left to figure it out on your own.

From blocking risky links to monitoring your identity and helping you respond quickly, it’s designed to help you stay one step ahead, and recover faster if needed. Because job searching is stressful enough without scammers, and you deserve to land your next job with confidence.

The post The New Grad’s Guide to Job and Recruitment Scams appeared first on McAfee Blog.

  •  

How to Protect Yourself After the Canvas Education Data Breach + Fake Amazon Recall Texts

If you have ever checked your child’s grades online, submitted a college paper through a school portal, downloaded homework assignments, or received messages from a teacher through a classroom app, there is a good chance you have used Canvas, a nationwide learning management system that was just in a massive data breach. 

This is exactly the moment McAfee+ Advanced was built for. With our built-in Scam Detector to flag risky links, QR codes, and deepfakes; Identity Monitoring that alerts you when your data appears where it shouldn’t; and Personal Data Cleanup that removes your information from the dark web and data brokers, McAfee+ Advanced is an all-in-one solution for protection after a data breach.

Now let’s get into what you need to know about this breach: 

Who Is Behind the Canvas Breach? 

The ransomware group ShinyHunters is claiming responsibility for the attack. The group alleges it stole roughly 275 million records tied to nearly 9,000 schools and educational institutions worldwide. 

How Did the Canvas Cyberattack Happen? 

Instructure, the company behind Canvas, confirmed a cyber incident affecting its cloud-hosted environment. The attackers later posted claims about the breach on their leak site, where ransomware groups pressure organizations into paying by threatening to release stolen data publicly. 

What Information Was Stolen in the Canvas Breach? 

The stolen data reportedly includes: 

  • Student names  
  • Teacher and staff names  
  • Email addresses  
  • Student IDs  
  • Course and enrollment information  
  • School-related records  

ShinyHunters claims the breach exposed roughly 275 million records and more than 231 million unique email addresses. 

How Could the Canvas Data Breach Impact Families and Students? 

Even if financial information was not exposed, this kind of data can still be extremely valuable to scammers. Criminals can use real school names, real classes, teacher names, and student information to create highly convincing phishing emails, fake school alerts, scholarship scams, tuition scams, or password reset messages. 

A scam message referencing your child’s actual school or assignment is much harder to spot as fake. 

This is what a Canvas message might look like when forwarded to your email inbox. Hackers claim to have millions of these types of messages.
This is what a Canvas message might look like when forwarded to your email inbox. Hackers claim to have millions of these types of messages.

This is a real message from Canvas from a community college professor after yours truly took an anthropology class for fun during the pandemic. It’s full of links to apply for programs and reach out to professors. It has exact details about courses I’ve taken.  

While this correspondence is real, it’s exactly the type of messaging that scammers could fake and replicate, replacing real links with fake “paid” opportunities to pursue degrees.  

Now think of the millions of messages and specific scenarios scammers have access to, to create dubious and convincing scams. That’s why protecting yourself after a breach is key.  

What To Do Right Now 

Here are some actions you can take immediately ot protect yourself after this breach:

  • Change you or your child’s Canvas password immediately, and update any other accounts where they reuse that password 
  • Turn on multi-factor authentication (2FA) on parent and student accounts wherever the school permits it — Instructure’s own post-incident guidance specifically called out enforcing MFA as a recommended precaution 
  • Ask your school what identity protection is being offered if sensitive data was involved 
  • Consider placing a credit freeze on your or your child’s file to block new accounts from being opened in their name 
  • Avoid clicking links in any messages that reference the breach, go directly to the official site instead 

And that, my friends, is issue number one in this week’s This Week in Scams. Let’s get into what else is on our radar in cybersecurity and scam news. 


Fake Amazon Recall Texts Are Targeting Shoppers  

Your phone buzzes. It’s a text from an unknown number, but the message looks official. 

“Dear Amazon Customer, we are writing to inform you that an item from your March 2026 order has been identified for recall.” There’s an order number. A link at the top of the message. A note about quality standards and a refund waiting for you. 

It looks real. It has the Amazon logo, the branded formatting, even a reference to the “Amazon Customer Safety Team.” The only thing it doesn’t have? Any connection to Amazon at all. 

A photo of a scam recall text I received this week. Luckily Scam Detector flags the link as risky if you try to click.
A photo of a scam recall text I received this week. Luckily Scam Detector flags the link as risky if you try to click.

This is a fake Amazon recall scam, and it is making the rounds right now. The goal is to get you to click that link, which takes you to a site designed to harvest your login credentials, payment information, or both.  

If you get a text like this, do not click the link. Go directly to amazon.com in your browser, log in, and check your orders and messages from there. Amazon does not initiate recall or refund processes through unsolicited texts with outside links. 

What Is a Fake Amazon Recall Scam And How Does It Work? 

A fake Amazon recall scam is a text message or email in which criminals impersonate Amazon to convince you that one of your recent orders has been flagged for a product recall. The message directs you to an external link leading to a phishing site designed to steal your Amazon credentials, credit card details, or personal information. 

Red Flags To Watch For 

  • The text comes from an unknown number, not a short code or verified sender 
  • The link goes to a domain that is not amazon.com 
  • The message asks you to complete a refund through an external link 
  • Small typos or awkward phrasing appear in what looks like official communication 
  • The greeting says “Dear Amazon Customer” rather than your actual name 

What To Do If You Get One 

  • Do not click the link 
  • Go to amazon.com directly and check your orders and account notifications 
  • Report the text to Amazon at stop-spoofing@amazon.com 
  • Block the number 

Where McAfee Steps In (So You Don’t Have to Guess)  

Scams today are layered.  A fake email leads to stolen credentials. A breach leads to targeted phishing. And those follow-ups are getting harder to spot.  

With McAfee+ Advanced, multiple layers work together so you’re not left figuring it out after the damage is done: 

  • Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast  
  • Personal Data Cleanup helps remove your information from sites selling it. 
  • Scam Detector flags suspicious texts, emails, links, QR codes, and even deepfake videos before you engage  
  • Safe Browsing helps block risky sites, even if you do accidentally click  
  • Device Security helps detect malicious apps or downloads  
  • Secure VPN keeps your data private, especially on public Wi-Fi    

McAfee Safety Tips This Week 

Our advice based on this week’s scams and stories: 

  • If your child’s school uses Canvas, update their password now and enable multi-factor authentication if available 
  • Consider a credit freeze for your child’s identity, especially if sensitive identifiers were part of the breach 
  • Never click links in unsolicited texts about refunds, recalls, or account issues — go directly to the official site instead 
  • Treat any message that references your recent orders or personal account details with extra skepticism, even if it looks legitimate 
  • Use Scam Detector to check suspicious links before engaging, and stay alert in the weeks and months after a breach, not just the first few days 

And we’ll be back next week with more scams and cybersecurity news making headlines. 

The post How to Protect Yourself After the Canvas Education Data Breach + Fake Amazon Recall Texts appeared first on McAfee Blog.

  •  

Now Available: Use ChatGPT with McAfee to Spot Scams Faster

Scam messages are getting smarter and faster. 

According to McAfee’s 2026 State of the Scamiverse report, Americans now spend 114 hours a year trying to figure out what’s real and what’s fake online. That’s nearly three full workweeks lost to second-guessing messages, alerts, and links. 

And when scams do succeed, they move quickly. The typical scam unfolds in about 38 minutes, leaving little room for hesitation. 

That creates a gap: People want to check before they act, but the tools haven’t always met them in that moment. 

ChatGPT + McAfee is designed to close that gap, bringing scam detection directly to a platform people are already using to ask questions and make decisions. 

And it’s available to anyone. You don’t have to be a McAfee subscriber. 

This isn’t just detection. It’s guidance in the exact moment you’re deciding what to do.  

Instead of guessing, you can paste a message or drop in a screenshot and get a clear explanation of what’s riskyand what to do nextpowered by McAfee’s threat intelligence. 

What You Can Do with ChatGPT + McAfee 

With this integration, checking something suspicious becomes as simple as asking a question. 

Paste a message. Drop in a link. Upload a screenshot. 

McAfee analyzes it and explains what’s going on clearly and in context. 

Here’s how it works: 

Feature  What it does  How it protects you 
Link safety check  Paste a suspicious URL and get a reputational analysis based on McAfee threat intelligence  Scam links are often designed to look legitimate. A quick check helps avoid phishing and malware 
Message analysis  Submit texts, emails, or social messages for evaluation  Many scams now rely on urgency and tone. Analysis helps surface subtle red flags 
Screenshot uploads  Upload screenshots of messages, emails, or posts for review  Scams don’t always come as clean text. This makes it easier to check what you’re actually seeing 
Clear explanations  Get a breakdown of why something is flagged as risky or safe  Not just a warning—an explanation that helps you recognize patterns next time 
Guided next steps  Receive recommendations on what to do next  Helps prevent escalation, especially in moments of uncertainty 

It’s a quick, accessible way to get answers in the moment. But it’s just one part of a broader system designed to protect you more comprehensively. 

Add the app to your ChatGPT account here. 

McAfee's ChatGPT extension
McAfee’s ChatGPT extension

Built on McAfee’s Threat Intelligence 

Behind the scenes, ChatGPT + McAfee is powered by the same intelligence that fuels McAfee’s broader scam protection ecosystem. 

When you submit something for review: 

  • Links are checked against known threat signals  
  • Messages are analyzed for scam patterns and language cues  
  • Results are translated into clear, human-readable explanations  

The goal isn’t just to flag risk. It’s to help you understand it. 

A New Way to Stay Ahead of Scams 

Scams aren’t slowing down. If anything, they’re becoming more convincing, more personalized, and harder to detect. 

That’s where ChatGPT + McAfee comes in. But this is only one part of a much bigger system designed to protect you before, during, and after a scam attempt. 

With McAfee+ Advanced, multiple layers work together so you’re not left figuring it out after the damage is done: 

  • Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast  
  • Personal Data Cleanup helps remove your information from sites selling it. 
  • Scam Detector flags suspicious texts, emails, links, QR codes, and even deepfake videos before you engage  
  • Safe Browsing helps block risky sites, even if you do accidentally click  
  • Device Security helps detect malicious apps or downloads  
  • Secure VPN keeps your data private, especially on public Wi-Fi    

The ChatGPT experience gives you a fast, intuitive way to check something in the moment. 

McAfee+ Advanced makes sure you’re protected across everything else.

The post Now Available: Use ChatGPT with McAfee to Spot Scams Faster appeared first on McAfee Blog.

  •  

The New Grad’s Guide to Student Loan Scams: How to Stay Safe

Graduating should feel like a fresh start, a time when the whole world is at your fingertips.   

Unfortunately, scammers often see graduates and think “student loans.” Or more specifically “student loan scams.” 

As student loan payments resume or repayment plans shift, scammers move in fast; posing as loan servicers, promising forgiveness, or offering to “simplify” your loans for a fee. 

The tricky part? These messages often look real. 

That’s where tools like McAfee’s Scam Detector come in. It flags suspicious emails, texts, links, and even deepfake-style messages, helping you spot what’s real before you click, respond, or pay. 

Here’s how to spot these scams and stay safe with McAfee: 

What Is a Student Loan Consolidation Scam? 

Student loan consolidation itself is a legitimate option. It allows you to combine multiple federal loans into one, often to simplify payments. 

Scammers exploit that confusion. 

Instead of helping, they pose as government partners or “relief experts” and charge you for services you can do yourself…for free. 

According to Federal Student Aid, you never have to pay for help managing or consolidating your federal student loans.  

That’s the baseline truth most scams try to blur. 

How These Scams Actually Work 

Step  What Happens  Red Flags  What Scammers Want 
1. The Outreach  You get an email, text, or call about “loan consolidation” or “forgiveness”  Urgent tone, unfamiliar sender, “final notice” language  Your attention and quick reaction 
2. The Hook  They claim you qualify for a special program or limited-time offer  “Act now,” “guaranteed forgiveness,” or “new law” claims  Your trust 
3. The Ask  They request payment or personal info  Upfront fees, requests for FSA ID or bank info  Money + account access 
4. The Control  They may ask for authorization to manage your loans  Power of attorney forms, account takeover steps  Full control of your loan account 

Luckily, for McAfee+ Advanced users, they have access to Scam Detector which alerts users to suspicious emails, messages, links, and deepfakes that are often employed by scammers in these student loan fraud scenarios.  

The Most Common Lies to Watch For 

Scammers tend to recycle the same scripts. Federal Student Aid warns about messages like: 

  • “Act immediately to qualify for student loan forgiveness before the program is discontinued.”  
  • “You’re eligible for total loan discharge. Call now.”  
  • “Your loans are flagged for forgiveness pending verification.”  

These messages are designed to create urgency, not clarity. 

And importantly, they are not coming from the U.S. Department of Education or its partners. 

Image Courtesy of FTC and Student Aid.Gov
Image Courtesy of STUDENTAID.GOV.

Where McAfee’s Scam Detector Comes In 

This is exactly the kind of gray-area messaging that trips people up. 

McAfee’s Scam Detector helps cut through that by: 

  • Flagging suspicious loan-related messages before you engage  
  • Identifying risky links in emails or texts  
  • Highlighting signs of impersonation or manipulation  
  • Helping you understand why something looks off  

Instead of relying on gut instinct alone, you get a second layer of analysis, right in the moment decisions happen. 

The Biggest Red Flags (Don’t Ignore These) 

Federal Student Aid highlights a few consistent warning signs, and they’re worth memorizing: 

1. They Charge You for “Help”

If a company asks for upfront or monthly fees to consolidate or manage your loans, that’s a major red flag. 

Free help is always available through your official loan servicer.  

2. They Promise Immediate Forgiveness

No legitimate program guarantees instant or total loan forgiveness. 

Most real programs require years of qualifying payments or specific eligibility criteria. 

3. They Ask for Your FSA ID

This is a hard line. 

Your FSA ID is legally equivalent to your signature—and no legitimate organization will ask for your password. 

4. They Pressure You to Act Fast

Urgency is a tactic, not a requirement. 

Scammers often claim deadlines tied to “new laws” or expiring programs to push quick decisions. 

5. They Want Control of Your Account

Requests for power of attorney or third-party authorization can allow scammers to: 

  • Change your account details  
  • Redirect communications  
  • Make decisions without your knowledge 

How to Protect Yourself Without Overthinking It 

You don’t need to become a cybersecurity expert. Just follow a few grounded rules: 

  • Go directly to official sources: Always use StudentAid.gov—not links sent to you  
  • Don’t pay for what’s free: Loan consolidation and repayment help are available at no cost  
  • Pause before clicking or responding: Most scams rely on speed  
  • Use tools that flag risk for you: Scam Detector adds a layer of protection when things look legitimate, but aren’t  

What to Do If You Think You Fell for a Student Loan Scam 

Act quickly to limit damage: 

  • Contact your loan servicer and revoke any third-party access  
  • Call your bank or credit card company to stop payments  
  • Change your FSA ID password immediately  
  • Report the incident to the Federal Trade Commission here 

Federal Student Aid also recommends reviewing your account activity and confirming no unauthorized changes were made.  

The Bottom Line 

Student loan consolidation scams don’t look like scams anymore. 

They look like helpful emails. Official notices. Last chances. 

That’s why protection today isn’t just about knowing the rules, it’s about having backup when something feels off. 

With McAfee, you’re not left guessing. You can spot suspicious messages, understand the risks, and move forward with confidence, without handing your time, money, or identity to someone who doesn’t deserve it. 

Because starting your post-grad life shouldn’t come with a scam attached. 

The post The New Grad’s Guide to Student Loan Scams: How to Stay Safe appeared first on McAfee Blog.

  •  

Ad Impersonation Scams and Record-Breaking Social Media Fraud Losses: This Week in Scams

You’re scrolling through Facebook or TikTok and see it. 

A flash sale from a brand you recognize. A limited-time investment opportunity. A job posting that promises quick money. 

The ad has comments. The account looks polished. Maybe someone you follow even liked it. 

So you click. 

From there, things move fast. You’re pushed to act quickly, enter your information, or send payment before the “deal” disappears. And just like that, the money is gone or your account is compromised. 

This isn’t an edge case anymore. According to new FTC data, nearly 30% of people who reported losing money to a scam in 2025 said it started on social media, with total losses hitting $2.1 billion. 

That’s why McAfee+ Advanced includes comprehensive protection designed to help you spot and stop scams at every step, including McAfee’s Scam Detector, which flags suspicious links and messages and explains why they may be risky, along with identity and privacy tools that help protect your information if a scam slips through. 

How Social Media Ad Scams Work 

A social media ad scam is when scammers use paid ads, fake profiles, or hijacked accounts on platforms like Facebook, Instagram, or TikTok to promote fake products, services, or investment opportunities in order to steal money or personal information. 

Step  What happens  What to do  How McAfee helps 
1  You see an ad, post, or DM promoting a deal, job, or investment  Don’t engage immediately, even if it looks legitimate  Scam Detector flags suspicious links and messages before you interact 
2  The ad links to a website or moves you into DMs  Avoid clicking unfamiliar links or continuing off-platform  Safe Browsing helps block risky or newly created websites 
3  You’re pressured to act quickly or “secure your spot”  Slow down and verify the company independently  Scam Detector explains urgency tactics and why they’re risky 
4  You’re asked to pay, share login info, or download something  Never send money or credentials based on a social media interaction  Identity Monitoring helps protect your personal data if exposed 
5  The product never arrives, the investment disappears, or your account is compromised  Report the scam and secure your accounts immediately  Personal Data Cleanup and monitoring help reduce ongoing exposure 

Red Flags To Watch For 

  • Deals that feel unusually cheap or urgent  
  • Ads linking to unfamiliar or slightly misspelled websites  
  • Requests to move conversations off-platform quickly  
  • Payment requests via apps, crypto, or wire transfer  
  • Accounts with limited history or inconsistent engagement  

And that is the first part of This Week in Scams! This Friday we’re taking a different format to talk about this new FTC data and all that it reveals.  

Let’s keep digging in: 

FTC Report: Social Media Scams Are Now The Most Costly Fraud Channel 

New data from the FTC shows just how dominant social media has become in the scam landscape. 

  • Social media scams drove $2.1 billion in reported losses in 2025  
  • Losses have increased eightfold since 2020  
  • Investment scams alone accounted for $1.1 billion of those losses 

Where Scams Are Happening And What’s Changing 

Category  What to know 
Most common scams  Shopping scams lead, with over 40% of victims reporting purchases from social media ads that never arrived 
Most costly scams  Investment scams drive the biggest losses, often starting with ads or group chats showing fake success 
What’s changing  Scammers are using platform tools like ads, targeting, and profile data to reach people more precisely than ever 

How Scams Play Out Across Platforms 

Platform  How scams typically start  What to watch for 
Facebook  Ads, Marketplace listings, hacked accounts  Fake stores, duplicate listings, urgent purchase pressure 
Instagram  Sponsored posts, influencer impersonation  “Limited drop” scams, fake brand collaborations 
TikTok  Ads, stolen videos/profiles, comment links, bio links,   “Get rich quick” schemes, external link funnels, reselling via TikTok 
WhatsApp  Group chats, investment communities  Fake testimonials, coordinated pressure to invest 

 How McAfee Protects You from Scams and Cyber Threats 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done:   

  • Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast  
  • Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place  
  • Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage  
  • Safe Browsing helps block risky sites if you do click  
  • Device Security helps detect malicious apps or downloads  
  • Secure VPN keeps your data private, especially on public Wi-Fi    

McAfee Safety Tips This Week 

Our advice based on this week’s scams and schemes: 

  • Treat social media ads like any other unknown source, not a trusted recommendation  
  • Pause before clicking, especially when urgency is involved  
  • Verify brands by going directly to their official website  
  • Avoid sending money or personal information through social media  
  • Use tools like Scam Detector to check suspicious links before engaging  

And we’ll be back next week with more scams making headlines.

The post Ad Impersonation Scams and Record-Breaking Social Media Fraud Losses: This Week in Scams appeared first on McAfee Blog.

  •  

Why Hackers Are Collecting Data They Can’t Read Yet. And How to Stay Safe

Co-Authored by Luiz Parente 

Your data might be safe today. But that doesn’t mean it’s safe forever. 

A growing number of sophisticated actors are collecting encrypted data now, with the goal of decrypting it later, when more powerful technology becomes available. 

This strategy is known as Harvest Now, Decrypt Later (HNDL). And it’s not a future problem. It’s already happening, according to research from our McAfee VPN team. 

For everyday people, that means private messages, financial records, and sensitive documents could be exposed years from now if protections don’t evolve today. 

That’s why security teams, including McAfee’s VPN engineers, are already working on ways to strengthen encryption for both today and what comes next. 

What “Harvest Now, Decrypt Later” Means 

At its core, HNDL is simple: Attackers collect encrypted data now, store it, and wait until they have the tools to unlock it later. 

Even though today’s encryption is incredibly strong, the strategy doesn’t rely on breaking it today. It relies on patience.  

A Simple Way to Think About It 

You put valuable belongings and documents in a safe at home that’s locked and secured. This works at preventing crimes of opportunity. But let’s say there’s a thief who steals the entire safe, knowing they have tools they can use later to access what’s inside. They wait, and once the tools are available, they break into your safe and access everything inside. 

That’s one way to think of HNDL. The safe is the encryption. The quantum computing is the tool they can use later.  

But in real life, you’d probably notice if your safe is gone. In the case of HNDL, if you’re not monitoring your data, you may not even notice encrypted information has been stolen to be decrypted.  

Key Terms Explained 

Term  What it means 
Encryption  Scrambling data so others can’t read it 
Quantum computing  A new type of computing that can break some encryption 
HNDL  A strategy to collect encrypted data now and decrypt it later 

Why This Matters Right Now 

This isn’t about whether your data is valuable today. It’s about whether it might be valuable later. 

Data with a long shelf life is especially at risk, including: 

  • Financial records  
  • Medical information  
  • Private messages  
  • Legal or identity documents  

Even something that feels low-stakes today could become sensitive in the future. 

And because the collection phase is already happening, the risk isn’t hypothetical. It’s already in motion. 

How This Affects VPNs (and what doesn’t change) 

VPNs remain one of the most effective ways to protect your data today. That hasn’t changed. 

But HNDL introduces a new layer of complexity. 

  • What’s still strong: The encryption that protects your data in transit remains highly resilient.  
  • Where the risk is: The “handshake” process (how a secure connection is established) is more vulnerable to future quantum attacks.  

In simple terms: Your data is well protected today, but parts of how that protection is set up may need to evolve for the future. 

What Quantum Computing Changes 

Traditional computers process information in a linear way. 

Quantum computers work differently. They can solve certain types of problems much faster, including the kinds of mathematical challenges that protect today’s encryption. 

That’s why attackers are willing to wait. 

Once quantum computing reaches a certain level, it could unlock data that was previously considered secure. 

Image shows a phone connecting to VPN

What McAfee’s VPN Team is Working On 

McAfee’s VPN team is already preparing for this shift. 

  • Evaluating quantum-safe encryption approaches  
  • Exploring hybrid models that protect both now and long-term  
  • Building toward a more resilient VPN experience  

This work builds on a broader privacy-by-design approach, where systems are designed to minimize risk from the start, not react after the fact. 

Because with HNDL, waiting isn’t an option. 

What You Can Do Now 

You don’t need to wait for quantum computing to take steps today. 

  • Use a trusted VPN to encrypt your connection  
  • Be mindful of long-term sensitive data you share online  
  • Avoid unsecured public Wi-Fi when possible  
  • Keep your apps and devices updated  

These steps help protect your data now while the industry builds toward future-ready security. 

How McAfee Helps Protect You 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done:  

  • Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast 
  • Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place 
  • Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage 
  • Safe Browsing helps block risky sites if you do click 
  • Device Security helps detect malicious apps or downloads 
  • Secure VPN keeps your data private, especially on public Wi-Fi   

Frequently Asked Questions (FAQs) 

FAQ 
Q: Is my data safe right now?  

A: In most cases, yes—today’s encryption is extremely strong and is designed to protect your data from current threats. If you’re using trusted security tools like a VPN, safe browsing protections, and device security, your data is actively protected while it’s in transit and in use. However, no system is risk-free. Data exposed through phishing, weak passwords, breaches, or unsecured networks may still be vulnerable. And with “Harvest Now, Decrypt Later,” even properly encrypted data could be collected today and targeted for decryption in the future. 

Q: What is quantum-safe encryption? 

A: Quantum-safe (or post-quantum) encryption refers to new types of cryptography designed to remain secure even against future quantum computers. Today’s encryption relies on math problems that are extremely difficult for classical computers to solve, but quantum computers could eventually solve some of them much faster. Quantum-safe approaches use different mathematical foundations that are believed to resist those capabilities. In practice, many companies are moving toward hybrid encryption, combining today’s proven methods with newer quantum-resistant techniques to protect data both now and long-term. 

Q: Should I still use a VPN? 

A: Yes. A VPN remains one of the most effective ways to protect your data today, especially on public or unsecured networks. It encrypts your internet traffic and helps prevent interception by hackers, internet providers, or other third parties. While VPN protocols are evolving to address future quantum risks, they still provide strong, essential protection against today’s threats. 

Q: When will this become a real threat? 

A: The risk unfolds in two phases. The collection phase is already happening today, where sophisticated actors gather encrypted data and store it. The decryption phase depends on when quantum computing advances far enough to break certain types of encryption, which could take years but is actively progressing. This means data with a long lifespan, such as financial records, personal communications, and sensitive documents, is most at risk because it only needs to remain valuable until those capabilities exist. 

The post Why Hackers Are Collecting Data They Can’t Read Yet. And How to Stay Safe appeared first on McAfee Blog.

  •  

Why Was My Tax Refund Intercepted? The “Ghost Student” Scam Explained

Rob J., 31, an internal auditor in California, thought he was doing everything right this tax season. He filed his return as usual, even early, and expected a state refund just short of $400. 

Instead, he got a letter saying the state had taken it. 

The notice from the California Franchise Tax Board said his refund had been intercepted to pay a debt owed to a local community college. 

There was just one problem: Rob had never attended that school. 

“How could the state be taking my tax refund to pay a debt to a community college I’ve never attended?” he told us at McAfee. “I immediately knew something was wrong.” 

“I started researching and came across the term ‘ghost student,’ and that’s when it clicked. Someone had used my identity to enroll in a college like they were me.” 

How McAfee+ Advanced Helps Protect You from Identity Theft  

Scams like this do not start with a suspicious text or email. They start with your data being exposed somewhere you cannot see. 

That is why protection has to go beyond one moment and cover the full lifecycle of identity theft. 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done: 

  • Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast
  • Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place
  • Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage
  • Safe Browsing helps block risky sites if you do click
  • Device Security helps detect malicious apps or downloads
  • Secure VPN keeps your data private, especially on public Wi-Fi  

This kind of layered protection is critical in cases like ghost student scams, where the first sign of fraud often comes after financial damage has already happened. 

What Is a Ghost Student Scam? 

A ghost student scam is a form of identity theft where someone uses your stolen personal information, often your Social Security number, to enroll in a college or university under your name. 

The scammer is not trying to attend school. They are trying to use your identity to access financial aid, create accounts, or generate funds tied to a real person. 

In many cases, the victim has no idea anything happened until the consequences show up later, such as a tax refund being taken, a debt appearing, or a loan being opened in their name. 

That is exactly what happened to Rob. 

“I started researching and came across the term ‘ghost student,’ and that’s when it clicked,” he said. “Someone had used my identity to enroll in a college like they were me.”  

How Ghost Student Scams Happen 

These scams typically follow a predictable pattern, even if the victim does not see it happening in real time: 

Stage  What happens  Why it matters 
Data exposure  Your personal information is leaked in a data breach or collected from data broker sites  Scammers get the core details they need to impersonate you 
Identity misuse  Your information is used to apply to colleges or financial aid programs  The scam is tied to your real identity, not a fake one 
Enrollment activity  Fake students may enroll just long enough to access funds or create accounts  This helps scammers avoid early detection 
Financial impact  Debts, balances, or aid obligations are created in your name  You become financially responsible on paper 
Discovery  You find out later through a notice, refund interception, or account alert  By this point, damage has already been done 

In Rob’s case, the starting point was a data breach the year before. His Social Security number had been exposed, but he had not frozen his credit. 

Someone used that information to enroll at Pasadena City College. When the balance went unpaid, the state redirected his tax refund to cover it. 

“Despite Being the Victim, I’m Trying to Prove My Identity” 

Once Rob realized what happened, he moved quickly. He froze his credit, set up identity monitoring, filed a police report, and began working with the college to prove he was not the student. 

He says the process has been slow and frustrating. 

“I’ve spent hours on the phone trying to fix this… I’m exhausted,” he said. “Despite being the victim I am the one dealing with the consequences and trying to prove my identity to the same institution that let a fake me register.”  

When he contacted campus police, he learned something else: “this has been happening to other people too.” 

Why Ghost Student Scams Are Increasing 

Ghost student scams are part of a broader shift in how identity theft works. 

Instead of quick-hit fraud like a stolen credit card, scammers are using real identities to create more complex, longer-term opportunities for financial gain. 

In higher education, that can include: 

  • Enrolling fake students using stolen identities  
  • Accessing financial aid  
  • Holding seats in classes long enough to collect funds  

This trend has already affected thousands of suspected cases across education systems and continues to grow as scammers scale their tactics  

What to Do If Your Identity Is Used in a Ghost Student Scam 

If something like this happens, speed matters: 

  • Freeze your credit with all three bureaus  
  • Check your FAFSA and student loan records  
  • Contact the school and dispute the enrollment  
  • File a police report  
  • Set up identity monitoring and alerts  
  • Remove your personal information from data broker sites  

These steps help contain the damage, but they are reactive. The goal is to catch exposure earlier. McAfee+ Advanced can help you with freezing your credit, ongoing identity monitoring, and data removal from the dark web. 

How Rob’s Story Ends: ‘I’m Waiting for the Other Shoe to Drop’ 

Rob has confirmed there are no federal loans in his name, but the situation is not fully resolved. 

“I still feel like I’m waiting for the other shoe to drop,” he said.  

That uncertainty is part of what makes identity theft so difficult. You are often reacting to something that started months or even years earlier. Rob said he currently has an outstanding police report and is in the process of getting his refund reclaimed.  

How to Stay Ahead of Identity Theft Like This 

Ghost student scams work because they operate quietly, using real data in systems most people are not actively watching. That is where ongoing protection matters. 

McAfee+ Advanced helps close those gaps by: 

  • Alerting you early when your personal data appears on the dark web or in risky environments  
  • Reducing your exposure by removing your data from broker sites that scammers rely on  
  • Blocking scam entry points across texts, emails, links, and deepfakes  
  • Protecting your devices and connections so attackers have fewer ways in  

Because the goal is not just to respond to identity theft, it’s to catch the signals early enough that someone cannot become a “student” in your name in the first place. 

The post Why Was My Tax Refund Intercepted? The “Ghost Student” Scam Explained appeared first on McAfee Blog.

  •  

How to Protect Yourself Against Tax Scams in 2026

Tax season is prime time for scammers. And in 2026, the scams are more convincing, more targeted, and increasingly powered by AI. 

In this guide, we break down this year’s biggest tax scams from the IRS Dirty Dozen and show how tools like McAfee’s Scam Detector help flag malicious links, scan suspicious QR codes, and analyze risky messages across text, email, and social media to help you stay ahead of fraud. 

The need for that kind of protection is clear. New McAfee research shows: 

  • 82% of Americans are concerned about tax fraud  
  • 67% are seeing the same or more scam messages than last year  
  • 40% say scams are more sophisticated  
  • Only 29% feel very confident they can spot a deepfake scam  
  • Nearly 1 in 4 Americans say they’ve lost money to a tax scam  

Tax scams are not just increasing. They are getting harder to recognize in the moment. 

What is the IRS Dirty Dozen? 

The IRS Dirty Dozen is the agency’s annual list of the most common and dangerous tax scams targeting individuals and businesses. 

The 2026 list highlights a clear shift toward: 

  • AI-driven impersonation  
  • QR code and link-based phishing  
  • Social media misinformation  
  • Refund and credit manipulation schemes  

These scams are designed to create urgency, confusion, and quick decisions. That combination is what makes them effective. 

The IRS Dirty Dozen for 2026 and how to spot each scam 

Below is a full breakdown of all 12 scams identified by the IRS, along with what to look for and how protection tools can help. 

#  Scam Type  How It Works  Red Flags  How McAfee Helps 
IRS impersonation (email, text, DM)  Messages claim to be from the IRS asking you to verify info or claim a refund  Urgent tone, links, QR codes, unexpected outreach  Scam Detector flags suspicious messages and links across text, email, and social. Safe browsing blocks fake IRS sites if you click
AI voice scams and robocalls  AI-generated calls mimic IRS agents or officials  Threats, payment pressure, spoofed caller ID  Scam Detector helps validate follow-up messages or links tied to the call. Identity monitoring helps detect if your info is being used in impersonation attempts
Fake charities  Scammers pose as charities to collect donations or data  Emotional appeals, vague organization details  Scam Detector flags suspicious donation links. Safe browsing blocks fraudulent charity sites. Personal Data Cleanup reduces exposure to targeting lists
Social media tax misinformation  Viral posts push fake deductions or “tax hacks”  Promises of large refunds or loopholes  Scam Detector’s screenshot analysis lets you check social posts and DMs before acting, helping identify misleading or risky claims
IRS account takeover scams  Criminals use stolen data to access IRS accounts  Alerts about account changes you didn’t initiate  Identity monitoring and alerts notify you if your data is exposed. Device security helps prevent malware used to steal credentials
Abusive capital gains schemes (Form 2439)  Fake or inflated claims tied to investment credits  Complicated filings tied to unfamiliar organizations  Scam Detector flags suspicious messages and links. Safe browsing blocks fraudulent filing sites tied to these schemes
Fake self-employment tax credit  Misleading claims about eligibility for large credits  “You qualify” messaging without verification  Safe browsing blocks scam sites attempting to capture personal or tax info
Ghost tax preparers  Preparers refuse to sign returns or provide credentials  No PTIN, vague business identity  Scam Detector helps assess suspicious messages or outreach. Identity monitoring adds protection if your data is shared with a bad actor
Non-cash donation schemes  Inflated valuations used to reduce tax liability  Unrealistic deductions, aggressive promoters  Scam Detector flags suspicious offers and links. Safe browsing blocks sites attempting to collect sensitive financial data
10  Overstated withholding scams  False income or withholding reported to inflate refunds  Encouragement to “boost” refund numbers  Scam Detector flags misleading content. Device security helps protect against malware tied to fake filing tools
11  Spear phishing targeting tax pros  Emails designed to steal client or business data  Unexpected document requests, attachments  Scam Detector detects phishing attempts. Safe browsing blocks malicious links. Device security helps prevent malware installs
12  Offer in Compromise scams  Companies overpromise tax debt relief and charge high fees  High-pressure sales tactics, guaranteed outcomes  Scam Detector flags suspicious outreach. Personal Data Cleanup reduces targeting. Identity monitoring helps catch misuse of your data

How McAfee helps protect you from tax scams 

Tax scams rarely rely on just one tactic. A message leads to a link. A link leads to a fake site. A fake site leads to stolen data or payment. 

That is why protection needs to work across the full chain, not just one moment. 

McAfee goes beyond traditional antivirus by combining multiple layers of digital protection into one app, helping you stay safer before, during, and after a scam attempt. 

Here is how each layer helps: 

  • Scam Detector helps flag suspicious messages, links, and AI-driven scams across text, email, and social media. It can also scan QR codes and analyze screenshots of messages that feel off.  
  • Safe browsing tools help block risky websites, including fake IRS portals and lookalike domains designed to steal personal and financial information.  
  • Secure VPN helps keep your connection private, especially on public Wi-Fi where sensitive activity like filing taxes or accessing financial accounts can be exposed.  
  • Identity monitoring and alerts notify you if your personal information, like your Social Security number or email, appears in places it should not, helping you act quickly if identity theft is attempted.  
  • Personal Data Cleanup helps reduce your exposure by removing your information from high-risk data broker sites that scammers use to target you.  
  • Device and account security helps protect the devices and accounts you rely on every day, adding another layer of defense against malware, phishing, and unauthorized access.  

Together, these protections help you do more than react to scams. They help you spot them earlier, avoid risky situations, and recover faster if something goes wrong.

The post How to Protect Yourself Against Tax Scams in 2026 appeared first on McAfee Blog.

  •  

How to Secure Tax Documents Before Sending to Your Accountant

Filing your taxes may not feel risky. You download a W-2. Upload a PDF. Email a document. Move on. 

But tax season is one of the most active times of year for scammers, and the moment you start collecting and sharing tax documents is often when people are most exposed. 

W-2s, 1099s, prior-year returns, and identity documents contain nearly everything criminals need to commit tax fraud or identity theft. And increasingly, scammers don’t need to break into systems to get them. They rely on rushed filers, familiar workflows, and convincing messages that blend into tax season noise. 

The good news: securing your tax documents doesn’t require expensive tools or technical expertise. With a few deliberate steps, you can dramatically reduce your risk before anything leaves your device. 

Why Scammers Want Your Tax Documents

Tax documents are valuable because they’re complete.A single W-2 includes your full name, Social Security number, employer information, and income data. Combined with other files, like a prior return or ID scan, that’s enough to: 

  • File a fraudulent tax return 
  • Open new credit accounts 
  • Access financial services 
  • Sell your identity on criminal marketplaces 

That’s why tax-related phishing and document theft spike every filing season. Many scams don’t look like scams at all. They look like routine requests, delivery notices, or “quick questions” from someone you already trust. 

How to Safely Handle and Share Tax Documents 

Tax forms contain some of the most sensitive personal information you have. Taking a few precautions when storing and sharing them can reduce the risk of identity theft and tax fraud. 

Store Your Tax Documents Securely 

Before sending anything to an accountant or tax service, make sure your files are organized and stored safely. 

Use a single secure folder
Create one folder, on your device or in a trusted private cloud service account, specifically for tax documents. Avoid scattering files across downloads, email attachments, and screenshots. 

Rename files clearly
Use descriptive names such as “2025_W2_EmployerName.pdf” so you can easily identify documents without opening multiple files or re-downloading forms. 

Avoid public Wi-Fi
If you’re downloading tax documents, do it on a secure home network whenever possible. Public Wi-Fi can increase the risk of interception. If you must connect in public, using a trusted VPN adds another layer of protection. 

Watch for Tax-Season Phishing Scams 

Many tax scams don’t target software, they target people. 

Common examples include: 

  • Emails pretending to be from the IRS asking you to “verify” information 
  • Messages that appear to come from your employer requesting a copy of your  W2 
  • Fake tax portals asking you to re-upload documents 
  • Urgent messages claiming there is a problem with your return 

These scams often arrive when you’re already expecting tax-related communication, which makes them easier to trust. 

Important: The IRS does not initiate contact by email, text message, or social media to request personal or financial information. 

Use Secure Ways to Share Tax Documents 

Email attachments are convenient, but they can also expose sensitive information. 

Safer options include: 

  • secure client portal provided by your accountant or tax preparer 
  • Encrypted file-sharing services 
  • Password-protected documents sent through a secure channel 

If you must email a document, avoid sending the password in the same message. 

Verify Requests Before Sending Documents 

Even if a request looks legitimate, pause before sharing sensitive files. 

Ask yourself: 

  • Did I expect this request? 
  • Is the sender using their normal contact method? 
  • Does the message create urgency or pressure? 

If something seems unusual, verify the request through a separate channel, such as calling the person directly or starting a new email thread. 

Secure the Devices You Use to File 

Protecting tax documents also means protecting the device where they’re stored. 

Before filing your taxes: 

  • Install the latest software updates on your computer and phone 
  • Enable automatic updates when possible 
  • Use security tools that can flag malicious links, fake websites, and suspicious messages, like McAfee’s WebAdvisor (free download here)

Tax scams increasingly arrive through text messages and social media, not just email, so protection needs to cover the places scammers actually reach you. 

File Early and Watch for Warning Signs 

Filing early reduces the opportunity for scammers to file a fraudulent tax return in your name. 

After filing: 

  • Watch for IRS notices you didn’t expect 
  • Monitor financial accounts for unfamiliar activity 
  • Be cautious of follow-up messages claiming problems with your return 

If something feels off, investigate before responding. 

Step-by-Step: How to Encrypt Tax Documents Before Sending Them 

Step  What to Do  Why It Matters 
1. Put all tax files into one folder  Gather your W-2s, 1099s, receipts, PDFs, and spreadsheets in one folder.  Keeps you organized and prevents accidentally leaving something unprotected. 
2. Convert photos into PDFs (if needed)  If documents are photos, save them as a PDF using your phone scanner app or printer settings.  PDFs are easier to encrypt and share securely than image files. 
3. Combine files into one ZIP folder  On your computer, select all files → right click → Compress / Zip.  Creates a single package you can protect with a password. 
4. Add a password to the ZIP file  Choose the “Encrypt” or “Password Protect” option when creating the ZIP file.  Password protection helps prevent unauthorized access if the file is intercepted. 
5. Use a strong password  Use at least 12 characters with a mix of letters, numbers, and symbols.  Weak passwords can be cracked quickly. 
6. Rename the file to something generic  Use a name like “Documents_2025.zip” instead of “Taxes_W2_SSN.zip.”  Avoids exposing sensitive info in the file name itself. 
7. Send the encrypted file through a secure method  Upload via your tax preparer’s secure portal or share through a secure cloud link.  Email attachments can be risky if the wrong person gains access. 
8. Send the password separately  Text or call the password—don’t include it in the same email as the file.  If someone intercepts the email, they won’t have both pieces. 
9. Confirm the recipient received it securely  Ask them to confirm download and access.  Prevents re-sending sensitive documents multiple times. 
10. Delete extra copies once filing is done  Remove unneeded copies from desktop, downloads folder, and email attachments.  Reduces the chance of future exposure if your device is compromised. 

What to Do If You Think Your Tax Information Was Exposed 

If you believe your tax documents were shared with the wrong party or compromised: 

  1. Stop further communication immediately 
  2. Contact your accountant or tax service 
  3. Notify the IRS if sensitive information was exposed 
  4. Monitor credit and financial accounts closely 
  5. Run a security scan on your device, check out our free trial 

Acting quickly can limit damage and help prevent long-term fallout. 

Final Thoughts

Securing your tax documents doesn’t require perfection, just intention. 

By slowing down, using safer sharing methods, and staying alert to tax-season scams, you can protect yourself before problems start. In a season where everyone feels rushed, a few extra minutes can save months of cleanup later. 

McAfee helps protect your identity, devices, and personal information so tax season doesn’t become scam season. 

Frequently Asked Questions 

Q: Is it safe to email tax documents to my accountant? 

A: Email is not the safest option. Secure portals or encrypted file-sharing tools are preferred for sensitive documents like W-2s and tax returns. 

Q: How do W-2 phishing scams work? 

A: Scammers impersonate employers or tax authorities to trick people into sending W-2s or personal information, often using urgent or official-looking messag 

Q: Can scammers file taxes using my W-2? 

A: Yes. With enough personal information, criminals can file fraudulent returns or commit identity theft. 

Q: How can I tell if a tax message is fake?
A: Be cautious of unsolicited requests, urgent language, unfamiliar links, or requests for documents outside normal filing workflows. 
Q: What’s the safest way to share tax documents online? 

A: Use secure portals, encrypted file-sharing, and verified communication channels. Avoid public Wi-Fi and unprotected email attachments. 

 

The post How to Secure Tax Documents Before Sending to Your Accountant appeared first on McAfee Blog.

  •  

Tax Scams Hit Nearly 1 in 4 Adults. Spot the Red Flags

John C. isn’t the person you picture getting scammed. 

He’s 36. He’s tech-savvy. He’s a mechanical engineer leading a team at a national energy lab in Denver. And he told us his story for one reason: “Scammers will target anyone.” 

It began with a phone call from someone claiming to be the IRS. They said John had underpaid his taxes and needed to resolve it quickly. The caller sounded polished and convincing, so convincing that John didn’t stop to question it. 

“I thought maybe they sent back too much money [in my refund], and they needed it back,” he said. “I was just so busy and overwhelmed that I never really stopped to think about the situation.” 

A follow-up email arrived with IRS logos, clean formatting, and a big payment button. John was trying to move fast between classes as he finished up his PhD, and he wanted to correct the situation as quickly as possible. 

“I was like, let me just hurry up and do this, get it over with.” 

He clicked. He paid. But later, when he checked his statement, he saw the charge didn’t look like an IRS payment at all. In fact, it was an international charge. The whole thing was a scam. 

John said the scammer on the phone had appealed to his emotions and been incredibly convincing.  

“It was absolutely masterful,” John said. “I would give him an Oscar for it. 

And new McAfee research shows John isn’t alone, with nearly 1 in 4 (23%) US adults surveyed revealing they’ve lost money to a tax scam.  

Example of a tax scam text message
Example of a tax scam text message

Key findings from McAfee’s 2026 Tax Season Survey 

Here’s what our January 2026 survey of 3,008 U.S. adults found: 

The big picture: lots of worry, not enough confidence 

  • 82% of Americans say they’re concerned about tax fraud this season. 
  • 67% say they’re seeing the same or more tax scam messages than last year. 
  • 40% say tax scam messages are more sophisticated than last year. 
  • 84% are concerned about AI making tax scams more realistic. 
  • Only 29% say they’re very confident they could spot a deepfake tax scam. 

How often scams are reaching people 

  • 34% say they’ve been contacted by someone claiming to be the IRS or another tax authority (phone, text, or email). 
  • 38% say they’ve been asked to click a link or send payment related to a “tax issue.” 
  • Common asks include SSNs (15%), birth dates (11%), addresses (10%), “you owe back taxes” pressure (9%), and banking details (8%). 

Who is getting hit hardest 

  • Nearly 1 in 4 Americans (23%) say they’ve fallen for a tax scam. 
  • Young adults report the highest exposure: 42% of 18–24-year-olds say they’ve fallen for at least one tax scam. 
  • 11% of Americans report tax-related identity theft, rising to 17% among ages 25–34. 

The money is real 

  • Among people who say they’ve fallen for a tax scam, the average loss is $1,020. 
  • Separately, nearly 1 in 5 Americans say they’ve lost money to a tax scam. 

Tax filing is increasingly digital (and that changes the risk) 

  • 55% say they file taxes online (software or IRS Free File). 
  • 75% say they receive refunds or pay taxes electronically (direct deposit, cards, apps, EFTPS, etc.). 
  • 30% say they plan to use an AI tool (like ChatGPT) to help prepare taxes, especially younger adults. This is highly dangerous, even with platform security protections. For example, if an AI tool were compromised in a data breach, user messages with personal tax information (like social security numbers, home address, and more) could be made public.  

Tax Scams Now Hit Year-Round, McAfee Labs Finds 

In addition to our consumer survey findings, McAfee Labs analyzed malicious URLs, apps, texts, and emails in the months leading up to filing season. 

The major takeaway: tax scams don’t wait for April. 

Scam activity began climbing as early as November and has again continued building steadily into 2026. 

Between September 1, 2025, and February 19, 2026, McAfee Labs identified 1,468 malicious or suspicious tax-themed unique domains, an average of 43 new fake tax websites every day. 

In early November 2025 alone, the average number of new tax-themed malicious domains nearly doubled in just over a week. After a brief dip in late December, activity resumed climbing into February, a pattern we expect to intensify as the April filing deadline approaches. 

a chart showing the malicious domains blocked by McAfee's web advisor
A chart showing the unique, malicious domains detected by McAfee’s Web Advisor

 

Fake IRS Websites Are A Major Threat 

Scammers are rapidly creating lookalike IRS domains that mimic official government URLs.  

They use small changes, extra letters, added words, subtle misspellings, to trick taxpayers into believing they’re on a legitimate IRS site. 

Examples include domains that insert additional text around “irs.gov” or add misleading subdomains designed to pass a quick glance. 

These fake portals are used to: 

  • Steal login credentials 
  • Harvest Social Security numbers and tax IDs 
  • Capture payment details 
  • Charge bogus “processing fees” 

In some cases, these sites don’t just steal, they overcharge. 

McAfee Labs observed scam services offering to file for an EIN (Employer Identification Number), something the IRS provides for free, and charging as much as $319 for it. 

Example of a scam website we found charging for an EIN.

Example of a scam website we found charging for an EIN. 

The official IRS website explicitly warns: you never have to pay a fee to obtain an EIN. 

Other scam sites misuse legitimate policy terms, like the “Fresh Start Initiative,” to harvest personal data and enroll victims in aggressive robocall and marketing campaigns. 

Tax scams don’t always steal outright. Sometimes they monetize confusion. 

Here it shows them charging $319 for an EIN, and collecting their personal information.
Here it shows them charging $319 for an EIN, and collecting their personal information.

How a Typical Tax Scam Unfolds 

Most tax scams aren’t one single message. They’re a sequence, designed to make you panic, click, and comply. 

Below is the common playbook, plus the red flags that show up repeatedly. 

*Note: Scammers may swap the details like AI voice, fake IRS videos, cloned websites, or impersonating tax software, but the pattern stays familiar. 

Step  What happens  Red flags you’ll see at this step  Red flags that are true every time  What to do instead 
1) The hook  You get a call, text, or email claiming there’s a tax issue (refund problem, underpayment, verification needed).  Message arrives out of nowhere, often during busy hours; “final notice” language; spoofed caller ID.  Unexpected contact + urgency.  Don’t engage. Pause. Go directly to IRS.gov or your tax provider’s official site (type it in). 
2) The authority move  They lean hard on being “the IRS” or “state tax authority,” sometimes with personal details.  They sound polished; may use AI voice cloning; may cite a “case number.” Fake or meaningless case numbers are very common.  They want you to trust the title, not verify the source.  Ask for written notice and time. Real tax issues can be verified through official channels. 
3) The link  They send a link to a “secure portal” or “refund page.”  Lookalike website, subtle misspellings, weird domain, shortened link, email button that says “Pay Now.”  They’re trying to pull you off official channels.  Never click the link. Navigate to the real site yourself. If unsure, delete it. 
4) The data grab  The site (or “agent”) asks for SSN, banking info, login credentials, or details from a prior return.  Requests that are broader than needed; “verify identity” prompts; form fields that feel too invasive.  They want sensitive info fast.  Stop. Don’t type anything. If you already did, assume it’s compromised and act quickly (see next section). 
5) The payment push  They demand payment to “avoid penalties,” “release your refund,” or “resolve a mistake.”  Gift cards, crypto, wire transfers, payment apps; pressure to pay today; threats.  Urgency + unusual payment method.  The IRS does not demand immediate payment via text/social, and doesn’t require gift cards or crypto. Verify independently. 
6) The escalation  If you hesitate, they intensify: threats, “law enforcement,” or AI video/audio that “proves” it’s real.  Deepfake IRS video, intimidating language, “you’ll be arrested,” “your license will be revoked.”  Fear is the product.  Hang up. Save evidence. Talk to a trusted person. Contact official support through verified numbers. 
7) The aftermath  You realize it was a scam—often after noticing a strange charge or login activity.  Charges from odd merchants; new accounts; IRS account alerts; failed tax filing due to “duplicate return.”  Shame keeps people quiet—scammers count on that.  Report it and protect your identity right away. You’re not alone, and it’s not your fault. 

Key point: A message can look “official” and still be fake. AI is making scam language smoother and scams more believable. The safest habit is simple: slow down, and verify using official sources you navigate to yourself. 

What to do if you’ve been involved in a tax scam 

First: take a breath. Scams are designed to trick you, especially when you’re overwhelmed, rushed, or just trying to fix a problem quickly. 

John said it plainly: “Don’t be embarrassed. It does happen. It’s common… they will target anyone.” 

And he’s right. The most important thing is what you do next. 

1) Stop the bleeding: cut off contact 

  • Stop replying 
  • Don’t click anything else 
  • Don’t send more information or money 

2) Capture proof (before it disappears) 

Take screenshots and save: 

  • Phone numbers, email addresses, usernames 
  • The message content 
  • Links (don’t click them, just copy) 
  • Payment receipts and transaction IDs 

3) Lock down your accounts (especially email) 

If a scammer gets into your email, they can reset passwords for everything else. 

Do this today: 

  • Change your email password first, then banking/tax accounts 
  • Turn on two-factor authentication (2FA) 
  • If you reused passwords anywhere, change those too 

Important: If you clicked a suspicious link, downloaded a file, or gave someone remote access to your computer, make sure you use a different, trusted device (like your phone or another computer) to change passwords. Why? If a scammer installed malware or has access to your computer, they may be able to see all of your brand-new passwords as you’re making them. 

Tip: A password manager like McAfee’s can help you create strong, unique passwords quickly, without having to memorize them all. 

4) Check for identity theft signals 

Tax scams often turn into identity theft. Watch for: 

  • IRS notices about a return you didn’t file 
  • Trouble e-filing because a return was already submitted 
  • Alerts about a new IRS online account you didn’t create 

If you suspect tax-related identity theft: 

  • Consider filing an IRS identity theft report (commonly done with IRS Form 14039, Identity Theft Affidavit). 
  • Create or log into your IRS account periodically to review account activity (John now does this every few months). 

McAfee’s Identity Monitoring can help restore your sense of security and privacy online.  

5) Report it (even if you feel weird about it) 

Reporting helps you and helps stop the next person from getting hit. 

Common reporting options include: 

  • FTC report: Report scams and identity theft at the FTC’s reporting site. 
  • IRS phishing email: If you received a scam email posing as the IRS, you can forward it to phishing@irs.gov. 
  • Your bank or card provider: If you paid, contact them immediately. Even if recovery isn’t guaranteed, speed matters. 

6) Clean up your digital footprint 

Scammers don’t just use what you give them. They also use what they can look up. 

Removing your personal details from risky data broker sites can reduce how easily scammers can target you again. Tools like Personal Data Cleanup can help you identify where your information is exposed and guide removal. 

7) Add protection for the next attempt 

Tax season scams often come in waves, especially if scammers think your info is “good.” 

Helpful layers include: 

  • Web protection to warn you about risky links and lookalike sites before you enter info – get our free WebAdvisor download here 
  • Scam detection that can flag suspicious messages 
  • Identity monitoring to alert you if key personal info shows up in risky places 
  • Run a free antivirus scan to check your device for malware or unwanted programs (especially if you clicked a link or downloaded anything) 

The key takeaway 

Tax season creates the perfect storm: time pressure, sensitive data, and a lot of official-looking communication. 

Our research shows most people are worried, and for good reason. Scammers are getting more convincing, and AI is raising the bar on what “real” looks and sounds like. 

“Tell your friends, tell your family,” John said. “Everyone I know at some point has heard this story, and it might just prevent someone from losing… thousands of dollars.” 

If you remember just three things this season, make them these: 

  1. Pause before you click. 
  2. Verify through official channels you navigate to yourself. 
  3. If something happens, act quickly, and don’t blame yourself. 

The post Tax Scams Hit Nearly 1 in 4 Adults. Spot the Red Flags appeared first on McAfee Blog.

  •  

X (Twitter) Account Hacked: What to Do Right Now

X (formerly Twitter) hacks tend to hit fast. 

One minute you’re scrolling like normal. The next, your account is posting crypto promotions, sending spam DMs, or following hundreds of random accounts you’ve never heard of. Sometimes you don’t even notice until a friend asks why you’re suddenly “giving away” gift cards. 

If you use X for work, your personal brand, or your business, a takeover can do real damage quickly. And in many cases, the hacker isn’t just trying to cause chaos, they’re trying to use your account to scam your followers while you still look trustworthy. 

This guide walks you through exactly what to do if your X account has been hacked: how to spot the warning signs, how to regain access, and what to change immediately so it doesn’t happen again. 

If you’re still locked out after trying these steps, X also offers an official support form for hacked or compromised accounts. 

Signs Your X Account May Be Compromised 

X account takeovers don’t always start with a full lockout. Often, the first signs are strange activity you didn’t authorize. 

Watch for these red flags

Unexpected posts: Tweets you didn’t write, especially spam, crypto links, or promotions. 

Unusual DMs: Messages sent from your account that you don’t remember sending. 

Account behavior changes: Random follows, unfollows, blocks, or profile changes you didn’t approve. 

Security notifications: Alerts from X that your account may be compromised. 

Account info changed: Notifications that your email, phone number, or password was updated without your permission. 

Password suddenly stops working: You’re prompted to reset your password even though you didn’t request it. 

If any of these are happening, assume your account is compromised and start recovery steps immediately. 

What to Change Immediately If Your X Account Was Hacked 

If your X account was hacked, assume your login details may have been stolen. 

That means simply getting back into your account isn’t enough, you also need to update the passwords and settings attackers could still use. 

Here’s what to change right away: 

  • Change your X password 
  • Change the password for the email account connected to X 
  • Turn on two-factor authentication (2FA) 
  • Confirm your email address and phone number are correct 
  • Revoke access for any suspicious third-party apps 
  • Review X Pro / Teams access (if you use it) and remove unfamiliar users 
  • Update any other accounts that share the same password 
  • Delete unauthorized posts and DMs (once you regain control) 

If you suspect the hack started through malware or phishing, it’s also smart to update passwords for other sensitive accounts tied to your identity, like banking apps, payment apps, or your Apple/Google account. 

Using a password manager like McAfee’s can help you create strong, unique passwords for every account, and store them securely in one place. 

Step-by-Step: How to Recover a Hacked X Account 

X offers different recovery options depending on whether you can still log in. 

Step  What to Do  Why It Matters 
1. Change your password immediately (if you can still log in)  Go into your X account settings and update your password to something strong and unique.  This is the fastest way to cut off unauthorized access. 
2. Reset your password if you’re locked out  Use the “Forgot password” option on the login screen to start account recovery.  This can help you regain access even if the hacker changed your password. 
3. Secure your email account  Change your email password and enable 2FA. Make sure only you can access it.  If your email is compromised, the hacker can keep resetting your X account. 
4. Reverse suspicious email changes if possible  If you receive an email about an account email change, check for an option to undo it.  This may allow you to regain control before the hacker fully locks you out. 
5. Revoke third-party app access  While logged in, review connected apps and remove anything you don’t recognize.  Some takeovers happen through malicious apps, not direct password guessing. 
6. Revoke mobile app sessions if needed  If suspicious activity continues, revoke access for X mobile apps from your settings so they’re forced to re-authenticate.  X notes that password changes may not automatically log out mobile sessions. 
7. Update your password anywhere it’s saved  If you use trusted apps or services that store your X password, update it there too.  Repeated failed login attempts can temporarily lock your account. 
8. Turn on 2FA  Enable two-factor authentication as soon as you regain control.  This adds a strong layer of protection even if your password gets stolen again. 
9. Contact X support if you still can’t regain access  Submit X’s hacked/compromised account request form. Include your username and the last date you had access.  If self-recovery fails, support may be able to help restore access. 

If you’re still unable to log in after attempting recovery, visit X’s official hacked account support form for next steps. 

Watch for Phishing “X Support” Scams 

One of the most common ways X accounts get hacked is through phishing. 

Scammers impersonate: 

  • X support 
  • “verified account” teams 
  • copyright warnings 
  • fake sponsorship offers 
  • fake security alerts claiming your account will be suspended 

They try to pressure you into clicking a link and logging in on a fake page designed to steal your password. 

If you receive a suspicious email or DM, don’t click. 

Instead, open X directly in the app or browser and check your account settings from there. 

Final Tips: Recovering From an X Hack 

A hacked X account can spread scams quickly, especially if the attacker uses your account to message followers directly. 

The most important steps are: 

  • Act quickly 
  • Change your password immediately 
  • Secure the email account connected to X 
  • Revoke suspicious third-party app access 
  • Review X Pro / Teams access if applicable 
  • Enable two-factor authentication (2FA) 
  • Delete unauthorized posts once you regain control 
  • Scan your device for malware 

McAfee offers a free antivirus scan that can help you detect malware or suspicious programs that may have compromised your account in the first place. 

And if you’re still locked out or something doesn’t look right, use X’s official support request form to report the account as hacked or compromised. 

Frequently Asked Questions 

Q: How do I know if my X account was hacked?
A: Common signs include posts or DMs you didn’t send, unusual follows/unfollows, account changes you didn’t authorize, security alerts from X, or a password that suddenly stops working. 
Q: If I change my password, will the hacker be logged out?
A: Changing your password is critical, but some mobile sessions may remain active. X recommends revoking app access in your settings if suspicious activity continues. 
Q: What should I do if my email address was changed?
A: Check your inbox for an email from X about the change. In some cases, you may be able to reverse it using the security link. If you can’t, start account recovery immediately and submit a support request if needed. 
Q: Should I remove third-party apps after a hack?
A: Yes. X notes that malicious or untrusted third-party apps can compromise your account. Remove anything you don’t recognize or no longer use. 
Q: What if I still can’t log in after resetting my password?
A: Submit a hacked account support request through X’s official form. Be sure to include your username and the last date you had access. 
Q: What’s the biggest mistake people make after their X account gets hacked?
A: Only changing their password. If the attacker still has access through connected apps, a compromised email account, or saved sessions, they can regain control quickly. 

 

The post X (Twitter) Account Hacked: What to Do Right Now appeared first on McAfee Blog.

  •  

My Instagram Has Been Hacked – What Do I Do Now?

Instagram hacks don’t always start with a dramatic “you’ve been locked out” moment. 

More often, it starts with something small: your followers asking why you just sent them a weird link. Your account suddenly following hundreds of random profiles. A post you didn’t write showing up in your feed. Or an email from Instagram saying your login details were changed. 

By the time you realize what’s happening, scammers may already be using your account to impersonate you, message your followers, or promote fake giveaways and crypto scams through your profile. 

This guide walks you through exactly what to do if your Instagram account has been hacked: how to spot the warning signs, how to regain access, and what to change immediately so it doesn’t happen again. 

And if you’re still having trouble at any stage, be sure to visit Instagram’s official recovery tools for additional support. 

Signs Your Instagram Account May Be Compromised 

Instagram account takeovers don’t always look obvious at first. In many cases, the first signs are subtle changes you didn’t make. 

Watch for these red flags: 

Password or email changes you didn’t request: You may receive an email saying your account information was updated. 

Suspicious login alerts: Notifications about a login attempt, new device, or verification code you didn’t request. 

Posts, Stories, or Reels you didn’t publish: Scammers often post crypto promotions, fake giveaways, or sketchy links. 

DMs you didn’t send: A common tactic is using your account to message your followers with phishing links. 

Your account starts following random accounts: Hackers may use compromised accounts to inflate scam pages or bot networks. 

Your profile info has been edited: Name, bio, profile photo, or website links changed without your permission. 

If any of these are happening, assume your account is compromised and start recovery steps immediately. 

What to Change Immediately If Your Instagram Account Was Hacked 

If your Instagram account was hacked, assume your login details may have been stolen. 

That means simply getting back into your account isn’t enough, you also need to update the passwords and settings attackers could still use. 

Here’s what to change right away: 

  • Change your Instagram password 
  • Change the password for the email account connected to Instagram 
  • Turn on two-factor authentication (2FA) 
  • Log out of all active sessions/devices 
  • Remove suspicious third-party apps connected to your account 
  • Confirm your phone number and email address are correct 
  • Check Accounts Center and remove linked accounts you don’t recognize 
  • Update any other accounts that share the same password 

If you suspect the hack started through malware or a phishing link, it’s also smart to update passwords for other sensitive accounts tied to your identity, like banking apps, payment apps, or your Apple/Google account. 

Using a password manager like McAfee’s can help you create strong, unique passwords for every account, and store them securely in one place. 

Step-by-Step: How to Recover a Hacked Instagram Account 

Instagram provides several recovery options depending on what information you still have access to (email, phone number, username, or trusted device). 

Step  What to Do  Why It Matters 
1. Visit Instagram’s hacked account recovery page  Use Instagram’s official hacked account recovery flow in your browser or app.  This is often the fastest way to secure your account and start recovery. 
2. Check your email for security messages from Instagram  Look for messages about password changes or email changes. If Instagram gives you a link to undo the change, use it immediately.  If a hacker changed your email address, this may be your quickest chance to reverse it. 
3. Request a login link  Use “Forgot password?” to request a login link sent to your email or phone number.  This can restore access even if your password was changed. 
4. Request a security code or additional support  If login links aren’t working, follow Instagram’s prompts to request further help. Use an email address only you can access.  If the attacker changed your contact info, you may need additional verification steps. 
5. Complete identity verification if prompted  Instagram may ask you to verify your identity, including submitting a video selfie if your account contains photos of you.  This helps Instagram confirm you’re the real account owner. 
6. Change your password immediately after regaining access  Reset your password to something strong and unique.  This cuts off access and helps prevent repeat takeovers. 
7. Remove suspicious linked accounts and apps  Check Accounts Center and remove anything unfamiliar. Revoke access for any third-party apps you don’t trust.  Hackers may leave behind access routes to get back in later. 
8. Turn on 2FA and login alerts  Enable two-factor authentication and set alerts for new logins.  This makes it much harder for attackers to regain access. 

If you’re still unable to recover your account, visit Instagram’s official support and recovery tools for additional help. 

Watch for Phishing “Instagram Support” Scams 

One of the most common ways Instagram accounts get hacked is through phishing. 

Scammers impersonate: 

  • Instagram support 
  • verification teams 
  • copyright violation notices 
  • “your account will be deleted” warnings 
  • fake giveaway collaborations 

Their goal is to pressure you into clicking a link and entering your password on a fake login page. 

If you receive a suspicious email or DM, don’t click. 

Instead, open Instagram directly in the app and check your security settings from there. 

If you think you entered your login info into a suspicious link, change your password immediately and secure your account right away. 

Final Tips: Recovering From an Instagram Hack 

A hacked Instagram account is stressful for a reason: it doesn’t just affect your profile. It affects your followers, your reputation, and your private messages. 

The most important steps are: 

  • Act quickly 
  • Check your email for Instagram security alerts 
  • Use Instagram’s official hacked account recovery tools 
  • Change your password immediately 
  • Log out of all active sessions 
  • Remove suspicious apps and linked accounts 
  • Enable two-factor authentication (2FA) 
  • Scan your device for malware 

McAfee offers a free antivirus scan that can help you detect malware or suspicious programs that may have compromised your account in the first place. 

And if you’re still locked out or something doesn’t look right, follow Instagram’s official recovery guidance and contact Instagram support directly. 

Frequently Asked Questions 

Q: How do I know if my Instagram account was hacked?
A: Common signs include password or email changes you didn’t request, suspicious login alerts, DMs you didn’t send, posts you didn’t publish, or unexpected changes to your profile details. 
Q: What if my Instagram email address was changed?
A: Check your inbox for an email from Instagram about the change. In some cases, Instagram may provide a security link that lets you reverse it. If you can’t undo the change, start the hacked account recovery process as soon as possible. 
Q: What if I can’t log in at all?
A: Use Instagram’s official hacked account recovery tools. Depending on your situation, Instagram may offer login links, security codes, or identity verification options to help you regain access. 
Q: Should I remove third-party apps after a hack?
A: Yes. Some account takeovers happen because an unsafe app was given access. Remove anything you don’t recognize or no longer use. 
Q: What’s the biggest mistake people make after getting hacked?
A: Only changing their Instagram password. If the attacker still has access through your email account, linked accounts, or suspicious third-party apps, they can regain control quickly. 
Q: Can Instagram ask me to verify my identity?
A: Yes. In some cases, Instagram may ask you to confirm ownership through verification steps. This can include submitting additional information or completing a video selfie process. 

 

The post My Instagram Has Been Hacked – What Do I Do Now? appeared first on McAfee Blog.

  •  

YouTube Channel Hacked? Restore Owner Access and Stop Live-Stream Scams

You don’t always realize your YouTube channel has been hacked right away. 

Sometimes it’s a sudden spike in notifications. Sometimes it’s a flood of confused comments. And sometimes it’s the worst-case scenario: you wake up to find your channel renamed, your videos hidden, and a scam livestream running under your brand. 

This is one of the most common forms of creator-targeted account takeover today. Attackers hijack real channels because they already have an audience, and then use that trust to promote fake crypto giveaways, “investment” livestreams, or malicious links in video descriptions. 

A YouTube channel hack can also put your account at risk of Community Guidelines strikes or monetization penalties, even if you didn’t upload the content yourself. 

This guide walks you through exactly what to do if your YouTube channel has been compromised: how to regain owner access, stop scam live streams fast, and secure your Google Account so it doesn’t happen again. 

Signs Your YouTube Channel May Be Compromised 

A hacked YouTube channel usually means your Google Account has also been compromised, since every YouTube channel is tied to at least one Google Account. 

Watch for these red flags: 

Changes you didn’t make: Your channel name, profile photo, handle, description, or external links were updated. 

Videos or live streams you didn’t create: You may see uploads you don’t recognize, scam live streams, or replays that weren’t posted by you. 

You receive warnings or strikes: YouTube may send emails about Community Guidelines violations, copyright claims, or suspicious activity tied to content you didn’t publish. 

You can’t log in or your password stops working: A sudden login failure may mean your password was changed or your account access was locked. 

Monetization or AdSense settings changed: Attackers may try to redirect revenue or alter payment associations. 

If any of these are happening, assume your channel is compromised and start recovery steps immediately. 

What to Change Immediately If Your YouTube Channel Was Hacked 

If your YouTube channel was hacked, assume your Google login details may have been stolen. 

That means simply getting back into your channel isn’t enough; you also need to update the passwords and settings attackers could still use. 

Here’s what to change right away: 

  • Change your Google Account password 
  • Enable two-factor authentication (2FA) 
  • Remove unknown devices and active sessions 
  • Check and update your recovery email and recovery phone number 
  • Remove any unfamiliar channel owners/managers/editors 
  • Remove suspicious connected apps or third-party access 
  • Review your AdSense/monetization settings for changes 
  • Update any other accounts that share the same password 

If you suspect the takeover started through malware or phishing, it’s also smart to update passwords for other sensitive accounts tied to your Google identity, like Gmail, Google Drive, banking accounts, or payment apps. 

Using a password manager like McAfee’s can help you create strong, unique passwords for every account, and store them securely in one place.  

Step-by-Step: How to Recover a Hacked YouTube Channel 

Step  What to Do  Why It Matters 
1. Recover your Google Account first  If you can still log in, change your password immediately. If you can’t, start Google’s account recovery process.  Your YouTube channel is tied to your Google Account. If your Google Account is compromised, your channel will remain vulnerable. 
2. Secure your Google Account  Enable 2FA, review recent logins, and remove unknown devices.  Hackers often stay logged in through active sessions even after a password change. 
3. Remove unknown channel access  Check channel permissions and remove any unfamiliar owners, managers, or editors.  Attackers may add themselves as a manager to keep access even after recovery. 
4. Stop scam live streams and remove suspicious uploads  End any unauthorized livestreams, delete scam videos, and remove malicious links from descriptions.  Scam streams can damage your reputation and trigger policy strikes quickly. 
5. Revert channel changes  Restore your channel name, branding, About section, links, and settings.  This helps prevent your channel from being used to impersonate a brand or run scams. 
6. Review YouTube Studio for strikes or policy issues  Check for Community Guidelines strikes, copyright claims, or monetization restrictions.  Hackers often upload policy-violating content that can put your channel at risk. 
7. Scan your device for malware  Run a trusted security scan to check for spyware or password-stealing malware.  If your device is infected, attackers can steal your new password immediately. 
8. Contact YouTube/Google support if you’re still locked out  Use YouTube’s hacked channel support tools or Google Account recovery help.  If self-recovery fails, YouTube may be able to help restore access or guide you through next steps. 

If you’re still having issues after completing these steps, be sure to visit YouTube and Google’s official support resources for hacked accounts. 

And, if you’re an eligible creator, you can also contact YouTube’s Creator Support Team. 

Watch for Phishing “YouTube Support” Scams 

One of the most common ways YouTube channels get hacked is through phishing. 

Scammers impersonate: 

  • YouTube support 
  • YouTube Partner Program emails 
  • Copyright violation notices 
  • Brand sponsorship offers 
  • Verification or monetization warnings 

They try to pressure you into clicking a link, downloading a file, or logging in through a fake Google sign-in page. 

If you receive a suspicious email or message, don’t click. 

Instead, open YouTube Studio directly and check your account status from inside the platform. 

Final Tips: Recovering From a YouTube Channel Hack 

A hacked YouTube channel is stressful for a reason: it doesn’t just affect your account. It affects your audience, your reputation, and your income, especially if monetization is involved. 

The most important steps are: 

  • Act quickly 
  • Recover your Google Account first 
  • Change your password and enable 2FA 
  • Remove unknown channel managers and owners 
  • End scam live streams immediately 
  • Remove suspicious uploads and links 
  • Review YouTube Studio for strikes or violations 
  • Scan your device for malware 

And if you’re still locked out or something doesn’t look right, follow YouTube’s official recovery guidance and contact Google/YouTube support directly. 

YouTube may be able to help restore access, reverse changes, or provide instructions for appealing a termination if your channel was taken down during the hack. 

McAfee also offers a free antivirus scan that can help you detect malware or suspicious programs that may have compromised your account in the first place. 

Frequently Asked Questions 

Q: How do I know if my YouTube channel was hacked?
A: Common signs include channel name or branding changes you didn’t make, scam livestreams, videos uploaded that aren’t yours, suspicious external links added to your channel, or being locked out of your account. 
Q: Why does a hacked YouTube channel usually mean my Google Account was hacked too?
A: Because YouTube channels are tied to Google Accounts. If your channel was taken over, your Google login credentials or active session may have been compromised. 
Q: What should I do if my channel is live-streaming a crypto scam?
A: End the livestream immediately if you still have access. Then change your Google password, remove unknown channel managers, enable 2FA, and remove scam links from your channel page and video descriptions. 
Q: Can I get strikes or lose my channel because of videos the hacker uploaded?
A: Potentially, yes. Scam uploads can trigger Community Guidelines or copyright violations. That’s why it’s important to remove unauthorized content quickly and review YouTube Studio for strikes. 
Q: What if I can’t log in at all?
A: Start Google’s account recovery process as soon as possible. If you’re still locked out after recovery attempts, visit YouTube’s official hacked channel support resources for next steps. 
Q: How do I know if the hacker is fully kicked out?
A: Review your Google Account security settings, logged-in devices, recovery email/phone settings, and channel permissions. Remove anything unfamiliar and enable 2FA to reduce the chance of re-entry. 

 

The post YouTube Channel Hacked? Restore Owner Access and Stop Live-Stream Scams appeared first on McAfee Blog.

  •  
❌