Author: admin

Authored by Aayush Tyagi 

Introduction  

Minecraft is a 2011 sandbox game developed and published by Mojang Studios. It is the best-selling video game in the world and has sold over 350 million copies worldwide. Its popularity has spanned over a decade due to its versatile gameplay, offering multiple game modes, including one of the most memorable Story Mode in gaming history.

It allows players to create and host multiplayer servers with a variety of gameplay options and offers a wide range of custom launchers, game mods, and cheats to choose from.

Its massive popularity and widespread use of third-party tools have also given rise to a dark side of the Minecraft ecosystem, which is filled with Remote Access Trojans (RATs), credential stealers, keyloggers and other malware threats.   

McAfee Labs has recently uncovered a colossal Minecraft-focused Malware-as-a-Service (MaaS) campaign named ‘Weedhack’, that allows threat actors to remotely access and manipulate the victims’ screen, webcam and file system through a dashboard hosted on the clear net, making it easily accessible to anyone with a Discord account and an internet connection. 

Key Findings 

• ‘Weedhack’ has been active since January 2026 and masquerades as genuine Minecraft clients and mods to infect users.  
• We’ve discovered over 3820 unique malicious JAR files that are part of this attack and over 240 URLs responsible for distributing this malware.  
• This campaign utilizes SEO poisoning and YouTube to generate traffic to these malicious URLs. We also found two YouTube channels and multiple videos that demonstrate Minecraft Mods and Clients and redirect viewers to these URLs. 
• The campaign has accumulated a total of 116,464 hits, averaging approximately 2000 to 3,000 hits per day. 
• The campaign provides an enterprise-grade dashboard that allows customers to view stolen credentials and system information, download the payload, configure notifications, access tutorials, and remotely monitor their victims.  
• This campaign deploys EtherHiding, a technique that uses Ethereum blockchain to fetch its latest C2 domain. The responses are RSA-signed and verified before execution, helping protect the network from campaign takeover attempts. 
• We’ve uncovered 10 domains that host the next stage payloads and host the malware dashboard for the Weedhack campaign.  
• We’ve identified 11 domains that hosted similar MaaS campaigns in the past, orchestrated by the same threat actor.  
• We’ve unearthed the threat actor’s Telegram account and uncovered a Telegram channel for customers, with over 850 members, as of writing this blog. 
• This campaign offers two service tiers: free and premium.  
• The free tier includes a comprehensive infostealer capable of targeting Minecraft session IDs and four Minecraft launchers, collecting system information, and stealing cookies and passwords from 36 different browsers. It also targets 56 browser-based crypto wallets and 12 desktop crypto wallets, along with Discord, Steam, and Telegram credentials. It can search for files using 24 different keywords and includes screenshot capture capabilities. 
• For premium users, with subscriptions starting at $5 per month, it offers additional remote-access capabilities such as webcam access, keylogging, reverse shell execution, screen sharing with keyboard and mouse access, and file management features for uploading and downloading files.  
• While monitoring the Telegram channel, we found that WeedHack malware is a major catalyst for cyberbullying. Many of its customers appear to be teenagers and young adults and are using remote access capabilities to threaten, harass and monitor their victims, which are around the same age.
  

The post Game Over: WeedHack – The Rise of Minecraft Malware-as-a-Service Campaigns appeared first on McAfee Blog.

Whether you’re planning a once-in-a-lifetime trip or just hoping to catch a match while it’s in your city, the 2026 FIFA World Cup is already driving a surge in ticket searches, travel bookings, and last-minute plans. 

But where there’s high demand and big money, scammers aren’t far behind. 

Let’s break down the new McAfee research, what scams to watch for, and how McAfee’s tools help you stay safe.

New McAfee Research Finds a Gap Between Awareness and Risk 

New research from McAfee shows that while most fans are aware of World Cup-related scams, many are still willing to take risks to secure tickets.  

In fact, 40% say they would consider buying from an unofficial source if they can’t get tickets through the official FIFA site, as many expect tickets to sell out and hope to find affordable resale options. 

That tension is what makes events like the World Cup especially vulnerable for scams. 

With limited ticket availability, rising prices, and the pressure to act quickly, even informed fans can find themselves making decisions they normally wouldn’t, like buying tickets from a reseller on TikTok.  

And scammers are counting on it. 

Survey takeaways: 

• 76% of fans are interested in getting World Cup tickets 
• 35% have already started searching online 
• 43% are willing to spend over $500 on tickets 
• 66% say they’re aware of World Cup-related scams 
• 66% say they’re concerned about being scammed 
• 40% would consider buying tickets from unofficial sources 

The Most Common World Cup Scams to Watch For 

Below is a comprehensive breakdown of the most common scams tied to major global sporting events like the World Cup, including how they work and what to look for. 

McAfee’s Scam Detector,  Safe Browsing tools, VPN, and Password Manager work together to help you spot scams like these as they happen by flagging suspicious messages, blocking risky websites, and helping you make safer decisions before you click, pay, or share information. 

Scam Type	What It Is	How It Works	Red Flags
Fake Ticket Resale Scam	Fraudulent tickets sold through unofficial sites or individuals	Scammers create fake listings or duplicate real tickets and sell them to multiple buyers	Prices far below or above market, refusal to use official transfer systems, pressure to act fast
Social Media Ticket Scam	Tickets sold through platforms like Instagram, Facebook, TikTok, or X	Fake or hacked accounts post “last-minute” ticket offers and move conversations to DMs	Urgent language (“only 2 left”), new or suspicious profiles, requests to pay outside the platform
Duplicate QR Code Scam	One legitimate ticket is resold multiple times	Multiple buyers receive the same QR code, but only the first scan works	Screenshots instead of official transfers, identical tickets sold repeatedly
Fake Ticket Website Scam	Websites designed to look like official ticket platforms	Victims enter payment info or purchase tickets that don’t exist	Slightly misspelled URLs, unfamiliar domains, lack of official branding verification
Travel & Accommodation Scam	Fake hotels, rentals, or travel packages	Listings appear legitimate but either don’t exist or are already booked	Prices that seem unusually low, requests for upfront payment, lack of verified reviews
Booking Impersonation Scam	Fraudsters pose as airlines, hotels, or booking platforms	Victims receive messages about “issues” with bookings and are asked to click links or provide info	Unexpected messages, requests for login or payment details, links that don’t match official sites
Public Wi-Fi & Phishing Scam	Data theft through unsecured networks while traveling	Scammers intercept data or create fake login portals on public Wi-Fi	Open networks with no password, login pages asking for unnecessary information
Fake Giveaway Scam	Promotions claiming free tickets or VIP access	Victims are asked to enter personal data, click links, or pay “processing fees”	“You’ve won” messages you didn’t enter, requests for payment to claim prizes
Betting & Prediction Scam	Fake betting tips or “guaranteed wins” tied to matches	Scammers sell fake predictions or direct users to malicious betting sites	Claims of guaranteed outcomes, requests for upfront payment, unfamiliar platforms
Merchandise Scam	Counterfeit World Cup gear sold online	Buyers receive low-quality or no product at all	Unverified sellers, poor site quality, deals that seem too good to be true

How AI is Making These Scams More Convincing

Unfortunately, with the continued improvement of AI, these scams are becoming more convincing. 

AI tools allow scammers to create: 

• More realistic websites and messages 
• Personalized outreach that feels legitimate 
• Fake endorsements, images, or promotions 

That means traditional advice like “look for typos” is no longer enough on its own. 

Today’s scams often look polished, professional, and believable. 

What “Official” Actually Means (and Why It Matters) 

For the World Cup, official ticket sales happen through designated FIFA sales phases and platforms. 

Buying outside those channels increases the risk of: 

• Invalid or duplicate tickets 
• Inflated pricing without guarantees 
• No recourse if something goes wrong 

Even if a ticket looks legitimate, it may be: 

• Sold to multiple buyers 
• Already voided 
• Rejected at the gate

When in doubt, go directly to the official FIFA website instead of clicking links from messages or ads. You can also visit their comprehensive FAQ section for all your ticket and event questions. 

How to Stay Safe When Buying Tickets or Traveling 

Here are practical steps fans can take to reduce risk: 

Safety Check	What To Do
Buy from official sources	Use FIFA’s official ticket platform whenever possible
Avoid clicking links in messages	Navigate directly to official websites instead. McAfee’s Safe Browing tools help prevent you from opening malicious links.
Be cautious with resale offers	Verify platforms and avoid direct peer-to-peer payments
Check QR codes before you scan them	You can check for QR code scams on-demand with Scam Detector
Don’t pay with untraceable methods	Avoid wire transfers, gift cards, or crypto-only payments
Double-check URLs	Look for misspellings or unusual domains
Use secure connections	Avoid making purchases on public Wi-Fi, or use a VPN like McAfee’s.
Protect your accounts	Use strong passwords and enable two-factor authentication. Consider a password manager like McAfee’s.
Verify before you buy	If something feels off, pause and check before sending money

What to Do If You Think You’ve Been Scammed 

If you think you may have purchased a fraudulent ticket, clicked a suspicious link, or shared information with a scammer, acting quickly can help limit the impact. 

Immediate steps to take 

Stop communication immediately
Do not send additional money or information, even if the sender claims you need to “complete” a transaction. It’s also a good idea to take screenshots of messages in case the scammer disappears. 

Contact your bank or payment provider
Report the transaction as soon as possible. Many institutions can help reverse charges or flag fraudulent activity if caught early. 

Secure your accounts
Change passwords for any accounts that may be affected, especially email, banking, and ticketing platforms. Our password manager and free password generator help create unique passwords every time.  

Enable two-factor authentication (2FA)
Adding an extra layer of security can help prevent unauthorized access, even if your password was exposed. 

Scan your device for threats
If you clicked a suspicious link or downloaded a file, run a security scan to check for malware or malicious software. Check out our free security scan. 

Monitor for unusual activity
Keep an eye on financial accounts, email logins, and any services tied to your personal information. Our free WebAdvisor helps protect you from malware and phishing attempts while you surf. 

How McAfee Helps You Spot Scams in the Moment 

McAfee offers more than traditional antivirus, combining multiple layers of digital protection in one app to help you stay safer while searching, clicking, and buying online. 

Scam Detector helps flag suspicious texts, emails, and videos automatically, so you can spot a scam before it hits you and your wallet 

Safe Browsing tools help block risky websites, alert you to phishing attempts, and guide you away from malicious links 

VPN helps keep your connection private on public Wi-Fi, protecting your personal and payment information 

Password Manager helps create and store strong, unique passwords to reduce the risk of account takeover 

Identity Monitoring and Alerts notify you if your personal information appears where it shouldn’t, so you can quickly take steps to fix it 

Personal info removal helps find and remove your personal info from data broker sites and close out old forgotten accounts 

Device and Account Security helps protect the devices and accounts you use every day 

Final Thoughts 

The World Cup isn’t just another event, it’s a moment when millions of people are making fast decisions involving real money, travel plans, and personal information. 

What McAfee’s research makes clear is that the biggest risk isn’t a lack of awareness. Most fans already know scams exist. The risk is what happens next. 

When tickets are scarce, prices are high, and the pressure to act is real, even informed consumers may take chances they normally wouldn’t. That’s where scammers succeed: not by tricking people who aren’t paying attention, but by catching people in moments of urgency. 

As demand continues to build toward the tournament, more fans will be searching, comparing, and purchasing online.  

The takeaway is simple: Staying safe isn’t just about knowing scams exist. It’s about slowing down, verifying before you buy, and using tools that help you make informed decisions in the moment. 

*McAfee is not affiliated with or endorsed by FIFA. 

The post Are Your World Cup Tickets Legit? 40% of Fans May Risk Unofficial Sellers appeared first on McAfee Blog.

New article: “Responsible Disclosure in the Age of AI: A Call for Urgent Action,” by Melissa Hathaway.

Abstract: Artificial intelligence is fundamentally reshaping the balance between vulnerability discovery and remediation. Frontier AI models are now capable of autonomously identifying exploitable software vulnerabilities at unprecedented speed and scale. This development exposes decades of accumulated technical debt created by a software industry that prioritized rapid deployment over secure-by-design engineering practices. Drawing on the evolution of software assurance, vulnerability disclosure frameworks, and U.S. cyber policy, this perspective argues that the current moment represents a strategic inflection point for governments, industry, and critical infrastructure operators. The author examines the growing tension between offensive and defensive equities in cyberspace, the emergence of AI-enabled vulnerability discovery capabilities in both the U.S. and China, and the increasing risks posed by unsupported legacy systems and AI-assisted code generation practices. Responsible disclosure can no longer remain a reactive or fragmented process, but must become a coordinated national and international resilience effort involving governments, software vendors, infrastructure operators, and emergency response organizations. The article concludes with an urgent call for accelerated remediation, large-scale patch management coordination, and sustained investment in automated vulnerability repair capabilities before adversaries exploit this rapidly narrowing window of opportunity.

Whether you’re planning a once-in-a-lifetime trip or just hoping to catch a match while it’s in your city, the 2026 FIFA World Cup is already driving a surge in ticket searches, travel bookings, and last-minute plans. 

But where there’s high demand and big money, scammers aren’t far behind. 

Let’s break down the new McAfee research, what scams to watch for, and how McAfee’s tools help you stay safe.

New McAfee Research Finds a Gap Between Awareness and Risk 

New research from McAfee shows that while most fans are aware of World Cup-related scams, many are still willing to take risks to secure tickets.  

In fact, 40% say they would consider buying from an unofficial source if they can’t get tickets through the official FIFA site, as many expect tickets to sell out and hope to find affordable resale options. 

That tension is what makes events like the World Cup especially vulnerable for scams. 

With limited ticket availability, rising prices, and the pressure to act quickly, even informed fans can find themselves making decisions they normally wouldn’t, like buying tickets from a reseller on TikTok.  

And scammers are counting on it. 

Survey takeaways: 

• 76% of fans are interested in getting World Cup tickets 
• 35% have already started searching online 
• 43% are willing to spend over $500 on tickets 
• 66% say they’re aware of World Cup-related scams 
• 66% say they’re concerned about being scammed 
• 40% would consider buying tickets from unofficial sources 

The Most Common World Cup Scams to Watch For 

Below is a comprehensive breakdown of the most common scams tied to major global sporting events like the World Cup, including how they work and what to look for. 

McAfee’s Scam Detector,  Safe Browsing tools, VPN, and Password Manager work together to help you spot scams like these as they happen by flagging suspicious messages, blocking risky websites, and helping you make safer decisions before you click, pay, or share information. 

Scam Type	What It Is	How It Works	Red Flags
Fake Ticket Resale Scam	Fraudulent tickets sold through unofficial sites or individuals	Scammers create fake listings or duplicate real tickets and sell them to multiple buyers	Prices far below or above market, refusal to use official transfer systems, pressure to act fast
Social Media Ticket Scam	Tickets sold through platforms like Instagram, Facebook, TikTok, or X	Fake or hacked accounts post “last-minute” ticket offers and move conversations to DMs	Urgent language (“only 2 left”), new or suspicious profiles, requests to pay outside the platform
Duplicate QR Code Scam	One legitimate ticket is resold multiple times	Multiple buyers receive the same QR code, but only the first scan works	Screenshots instead of official transfers, identical tickets sold repeatedly
Fake Ticket Website Scam	Websites designed to look like official ticket platforms	Victims enter payment info or purchase tickets that don’t exist	Slightly misspelled URLs, unfamiliar domains, lack of official branding verification
Travel & Accommodation Scam	Fake hotels, rentals, or travel packages	Listings appear legitimate but either don’t exist or are already booked	Prices that seem unusually low, requests for upfront payment, lack of verified reviews
Booking Impersonation Scam	Fraudsters pose as airlines, hotels, or booking platforms	Victims receive messages about “issues” with bookings and are asked to click links or provide info	Unexpected messages, requests for login or payment details, links that don’t match official sites
Public Wi-Fi & Phishing Scam	Data theft through unsecured networks while traveling	Scammers intercept data or create fake login portals on public Wi-Fi	Open networks with no password, login pages asking for unnecessary information
Fake Giveaway Scam	Promotions claiming free tickets or VIP access	Victims are asked to enter personal data, click links, or pay “processing fees”	“You’ve won” messages you didn’t enter, requests for payment to claim prizes
Betting & Prediction Scam	Fake betting tips or “guaranteed wins” tied to matches	Scammers sell fake predictions or direct users to malicious betting sites	Claims of guaranteed outcomes, requests for upfront payment, unfamiliar platforms
Merchandise Scam	Counterfeit World Cup gear sold online	Buyers receive low-quality or no product at all	Unverified sellers, poor site quality, deals that seem too good to be true

How AI is Making These Scams More Convincing

Unfortunately, with the continued improvement of AI, these scams are becoming more convincing. 

AI tools allow scammers to create: 

• More realistic websites and messages 
• Personalized outreach that feels legitimate 
• Fake endorsements, images, or promotions 

That means traditional advice like “look for typos” is no longer enough on its own. 

Today’s scams often look polished, professional, and believable. 

What “Official” Actually Means (and Why It Matters) 

For the World Cup, official ticket sales happen through designated FIFA sales phases and platforms. 

Buying outside those channels increases the risk of: 

• Invalid or duplicate tickets 
• Inflated pricing without guarantees 
• No recourse if something goes wrong 

Even if a ticket looks legitimate, it may be: 

• Sold to multiple buyers 
• Already voided 
• Rejected at the gate

When in doubt, go directly to the official FIFA website instead of clicking links from messages or ads. You can also visit their comprehensive FAQ section for all your ticket and event questions. 

How to Stay Safe When Buying Tickets or Traveling 

Here are practical steps fans can take to reduce risk: 

Safety Check	What To Do
Buy from official sources	Use FIFA’s official ticket platform whenever possible
Avoid clicking links in messages	Navigate directly to official websites instead. McAfee’s Safe Browing tools help prevent you from opening malicious links.
Be cautious with resale offers	Verify platforms and avoid direct peer-to-peer payments
Check QR codes before you scan them	You can check for QR code scams on-demand with Scam Detector
Don’t pay with untraceable methods	Avoid wire transfers, gift cards, or crypto-only payments
Double-check URLs	Look for misspellings or unusual domains
Use secure connections	Avoid making purchases on public Wi-Fi, or use a VPN like McAfee’s.
Protect your accounts	Use strong passwords and enable two-factor authentication. Consider a password manager like McAfee’s.
Verify before you buy	If something feels off, pause and check before sending money

What to Do If You Think You’ve Been Scammed 

If you think you may have purchased a fraudulent ticket, clicked a suspicious link, or shared information with a scammer, acting quickly can help limit the impact. 

Immediate steps to take 

Stop communication immediately
Do not send additional money or information, even if the sender claims you need to “complete” a transaction. It’s also a good idea to take screenshots of messages in case the scammer disappears. 

Contact your bank or payment provider
Report the transaction as soon as possible. Many institutions can help reverse charges or flag fraudulent activity if caught early. 

Secure your accounts
Change passwords for any accounts that may be affected, especially email, banking, and ticketing platforms. Our password manager and free password generator help create unique passwords every time.  

Enable two-factor authentication (2FA)
Adding an extra layer of security can help prevent unauthorized access, even if your password was exposed. 

Scan your device for threats
If you clicked a suspicious link or downloaded a file, run a security scan to check for malware or malicious software. Check out our free security scan. 

Monitor for unusual activity
Keep an eye on financial accounts, email logins, and any services tied to your personal information. Our free WebAdvisor helps protect you from malware and phishing attempts while you surf. 

How McAfee Helps You Spot Scams in the Moment 

McAfee offers more than traditional antivirus, combining multiple layers of digital protection in one app to help you stay safer while searching, clicking, and buying online. 

Scam Detector helps flag suspicious texts, emails, and videos automatically, so you can spot a scam before it hits you and your wallet 

Safe Browsing tools help block risky websites, alert you to phishing attempts, and guide you away from malicious links 

VPN helps keep your connection private on public Wi-Fi, protecting your personal and payment information 

Password Manager helps create and store strong, unique passwords to reduce the risk of account takeover 

Identity Monitoring and Alerts notify you if your personal information appears where it shouldn’t, so you can quickly take steps to fix it 

Personal info removal helps find and remove your personal info from data broker sites and close out old forgotten accounts 

Device and Account Security helps protect the devices and accounts you use every day 

Final Thoughts 

The World Cup isn’t just another event, it’s a moment when millions of people are making fast decisions involving real money, travel plans, and personal information. 

What McAfee’s research makes clear is that the biggest risk isn’t a lack of awareness. Most fans already know scams exist. The risk is what happens next. 

When tickets are scarce, prices are high, and the pressure to act is real, even informed consumers may take chances they normally wouldn’t. That’s where scammers succeed: not by tricking people who aren’t paying attention, but by catching people in moments of urgency. 

As demand continues to build toward the tournament, more fans will be searching, comparing, and purchasing online.  

The takeaway is simple: Staying safe isn’t just about knowing scams exist. It’s about slowing down, verifying before you buy, and using tools that help you make informed decisions in the moment. 

*McAfee is not affiliated with or endorsed by FIFA. 

The post Are Your World Cup Tickets Legit? 40% of Fans May Risk Unofficial Sellers appeared first on McAfee Blog.

Trevor Lawrence didn’t actually cut his hair. 

But millions of people thought he did. 

The Jacksonville Jaguars recently released a viral schedule announcement video that appeared to show their star quarterback chopping off his signature long blond hair. The clip spread quickly online, pulling in nearly 4 million views on X and triggering reactions from fans, friends, and even Lawrence’s grandmother. 

The catch? It wasn’t real. 

The team later confirmed the moment was partially staged, partially AI-generated and part of the joke. Even Lawrence admitted the fake looked convincing. 

And that’s exactly the problem. 

What started as a harmless sports prank is also a reminder of how realistic AI-generated videos have become and how easily scammers can use the same technology to fool people online. 

Why Deepfake Scams Are Growing Fast 

Deepfake scams use artificial intelligence to clone someone’s face, voice, or likeness to create fake videos, ads, phone calls, or social media posts that appear real. 

And increasingly, scammers are using celebrities, influencers, athletes, and trusted public figures to do it. 

According to McAfee research: 

• 72% of Americans say they’ve seen fake celebrity or influencer endorsements online 
• 39% say they’ve clicked on one 
• 1 in 10 victims lost money or personal data 
• Average losses reached $525 per person 

Why does it work? Because scammers know familiarity lowers our guard. 

When people see a recognizable face, whether it’s Trevor Lawrence, Taylor Swift, Tom Hanks, or a favorite influencer, they’re more likely to trust what they’re seeing before stopping to question it. 

From Funny Sports Videos to Real Financial Scams 

The Jaguars video was meant as entertainment. 

But scammers are already using the same technology for fraud. 

McAfee researchers recently identified a growing wave of celebrity deepfake scams involving fake giveaways, investment schemes, romance scams, and fraudulent ads. 

Some recent examples include: 

• Fake videos of TV personalities promoting “miracle” products 
• AI-generated celebrity investment ads pushing crypto scams 
• Romance scammers using deepfake video calls to impersonate celebrities 
• Fake emergency videos designed to create panic and urgency 

In one high-profile case, a woman reportedly lost nearly $900,000 to scammers impersonating Brad Pitt using AI-generated images and messages. 

The technology is getting good enough that “seeing is believing” no longer applies online. 

How to Spot a Deepfake Scam 

Here are some of the biggest red flags to watch for: 

Red Flag	What to Watch For
Emotional urgency	“Act now,” “limited time,” or panic-driven messaging
Too-good-to-be-true offers	Free giveaways, investment promises, miracle products
Slightly unnatural video details	Off-sync lips, robotic speech, strange blinking, awkward lighting
Fake verified-looking accounts	Usernames with extra characters or copied profile photos
Requests for money or personal data	Especially through DMs, crypto links, gift cards, or wire transfers

How McAfee Helps Protect You 

AI scams are evolving fast, but layered protection can help you stay ahead of them. 

McAfee’s Scam Detector, included in all core McAfee plans, can help identify suspicious links, messages, videos, and deepfake-related scams across texts, email, and social platforms before you click. 

Additional protections like Web Protection and Identity Monitoring can also help reduce your risk if scammers attempt to steal your credentials or personal information. 

Other Scam News This Week 

Charter Confirms Data Breach 

Charter Communications confirmed a data breach tied to a third-party vendor, exposing customer information. Whenever breaches like this happen, scammers often follow up with phishing emails and fake customer support calls pretending to help affected users. 

7-Eleven Data Breach Reports Surface 

Reports surrounding a potential 7-Eleven data breach are circulating online. Consumers should stay alert for fake password reset emails, loyalty account phishing attempts, and scam texts impersonating retailers. 

‘Tom Selleck’ Celebrity Scam Highlights Rise of AI Impersonation Fraud 

A tragic case tied to an alleged Tom Selleck impersonation scam is drawing attention to the growing threat of celebrity AI fraud. Experts warn that scammers are increasingly using fake celebrity profiles, AI-generated messages, cloned voices, and deepfake videos to build trust with victims online, especially older adults.  

The case underscores how emotionally manipulative and financially devastating these scams can become. 

Hackers Are Exploiting AI Chatbot “Personalities” 

Researchers told The Verge that attackers are beginning to manipulate chatbot behavior and personalities to trick users into unsafe actions, highlighting growing concerns around AI trust and social engineering. 

Fake Inheritance Email Scams Are Getting More Convincing 

A phishing scam making headlines this week uses fake inheritance notices and “unclaimed estate” emails to pressure victims into sharing personal information. 

Unlike older scam emails full of spelling mistakes, newer versions look polished and professional, often using legal-sounding language, fake reference numbers, and urgent 48-hour deadlines designed to trigger panic before people stop to verify the message. 

McAfee Safety Tips This Week 

The next deepfake won’t always look fake. That’s what makes these scams dangerous. 

Here are some practical, go-to tips  

• Pause before clicking celebrity endorsements or viral videos 
• Verify accounts through official sources before trusting promotions 
• Never send money or personal data based on social media messages alone 
• Be skeptical of urgency, especially “limited time” threats 
• Use AI-powered scam protection tools to help identify suspicious content before you engage 

And we’ll be back next week with more.

The post Trevor Lawrence’s Viral “Haircut” is a Lesson in Deepfakes: This Week in Scams appeared first on McAfee Blog.

Your Windows PC or Mac already includes built-in security features, and that’s a good thing. These tools provide an important first layer of protection against malware and other common threats users encounter every day. 

But today, staying safe online is about much more than blocking viruses.  

Scam texts arrive daily. Phishing emails imitate trusted brands. Fake websites are designed to steal passwords and payment information. Personal details can appear on data broker sites. AI Deepfakes are more convincing than ever. And most households use multiple devices, from laptops and phones to tablets and Chromebooks. 

That’s why McAfee+ Advanced combines device security with scam protection, identity monitoring, personal info removal, web protection, and secure VPN to help protect the many parts of your digital life. 

Let’s break down what built-in security does, and what McAfee does differently: 

What Built-In Security Does Well 

Both Windows 11 and macOS include a range of built-in security features designed to help protect your device. Depending on your operating system and the apps you use, these may include: 

• Malware detection and removal  
• Firewalls  
• Browser warnings about suspicious websites  
• Password management tools  
• Privacy and app permission controls  

Together, these features provide an important first layer of protection and help many users stay safer online.  

Why Many People Want More Than Basic Device Protection 

Built-in security tools are primarily focused on protecting the device itself. However, today’s online threats often target something even more valuable: your identity, your money, and your personal information. 

Recent McAfee research found that Americans receive an average of 14 scam messages every day, and more than three in four have encountered an online scam. 

Threats now commonly include: 

• Scam texts pretending to be banks, toll agencies, and delivery companies  
• Fake job offers via text, email, or social media 
• Phishing emails  
• QR code scams  
• AI-generated voice and video impersonations  
• Identity theft via smishing and quishing, including hijacking entire social profiles 
• Exposure of personal information on data broker sites  

These risks can follow you across all your devices, not just the computer sitting on your desk. 

Built-In Security vs. McAfee Protection 

Here are the key differences between built-in security alone, vs additional protection like McAfee.  

Built-In Security Has	McAfee+ Advanced Adds
Detecting viruses and malware	Scam protection for suspicious texts, emails, links, QR codes, and deepfakes
Basic privacy controls	Secure VPN to protect your connection on public Wi-Fi
Saving passwords	Password manager with unique password generation and storage.
Warning about some risky websites	Web Protection to help block dangerous sites before they load
Security on one device	Antivirus coverage across your PCs, Macs, phones, and tablets
Doesn’t have this support	Identity monitoring, so you know when your SSN and other info is exposed. Plus personal info removal, so your old data isn’t left spread out across the web.

Why McAfee Stands Out: Speed and Comprehensive Protection 

Unlike the old stereotype that stronger protection means a slower computer, independent testing shows McAfee is also the lightest on performance.  

In the latest AV-Comparatives PC Performance Test, McAfee Total Protection posted the lowest system impact score of all 20 products tested: just 3.3, compared with the industry average of 12.8.  

It also earned the highest possible rating, ADVANCED+. That means McAfee is not just adding more layers of protection. It is doing so while staying out of your way. 

For consumers looking for security that goes beyond basic antivirus to help protect against scams, identity theft, privacy risks, and threats across all their devices, that combination is hard to ignore. 

Protection Across All Your Devices 

Most people no longer rely on a single computer. A typical household may use: 

• Windows PCs  
• Macs  
• iPhones  
• Android phones  
• Tablets  
• Chromebooks

Managing security separately on every device can be difficult. McAfee+ Advanced is designed to provide coverage across your devices under one subscription, helping simplify online protection for individuals and families. 

How McAfee+ Advanced Goes Beyond Built-In Security 

With McAfee+ Advanced, multiple layers work together before any damage is done:  

• Scam Detector flags suspicious texts, emails, links, QR codes, and even deepfake videos before you engage 
• Secure VPN keeps your data private, especially on public Wi-Fi  
• Web Protection helps block risky sites, even if you do accidentally click  helps block risky sites, even if you do accidentally click   
• Password Manager doesn’t just help you make unique, strong passwords, it keeps them stored and organized for you
• Device Security helps detect malicious apps or downloads   
• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast   
• Personal Data Cleanup helps remove your information from sites selling it. 
• Online Account Cleanup assists in taking down your old, forgotten accounts across the web 
• Social Privacy Manager helps you monitor and change privacy settings across your social platforms in just a few clicks 

Together, these protections are designed to address the broader range of online risks people face every day. 

So, Do Windows PCs and Macs Need Antivirus Software? 

Built-in security tools provide an important starting point, but with scam attempts becoming more convincing and personal information more widely exposed, many people need a more comprehensive approach to staying safe online. 

McAfee+ Advanced combines device security, scam protection, identity monitoring, privacy tools, and VPN coverage to help you browse, bank, shop, and connect with greater confidence. 

The post Do Windows PCs and Macs Need Antivirus Software? How McAfee Goes Beyond Built-In Security appeared first on McAfee Blog.

Memorial Day weekend officially kicks off summer, and for millions of Americans, that means road trips, flights, cookouts, and a little online shopping for the deals. 

Unfortunately, scammers know this. They count on the fact that you’re distracted, you’re moving fast, and you’re probably connected to a network you don’t own. 

Here are five scams surging this holiday weekend, what they look like, and how to stay ahead of them.

1. Fake Travel Alerts from “Your Bank” or Hotel

You’re packing your bag when a text arrives: “Unusual activity detected on your account. Verify now to avoid suspension.”  

It looks like it’s from your bank, or maybe your hotel loyalty program. There’s a link. There’s urgency. And that’s exactly the point. 

These are brand impersonation scams, and they’re a dominant tactic year-round, but they spike around travel holidays when people are actively monitoring reservations and accounts.  

According to McAfee research, trusted brands like banks, airlines, and hotels are among the most commonly impersonated, and email scams impersonating retail and financial brands have surged up to 85% as major holidays approach. 

The message will typically ask you to click a link and “confirm your details” to secure your account or honor a reservation. That link leads to a convincing-looking fake site designed to capture your login credentials, payment info, or both. 

How to Avoid Travel Alert Scams:  

• Don’t click links in unsolicited texts or emails.  
• Go directly to the company’s app or website by typing the URL yourself.  
• Remember: pressure is a tactic, not customer service.  

McAfee’s Scam Detector can flag suspicious messages before you interact with them, whether they come via text, email, or social media. 

2. Fake Memorial Day Weekend “Deals”

Memorial Day is one of the biggest shopping weekends of the year. Scammers treat it like an open invitation. 

Fraudulent retailers flood social feeds with too-good-to-be-true deals on everything from patio furniture to electronics, often impersonating legitimate brands with copycat websites and paid ads. 

According to McAfee’s holiday shopping research, 91% of shoppers see ads from unfamiliar retailers, 37% say they might buy from a brand they don’t recognize, and a full 40% of consumers have abandoned a purchase out of fear that the deal wasn’t real. 

The most impersonated brands in McAfee’s research span luxury labels (Coach, Dior, Gucci) to mainstream favorites (Apple, Samsung, Nintendo, Disney), exactly the kind of items that show up in “blowout sale” ads. Fake storefronts have grown significantly, with technology URL scams rising nearly 50%. 

Once shoppers enter their payment details on a fraudulent site, that information goes directly to criminals. The average scam loss during the holiday shopping period runs around $840 per victim. 

How to Avoid Shopping Scams:  

• Type retailer URLs directly into your browser instead of clicking through ads or social posts.  
• Look for HTTPS and double-check the domain carefully before entering any payment info.  
• If a deal looks unbelievably good, verify it on the retailer’s official app before buying.  

McAfee’s Web Protection blocks malicious and suspicious sites before they load, including fake checkout pages. 

3. QR Code Scams at Gas Stations and Travel Stops

If you’re road-tripping this weekend, you may scan a QR code somewhere. It could be at the gas pump, a rest stop, a parking meter, or a roadside attraction. Scammers know this too. 

Criminals increasingly place fake QR codes over legitimate ones on gas station pumps, parking kiosks, and public signs. When you scan, you’re redirected to a convincing-looking payment or login page that captures your financial information. This is known as “quishing” or phishing via QR code. 

McAfee research shows just how widespread this risk has become: 68% of people scanned a QR code in the past three months, and 18% ended up on a suspicious or unsafe page after scanning. Among those who did, more than half took a risky action like entering personal information, installing an app, or connecting a digital wallet. 

How to Avoid Sketchy QR Codes:   

• Before scanning any QR code in public, look closely at the sticker or sign.  

• If it looks like it’s been placed over something else, skip it.  

• If you do scan, check the URL before proceeding.  

McAfee’s Scam Detector now includes instant QR code safety checks that assess risk before you tap, so you’re not flying blind at the gas pump. 

4. Public Wi-Fi Traps at Airports, Hotels, and Coffee Shops

Whether you’re waiting at the airport or grabbing coffee before hitting the highway, free Wi-Fi can feel like a gift. But not every “free Wi-Fi” network is what it appears to be. 

Hackers set up what are called “evil twin” networks, hotspots with names designed to look exactly like the legitimate network at the airport, hotel, or café you’re in.  

The moment you connect, they can use tools called packet sniffers to capture the data you send and receive: passwords, banking credentials, credit card numbers, email logins.  

According to McAfee’s travel research, 63% of travelers connect to public Wi-Fi, and 49% use airport Wi-Fi, making these among the riskiest behaviors travelers engage in without realizing it. 

Some of these fake networks go further, presenting a phony login screen that captures your username and password for popular services like Google or Apple before you even realize you’ve been compromised. 

How to Avoid Malicious Wi-Fi : 

• Always confirm the exact Wi-Fi network name with staff before connecting.  
• Turn off auto-join for Wi-Fi on your devices.  
• And most importantly: use a VPN.  

A VPN creates an encrypted tunnel for your internet traffic, so even if a hacker intercepts it, they’ll only see scrambled data. McAfee’s VPN is included in McAfee+ plans and automatically connects when you join public Wi-Fi, exactly the protection you want when you’re traveling and connecting everywhere.

5. Toll Road and Parking Text Scams (Expect a Surge After the Weekend)

You may have seen these already: a text that says you owe an unpaid toll or parking fee, with a link to pay before penalties kick in. These scams have been circulating for a while, and there’s a good chance Memorial Day weekend is about to make them worse. 

Scammers track news cycles and know that millions of Americans will be driving this weekend, many of them through toll roads and unfamiliar areas.  

That means they can blast out fake “unpaid toll” texts after the holiday and a significant percentage of recipients will think: “Actually, I did drive somewhere new this weekend.” That uncertainty is exactly what they’re counting on. 

These texts typically impersonate EZPass, SunPass, or state transportation departments and create urgency around a small fee to avoid larger fines. The link leads to a fake payment page designed to steal your credit card details. 

How to Avoid Toll Scams:   

• Don’t click links in unsolicited toll or parking texts.  
• If you think the charge might be legitimate, go directly to your state’s official toll authority website and look up your account there.  
• Real toll agencies will not threaten immediate penalties over text with a payment link.  
• If you receive one of these texts after this weekend, treat it as suspicious by default. 

Have a Safe Memorial Day Weekend 

Scammers don’t take holidays. If anything, long weekends are peak season. The good news: a little awareness goes a long way. Slow down before you click, verify before you scan, and protect your connection before you log on. 

McAfee+ Advanced comes with layered protection across all the moments where scams are most likely to strike, from the gas station to the hotel lobby to your inbox.  

Stay safe out there. 

The post 5 Scams to Watch for This Memorial Day Weekend appeared first on McAfee Blog.

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta’s “AI support assistant” bot into resetting account passwords.

On May 31, word began to spread on several Telegram instant message channels that Meta’s AI bot would happily add an email address to an existing account as part of the bot’s standard password reset flow.

A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target’s usual hometown, requesting a password reset for the account, and then choosing to chat with Meta’s AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset.

The Telegram account that posted the video also linked to screenshots of pro-Iran images, videos and messages that defaced the hacked Instagram accounts, saying hackers had used the exploit to hijack a number of valuable (read: short) Instagram account names that allegedly have a resale value of more than a half million dollars.

Meta has not responded to requests for comment on the video’s claims, but the company reportedly did acknowledge the dormant Instagram account for the Obama White House was briefly compromised. The security blog thecybersecguru.com reports that Meta pushed an emergency patch over the weekend, and clarified that no back end database was breached.

“Instagram has notoriously poor human support infrastructure,” Cybersecguru wrote. “Recovering a locked account – especially a high-value one can take weeks of back-and-forth with an automated ticketing system. Meta’s solution was to deploy a conversational AI layer to handle common recovery workflows: relinking a lost email address, triggering a password reset, verifying account ownership. The assistant, presumably, was supposed to reduce friction for legitimate users stuck in account-access hell.”

Ian Goldin, a threat researcher at Lumen’s Black Lotus Labs, said we’re entering unchartered security territory as more large online platforms start allowing AI chatbots to handle sensitive account recovery requests. Just like human customer support employees can be social engineered into providing unauthorized access to someone’s account, AI bots are equally eager to help and vulnerable to persuasion and trickery, he said.

“AI chatbots create interesting new attack surface, and we’re likely going to see a lot more of these kinds of attacks,” Goldin said.

Securing your various online accounts means taking full advantage of the most secure form of multi-factor authentication (MFA) offered (such as a passkey or security key). In this case, even using the least robust form of MFA that Instagram offers — a one-time code sent via SMS — likely would have blocked the exploit: The hackers who released the video on Telegram said their exploit failed to work against any accounts that had MFA enabled.

Someone named “Squid” seems to be a “West Country legend.”

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

Younger Americans have soured on the second Donald Trump presidency, but they are not protesting it.

Despite an unpopular Iran war and an even more unpopular Trump administration, college campus protests nationwide have gone silent. And at many schools, student activism is virtually nonexistent.

This silence comes in the wake of a relentless Trump administration war on campus speech that has involved lawsuits, arrests, deportations and expulsions.

Reports cite a range of complicated factors for the restraint, from apathy to technology-induced incapacity. But as public policy and law and social science experts, we believe students aren’t protesting for a very simple reason: They are afraid. They are self-censoring and disengaging from campaign activism to avoid punitive measures.

In law and social science, we call this impact a chilling effect—the behavioral tendency for people in face of a threat to self-censor and restrain their activities for self-protection.

It’s increasingly clear to us that these impacts are not incidental or ancillary to Trump administration policy. Rather, the chilling effects are the point. This is the closest thing to a consistent governing strategy in Trump’s second term.

The broader chill of Trump threats

Chilling effects can be subtle, but today they are everywhere. And it’s not just students who are chilled by Trump administration threats.

Professors are censoring themselves in lectures and rewriting syllabuses. Researchers are stripping grant applications of words that might attract federal scrutiny, or abandoning the topics entirely. Media outlets are modifying their news coverage to avoid Trump lawsuits or sanctions.

Law enforcement and regulatory agencies are refusing to investigate Trump-aligned actors inside or outside government, and major national law firms are declining cases challenging Trump administration policies.

Publishers are “stepping back” from LGBTQ+ books and other progressive subjects. Many in targeted immigrant communities are afraid to leave home to go to work or school.

In most cases, these people and institutions are not being specifically targeted or threatened by Trump. But they are afraid, and their fear is doing the administration’s work for it. They stay silent, avoid attention and confrontation, and look the other way. In other cases, they change their speech and behavior to accommodate or conform to the administration’s worldview.

Of course, there are counterexamples, such as the winter protests in Minneapolis in response to brutality by agents with U.S. Immigration and Customs Enforcement, and the recent “No Kings” rallies. But even here, the broader but less visible trend—chilling effects—is evident.

For instance, in recent reporting on the latest No Kings rallies, many media outlets observed that students were noticeably missing, despite the Trump administration’s unpopularity among younger Americans.

A persistent strategy

We believe none of this is by accident.

In a new book, “Chilling Effects: Repression, Conformity, and Power in the Digital Age,” one of us—Jon Penney—explains how law, technology, and state and corporate power are weaponized to chill and repress, and the dangers this poses for the United States and other democratic societies. The other—Bruce Schneier—has extensively studied the security infrastructure enabling this.

What we see isn’t gratuitous government cruelty, chaos or vengeance. Instead, we see a persistent strategy to maximize fear and chilling effects in ways that are corrosive to freedom and democracy.

Research suggests that surveillance, personal threats, uncertainty and abuse of power are key factors in doing so. The federal government has a clear and systematic pattern of employing these very mechanisms across a number of domains far beyond campuses.

They are evident in militarized raids by Immigration and Customs Enforcement and in journalists being arrested and indicted for reporting on protests. They are made clear in the long list of political enemies the Trump administration has investigated or threatened, including the Federal Reserve chairman. And they can also be seen in the weaponization of technology, including ramping up surveillance to target critics and protestors.

Corrosive to freedom and democracy

History offers some guidance on impacts.

During the McCarthy era, overreaching laws, surveillance, and public and private sector reprisals ostensibly targeted alleged communists. But the real aim was often to suppress progressive journalists, trade unions and political opposition.

In the 1960s, these same tactics were reused by Southern states to chill the Civil Rights Movement. Historians have written about how the widespread fear and conformity of these periods reshaped American society in enduring ways, including the destruction of progressive political movements and both delaying and muting the Civil Rights Movement itself.

When such state threats are systematized, they can foment a broader climate of fear, self-censorship and conformity. In that climate, dissenting speech, political opposition, democratic mobilization and other checks on power become increasingly difficult, even dangerous. It is no surprise, for instance, that Trump critics regularly admit to self-censorship, fearing for their safety.

Chilling effects are thus not only repressive—causing self-censorship—but productive. They produce conforming and compliant speech and behavior, which can have longer-term social impacts. They not only undermine protected rights and suppress accountability but can promote social change—even without a popular mandate to do so.

This latter point is often missed. It explains Trump’s assaults on universities and cultural institutions such as the Kennedy Center for the Arts and the Smithsonian. Often dismissed as peculiar Trump obsessions, they are fully consistent with Project 2025—the sweeping policy blueprint for Trump’s second term authored by a coalition of conservative groups and its call to target the “institutions of American civil society” and “wield federal power” to “reverse” decades of progressive cultural advancements.

In the near term, this means an increasingly weakened democratic society, with the government and its patrons enjoying freedom to pursue their objectives. Over the long term, this can mean a changed society as more conformist and compliant speech and culture become more widely accepted and entrenched.

Not inevitable

In our view, this future is not inevitable, just as the McCarthy era “Red Scare” and violent civil rights era repression were not. In both cases, fear and chilling effects were resisted in law and civil society, as they can be today.

But the central mechanisms—surveillance, uncertainty, personal threats and abuse of power—would need to be addressed. For instance, new legislation could ensure justice for lawless government actors and constrain surveillance. Courts can block abuses of federal power, including illegal arrests, detentions and mass citizen databases.

The media, lawyers and civil society can hold the government accountable. And students, teachers, universities and cultural institutions can resist the tendency to self-censor and conform.

The citizen mobilization in Minnesota and the No Kings rallies are examples of that. But to resist chilling effects and their dangers over the long term, this would have to be the norm, not the exception.

This essay was written with Jon Penney, and originally appeared in The Conversation.