An analysis by WIRED and Indicator found nearly 90 schools and 600 students around the world impacted by AI-generated deepfake nude images—and the problem shows no signs of going away.

The UK designated Xinbi Guarantee as an enabler of crypto scammers and human trafficking weeks ago. Telegram is still hosting it in plain sight.

Internal emails obtained by WIRED reveal how a conservative legal group with a direct line into FCC chairman Brendan Carr’s office built the case against Jimmy Kimmel and his employees.

More than 70 organizations, including the ACLU, EPIC, and Fight for the Future, say the AI smart glasses feature would endanger abuse victims, immigrants, and LGBTQ+ people.

Emails claiming to be from Social Security are making the rounds right now. 

They look official. They sound official. And they’re designed to get you to click before you think twice. 

The Social Security Administration’s Office of Inspector General is warning about a spike in messages that claim your Social Security statement is ready to download. The goal is simple. Get you to click a link or open an attachment. 

From there, things can go sideways fast. 

Before interacting with anything like this, it’s worth pausing and running it through a tool like McAfee’s Scam Detector. This is exactly the kind of message it’s built to flag. Something that looks legitimate, but feels just slightly off. 

How The Scam Works 

The email mimics official government communication, using logos, formatting, and language that feels familiar. It might say your statement is ready, your account needs attention, or you need to review a document. 

Once you click: 

• You may be sent to a fake website designed to capture your personal information  
• You may download malware without realizing it  
• Or you may be prompted to enter sensitive financial details  
• Either way, the goal is the same: get access to your identity. 

The Red Flags In These Emails 

• Messages claiming your social security statement is ready to download  
• Links or attachments labeled as official documents  
• Urgency pushing you to act quickly  
• Sender addresses that do not end in “.Gov”  

The biggest tell: Social Security does not send emails like this asking you to download statements or provide sensitive information. 

What To Do If You Get One 

• Do not click links or download attachments  
• Delete the email immediately  
• Access your account by going directly to the official SSA website  
• Report the message to the SSA Office of Inspector General  

If you already clicked: 

• Stop communication immediately  
• Contact your financial institutions  
• Monitor your accounts closely  
• Report the incident to the FTC or the FBI’s IC3  

And that, my friends, is scam number one in this week’s This Week in Scams. 

Let’s get into what else is on our radar. 

A Healthcare Data Breach That Could Lead to Follow-Up Scams 

Healthcare data breaches don’t always make headlines the same way big tech breaches do, but they can be just as serious. 

According to reporting from Fox News, CareCloud, a company that supports electronic health records for tens of thousands of providers, recently confirmed a security incident involving unauthorized access to one of its systems.  

The access lasted several hours. And while it’s still unclear whether any data was taken, that uncertainty is exactly what makes situations like this risky. 

Because even if you’ve never heard of the company, your doctor might use it. 

Why This Matters 

Healthcare data is incredibly valuable. It can include: 

• Names and social security numbers  
• Insurance details  
• Medical history  
• Billing information  

Unlike a credit card, you can’t just cancel your medical history. 

And when that kind of data is exposed or even potentially exposed, scammers often follow up with messages that feel highly specific and personal. 

What To Watch For Next 

After incidents like this, scammers often move quickly: 

• Emails or texts pretending to be your provider  
• Messages about billing issues or medical records  
• Requests to “verify” your information  
• Links to log in or update your account  

These scams work because they’re timed perfectly and feel relevant. 

This is another moment where Scam Detector can help flag suspicious links or messages before you engage, even when they reference real healthcare providers. 

How To Protect Yourself 

• Review medical bills and insurance statements for unfamiliar activity  
• Enable two-factor authentication on patient portals  
• Use strong, unique passwords  
• Avoid clicking links in unexpected healthcare-related messages  
• Consider identity monitoring to catch misuse early  

Where McAfee Steps In (So You Don’t Have to Guess) 

Scams today are layered. 

A fake email leads to stolen credentials. A breach leads to targeted phishing. And those follow-ups are getting harder to spot. 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done: 

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage
• Safe Browsing helps block risky sites if you do click
• Device Security helps detect malicious apps or downloads
• Secure VPN keeps your data private, especially on public Wi-Fi  

Safety Tips To Carry Into Next Week 

• Be cautious of emails that look official but create urgency  
• Never trust unsolicited messages asking for personal or financial information  
• Go directly to official websites instead of clicking links  
• Stay alert after any breach or security incident makes headlines  
• Use tools like McAfee that help you verify what’s real before you act  

Because the reality is, scams are designed to look legitimate. You shouldn’t have to figure it out on your own. We’re safer together. 

We’ll be back next week with more scams making headlines. 

The post Social Security Scam Emails and a Healthcare Data Breach: This Week in Scams appeared first on McAfee Blog.

Plus: Iran’s internet blackout hits the 1,000-hour mark, cryptocurrency scams result in a record amount of money stolen from Americans, and more.

The new AI model is being heralded—and feared—as a hacker’s superweapon. Experts say its arrival is a wake-up call for developers who have long made security an afterthought.

We’re excited to share that McAfee’s Scam Detector has been named a finalist in the 2026 Webby Awards. 

Recognized in the AI Experiences & Applications – Consumer Application category and named a Webby Honoree for Best Use of AI & Machine Learning, Scam Detector is being acknowledged for its effectiveness as an AI-driven consumer tool. 

This recognition of Scam Detector validates something key in research findings. According to McAfee’s 2026 State of the Scamiverse report, Americans now spend 114 hours a year trying to decide what’s real and what’s fake online. 

Scam Detector was built with this era of uncertainty in mind, designed to help people cut through confusion and identify scams as they appear. The Webby recognition reinforces to us that McAfee’s Scam Detector is doing exactly that. 

What Are the Webby Awards? 

The Webby Awards are presented by the International Academy of Digital Arts & Sciences and recognize excellence across the internet, including apps, software, AI, and digital experiences. 

Each year, thousands of entries are evaluated, with finalists representing the top work in their category globally. 

In addition to judged awards, the Webby Awards include a People’s Voice Award, which is decided by public vote. 

How McAfee’s Scam Detector Uses AI to Stop Scams 

Scam Detector is designed to help people identify scams where they’re most likely to happen, always ready to help you spot what’s real and what’s not when you least expect it. 

It uses AI to analyze and flag suspicious: 

• Text messages and emails  
• Links and websites  
• QR codes  
• Social media messages  
• AI-generated and deepfake content  

Beyond detection, Scam Detector explains why something was flagged as risky. That transparency helps show how decisions are made, so people can quickly understand the risk and feel more confident trusting what’s flagged.

As scams become more personalized and harder to detect, this combination of automatic detection and clear guidance is critical to preventing financial loss and identity theft. 

Vote for McAfee’s Scam Detector 

Scam Detector is eligible for the Webby People’s Voice Award, which is decided by public vote. 

If you would like to support McAfee’s Scam Detector, you can vote here: https://vote.webbyawards.com/PublicVoting#/2026/ai/ai-experiences-applications/consumer-application 

Voting is open through Thursday, April 16 at 11:59 pm PDT. 

Winners will be announced on April 21, 2026. 

And a big thank you to the McAfee teams who brought Scam Detector to life and who continuously improve how Scam Detector identifies new threats and adapts to the evolving world of AI-driven scams. 

The post McAfee’s Scam Detector Named Webby Awards Finalist for AI Innovation appeared first on McAfee Blog.

Political candidates are purchasing more home alarms, bulletproof vests, and other protections amid rising fears of political violence.

In Telegram groups, men are sharing thousands of nonconsensual images of women and girls, buying spyware, and engaging in doxing and sexual abuse.

As Trump threatens Iranian infrastructure, the US government warns that Iran has carried out its own digital attacks against US critical infrastructure.

The AI lab's Project Glasswing will bring together Apple, Google, and more than 45 other organizations. They'll use the new Claude Mythos Preview model to test advancing AI cybersecurity capabilities.

Nonprofits run out of US Border Patrol stations are also selling other “operation”-themed coins that include a phrase popularized by the Proud Boys, potentially in violation of government rules.

When Syrian government accounts were hijacked in March, the breach looked chaotic. But it revealed something more troubling: a state struggling with the most basic layer of cybersecurity.

Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as part of an ongoing supply chain hacking spree, and more.

Major AI labs are investigating a security incident that impacted Mercor, a leading data vendor. The incident could have exposed key data about how they train AI models.

A tax system breach in Oklahoma is putting highly sensitive personal information at risk. And unfortunately, this is exactly the kind of situation scammers love to exploit. 

Hackers reportedly accessed W-2 and 1099 files through Oklahoma’s online tax portal, according to state officials, exposing the kind of information that can open the door to tax fraud, identity theft, and highly targeted phishing attempts. 

Before the follow-up scams start rolling in, this is the kind of moment where layered protection matters. McAfee+ Advanced includes identity monitoring and data cleansup that can help alert you if your personal information starts circulating where it shouldn’t, and Scam Detector can flag suspicious messages if scammers try to use this breach as a hook. 

What Happened in Oklahoma 

According to a statement by the Oklahoma Tax Commission and reported by KOCO News 5, a local ABC affiliate, suspicious activity inside the state’s Oklahoma Taxpayer Access Point system was identified in December 2025. The agency says impacted individuals have been notified directly by mail, and complimentary credit monitoring and fraud assistance are being offered. 

When W-2s, 1099s, Social Security numbers, and tax-related records are exposed, scammers can use that information to: 

• File fraudulent tax returns  
• Try to open new accounts  
• Build phishing emails or texts that feel unusually real  

Either way, the goal is the same: use real information to make the next scam more believable. 

Red Flags of a Scam After a Breach Like This 

The breach itself is real. But what often follows is a second wave of scams pretending to help. 

Watch For: 

• Emails or texts about your “tax account” that create urgency  
• Messages asking you to verify personal information  
• Fake alerts about refunds, filings, or suspicious activity  
• Links telling you to log in and “secure” your account  

That’s where people can get hit twice: once by the breach, and again by the scam that follows it. 

What To Do If You’re Impacted 

First, don’t panic. Then: 

• Take advantage of any free credit monitoring or fraud assistance being offered  
• Monitor your bank accounts, tax records, and credit reports closely  
• Consider placing a fraud alert or credit freeze if needed  
• Be extra careful with any message referencing taxes, refunds, or account access 
• Go directly to official sites instead of clicking links in emails or texts  

And that, my friends, is scam number one in this week’s This Week in Scams. 

Let’s get into what else is on our radar. 

The FBI Impersonation Scam Showing Up Across the U.S. 

Scammers pretending to be federal agents are making the rounds across the country, and this one is built to make people panic fast. 

Field offices, including Chicago and Houston, are warning the public about fraudsters posing as FBI agents in calls, texts, and emails. In some cases, the scammers claim you’re connected to an investigation. In others, they say you’re a victim of fraud and need to act immediately to protect yourself. 

Sometimes they do not stop there. They may also pretend to be bank employees working alongside the FBI, all to make the story feel more convincing and get access to your money or personal information. 

Why This Scam Works

This scam plays on the same pressure tactics we’ve seen over and over again: authority, urgency, and confusion. 

If someone claims to be a federal agent, many people freeze up and assume they need to cooperate immediately. That’s exactly what scammers are counting on. 

The FBI has been clear about this: federal law enforcement will not ask you for money or sensitive personal information over the phone, by text, or by email. 

The Red Flags in This Message

• Unsolicited outreach from someone claiming to be federal law enforcement  
• Pressure to act immediately  
• Requests for money, gift cards, prepaid cards, or personal information  
• Instructions to keep the conversation secret  
• Stories involving a bank “working with” the FBI  

If it feels dramatic, high-pressure, and just a little off, trust that instinct. 

What To Do if You Get One Of These Messages

• Do not respond  
• Do not send money or share personal information  
• Contact the agency directly using publicly listed contact information  
• Save the message for your records  
• Report it to the FBI: 1-800-CALL-FBI (225-5324), or online at tips.fbi.gov.

This is also exactly the kind of message McAfee’s Scam Detector is built to flag before you get pulled in. 

How McAfee Helps You Stay Ahead of Scams and Breaches 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done: 

• Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast
• Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place
• Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage
• Safe Browsing helps block risky sites if you do click
• Device Security helps detect malicious apps or downloads
• Secure VPN keeps your data private, especially on public Wi-Fi  

This kind of layered protection is critical in cases like ghost student scams, where the first sign of fraud often comes after financial damage has already happened. 

Safety tips to carry into next week 

• Be extra cautious after any real breach makes headlines  
• Do not trust unsolicited messages just because they reference real institutions  
• Never send money to someone claiming to be law enforcement  
• Go directly to official websites instead of clicking links  
• Use tools that flag suspicious messages in real time so you do not have to guess 

The reality is, scams are getting better at looking official. 

You should not have to be an expert to spot them. That’s why McAfee is here to help. We’re Safer Together.

We’ll be back next week with more scams making headlines. 

The post Oklahoma Tax Breach and FBI Impersonation Scam: This Week in Scams appeared first on McAfee Blog.

In this episode, we discuss Iran’s threats to target US tech firms, gear up for the midterm elections, and get a scene report from the Polymarket pop-up bar in DC.

As strikes continue on Iran’s nuclear facilities, the real danger isn’t the explosion, but what happens if critical safety systems fail—and how that risk could spread across the Gulf.

We’re proud to share that McAfee’s “Keep It Real” campaign has been named a finalist in the 2026 Shorty Awards Social Good Campaign category. 

This category recognizes work that doesn’t just perform, it matters: campaigns that raise awareness, inspire action, and make a real-world impact. 

That’s exactly what “Keep It Real” set out to do. 

Because behind every scam statistic is a person who thought they were making the right call. And too often, what follows isn’t just financial loss. It’s embarrassment, silence, and stigma. 

We wanted to change that. 

The campaign launched alongside McAfee Scam Detector to address a growing reality: scams powered by AI are becoming harder to recognize and easier to fall for. 

“Keep It Real” paired real survivor stories with AI-driven protection to show how scams actually happen and how people can stop them in the moment. 

The goal was simple: 

• Normalize the experience  
• Remove shame around being scammed 
• Help more people recognize scams faster  

Because when people feel safe talking about scams, they’re more likely to spot them and stop them. 

What Are the Shorty Awards? 

The Shorty Awards honor the best work in social media, digital campaigns, and online storytelling across brands, creators, and organizations. 

Now in their 18th year, the awards recognize campaigns that combine creativity, impact, and real-world relevance. Finalists are selected alongside leading global brands and judged on both industry evaluation and public voting. 

How McAfee’s Scam Detector Fits In 

McAfee’s Scam Detector is designed to help people identify scams across everyday digital moments. 

It uses AI to fight AI by flagging suspicious: 

• Text messages and emails  
• QR codes and links  
• Social media messages  
• AI-generated and deepfake content  

By combining automatic detection with clear guidance, Scam Detector helps people better understand what they’re seeing and decide what to trust. 

Real Stories Behind the Campaign 

A core part of “Keep It Real” was giving space to people who experienced scams to share what happened, in their own words. 

These stories helped show that scams can happen to anyone and played a key role in breaking the stigma around being targeted. 

 

This recognition reflects the work across McAfee teams who built and brought this campaign to life, including product, engineering, research, creative, and communications. 

It also reflects the individuals who chose to share their real scam stories to help others recognize scams, stay safer, and end the shame and stigma around being scammed. 

Support the Campaign 

The Shorty Awards include a public voting component. 

If you’d like to support the campaign, you can vote here:
https://shortyawards.com/18th/keep-it-real-mcafees-ai-scam-media-relations-campaign 

Voting is open through April 8, and you can vote once per day. 

The post McAfee’s “Keep It Real” Campaign Named Shorty Awards Finalist appeared first on McAfee Blog.