AI is on your side. In fact, it’s kept you safer online for some time now. 

Now that scammers and hackers have gotten their hands on AI tools, they understandably get their share of headlines. Rightfully so. AI tools have helped them scale up their attacks while also making them look and feel increasingly sophisticated.  

Meanwhile, at McAfee, we’ve used AI as a core component of our protection for years now. As such, it’s done plenty for you over the years. AI has sniffed out viruses, malicious websites, and sketchy content online. It’s helped steer you clear of malicious websites too.  

Now we’ve made improvements to our AI-driven protection—and unveiled an all-new feature that takes full advantage of AI, McAfee Scam Protection. 

AI is indeed on your side. A quick tour will show you how. 

How AI keeps you safe: The plain language version. 

AI-driven protection quashes threats in three ways: 

  1. It detects threats by referencing models of existing threats. This combats pre-existing threats and entirely new (zero-day) threats alike. AI can spot varieties of different threats by comparing them to features it’s seen before. For example, it’s like AI learning to identify different varieties of fruit. An apple is still an apple whether it’s a Fuji or Granny Smith. In that way, a virus is still a virus if it’s “Virus A” or the newly discovered “Virus Z.”
  2. It further detects suspicious events and behaviors. AI provides a particularly powerful tool against zero-day threats. It analyzes the activities of applications for patterns that are consistent with malicious behavior. With that it can spot and prevent a previously unknown file or process from doing harm. In its way, AI says, “I’ve seen this sketchy behavior before. I’m going to flag it.”
  3. It automatically classifies threats and adds them to its body of knowledge. AI-driven threat protection gets stronger over time. Because it learns. Something we call “threat intelligence.” The more threats it encounters, the more rapidly and readily it can determine if files want to do you no good. The body of threat intelligence improves immensely as a result. 

So, what does AI-driven protection look like in the real world?  

AI can identify malicious websites and links before you can connect to them. It can prevent new forms of ransomware from encrypting your photos and files. And it can let you know when the link you got in that text is a total fake.  

In combination with our security engineers and teams, AI really on your side.  

AI leads to powerful new protections. 

As part of our product launch a few weeks ago, we created advances in one or our AI-driven protections and released an entirely new AI-driven protection as well. 

McAfee Next-gen Threat Protection: McAfee’s AI-powered security just got faster and stronger. Our Next-gen Threat Protection takes up less disk space, reduces its background processes by 75%, and scans 3x faster than before. This makes your time online safer without slowing down your browsing, shopping, streaming, and gaming.  

As for strength, it offers 100% protection against zero-day threats and 100% against threats released in the past month (AV-TEST results, June 2023). You’ll find it across all our products that have antivirus included. 

McAfee Scam Protection: McAfee’s patented and powerful AI technology helps you stay safer amidst the rise in phishing scams. Including phishing scams generated by AI. It detects suspicious URLs in texts before they’re opened or clicked on. No more guessing if that text you just got is real or fake. 

And if you accidentally click on a suspicious link in a text, email, social media, or browser search, it blocks the scam site from loading. You’ll find McAfee Scam Protection across our McAfee+ plans. 

Above and beyond AI, more protections for your privacy and identity. 

In addition to AI-driven improvements, we also released several new features. Together they help you protect your privacy, lock down your identity, and set up your McAfee software for the best security. 

  • Online Account Cleanup helps reduce the likelihood of being impacted by a data breach—because you have fewer accounts that can get hacked. Many internet users can have over 350 online accounts, many of which they might not know are still active. This feature runs monthly scans to find your online accounts and shows you their risk level to help you decide which to delete, and how to do so.​ 
  • Social Privacy Manager helps safeguard your privacy on social media with personalized privacy recommendations based on your own preferences. It does the heavy lifting by adjusting more than 100 privacy settings across your social media accounts in just a few clicks. This ensures your personal info is only visible to the people you want to share it with.

  • Transaction Monitoring helps spot unusual transactions which could be a sign of identity theft. Track deposits, withdrawals, and payments across your accounts, all in one place. (Included with McAfee+ Advanced and Ultimate.)
  • Bank Account Takeover Monitoring provides alerts when your personal contact info changes on your banking account. If it wasn’t you, McAfee will guide you so you can take quick action. (Included with McAfee+ Ultimate.)
  • Increased ID Theft Coverage now provides $2 million identity theft coverage, including 401K plans, stolen funds, and incurred expenses for you and your household members. Also includes $25K ransomware coverage. (Included with McAfee+ Ultimate.)
  • McAfee Assist – Protection Setup connects you with one of our experts for a live session. You can call whenever it’s convenient for you to set up your account. No scheduling needed. (Included with McAfee+ Ultimate.) 

The great feeling you get when you have AI in your corner. 

Hackers might be making headlines as they cook up new attacks with AI, yet maybe it’s time to flip the script this once. AI works for you and can keep you safer online. 

Whether hackers try to hit you with ransomware or scammers pepper you with phony messages, AI can help keep you from harm. In conjunction with other advanced features that protect your privacy and identity, AI makes for powerful protection. 

Introducing McAfee+

Identity theft protection and privacy for your digital life

#Advances #Safer #Online

Sooner or later (most) parents inevitably get round to buying their kids their own electronic device. According to Kaspersky’s research, 61 percent of children get their first device between the ages of eight and 12, and, perhaps surprisingly, in 11 percent of cases, they’re given their own cellphone or tablet before they turn five. It’s essential for parents to know the guidelines for introducing a device into their kids’ lives for the first time.

Together with clinical psychologist Dr. Saliha Afridi, Kaspersky is presenting cybersecurity and psychological considerations that parents would do well to be aware of before giving their kids their very first tech gadgets.

What to do before giving a gadget to a child?

Set up a Child Account before giving your offspring their first gadget. Whether it’s a phone or a tablet, it’s crucial to ensure the age-appropriateness and safety of the gadget. Even if it’s a brand-new gift, prioritize setting up this feature. A Child Account acts as a safeguard on the device, preventing things like downloads of mature content or songs with explicit content. For detailed guidance on creating a kid’s account, refer to our guide for Android or the one for iOS.

Install all the basic applications that support either communication or geo-location (like messenger and map apps), plus learning applications. And don’t forget to set up the privacy and confidentiality settings in each of the installed applications, so that the child, for example, isn’t discoverable via their phone number by unknown individuals. Tools like Privacy Checker can assist you in tailoring the optimal protection settings for various devices and platforms.

Remember to install a digital parenting app as well. This will empower you to curate content, monitor the amount of time your kid spends on specific apps (and set limits if needed), and track their current location.

How to introduce a new device into a child’s life?

Walk them through the device’s functionalities as well as the potential dangers when gifting them a new gadget. This is an opportune moment to explore its features and understand its potential pitfalls.

Craft a set of family usage rules together. In this conversation, it’s important to foster an understanding and consensus about the responsibilities and expectations tied to device ownership. To ensure a healthy balance, establish tech-free zones and times — perhaps during dinner or the hours leading up to bedtime. Designate moments for non-tech hobbies like reading, outdoor games, or puzzles, which can act as beneficial alternatives to screen time. Periodically revisiting and refining these rules as your kid grows and technology advances is key.

And remember — unless a kid shows a healthy level of engagement with real-life activities and in-person socializing, don’t introduce a smartphone or social media. One way they can earn a device is by showing that they’re capable of doing the “non-negotiables” regularly and consistently. These include sleep, exercise, homework, socializing, eating healthily, and wakeful resting periods.

How to talk to a child about online safety?

Encourage open communication from the outset. Engage junior in conversations about their online experiences — ensuring they feel safe to share both the good and the bad experiences.

Stay up to date with the latest digital trends and threats as well as high-profile cyberbullying or data breaches. Share this information with your child in a way they understand. You can learn the latest cybersecurity news via our blog.

Bring up the permanence of online actions. This includes how things shared online stay there forever and can affect their reputation and future opportunities. Kids should be especially careful about information they share about themselves: never giving out their address, geolocation or login credentials and passwords. Additionally, they should avoid using their real names as user IDs, as these can be potential clues for attackers to discover their other social media accounts. Help them understand the concept of privacy and the potential risks of sharing too much information.

Teach your kid that accepting friend requests from unfamiliar individuals in real life should be avoided. It’s crucial to explain that if someone they don’t know is persistently trying to find out personal information about them or their parents, it’s a cause for concern. Your child shouldn’t feel they’re being rude or impolite if they don’t respond to a request for friendship. In social networks, just like in life, there needs to be privacy.

By having such conversations and educating your children about online risks in a non-confrontational manner, you raise your kids being more likely to approach you when they encounter something questionable online. You should make sure they maintain a stance of curiosity — not judgment or fear. Your reactions will determine how open they feel about sharing in the future.

And a digital parenting app serves here as a valuable tool to enable you to monitor your kids’ online searches and activity, ensuring a safer online experience.

What are the main risks I should tell my child about?

In our digital age, kids are vulnerable to cybercriminals, often because they’re unfamiliar with essential cybersecurity principles and common scam tactics. It’s our duty as guardians to educate them on these matters before they inadvertently fall prey to them.

For instance, guide your kid in identifying deceptive commercials, bogus survey requests, counterfeit lotteries, and other schemes that can jeopardize their personal data. Help them grasp the reality that, while it might be tempting to download a Barbie movie ahead of its official release, offers like these could be ploys by cybercriminals aimed at pilfering data or even siphoning money from their parents’ cards. A reliable security solution can detect and block any phishing websites or any malicious software.

Instill in your child the habit of being critical and cautious when online. Teach them to pause before clicking when it comes to dubious links, unfamiliar email attachments, or messages from unknown entities. Discuss the appropriate permissions apps should have on their devices. For example, there’s no valid reason for a Calculator app to request geolocation access.

Make conversations about cybersecurity more enjoyable and interesting by discussing the topic through games and other entertaining formats. Most importantly, instill confidence in them to approach a trusted adult when faced with unsettling or suspicious situations online.

How to check that you’re prepared?

Once a gadget appears, your family’s life will inevitably undergo a transformation, as your kid will be drawn into the realm of the internet. Rather than forbidding it, it’s advisable to guide them on proper online behavior — if used correctly, a gadget can really help kids learn and grow. However, this can only happen if they know when and how to alert their parents about any online threats they come across – whether they’re receiving strange messages from adults, requests for personal information, or stumbling upon phishing sites.

Learning, however, is a gradual process, and it doesn’t guarantee perfection from the start. Mistakes will naturally occur, such as your kid accidentally downloading malware or engaging with suspicious individuals or struggling with screen time management. Nonetheless, your role as a parent is to provide support and assistance in their learning process. Only this way can you help your child be safe online.

To get ready for the challenge, we suggest taking a peek at our complete handbook for parents about getting your kid’s first gadget.

#Preparing #childs #gadget

An ease and familiarity with wide-ranging tech makes younger generations a bigger target for scams and malware.

If you asked this question a few years ago, many might have assumed that older generations would be the primary targets of online scams. It makes sense. Most of us view phishing and email scams as clumsy, low-effort routines designed to take advantage of people who simply aren’t as digitally savvy as the younger generation.  


We’ve published many posts on the security and privacy benefits of setting up a VPN on your computer, your smartphone, or even your entire home network. But there are lesser-known advantages that come to the fore if your VPN is super speedy. Want to know about them? Then let’s get started!

1. Watch foreign sports or TV shows

A familiar situation for many sports fans: having moved abroad or simply gone on vacation, you find to your annoyance that your beloved football/soccer/baseball/cricket/rugby… team’s games aren’t broadcast on TV there. The same catastrophe befalls fans of domestic TV shows that aren’t popular abroad. This issue may be solved if you can subscribe to digital broadcasts of whatever matches or shows you like in your hometown, but in other regions that service is likely to be blocked. However, the good news is that Kaspersky Secure Connection lets you watch what you paid for — wherever you are. To do this, when away, you need to select a VPN server in your home country and connect to it. That way you’ll be assigned a “native” IP address that will virtually teleport you home. You just need to make sure that both your local internet connection and VPN are up to it speed-wise. For fast VPN secrets, see the end of this post.

2. Bypass bandwidth throttling

In mobile networks, public places, and sometimes even home connections, ISPs limit communication speed, which is known as bandwidth throttling. You may notice this when visiting sites with videos or downloading large files: your internet runs much slower. This allows ISPs to save bandwidth and reduce the load on the network, but it also restricts your rights. Thanks to Kaspersky Secure Connection, which encrypts your traffic, providers and other third parties can’t see exactly what you do online or what sites you visit, and so they cannot throttle your bandwidth – however, if your ISP slows down all activities for all subscribers (blanket throttling), there’s no escape.

3. Play in the region of preference

Servers of many multiplayer games are distributed all over the world. Connecting from a certain region, you will play on the nearest server. This is done to minimize lag for all players, unite players from the same time zone, and lessen the language barrier in game chats. But this approach can cause issues too: for example, you might play at an “unsociable” hour, which means few suitable gaming partners on the nearest servers, or your team has settled on a very specific game server. Going online through Kaspersky Secure Connection in the desired region guarantees a connection to the best server for your needs. Of course, VPN speed is critical here to ensure low lag and fast data exchange, so slow VPNs and VPN protocols are a big no-no for gamers — which is why we especially recommend that gamers use our VPN, recognized for high speeds in independent tests.

On game consoles, setting up a VPN can be tricky, so console owners find it easier to set up VPN directly on the router — more on this at the end of the post.

4. Sidestep price policies

In many stores and service organizations, the price for the same goods and services differs significantly from country to country due to variances in pricing policies or simply different sales schedules. At the time of posting, Black Friday and Singles’ Day (11.11) are on the horizon, to name just a couple of shop fests. You can cash in on seasonal offers and save money by connecting to a VPN server in the desired country and thus changing your IP address. That done, logging into the regional versions of online stores, you’ll see local promotions and enjoy the best discounts.

To take full advantage of this, your VPN service should offer a wide variety of servers in different countries. For example, our VPN has more than a hundred of these, including in such exotic locations as Bangladesh, Liechtenstein, and Malaysia. With such a wide selection, finding the right server in the list can be tough, which is why the latest version of Kaspersky Secure Connection lets you add servers to a Favorites tab and quickly select the one you need.

5. Shop with peace of mind

Public networks — be it Wi-Fi at an airport, hotel, cafe, train, or bus — pose a number of risks to your devices. Among them are: third-party ads on websites; data harvesting of your online activities; the already mentioned slowdown when watching videos; and potential interception of payment information and passwords. It’s a real stinger to pay for extra baggage or window seats on your phone, only to see unexpected debits from your account after landing, right?

Over an encrypted VPN channel, none of that can happen. Nearby cybercriminals, cafe owners, and unscrupulous Wi-Fi providers can neither see nor intercept your online activity.

What’s more, our VPN can be configured to automatically turn the VPN on when connecting to unprotected Wi-Fi networks, plus you can customize the VPN settings for each Wi-Fi access point saved on your device individually. This makes it easy to configure which Wi-Fi networks need VPN protection, keeping you safe at all times.

And one other thing: if the VPN connection drops, Kaspersky VPN can automatically block all your network traffic until reconnection, ensuring your data doesn’t leak to an unsecured network.

6. Open geo-blocked websites

For both legal and security reasons, some sites choose to shut out connections from other countries. For example, many online stores aren’t accessible in countries they don’t ship goods to. The same goes for many municipal or government services provided online — access from abroad isn’t possible. If you need to use such sites, you need to point your VPN to a server in the respective country.

7. Open websites despite blocking

The opposite scenario to geo-blocking is when you arrive in a country where, say, Google or Instagram is blocked. By connecting to a VPN server in another country, you can continue to use your usual accounts and services.

Geo-blocking often creates the nuisance of having to constantly turn your VPN on and off to access certain sites or use certain apps. Kaspersky Secure Connection comes in handy here, too. By configuring rules for Smart Protection (on Android only) and Split Tunneling (on Android, Windows and macOS), you can forget about the need to keep toggling the VPN: it will activate automatically for selected apps, sites, or site categories (such as payment systems, banking sites, or online stores) or bypass VPN for apps added to the exceptions list.

What makes Kaspersky VPN the fastest?

Gaming, watching videos, downloading large files, and even conference calling all require a lightning-quick VPN connection with minimal latency and high data-transfer rates. Besides a fast enough internet connection, this requires three other jigsaw pieces: a high-performance VPN server with a strong communication channel; a sufficiently powerful client (your phone, computer, or router); and an optimized communication protocol between these two pieces.

To make our VPN the undisputed speed champion (it outperformed all six of the other VPNs in an independent test), we use the fastest servers (10 Gbps) and connect to them over the most powerful protocols: Catapult Hydra and WireGuard. According to our internal tests, Catapult Hydra is five to seven times faster than the common OpenVPN protocol in terms of connection speed and ensures exceptional privacy protection without data leaks.

Where and how to use VPN?

You can install a VPN on your smartphone, computer, tablet, and sometimes even your TV or game console. Most routers also support a VPN connection, giving you the benefits of a VPN across your entire home network all at once. Which of these scenarios is better?

For travel and business trips, setting up a VPN on your phone and laptop is a priority. If gaming or online bargain hunting is your thing, it’s best to install a VPN on your Windows or Mac computer.

For TVs, game consoles, and simultaneous VPN use on multiple devices, the encrypted channel is best deployed directly on the router. Our VPN supports the ability to connect routers using the WireGuard and OpenVPN protocols: the former delivers maximum speed even on relatively weak router models; the latter provides maximum compatibility even with older models. Simply go to the VPN section on the My Kaspersky portal, and under VPN for routers, create a configuration file by selecting the protocol and server in the desired country. Then upload it to your router’s control panel — and every device in your home network will automatically enjoy all the benefits of VPN.

Where to find the best VPN deal?

You can get Kaspersky Secure Connection either as a standalone product or as part of a Kaspersky Plus or Kaspersky Premium subscription. Besides super-fast VPN, your subscription comes with full protection for all devices — both computers and smartphones.

Fine print

Some countries prohibit the use of VPN as a technology, while others ban specific VPN usage. In addition, the license agreements of various online services explicitly prohibit the use of VPNs to bypass their regional restrictions. You should research the legal position in your specific case before opting for a VPN.

#increase #VPN #speed #fast #VPN

Ever wonder if a loved one you’re sitting next to this year could be a cybercriminal? They’re probably not. But you can still familiarize yourself with the types of fraud that take place within the family, just in case.

As the holiday festivities draw closer, we start to make plans to see the family. Whether you’re a host or a guest, millions will soon gather to catch up, tell stories, watch football, and break bread. Some of us can’t wait, while others are dreading all of the soon-to-be awkward conversations. In some instances, the only thing that could make a family dinner even more messy (besides a food fight) would be knowing someone eating next to you is a scammer, identity thief, or cyber crook.  


It is common knowledge that connecting your devices to public Wi-Fi can expose them to potential malware and other security risks. But have you ever considered the dangers that might be lurking within public USB chargers? In a surprising revelation, researchers at Georgia Tech discovered that public iPhone chargers can be a conduit for malicious apps, posing a significant risk to your data security and privacy.

The Deceptive Dangers of Public iPhone Chargers

Interestingly, the malicious apps resulting from public iPhone chargers do not require any downloads or visits to the app store. These apps are installed on your iPhone via the compromised USB chargers. Once installed, they function like conventional malware, controlling your device and potentially accessing sensitive information such as banking login details. They can even intercept your phone calls and remotely control your device. The distinctive aspect of these threats is their delivery method—through seemingly innocuous iPhone chargers.

Despite these alarming characteristics, the threat posed by these malicious apps is not widely recognized or understood. Many people continue to casually plug their iPhones into public USB ports casually, little knowing the potential danger they expose their devices to. In contrast to the common belief that devices locked with a PIN or passcode are safe, these malicious apps can still infiltrate your iPhone if it is unlocked even for a moment.

Dig Deeper: How Safe Is Your Android PIN Code?

The Devious Mechanism of Infecting iPhones

How exactly do these malicious apps find their way into our iPhones? The scheme was demonstrated by researchers from Georgia Tech, who managed to fool Apple’s security team with a dummy Facebook app containing a hidden malware code. Their experiment showed that when an iPhone connected to a compromised charger is unlocked, the faux Facebook app activates, allowing hackers to take control of the device remotely.

These threats, often called “AutoRun” threats, can make calls, view passwords, alter settings, and perform other operations on your device without your knowledge. The alarming thing about them is that they start executing when a corrupted drive is plugged into a device. Clearly, this poses a unique and powerful threat to smartphones, tablets, PCs, and Macs alike. As our dependence on these devices grows, so does the urgency to understand and prevent such attacks.

Dig Deeper: Can Apple Macs Get Viruses?

The Extent and Impact of the Threat

Though the AutoRun threat may sound like a plot straight out of a sci-fi movie, it is disturbingly real. This McAfee Threats Report revealed that the prevalence of these attacks doubled in one year and continues to rise. Such an escalation underscores the need for increased awareness and caution concerning our device usage.

While the threat experiment conducted by Georgia Tech researchers was staged, the potential for its execution by cybercriminals is very real. Cybercriminals are always looking for weak spots in security systems, and public USB chargers are proving to be one such vulnerability. This is made worse because not many people are aware of this weakness, making them easy targets for cybercriminals.

McAfee Pro Tip: Stay informed about less conventional threats, such as malware that may lurk in unexpected places like chargers, by exploring the wealth of cyber resources available in McAfee’s extensive collection of resources. Dive into our informative blogs and in-depth reports to expand your awareness and understanding of these unconventional risks.

Apple’s Response and Recommendations

Apple responded promptly to the Georgia Tech experiment and released an update to raise a warning when connecting to unfamiliar USB chargers. However, this warning is often ignored and opens the device to potential threats. So, the safest preventive measure is to avoid using public charging stations.

Moreover, it is advisable not to unlock your devices while charging. Unlocking an iPhone, even momentarily, was key to disseminating the malicious app in the Georgia Tech experiment. If you’ve connected to a public USB charger and want to verify that your device hasn’t been compromised, navigate to Settings > General > Profiles. If you see any unfamiliar names, remove them immediately.

Dig Deeper: Protecting the Universal Remote Control of Your Life—Your Smartphone

Further Protective Measures

Public charging stations might seem like a convenient solution, but they come with their own set of risks–malware is one, as mentioned. One of the most practical and secure alternatives to public charging stations is carrying a portable charger, commonly known as a power bank. These devices come in various sizes and capacities, making it easy to find one that suits your needs. Another simple yet effective alternative to public charging stations is to carry your own charging cable. Most people use USB cables that can be connected to power sources like laptops, portable chargers, or even wall outlets.

Along with avoiding public charging stations, it is crucial only to download apps from trusted sources. While the malicious app in the experiment was installed via a compromised charger, caution is still paramount when downloading apps, even over Wi-Fi. Stick to official app stores to lessen the risk of downloading malware-laden apps.

Perhaps the most significant measure to protect against cyber threats is installing comprehensive security on all your devices. A complete solution like McAfee LiveSafe™ not only protects your devices from the latest forms of malware, spyware, and other viruses and safeguards your identity and valuable data. The ever-evolving tactics of cybercriminals require vigilant and robust security measures.

Final Thoughts

As our reliance on smartphones and other devices grows, so does the sophistication and prevalence of cyber threats. In this high-risk digital era, awareness and caution are the first steps toward protection. The experimental threat posed by public iPhone chargers underscores the hidden dangers we may unknowingly expose ourselves to. By understanding these threats and implementing protective measures, such as using trusted sources for app downloads and comprehensive security software, we can minimize our vulnerability to such attacks. As we continue to live in an increasingly digital world, it is more important than ever to understand potential threats and take steps to protect ourselves and our valuable data.

Safeguarding your devices, especially those that are an integral part of your daily life and constantly require recharging, is paramount in our increasingly interconnected world. McAfee’s cutting-edge software solutions offer a fortified defense against many online perils.

#USB #Careful #Public #iPhone #Chargers #Lie #Wait

As we gear up to feast with family and friends this Thanksgiving, we prepare our wallets for Black Friday and Cyber Monday. Black Friday and Cyber Monday have practically become holidays themselves, as each year, they immediately shift our attention from turkey and pumpkin pie to holiday shopping. Let’s look at these two holidays and how their popularity can impact users’ online security, and grab a great Black Friday holiday deal from McAfee.

About the Black Friday Shopping Phenomenon

You might be surprised that “Black Friday” was first associated with a financial crisis, not sales shopping. The U.S. gold market crashed on Friday, September 24, 1869, leaving Wall Street bankrupt. In the 1950s, Black Friday was associated with holiday shopping when large crowds of tourists and shoppers flocked to Philadelphia for a big football game. Because of all the chaos, traffic jams, and shoplifting opportunities that arose, police officers could not take the day off, coining it Black Friday. It wasn’t until over 50 years later that Cyber Monday came to fruition when coined the term as a way for online retailers to participate in the Black Friday shopping frenzy.

In conclusion, the origins of “Black Friday” are indeed surprising and far removed from the image of holiday shopping extravaganzas that we associate with the term today. These historical roots offer a fascinating perspective on the evolution of consumer culture and the significance of these shopping events in modern times.

Growth Over the Years

Since the origination of these two massive shopping holidays, both have seen incredible growth. Global interest in Black Friday has risen year-over-year, with 117% average growth across the last five years. According to Forbes, 2018’s Black Friday brought in $6.2 billion in online sales alone, while Cyber Monday brought in a record $7.9 billion.

While foot traffic seemed to decrease at brick-and-mortar stores during Cyber Week 2018, more shoppers turned their attention to the Internet to participate in holiday bargain hunting. Throughout this week, sales derived from desktop devices came in at 47%, while mobile purchases made up 45% of revenue and tablet purchases made up 8% of revenue.

So, what does this mean for Black Friday and Cyber Monday shopping this holiday season? In 2023, Adobe Analytics anticipates that Cyber Monday will maintain its status as the most significant shopping day of the season and the year, spurring a historic $12 billion in spending, reflecting a year-over-year increase of 6.1%. Online sales on Black Friday are expected to increase by 5.7% year over year, reaching $9.6 billion, while Thanksgiving is projected to grow by 5.5% year over year, amounting to $5.6 billion in spending.

If one thing’s for sure, this year’s Black Friday and Cyber Monday sales are shaping up to be the biggest ones for shoppers looking to snag some seasonal bargains. However, the uptick in online shopping activity provides cybercriminals the perfect opportunity to wreak havoc on users’ holiday fun, potentially disrupting users’ festive experiences and compromising their online security. In light of this, it is crucial to take proactive measures to safeguard your digital presence. One effective way to do so is by investing in top-tier online protection solutions. McAfee, a renowned leader in the field, offers award-winning cybersecurity solutions designed to shield you from the ever-evolving threats in the digital landscape. Explore the features of our McAfee+ Ultimate and Total Protection and be informed of the latest cyber threats with McAfee Labs. 

Dig Deeper: McAfee 2023 Threat Predictions: Evolution and Exploitation

Spot Those Black Friday and Cyber Monday Shopping Scams

With the surge in online shopping during Black Friday and Cyber Monday, cybercriminals are also on high alert, crafting sophisticated scams to trick unsuspecting shoppers. One common form of scam you’ll come across during this time is fraudulent websites. These sites masquerade as reputable online retailers, luring customers with too-good-to-be-true deals. Once shoppers enter their personal and financial data, the criminals behind these sites gain access to the sensitive information, paving the way for identity theft.

Phishing emails are another popular mode of scam during these shopping holidays. Shoppers receive emails that appear to be from legitimate stores advertising incredible deals. The emails typically contain links that direct users to a fraudulent website where their information can be stolen. It’s essential to approach every email suspiciously, checking the sender’s information and avoiding clicking on unsolicited links.

Dig Deeper: How to Protect Yourself From Phishing Scams

How to Protect Yourself from These Scams

Thankfully, there are steps you can take to protect yourself when shopping online during Black Friday and Cyber Monday. First, always ensure that the website you’re shopping from is legitimate. Check for the padlock icon in the address bar and “https” in the URL, as these are indicators of a secure site. Steer clear of websites that lack these security features or have misspelled domain names, as they could be fraudulent.

McAfee Pro Tip: When browsing a website, there are several essential cues to consider when assessing its safety. As mentioned, one such indicator is the presence of “https” in the website’s URL. But there are also other tell-tale signs, such as fake lock icons, web copy, web speed, and more. Know how to tell whether a website is safe.

Furthermore, never provide personal or financial information in response to an unsolicited email, even if it appears to be from a trusted source. If the offer seems tempting, visit the retailer’s official website and check if the same deal is available there. Finally, consider installing a reputable antivirus and security software, like McAfee, that can provide real-time protection and alert you when you stumble upon a malicious website or receive a phishing email.

Final Thoughts

Black Friday and Cyber Monday are prime opportunities for consumers to snag once-a-year deals and for cybercriminals to exploit their eagerness to save. However, being aware of the prevalent scams and knowing how to protect yourself can save you from falling prey to these ploys. Always strive to shop smart and stay safe, and remember that if an offer seems too good to be true, it probably is.

#Beginning #Lot #Holiday #Shopping #Secure #Online #Purchases

The eagerly awaited holiday sales such as Black Friday and Cyber Monday are just around the corner. As consumers, we look forward to getting the best deals online, but we’re not the only ones. Hackers are also keenly anticipating these holidays but for different reasons. They use this period to come up with all sorts of shopping scams that can potentially put a dampener on the holiday spirit for unsuspecting shoppers.

This article provides you with ten tips to keep you and your family safe from online shopping scams this season. These tips will not only help you spot a good deal but also help you avoid falling prey to online scams, thereby ensuring that you keep your finances safe during this shopping season.

1. Be Cautious of Email Attachments from Retailers and Shippers

A common tactic employed by hackers involves the use of malware hidden in email attachments. During the holiday sales season, they often camouflage their malware in emails that claim to contain offers or shipping notifications. It is important to remember that legitimate retailers and shipping companies will not send offers, promo codes, or tracking numbers as email attachments. Instead, they will mention these details in the body of the email.

Therefore, be wary of any email attachments you receive from retailers or shippers. If something seems off, it probably is. Do not download or open suspicious attachments, as this could potentially lead to a malware attack.

Dig Deeper: McAfee Protects Against Suspicious Email Attachments

2. Thoroughly Review Links and Email Addresses

Scammers often employ a tactic known as “typosquatting,” where they create phony email addresses and URLs that look incredibly similar to the legitimate addresses of well-known companies and retailers. These are often sent via phishing emails, and instead of leading you to great deals, these links can direct you to scam websites that extract your login credentials, payment information, or even directly extract funds from your account when you attempt to place an order through them.

Therefore, it is imperative to double-check all email addresses and URLs before clicking on them. Look out for subtle discrepancies in the spelling or arrangement of characters, as these are often indicators of a scam. If a link or email address seems suspicious, do not click on it.

Dig Deeper: How Typosquatting Scams Work

3. Beware of Copycat Deals and Sites

In continuation with the previous point, scammers also set up websites that resemble those run by trusted retailers or brands. These websites often advertise special offers or attractive deals on popular holiday items. However, these are nothing more than a ruse to trick unsuspecting shoppers into divulging their personal and financial information.

These scam websites are often spread through social media, email, and other messaging platforms. It’s crucial to exercise skepticism when encountering such links. Instead of clicking on them, it’s always safer to visit the brand’s official website directly and look for the deal there. 

Dig Deeper: 8 Ways to Know If Online Stores Are Safe and Legit

4. Ensure You Have Adequate Protection While Shopping

Using a robust and comprehensive security software suite while shopping can provide you with additional layers of protection against scams. For instance, web browser protection features can block malicious and suspicious links, reducing the risk of falling prey to malware or a financial scam.

Ensure your antivirus software is up to date and your firewall is enabled. At the same time, enable secure browsing options available in your web browser. These simple steps can go a long way in securing your online shopping experience.

5. Diversify and Secure Your Passwords

Using the same passwords across multiple platforms is akin to giving hackers a free pass. If they manage to hack into one account, they can potentially gain access to others that share the same password. To avoid this, consider using a password manager. These tools can generate complex and unique passwords for each of your accounts and store them securely, saving you the hassle of remembering them all.

By diversifying your passwords and securing them effectively, you can significantly reduce the risk of becoming a victim of a hack or a scam. The importance of this proactive approach cannot be overstated in today’s interconnected world, where our personal and financial information is often just a few clicks away from prying eyes and malicious intent.

Dig Deeper: Strong Password Ideas to Keep Your Information Safe

6. Utilize Two-Factor Authentication

Two-factor authentication (2FA) is an invaluable tool that adds an extra layer of protection to your accounts. When 2FA is enabled, gaining access to your accounts isn’t as simple as just entering your username and password. Instead, you also need to input a unique, one-time-use code that is typically sent to your phone or email. This code acts as a second password, making your account significantly more secure.

If any of your accounts offer 2FA, it’s crucial to take advantage of this feature. While it might initially seem cumbersome, the added security is well worth the slight inconvenience.

7. Use a VPN When Shopping on Public Wi-Fi

Public Wi-Fi networks, such as those found in coffee shops and other public locations, can be dangerous due to their lack of security. If you shop online through a public Wi-Fi network, you’re essentially broadcasting your private information to anyone who cares to look. To prevent this, consider using a virtual private network (VPN).

VPNs encrypt your internet traffic, securing it against any prying eyes. This encryption protects your passwords, credit card numbers, and other sensitive information from being intercepted and misused. If you frequently shop online in public places, using a VPN is a must.

8. Opt for Credit Cards Over Debit Cards

In the U.S., the Fair Credit Billing Act protects against fraudulent charges on credit cards. Under this act, you can dispute any charges over $50 for goods and services that you never received or were billed incorrectly for. Moreover, many credit card companies offer policies that add to the protections provided by the Fair Credit Billing Act.

However, these protections don’t extend to debit cards. When you use a debit card, the money is immediately drawn from your bank account, making it more difficult to recover in case of fraud. So, for online shopping, it’s safer to use a credit card instead of a debit card.

9. Consider Getting a Virtual Credit Card

A virtual credit card can provide an extra layer of security for your online purchases. When you use one of these cards, it generates a temporary card number for each transaction, keeping your real card number safe. However, there are potential downsides to be aware of, such as difficulties with returns and refunds.

Before deciding to use a virtual credit card, understand its pros and cons. Research the policies of the issuing company so you can make an informed decision about whether or not it’s the right choice for you.

10. Monitor Your Credit Reports Closely

Given the number of accounts most of us manage and the rampant incidents of data breaches, it’s crucial to monitor your credit reports for any signs of fraud. An unexpected change in your credit score could indicate that someone has taken out a loan or credit card in your name. If you notice any discrepancies, report them immediately to the credit bureau and to the lender who reported the fraudulent information.

In the U.S., you’re entitled to a free credit report from each of the three major credit bureaus every year. Utilize this service and check your reports regularly. Remember, quickly identifying and reporting fraudulent activity is the key to mitigating its impact.

McAfee Pro Tip: Have you encountered a suspicious charge on your credit card and felt uncertain about the next steps? Get a credit monitoring service to monitor any unusual credit-related transactions that may be a potential sign of identity theft

Final Thoughts

As we approach Cyber Monday, it’s important to stay vigilant to protect yourself and your family from online scams. By taking simple precautions like verifying email addresses, resorting to 2FA, using a VPN while shopping on public Wi-Fi, and monitoring your credit reports, you can significantly reduce your chances of falling for an online shopping scam. Additionally, consider employing cybersecurity solutions like McAfee+, which offer robust protection against various online threats. Remember, if a deal seems too good to be true, it probably is. Happy and safe shopping!

#Cyber #Monday #Protect #Family #Online #Shopping #Scams #McAfee #Blog #Cyber #Monday #Tips #Online #Shopping #Scams #Protection

At the international Security Analyst Summit conference, our Kaspersky Global Research and Analysis Team (GReAT) experts presented some extremely exciting research. We will not repeat each of them in detail, just briefly outline the most interesting facts.

StripedFly spyware platform

Almost a detective story about a malware that previously was detected as a regular Monero cryptocurrency miner, but in fact was a cover for a complex modular threat capable of infecting computers running both Windows and Linux. Various StripedFly modules can steal information from a computer, take screenshots, record audio from a microphone, and intercept Wi-Fi passwords. However, it is useful not only for spying — it also got modules that can function as ransomware and for cryptocurrency mining.

What is interesting is that the threat can spread using the EthernalBlue exploit, although that vector was patched back in 2017. In addition, StripedFly can use stolen keys and passwords to infect Linux and Windows systems with an SSH server running. A detailed study with indicators of compromise can be found on the Securelist blog.

Operation Triangulation details

Another Security Analyst Summit report was dedicated to ongoing research into the Operation Triangulation, which among other things, targeted our employees. A detailed analysis of the threat allowed our experts to detect five vulnerabilities in the iOS system used by this threat actor. Four of them  (CVE-2023-32434, CVE-2023-32435, CVE-2023-38606 and CVE-2023-41990) were zero-day vulnerabilities. They affected not only the iPhone, but also iPod, iPad, macOS, Apple TV and Apple Watch. It also turned out that in addition to infecting devices via iMessage, attackers could attack the Safari browser. In this post you can read details on how our experts analyzed this threat.

New Lazarus campaign

The third report by GReAT experts was devoted to new attacks carried out by Lazarus APT. This group is now targeting software developers (some of which have been attacked multiple times) and is actively employ supply chain attacks.

Through vulnerabilities in legitimate software for encrypting web communications Lazarus infects the system and deploys a new SIGNBT implant, the main part of which operates in memory only. It serves to study the victim (get network settings, names of processes and users), as well as launch additional malicious payload. In particular, it downloads an improved version of the already known LPEClient backdoor, which also runs in memory and in turn launches malware capable of stealing credentials or other data. Technical information about the new tools of Lazarus APT group, as well as indicators of compromise, can also be found on the Securelist blog.

TetrisPhantom attack

In addition, experts provided details of the TetrisPhantom attack aimed at government agencies in the APAC region. TetrisPhantom relies on compromising of certain type of secure USB drives that provide hardware encryption and is commonly used by government organizations. While investigating this threat, experts identified an entire spying campaign that uses a range of malicious modules to execute commands, collect files and information from compromised computers and transfer them to other machines also using secure USB drives. Some details about this campaign can be found in our quarterly report on APT threats.

#SAS #Key #Research #Kaspersky #official #blog

We often discuss the proliferation and growing sophistication of scams and the tools scammers use. But here’s a reminder—everyone catches a bug once in a while.

I will never forget the first time I caught a digital bug. I was sitting at my desk at my company’s open-concept office in Chicago when I got an email from HR. It read: 
Company Policy Reminder: Please Review 
Following an incident in the Boston office, all U.S. employees are instructed to review pages 18-21 of The Employee Handbook regarding inter-office relationships.