Tag: Cybercrime

Jeep and Chrysler parent Stellantis confirms data breach

NEWYou can now listen to Fox News articles!

Automotive giant Stellantis has just revealed that it suffered a data breach, exposing customer contact details, after attackers infiltrated a third-party platform used for North American customer services. The announcement comes at a time when large-scale attacks on cloud CRM systems have already shaken tech and retail sectors alike, with Salesforce clients such as Google, Allianz and Dior reporting similar intrusions. These earlier incidents exposed names, emails, and phone numbers, which were sufficient for attackers to launch phishing campaigns or extortion attempts.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

TRANSUNION BECOMES LATEST VICTIM IN MAJOR WAVE OF SALESFORCE-LINKED CYBERATTACKS, 4.4M AMERICANS AFFECTED

What you need to know about the Stellantis breach

Stellantis was formed in 2021 through the merger of the PSA Group and Fiat Chrysler Automobiles. Today, it ranks among the world’s largest automakers by revenue and is fifth in volume globally. The company houses 14 well-known brands, including Jeep and Dodge, as well as Peugeot, Maserati and Vauxhall, and operates manufacturing infrastructure across more than 130 countries. That global scale naturally makes it a tempting target for cyber adversaries.

Stellantis confirmed hackers stole customer contact details in a recent breach. (Kurt “CyberGuy” Knutsson)

In its public statement, Stellantis clarified that only contact information was taken. Since the compromised third-party platform does not host financial or deeply sensitive personal data, Stellantis asserts that social security numbers, payment details and health records were out of reach of the attackers. In response, the company activated its incident response protocols, launched a full investigation, contained the breach, notified authorities and began alerting affected customers. It also issued warnings about phishing and urged customers not to click suspicious links.

Stellantis has not revealed how many customers the breach affected. The company also has not specified which contact fields, such as email, phone, or address, attackers accessed.

The alleged culprit, ShinyHunters, and Salesforce breaches

While Stellantis has not explicitly named the hacker group behind the breach, multiple sources tie this incident to the ShinyHunters extortion campaign, which has spearheaded a wave of data thefts targeting Salesforce this year.

ShinyHunters claims to have stolen over 18 million records from Stellantis’ Salesforce instance, which includes names and contact details, according to Bleeping Computer. These attacks form part of a broader campaign aimed at Salesforce customers. In recent months, ShinyHunters has often worked in concert with groups like Scattered Spider and targeted companies including Google, Cisco, Adidas, Allianz Life, Qantas, and brands under LVMH such as Dior and Tiffany & Co.

OVER 2B USERS FACE PHISHING RISKS AFTER GOOGLE DATA LEAK

The attack is linked to a wider wave of Salesforce data thefts this year. (Kurt “CyberGuy” Knutsson)

Their reported method is fairly ingenious. Attackers exploit OAuth tokens tied to integrations like Salesloft’s Drift AI chat tool to pivot into Salesforce environments. Once inside, they can harvest valuable metadata, credentials, AWS keys, Snowflake tokens and more.

In fact, the FBI recently issued a Flash alert that surfaced numerous indicators of compromise linked to these Salesforce environment attacks and warned organizations to harden defenses. The cumulative toll is staggering. ShinyHunters asserts it has stolen over 1.5 billion Salesforce records across some 760 companies.

7 ways to protect yourself from breaches like Stellantis

Even if only contact details were exposed, that’s enough for attackers to target you. Here’s how to stay protected.

1) Clean up exposed personal data from the web

Even basic contact details can be scraped from breaches and sold on data broker platforms, where they are used for spam, scams and targeted attacks. A data removal service can help track down and request the deletion of your information from these databases, reducing your long-term exposure.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.

Get a free scan to find out if your personal information is already out on the web: CyberGuy.com.

Stolen emails and phone numbers could fuel phishing campaigns. (REUTERS /Rebecca Cook)

2) Stay alert for phishing attempts and use antivirus software

The most immediate risk after a breach like this is targeted phishing. Attackers now have legitimate contact details, so their emails and texts can look convincingly real. Be skeptical of any message claiming to be from Stellantis, your car brand or a related service, especially if it urges you to click a link, download an attachment or share personal details.

The best way to safeguard yourself from malicious links is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at CyberGuy.com.

3) Use a password manager to secure your accounts

If attackers get your contact information, they may try the same password on other sites. This is called credential stuffing. A password manager can create strong, unique passwords for every account. That way, one breach will not put your other accounts at risk. It also helps you quickly update credentials in case you suspect a compromise.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at CyberGuy.com.

DIOR DATA BREACH EXPOSES US CUSTOMERS’ PERSONAL INFORMATION

4) Enable two-factor authentication (2FA) wherever possible

2FA adds an extra step to your logins by requiring a temporary code or approval in addition to your password. Even if attackers manage to steal your password, they will need that second factor to gain access. This significantly reduces the chances of account takeover attempts succeeding.

5) Invest in identity theft protection

Attackers often combine exposed contact information with other data to build complete identity profiles. Identity theft protection services monitor for suspicious activity, such as unauthorized credit applications or changes to official records, and alert you early so you can act before serious damage occurs. Identity theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best picks on how to protect yourself from identity theft at CyberGuy.com.

6) Regularly review account activity

After a breach, it is worth auditing your accounts, not just with Stellantis but also with related services such as financing portals, insurance accounts or loyalty programs. Look for unusual sign-ins, unfamiliar devices, or changes to your personal details. Most services offer tools to review login history and security events, making checking these a routine habit.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

Even giants in manufacturing are vulnerable when cloud platforms and third-party systems are part of their customer workflow. The same patterns seen in attacks on Google, LVMH, and others have now reached the auto industry in a serious way. As Stellantis confronts the fallout, the broader lesson is clear. Organizations must treat the surfaces exposed by their service providers and SaaS integrations with as much vigilance as their own core systems.

Do you trust companies to secure your data, or do you feel they’re not doing enough? Let us know by writing to us at CyberGuy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Source link

October 7, 2025
How a single MacBook compromise spread across a user’s Apple devices

NEWYou can now listen to Fox News articles!

We trust Macs to be reliable, secure, and mostly resistant to viruses. Apple’s software reputation has long been built around the idea that macOS is harder to compromise than Windows. And while there is some truth to that, it does not mean that Macs are immune. Modern malware is smarter, more targeted, and often designed to slip past built-in defenses quietly. Recently, I heard from Jeffrey from Phoenix, AZ, who’s been dealing with this exact situation.

“I used a MacBook at work and noticed it was performing oddly. I didn’t use an Apple ID on that machine per company protocol. But I had personal devices that I could work from that are now infected. The notepad, maps, and home, among others, seem to be getting hung up. I’ve tried to advise Apple but have had little success. It’s completely taken over my devices, and I don’t know how to resolve this.”

If your Mac has started acting strange, you are not alone, Jeffrey. Malware infections are more common than many Mac users realize, and spotting them early can make all the difference. Let us break down how to tell if your system is compromised, what protections Apple already provides, and the steps you should take to keep your data safe. If you’re a Windows user facing similar issues, check out our guide: What to do if you think your PC has a virus for step-by-step help.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM/NEWSLETTER

WHY IPHONE USERS ARE THE NEW PRIME SCAM TARGETS

Mac malware often hides in the background, making it hard to spot at first. (Kurt “CyberGuy” Knutsson)

Signs your Mac might be infected

Spotting malware on macOS is not always straightforward. Many threats are designed to stay hidden, running quietly in the background while collecting data or opening a backdoor for attackers. Still, there are a few red flags that usually signal something is wrong.

One of the first signs is slower performance or frequent overheating. If your Mac suddenly takes a long time to boot, runs hot during light tasks, or lags when performing simple actions, it might be doing more behind the scenes than you realize. Apps that crash or freeze more often than usual are another warning sign. Occasional app failures are normal, but if built-in tools like Safari, Notes, or Mail begin acting unstable, it may point to malicious interference.

It is also worth paying attention to what is happening under the hood. Checking Activity Monitor for unknown processes or unusually high CPU or memory usage can reveal malware that tries to hide itself with random or unfamiliar names. Redirected web traffic is another classic symptom. If your browser takes you to strange websites, shows pop-ups, or installs new extensions you never approved, adware or spyware might already be present.

Finally, unexplained changes to your security settings should always raise suspicion. If you notice your firewall turned off, privacy permissions modified, or login items appearing without your knowledge, something could have gained unauthorized control of your system.

SHAMOS MALWARE TRICKS MAC USERS WITH FAKE FIXES

Strange app behavior, pop-ups, or overheating may signal something’s wrong (Kurt “CyberGuy” Knutsson)

How macOS protects you by default

Apple has built several layers of defense into macOS, many of which run silently in the background to keep your system secure. Knowing how they work can help you understand what protections are already in place and where you might still need to add more safeguards.

Gatekeeper is one of the most important built-in security tools. It checks every app before it runs to make sure it comes from a verified developer, warning or blocking you if the app is not trusted. Another layer of defense is XProtect, Apple’s built-in malware scanner. It updates automatically and can stop many known threats from running, although it is not as thorough as specialized antivirus software.

System Integrity Protection, or SIP, is another important safeguard. It locks down critical system files and processes so that malware cannot tamper with them even if it gains access. macOS also uses sandboxing and strict permission controls to contain threats. Apps run in isolated environments and must explicitly request permission to access sensitive data such as your camera, files, or location.

Together, these features make it significantly harder for malicious software to infect your Mac or cause serious damage. However, they are not perfect. Attackers are constantly developing new techniques to bypass these protections, and many threats rely on human error rather than technical exploits. That is why taking additional precautions is still essential, even on a Mac.

10 WAYS TO SECURE YOUR OLDER MAC FROM THREATS AND MALWARE

Even Apple’s built-in protections can miss new or advanced threats (Kurt “CyberGuy” Knutsson)

What to do if your Mac is already infected

If you find yourself dealing with a Mac that’s already compromised these steps can help you get back in control:

1) Disconnect from the internet immediately

Unplug Ethernet or turn off Wi-Fi and Bluetooth. This prevents malware from sending more data out or pulling in additional malicious code.

2) Back up your important files safely

Use an external drive or cloud service you trust. Avoid copying entire system folders-just grab personal documents, photos, and files you can’t replace. You don’t want to back up the malware along with them.

3) Boot into Safe Mode

Restart your Mac and hold the Shift key. Safe Mode prevents some malware from launching and makes it easier to run cleanup tools.

4) Run a trusted malware removal tool

While macOS includes XProtect, you may need something more powerful. A strong antivirus program can detect and remove infections. Run a full system scan to catch hidden threats.

5 PHONE SETTINGS TO CHANGE RIGHT NOW FOR A SAFER SMARTPHONE

5) Check your login items and Activity Monitor

Review what apps are set to launch at startup and remove anything you don’t recognize. If you spot unfamiliar processes hogging resources, don’t just guess. Use our guides at Cyberguy.com/LockUpYourTech to compare what’s safe and learn how to shut down anything suspicious before it causes more trouble.

6) Consider a clean reinstall of macOS

If malware persists, wiping your system may be the only option. Erase your Mac’s drive and reinstall macOS from scratch. Restore only the clean files you backed up earlier.

7) Secure your other devices

If your iPhone, iPad, or other personal devices are showing strange behavior, run security scans, update their software, and reset key passwords. Malware can sometimes spread through shared Wi-Fi networks, cloud accounts, or files.

8) Reset key passwords and enable two-factor authentication

Even after cleanup, assume some of your data may have been exposed. Update your Apple ID, email, banking, and work accounts with strong, unique passwords. Turn on 2FA wherever possible.

9) Get professional help if needed

If you’re overwhelmed, you can bring your Mac to an Apple Store for in-person help at the Genius Bar, or schedule a free appointment with Apple Support.

Simple steps like scanning, updating, and using strong passwords can keep your data safe (Kurt “CyberGuy” Knutsson)

7 ways to keep your Mac from getting infected

Some cyber threats do not reveal themselves immediately. Scammers often collect small bits of data over time or wait weeks before trying to use what they have stolen. These steps can help you strengthen your defenses and reduce the chances of future infections.

1) Install strong antivirus software

macOS’s built-in protections are useful but basic. A strong antivirus adds an extra layer by detecting threats in real time, blocking malicious downloads, and even identifying new types of malware before they spread. A strong antivirus also scans email attachments and browser activity, areas where many Mac users are most vulnerable.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com/LockUpYourTech

2) Consider a personal data removal service

Many cyberattacks begin with information freely available online. A data removal service scrubs your personal details from broker sites, reducing the chances of targeted attacks or identity theft. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

GOOGLE FIXES ANOTHER CHROME SECURITY FLAW BEING ACTIVELY EXPLOITED

3) Use a password manager

Many malware attacks rely on stolen credentials rather than technical exploits. A password manager stores unique, complex passwords for every account and can automatically flag weak or reused ones. It also helps protect you from phishing attempts because it will only autofill passwords on legitimate websites.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/Passwords

4) Enable two-factor authentication

Even if someone steals your password, two-factor authentication (2FA) makes it much harder for them to access your accounts. It adds an extra step to the login process, requiring a code from your phone or a security key.

5) Keep macOS and apps updated

Outdated software is a common entry point for malware. Updates often patch vulnerabilities that attackers could exploit, so turning on automatic updates for both macOS and third-party apps is an easy but effective defense.

6) Review login items and background processes

Malware often tries to run at startup so it can operate undetected. Regularly check System Settings to make sure only trusted apps are launching automatically, and use Activity Monitor to investigate anything suspicious.

7) Use identity theft protection

If your personal data has already been exposed, an identity theft protection service can monitor for suspicious activity, alert you to breaches, and help you recover quickly if something does go wrong. Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com/IdentityTheft

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

Macs have a reputation for being safer than other computers, but that does not mean they are untouchable. Malware has evolved to target macOS more aggressively than ever, and many attacks now rely on tricking users rather than breaking through security software. If your device is behaving strangely, taking action early is the best way to prevent deeper damage.

How important is cybersecurity when choosing the devices you use every day? Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

October 6, 2025
Protect yourself from sneaky web injection scams
NEWYou can now listen to Fox News articles!

You’re checking your financial account online, moving money or paying bills, when suddenly a pop-up appears. It looks exactly like your bank’s page, complete with logo and branding, but asks for details you’ve already provided. Would you know what to do?

This is the kind of situation Kent recently faced. He emailed us saying, “Two times this week, I had a financial account open, and I was doing transactions. In the middle of a transaction, up pops a box in the middle of a full page showing the company’s logo. Real, yes, looked as real as it gets. The first time, I fell for it. It asked for my email address to confirm, then my phone number. Sadly, I did. Then I saw about four or five seconds of a screen named CREDIT DONKEY. At that point, I woke up and decided it was a scam. I immediately closed down my computer and called the number on the back of my financial card to report it.”

Kent’s quick thinking likely saved him from even more damage. But what exactly happened here?

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

DON’T FALL FOR THIS BANK PHISHING SCAM TRICK

A fake banking pop-up can appear while you’re making real transactions. (Kurt “CyberGuy” Knutsson)

How web injection scams trick you

This type of attack is called a web injection scam. It hijacks your browser session and overlays a fake login or verification screen. Because it appears while you’re already logged in, the fake page feels authentic. In Kent’s case, the appearance of “Credit Donkey” flashing on-screen was a red flag. Scammers sometimes abuse legitimate-looking redirects like this to convince victims they are dealing with their bank. The real aim is to capture login credentials or trick you into handing over two-factor authentication codes.

SOCIAL SECURITY ADMINISTRATION PHISHING SCAM TARGETS RETIREES

Web injection scams aim to steal your login and security details. (Kurt “CyberGuy” Knutsson)

Steps to protect yourself from web injection scams

If you ever find yourself in a situation like Kent’s, here are the most important steps you should take right away to secure your accounts and information.

1) Monitor your accounts

Check your recent transactions daily. Turn on alerts for logins, withdrawals or transfers, so you’ll know instantly if someone is trying to move money.

2) Change your passwords

Update the password for any financial account that may have been exposed. Use a strong, unique password generated by a password manager such as NordPass. Next, see if your email has been exposed in past breaches. Our #1 pick, NordPass, includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/Passwords

3) Remove your personal data from broker sites

Scammers often get phone numbers, emails and other details from data broker sites before launching attacks like the one Kent faced. A personal data removal service can help wipe this information from those shady databases, so criminals have less fuel for scams. Consider tools that automatically scan and request removal from dozens of brokers at once, saving you the time and hassle of doing it manually.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

4) Enable stronger multi-factor authentication

Strengthen your account security with multifactor authentication. If your bank offers it, switch from SMS codes to app-based codes with Google Authenticator or Authy. These methods are far harder for scammers to intercept than text messages.

5) Scan your devices with antivirus software

Since the scam appeared while Kent was logged in, malware or a browser hijack may be at play. Run a trusted antivirus to clear hidden phishing scripts. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com/LockUpYourTech

6) Notify your bank in writing

Calling is smart, but also send a secure message or letter, so there’s a record. Ask them to put your account on high alert and require extra verification for any big moves.

7) Freeze your credit

Place a free credit freeze with Equifax, Experian and TransUnion. That way, scammers can’t open new accounts in your name even if they’ve stolen your personal info.

8) Consider identity monitoring

Services like Identity Guard can alert you if your Social Security number, email or phone number shows up where it shouldn’t. Identity Theft companies can monitor personal information like your Social Security number, phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com/IdentityTheft

CLICK HERE TO GET THE FOX NEWS APP

The bogus page asked for personal details before revealing it was a scam (iStock)

Smart online banking habits to stay safe
- Never enter personal details into a pop-up, no matter how real it looks.
- Always log in fresh through your bank’s official website or app.
- Keep your browser and operating system fully updated.
- Use a private email address for your financial accounts that scammers won’t easily guess.
For recommendations on private and secure email providers that offer alias addresses, visit Cyberguy.com/Mail

Kurt’s key takeaways

Web injection scams are designed to catch you off guard while you’re doing something routine. Kent’s quick reaction to close the page and contact his bank shows how important it is to stay alert. With the right habits and tools, you can keep scammers out of your accounts.

Have you ever experienced a scam attempt while banking online? Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
October 4, 2025
Meta account suspension scam hides FileFix malware

NEWYou can now listen to Fox News articles!

Cybercriminals continue to find new ways to target social media users, and Meta accounts remain one of the most common lures. Losing access to Facebook or Instagram can have real consequences for both individuals and businesses, making people more likely to fall for urgent security warnings. Attackers exploit this by sending convincing notifications that pressure you into taking quick action without thinking.

That’s exactly what makes the new FileFix campaign so dangerous; it looks like routine account maintenance, but it’s really a trap.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

HOW FAKE MICROSOFT ALERTS TRICK YOU INTO PHISHING SCAMS

Cybercriminals are targeting Facebook and Instagram accounts by sending fake security warnings. (Fox News)

How the FileFix attack works

As reported by researchers at Acronis, a leading cybersecurity and data protection company, the attack begins with a phishing page that looks like a message from Meta’s support team, claiming that your account will be disabled in seven days unless you view an “incident report.” Instead of providing an actual document, the page disguises a malicious PowerShell command as a file path.

Victims are instructed to copy it, open File Explorer, and paste it into the address bar. While it appears harmless, this action secretly runs code that starts the malware infection process.

This method is part of a family of attacks known as ClickFix, where people are tricked into pasting commands into system dialogs. FileFix, created by Red Team researcher mr.d0x, builds on that idea by exploiting the File Explorer address bar instead. In this campaign, the attackers improved the trick by hiding the malicious command behind long strings of spaces, so only the fake file path is visible to the victim.

A hidden script then downloads what looks like a JPG image from Bitbucket, but the file contains embedded code. Once executed, it extracts another script and decrypts the final payload, bypassing many security tools in the process.

DON’T FALL FOR THIS BANK PHISHING SCAM TRICK

FileFix sends out fake alerts urging users to review their account security. (Acronis)

What StealC tries to steal

The malware delivered by this campaign is StealC, an infostealer that collects a wide range of personal and organizational data. It is designed to grab browser credentials and authentication cookies from Chrome, Firefox, Opera, and other browsers.

It also targets messaging apps like Discord, Telegram and Pidgin, along with cryptocurrency wallets such as Bitcoin, Ethereum and Exodus. StealC goes further by attempting to compromise cloud accounts from Amazon Web Services (AWS) and Azure, VPN services like ProtonVPN and even gaming accounts from Battle.net and Ubisoft. In addition, it can take screenshots of the victim’s desktop, giving attackers a live view of sensitive activity.

Acronis reported that the campaign has already appeared in several different versions over a short period, with changes in payloads and infrastructure. This suggests that the attackers are actively testing and refining their methods to avoid detection and improve success rates.

META DELETES 10 MILLION FACEBOOK ACCOUNTS THIS YEAR, BUT WHY?

StealC also targets VPN software and cryptocurrency wallets. (iStock)

5 ways you can protect yourself from FileFix attacks

To stay protected against attacks like FileFix and prevent malware such as StealC from stealing sensitive information, you need to combine caution with practical security measures. The following steps can help safeguard accounts, devices, and personal data.

1) Be skeptical of urgent warnings

Attackers rely on panic. Treat any message claiming your Meta account or other services will be disabled within days with caution. Verify the alert directly through official platforms rather than clicking links or following instructions from an email or web page.

2) Avoid copying commands from unknown sources

FileFix relies on convincing you to paste hidden PowerShell commands disguised as file paths. Never paste commands into system dialogs, File Explorer, or terminals unless you are absolutely certain of their origin.

3) Invest in personal data removal services

FileFix and StealC thrive on the information they can extract from a device or linked accounts. By using data removal services, you reduce the amount of sensitive personal information that can be found online or left exposed on old platforms. This minimizes what attackers can exploit if they manage to gain access.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

4) Install reliable antivirus software

A strong antivirus software can detect malware like StealC before it fully executes. Many solutions now include behavior-based detection that can flag suspicious scripts or hidden downloads, helping catch threats even when attackers try to disguise commands as harmless actions.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com/LockUpYourTech

5) Use a password manager

While FileFix targets stored credentials, using a reputable password manager reduces risk by creating unique passwords for every site. This way, even if one browser or app is compromised, attackers cannot access your accounts elsewhere.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/Passwords

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

Cybercriminals keep finding creative ways to trick social media users, and FileFix proves how convincing these scams can look. A fake Meta alert may feel urgent, but pausing before you click or copy anything is the best defense. Relying on strong habits and security tools gives you the upper hand. Data removal services, antivirus software, and password managers each reduce risk in different ways. When you combine them, you make it much harder for attackers to turn a scare tactic into a real threat.

Should platforms like Meta do more to warn users about these evolving phishing tactics? Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

October 3, 2025
Update Chrome now: Google patches new zero-day threat
NEWYou can now listen to Fox News articles!

Google has released an urgent update for its Chrome browser to fix a newly discovered zero-day security flaw that hackers are already exploiting. This is the sixth zero-day Chrome has faced this year, highlighting just how quickly attackers move to take advantage of these hidden weaknesses.

Because zero-day threats strike before developers can patch them, your personal data and browsing activity could be at risk if you don’t update right away. If you use Chrome, now is the time to upgrade.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

GOOGLE CONFIRMS DATA STOLEN IN BREACH BY KNOWN HACKER GROUP

Chrome users are urged to update immediately to block active zero-day attacks. (Kurt “CyberGuy” Knutsson)

A critical flaw in Chrome’s V8 engine

The newly patched vulnerability, tracked as CVE-2025-10585, stems from a type confusion weakness in Chrome’s V8 JavaScript engine. Google’s Threat Analysis Group (TAG) discovered and reported the bug on Tuesday, and the company shipped a fix the following day, Bleeping Computer reported.

Google confirmed that the flaw was being exploited in the wild, though it did not share technical details or name the groups behind the attacks. TAG has a history of uncovering zero-days tied to government-sponsored spyware campaigns aimed at high-risk individuals such as opposition leaders, journalists and dissidents.

The fix was delivered through Chrome version 140.0.7339.185/.186 for Windows and macOS, and version 140.0.7339.185 for Linux. These updates will gradually reach all users in the Stable Desktop channel over the coming weeks.

While Chrome typically updates automatically, you can apply the patch immediately by navigating to the ‘About Google Chrome’ section. Google stated that it is withholding full technical details until most users have installed the update, a precaution meant to prevent attackers from exploiting lagging systems.

GOOGLE FIXES ANOTHER CHROME SECURITY FLAW BEING ACTIVELY EXPLOITED

Google races to patch the sixth major browser flaw discovered in 2025. (Kurt “CyberGuy” Knutsson)

A growing list of zero-day attacks in 2025

This marks the sixth zero-day flaw patched in Chrome this year. In March, Google addressed CVE-2025-2783, a sandbox escape bug exploited in espionage attacks against Russian organizations. In May, it pushed emergency updates for CVE-2025-4664, which let attackers hijack user accounts.

Then in June, another flaw in the V8 engine, CVE-2025-5419, was patched after being spotted by TAG. July saw the release of a fix for CVE-2025-6558, which allowed attackers to bypass Chrome’s sandbox protection. With this latest patch, Google continues a busy year of racing to secure its browser against rapidly emerging threats.

How to update Google Chrome on a desktop

Updating Chrome only takes a minute, whether you’re on Mac or Windows. Here are the steps.
- Open Chrome.
- Click the three dots in the top-right corner.
- Go to Help > About Google Chrome.
- Wait while Chrome checks for updates.
- Click Relaunch when the update finishes.
How to update Chrome on iPhone
- Open the App Store on your iPhone.
- Tap your profile icon in the top-right corner.
- Scroll down to see pending updates.
- Find Google Chrome in the list.
- Tap Update next to it (or Update All if you want to update everything).
How to update Chrome on Android

Settings may vary depending on your Android phone’s manufacturer.
- Open the Google Play Store on your Android device.
- Tap your profile icon in the top-right corner.
- Select Manage apps & device.
- Under “Updates available,” look for Google Chrome.
Tap Update to install the latest version.

CLICK HERE TO GET THE FOX NEWS APP

Hackers are already exploiting the bug to steal data from unprotected devices. (Kurt “CyberGuy” Knutsson)

5 ways to stay safe from Chrome zero-day attacks

Updating Chrome is essential, but there are additional steps you can take to stay safe from attacks.

1) Be cautious with links and downloads and use strong antivirus software

Many zero-day attacks are delivered through malicious websites or email attachments. Avoid clicking unknown links or downloading files from unverified sources, especially if they prompt you to disable security settings. Also, use strong antivirus software to add another layer of defense to detect malicious code that tries to run through compromised browsers. A strong antivirus can spot suspicious activity before it takes hold. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com/LockUpYourTech

2) Enable two-factor authentication (2FA)

Even if attackers manage to steal your login details through a browser exploit, 2FA makes it much harder for them to break into your accounts. Use an authenticator app instead of SMS when possible for stronger protection.

3) Rely on a password manager

If attackers exploit the browser to steal login data, a password manager keeps your credentials safe and helps generate unique, complex passwords. Even if one account is targeted, it prevents a domino effect across your logins.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/Passwords

4) Limit browser extensions

Some extensions can be abused to make attacks worse. Stick to extensions from trusted developers, review permissions carefully and uninstall anything you no longer need.

5) Keep your operating system updated

Chrome updates are critical, but attackers can also exploit holes in Windows, macOS, Android or iOS. Regular OS updates patch vulnerabilities across the system, reducing the chances of a browser exploit spreading further.

Kurt’s key takeaway

The fact that Chrome has already faced six zero-day attacks this year shows how relentless attackers are and how even the most popular software can have serious gaps. These flaws are not just bugs, but opportunities for hackers to exploit millions of users before fixes roll out. The pattern also highlights the growing sophistication of threat actors, including state-backed groups targeting high-risk individuals. No browser is completely safe, and the battle to secure widely used software is ongoing and far from over.

Do you think Google is reacting fast enough to keep your data secure? Let us know in the comments below. Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
October 2, 2025
Inside a scammer’s day and how they target you
NEWYou can now listen to Fox News articles!

You’re sipping your morning coffee when your phone rings. It’s a number you don’t recognize. On the other end is someone claiming to be from your bank, asking you to “confirm a recent charge.” Sound familiar?

Scammers don’t operate on luck. They don’t just throw darts at the phone book and hope to hit a target. Their calls, texts and emails are carefully planned. They already know things about you before they ever reach out, enough to make their pitch sound convincing.

So, what does a scammer’s day actually look like? Let’s step into their shoes for a moment.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

STOP DATA BROKERS FROM SELLING YOUR INFORMATION ONLINE

Hacker looking up the information stolen from an unsuspecting victim. (Kurt “Cyberguy” Knutsson)

Step 1: Morning scroll: Where scammers find your data

Scammers don’t need to hack into top-secret databases. They start their day by tapping into data broker sites, those shady online directories that trade your personal information like baseball cards.

Here’s what they can instantly see about you (yes, you):
- Full name and age
- Current and past addresses
- Phone numbers (landline and mobile)
- Relatives’ names
- Property records and estimated home value.
Some sites even list email addresses, voter registrations and criminal histories (whether accurate or not.) Imagine starting your morning with a full profile of someone, where they live, who their spouse is and what car they drive. For scammers, this is their to-do list.

Step 2: Building the perfect scam story

With your profile in hand, scammers craft a story that sounds tailor-made just for you.
- If you’ve recently moved (public real estate records show this), they’ll call pretending to be from a “utilities department” asking for deposits.
- If you’re retired, they might pose as Medicare reps offering “free benefits.”
- If you’ve recently lost a loved one (obituaries are public), they’ll offer fake “bereavement services.”
Scammers don’t invent details; they borrow them from your life. That’s why their calls are so believable.

HOW SCAMMERS TARGET YOU EVEN WITHOUT SOCIAL MEDIA

A man receiving a fake scam phone call. (Kurt “CyberGuy” Knutsson)

Step 3: Dialing for dollars

Once the story is ready, it’s time to call, text, or email. Scammers often use auto-dialing software, blasting out thousands of calls a day. They acquire your personal and contact details from various data brokers. Imagine hundreds of scammers scraping the same databases and finding your profile. That’s why you get repeated calls. That’s why the scammer “knows” who you are when you pick up. And even if you hang up or reject the call without picking up, they log your number as “active.” Which means you’ve just made their list for the next round of calls.

Step 4: Afternoon profit: Cashing in on stolen trust

Scammers don’t actually need every target to fall for the trick. They only need a small percentage. Here’s what happens when someone gives in:
- Banking info stolen: Fake “fraud department” calls trick people into reading out card numbers.
- Identity theft: A scammer collects your Social Security number and date of birth, then opens accounts in your name.
- Wire transfers: Many victims are convinced to “verify funds” by wiring money, which is gone forever.
It’s a numbers game, and personal data tilts the odds heavily in the scammers’ favor.

Step 5: Evening: Expanding the list

At the end of the day, scammers aren’t done. They feed the information they’ve gathered back into the data cycle:
- New phone numbers? Added to calling lists.
- Addresses confirmed during a call? Updated in their files.
- Relatives mentioned? Added as next targets.
And the cycle continues tomorrow, with an even bigger pool of potential victims.

(Kurt “CyberGuy” Knutsson)

Why removing your data makes scams harder

Now, imagine if scammers couldn’t find your data online in the first place.
- No name connected to your phone number.
- No recent address tied to your age and relatives.
- No property value or real estate history to suggest you’re “cash-rich.”
Scammers would have no storyline, no details to exploit and, most importantly, no way to personalize their attack. When you remove your data from people-search sites and data broker databases, you don’t just “clean up the internet.” You slam the door shut on scammers’ playbooks. You could spend hours (or days) going site by site, filling out opt-out forms, sending emails and keeping track of who complied. The problem? Data brokers don’t stop. New ones pop up every week, and old ones often sneak your data back in.

That’s where a data removal service comes in. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaways

Scammers don’t stumble on your phone number by accident. They map out your life, one data point at a time. That’s why protecting your information online is the single most powerful step you can take to cut down on scam calls, phishing emails and identity theft risks. Remember: every piece of personal data you remove is one less tool in a scammer’s kit.

What’s the most convincing scam attempt you’ve ever received? Let us know in the comments below. Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
October 1, 2025
The surprising reason you should not delete spam emails
NEWYou can now listen to Fox News articles!

Spam is annoying and can sometimes be dangerous if it’s part of a widespread phishing attack. When you see spam, you delete it, at least that’s what conventional wisdom suggests. However, it now seems that this is the wrong approach, and spam can be used for the greater good.

So, before you delete that junk email, consider keeping it to protect others from scammers. We will also tell you what you should do with them instead.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CyberGuy.com/Newsletter

Mail app icon on iPhone (Kurt “CyberGuy” Knutsson)

Why should you keep those spam emails?

We know this sounds counter-intuitive, but keeping spam emails, at least for a short while, serves an important purpose. Your email provider can use them to refine their spam detection algorithms. The best course of action is to report them, so providers can develop better ways to identify harmful or unwanted messages. This will improve their chances of detecting them before they hit your inbox. Deleting these emails makes them useless to anyone. Furthermore, your failure to contribute to this improvement means the problem persists not only for you but for others.

When we say “a short while,” we don’t mean forever. Usually, keeping them in your junk folder for a few days to a week is enough for your provider to process and learn from them. After you’ve reported the spam or phishing attempt, you can safely delete it.

That’s the surprising reason not to delete spam emails right away: by holding onto and reporting them briefly, you’re helping email providers spot and block scams faster—protecting not just yourself, but everyone else too.

AI-POWERED SCAM TARGETS 2.5 BILLION GMAIL USERS IN SOPHISTICATED PHISHING ATTACKS

How to report spam emails to your email provider

These algorithms that detect junk emails are already getting smarter. Just check your Spam folder, and you may have dozens of emails marked as spam that they have shielded you from. For those that slip through the cracks and appear in your inbox, reporting them is easy.

Whether you’re using a desktop client like Microsoft Outlook or a web client like Gmail, Yahoo or AOL, the steps to report spam for analysis are similar.

Report spam in Gmail (desktop or web)
- Select the spam email by ticking the checkbox on its left side. You can select more than one.
- Click Report spam in the top menu. Look for a stop sign or shield icon.
How to report spam emails in Gmail in your inbox

Report scam in iCloud (desktop browser)

If you’re using something like iCloud Mail on iCloud.com on a desktop browser, do the following:
- Open the email.
- Click the three-dot icon in the top menu.
- Select Move Message to Junk.
How to report spam on iCloud.com in your inbox (Kurt “CyberGuy” Knutsson)

Report spam in iCloud Mail (iPhone or iPad Mail app, iOS 18.6)

If you’re using the Mail app on an iPhone or iPad, follow these steps instead:
- Open the email in the Mail app.
- Tap the reply arrow icon at the bottom of the screen.
- Select Move to Junk from the menu.
Report spam in Yahoo Mail

On the web (desktop version):
- Tick the checkbox next to the unwanted email(s) in your inbox.
- Click Spam in the toolbar above. This moves the message to your Spam folder and helps Yahoo learn to catch similar messages.
- You can also open the email directly and click Spam to report it.
On the Yahoo Mail mobile app (iOS/Android):
- Open the message.
- Tap the three vertical dots or “More” icon.
- Choose Mark as Spam to report it.
Report spam or phishing in Outlook / Outlook.com

In Outlook on the web (Outlook.com):
- Select the message(s) you want to report.
- Click Report above the reading pane, then choose Report phishing or Report junk from the dropdown.
In desktop Outlook (Windows, Mac) or Outlook mobile:
- If you’re using a supported version (like Outlook for Microsoft 365, Outlook for Mac 16.89+ or recent mobile versions), you’ll see a Report button on the toolbar.
- Select the message(s), click Report and then choose Phishing or Junk.
Report spam in AOL Mail

On the web or desktop:
- Log into AOL Mail and select the spam email from your inbox.
- Click the Spam button—often shown as an exclamation mark or explicitly labeled “Spam.” This moves the email to your Spam folder and helps train AOL’s filters.
On mobile:

In the AOL Mail app, you can usually tap and hold or open the message and select Mark as Spam from the options to report it.

How to report deleted spam mail

Even for those spam emails you deleted, they’re not gone forever. If it’s been less than 30 days, they’re probably still in the Trash folder.

To report them to clients like Gmail, Outlook, Yahoo, and AOL, follow these steps:
- Open the Trash or Deleted items folder in your mail client.
- Select the spam email by ticking the checkbox on its left side.
- Click Report spam in the top menu. Look for a stop sign or shield icon.
How to report spam in Gmail when it’s in the trash folder

You make yourself a target when you unsubscribe

Some spam emails also come with an option to unsubscribe. If you think reporting is too harsh, you might think unsubscribing is the best option to stop the spam emails from coming back. However, this can make matters worse. The act of unsubscribing signals to scammers and spammers that you’re actively checking your email. This emboldens them to increase the volume of spam they send. Worse still, some unsubscribe links are malicious traps designed to steal personal information or distribute malware.

GOOGLE SHUTS DOWN SOPHISTICATED GOOGLE DOCS PHISHING SCAM

Tips to stay safe from spam

Reporting spam helps your email provider protect you and others, but you can take additional steps to keep your inbox and personal information safe.

1) Never click suspicious links and use strong antivirus software

Even if an email appears to come from a company you trust, avoid clicking links unless you’re sure they’re legitimate. Phishing scams often use convincing logos and language to trick you into revealing sensitive information.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at CyberGuy.com/LockUpYourTech

2) Use a personal data protection service

Consider using a service that monitors the dark web for your personal information and requests the removal of exposed data. This reduces the chances of scammers targeting you in the first place. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap — and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com/Delete

Get a free scan to find out if your personal information is already out on the web: CyberGuy.com/FreeScan

3) Use private email providers and aliases

One of the smartest ways to cut down on spam is by using a private, secure email provider. These services prioritize privacy, don’t sell your data and offer stronger protection against trackers hidden in emails.

Another powerful feature is the ability to create email aliases. An alias is a throwaway address that forwards mail to your real inbox. You can use one when online shopping or using trial accounts. If that alias starts getting flooded with junk, you simply disable or delete it, without exposing your main address.

By using aliases and secure providers, you take back control of your inbox. Spammers can’t easily tie unwanted emails to your real account and your personal email remains far more private.

For recommendations on private and secure email providers that offer alias addresses, visit CyberGuy.com/Mail

4) Use strong, unique passwords

Create long, complex passwords that are different for every account. A password manager can store them securely and help you generate new ones that are hard to crack.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at CyberGuy.com/Passwords

5) Enable two-factor authentication (2FA)

Turn on 2FA whenever possible. Even if a scammer gets your password, they won’t be able to log in without the second verification step.

6) Keep your devices updated

Install the latest software updates on your phone, tablet, and computer. These updates often include security patches that fix vulnerabilities scammers could exploit.

7) Be cautious with email attachments

Avoid opening attachments from senders you don’t recognize. They can contain viruses, ransomware or other types of malware designed to steal your data.

8) Limit the information you share online

The less personal information available about you publicly, the harder it is for scammers to craft convincing phishing emails that appear legitimate.

By following these steps and regularly reporting spam, you’ll protect not only your own inbox but also contribute to a safer online environment for everyone.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaways

Spam emails are annoying, but deleting them right away isn’t always the best move. By holding on to them and reporting them, you help your email provider improve its filters and block more junk in the future. At the same time, learn how to protect yourself from phishing attempts so you can recognize the warning signs quickly. With a little awareness and the right tools, spotting and avoiding these scams becomes much easier.

Have you ever had a close call with a spam or phishing email? Let us know by writing to us at CyberGuy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
September 30, 2025
Hackers push fake apps with malware in Google searches

NEWYou can now listen to Fox News articles!

When you search Google for apps, it feels natural to trust the first results you see. They’re supposed to be the most reliable, right? Unfortunately, hackers know this too. They’re sneaking fake websites into search results that look just like the real thing. If you click and download from one of these sites, you could end up with malware instead of the app you wanted. In other words, the top search results aren’t always safe, and that’s exactly how scammers trick people.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

NORTH KOREAN HACKERS USE AI TO FORGE MILITARY IDS

What you need to know about malware in Google searches

Researchers at FortiGuard Labs found that attackers are setting up websites that look almost identical to trusted providers. These sites host installers for apps like Signal, WhatsApp, Deepl, Chrome, Telegram, Line, VPN services and WPS Office. The catch is that these downloads include both the real app and hidden malware.

Once you run one, the malware drops files into your system, asks for administrator access and quietly starts spying. It can collect personal information, log everything you type, monitor your screen and even disable your antivirus.

Hackers are planting fake apps in Google search results and they look just like the real thing. (Harun Ozalp /Anadolu via Getty Images)

Some versions were designed to snoop on Telegram messages. All of this is possible because hackers use a tactic called SEO poisoning, which manipulates Google’s search results so their fake websites appear near the top. Even if you stick to “safe-looking” search links, you could still land on a fraudulent page.

How hackers disguise fake apps as real ones

So how do these fake sites end up in your search results in the first place? The attackers use a technique called SEO poisoning. They register lookalike domains, use plugins to game search algorithms and then climb up Google’s rankings. That way, when you search for a trusted app, the fake site may appear as one of the first results.

According to FortiGuard Labs, this particular campaign mainly targeted Chinese-speaking users, but the method is being used everywhere. In fact, earlier reports from Cisco Talos showed ransomware groups pushing fake downloads of AI tools like ChatGPT or InVideo. Others used spoofed sites for PayPal, Microsoft, Netflix and Apple. Sometimes, attackers even buy sponsored ads so that their malicious links appear right at the top.

The scary part is that you might not even realize you installed something dangerous. Because the fake installer includes the real app, everything seems to work fine. Meanwhile, the hidden malware is already active on your device. That makes it harder to detect and much easier for attackers to steal your data.

6 ways you can stay safe from malware in Google Searches

I have listed some steps below that you can take to protect yourself from these fake apps and the malware they carry.

1) Download apps only from official sources

The safest way to avoid malware is to get software directly from the official website or verified app stores like Google Play or the Apple App Store. Avoid third-party download sites or search results that look suspicious, even if they appear at the top of Google.

2) Double-check website domains

Before clicking “download,” carefully inspect the domain name. Hackers often create lookalike domains that look nearly identical to real ones, adding small spelling changes or extra words. Even small differences can indicate a fake site designed to deliver malware.

TOP 5 OVERPAYMENT SCAMS TO AVOID

Cybercriminals are disguising malware as trusted apps, tricking users through poisoned search results. (Dilara Irem Sancar/Anadolu via Getty Images)

3) Install a reliable antivirus software

Malware can install itself quietly and avoid detection. Using a strong antivirus solution can help identify and block malicious files before they cause damage. Make sure your antivirus is always updated so it can recognize the latest threats, including Hiddengh0st and Winos variants.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

4) Use a password manager

If malware tries to capture your passwords, a password manager can protect you. It generates strong, unique passwords for each account and stores them securely. Many password managers can also alert you if your credentials appear in a data breach.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

5) Be cautious with ads in search results

Attackers sometimes buy sponsored Google ads to push malware. Even if an ad looks like it comes from a trusted brand, verify it carefully before clicking. Stick to official websites whenever possible.

6) Keep your software and system updated

Outdated operating systems and applications can have vulnerabilities that malware exploits. Regularly updating your software ensures you have the latest security patches and reduces the risk of infection.

HOW RETIREES CAN STOP FAKE DEBT COLLECTOR SCAMS

SEO poisoning is letting hackers hijack Google results targeting user’s data. (Nicolas Economou/NurPhoto via Getty Images)

Kurt’s key takeaway

Hackers are turning Google search into their delivery system for malware. By blending real apps with hidden spyware, they can make almost anyone a victim. The rise of SEO poisoning shows that you cannot rely only on search rankings to stay safe. If you are careful about where you download your apps, you can keep your devices and data out of a hacker’s hands.

CLICK HERE TO GET THE FOX NEWS APP

How much do you trust Google to filter out malicious sites before you click? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

September 29, 2025
North Korean hackers use AI to forge military IDs

NEWYou can now listen to Fox News articles!

A North Korean hacking group, known as Kimsuky, used ChatGPT to generate a fake draft of a South Korean military ID. The forged IDs were then attached to phishing emails that impersonated a South Korean defense institution responsible for issuing credentials to military-affiliated officials. South Korean cybersecurity firm Genians revealed the campaign in a recent blog post. While ChatGPT has safeguards that block attempts to generate government IDs, the hackers tricked the system. Genians said the model produced realistic-looking mock-ups when prompts were framed as “sample designs for legitimate purposes.”

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

Example of an AI-Generated Virtual ID card. (Genians)

How North Korean hackers use AI for global espionage

Kimsuky is no small-time operator. The group has been tied to a string of espionage campaigns against South Korea, Japan and the U.S. Back in 2020, the U.S. Department of Homeland Security said Kimsuky was “most likely tasked by the North Korean regime with a global intelligence-gathering mission.” Genians, which uncovered the fake ID scheme, said this latest case underscores just how much generative AI has changed the game.

“Generative AI has lowered the barrier to entry for sophisticated attacks. As this case shows, hackers can now produce highly convincing fake IDs and other fraudulent assets at scale. The real concern is not a single fake document, but how these tools are used in combination. An email with a forged attachment may be followed by a phone call or even a video appearance that reinforces the deception. When each channel is judged in isolation, attacks succeed. The only sustainable defense is to verify across multiple signals such as voice, video, email, and metadata, in order to uncover the inconsistencies that AI-driven fraud cannot perfectly hide,” Sandy Kronenberg, CEO and Founder of Netarx, a cybersecurity and IT services company, warned.

North Korea is not the only country using AI for cyberattacks.

HACKER EXPLOITS AI CHATBOT IN CYBERCRIME SPREE

Chinese hackers also exploit AI for cyberattacks

North Korea is not the only country using AI for cyberattacks. Anthropic, an AI research company and the creator of the Claude chatbot, reported that a Chinese hacker used Claude as a full-stack cyberattack assistant for over nine months. The hacker targeted Vietnamese telecommunications providers, agriculture systems and even government databases.

According to OpenAI, Chinese hackers also tapped ChatGPT to build password brute-forcing scripts and to dig up sensitive information on US defense networks, satellite systems and ID verification systems. Some operations even leveraged ChatGPT to generate fake social media posts designed to stoke political division in the US.

Google has seen similar behavior with its Gemini model. Chinese groups reportedly used it to troubleshoot code and expand access into networks, while North Korean hackers leaned on Gemini to draft cover letters and scout IT job postings.

GOOGLE AI EMAIL SUMMARIES CAN BE HACKED TO HIDE PHISHING ATTACKS

The above features an ilustration of a hackers’ attack scenario. (Genians)

Why AI-powered hacking threats matter now

Cybersecurity experts say this shift is alarming. AI tools make it easier than ever for hackers to launch convincing phishing attacks, generate flawless scam messages, and hide malicious code.

“News that North Korean hackers used generative AI to forge deepfake military IDs is a wake-up call: The rules of the phishing game have changed, and the old signals we relied on are gone,” Clyde Williamson, Senior Product Security Architect at Protegrity, a data security and privacy company, explained. “For years, employees were trained to look for typos or formatting issues. That advice no longer applies. They tricked ChatGPT into designing fake military IDs by asking for ‘sample templates.’ The result looked clean, professional and convincing. The usual red flags — typos, odd formatting, broken English — weren’t there. AI scrubbed all that out.”

“Security training needs a reset. We need to teach people to focus on context, intent and verification. That means encouraging teams to slow down, check sender info, confirm requests through other channels and report anything that feels off. No shame in asking questions,” Williamson added. “On the tech side, companies should invest in email authentication, phishing-resistant MFA and real-time monitoring. The threats are faster, smarter and more convincing. Our defenses need to be too. And for individuals? Stay sharp. Ask yourself why you’re getting a message, what it’s asking you to do and how you can confirm it safely. The tools are evolving. So must we. Because if we don’t adapt, the average user won’t stand a chance.”

HOW AI CHATBOTS ARE HELPING HACKERS TARGET YOUR BANKING ACCOUNTS

How to protect yourself from AI-powered scams

Staying safe in this new environment requires both awareness and action. Here are steps you can take right now:

1) Slow down, verify, and use strong antivirus

If you get an email, text or call that feels urgent, pause. Verify the request by contacting the sender through another trusted channel before you act. At the same time, protect your devices with strong antivirus software to catch malicious links and downloads.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at CyberGuy.com/LockUpYourTech

2) Use a personal data removal service

Reduce your risk by scrubbing personal information from data broker sites. These services can help remove sensitive details that scammers often use in targeted attacks. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

3) Check sender details carefully

Look at the email address, phone number or social media handle. Even if the message looks polished, a small mismatch can reveal a scam.

4) Use multi-factor authentication (MFA)

Turn on multi-factor authentication (MFA) for your accounts. This adds an extra layer of protection even if hackers steal your password.

5) Keep software updated

Update your operating system, apps and security tools. Many updates patch vulnerabilities that hackers try to exploit.

6) Report suspicious messages

If something feels off, report it to your IT team or your email provider. Early reporting can stop wider damage.

7) Question the context

Ask yourself why you are receiving the message. Does it make sense? Is the request unusual? Trust your instincts and confirm before taking action.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaways

AI is rewriting the rules of cybersecurity. North Korean and Chinese hackers are already using tools like ChatGPT, Claude, and Gemini to break into companies, forge identities, and run elaborate scams. Their attacks are cleaner, faster, and more convincing than ever before. Staying safe means staying alert at all times. Companies need to update training and build stronger defenses. Everyday users should slow down, question what they see, and double-check before trusting any digital request.

Do you believe AI companies are doing enough to stop hackers from misusing their tools or is the responsibility falling too heavily on everyday users? Let us know by writing to us at CyberGuy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

September 27, 2025
Top 5 overpayment scams to avoid

NEWYou can now listen to Fox News articles!

Overpayment scams are on the rise, and they can leave victims thousands of dollars in debt. The setup usually looks harmless: someone sends you a check for more than the agreed amount, asks you to forward the difference and disappears once the check bounces. Below are five of the most common overpayment scams you need to watch for today.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

FBI WARNS SENIORS ABOUT BILLION-DOLLAR SCAM DRAINING RETIREMENT FUNDS, EXPERT SAYS AI DRIVING IT

1. The dog walker overpayment scam

Bob from Harrison, Ohio, recently shared how he was nearly tricked by a scammer posing as a pet owner. The con began with a request for dog sitting. Bob was promised $250 for care and food, but then a fake check for $4,358 arrived.

The scammer instructed Bob to send $4,000 of it to an “appliance retailer.” Why an appliance retailer when the service was for dog sitting? Scammers often use a third party to make the request sound more believable. If they simply asked for the money back, it would raise red flags. By inventing another company, whether a retailer, shipping service or contractor, they add urgency and legitimacy to the story. In reality, that “retailer” is just another front that the scammer controls. Here’s the catch: the check appears to be real, but it’s actually counterfeit. The bank may release the funds temporarily, but once it bounces, you’re on the hook for the entire amount.

Making a payment by scanning a QR code with a phone. (Kurt “CyberGuy” Knutsson)

Tip: If you’re asked to forward money to a third party, especially one unrelated to the original deal, treat it as a scam. Keep the check and envelope as evidence, and report it to the FTC and your state attorney general.

2. The online marketplace scam

Selling a couch, bike or electronics online? Some buyers “accidentally” send too much. They then ask you to return the difference through Zelle, Venmo or a wire transfer. Once the check or payment reverses, you’ve lost both the product and the money you returned.

Tip: Always insist on verified payment methods. If a buyer pushes you for a refund quickly, walk away.

FAKE AGENT PHONE SCAMS ARE SPREADING FAST ACROSS THE US

Scammers may try to recruit buyers into buying gift cards before a false check they provided bounces. (Kurt “CyberGuy” Knutsson)

3. The mystery shopper scam

You might get an email or letter offering a job as a mystery shopper. They send you a large check to “test” stores by buying gift cards. You’re asked to send the gift card numbers back as proof of purchase. After the bank reverses the fake check, you’ve lost the money you spent on those gift cards.

Tip: Real companies never pay upfront with extra funds or ask for gift card codes by email.

4. The rental deposit scam

Scammers target renters by mailing a check for more than the deposit or rent. They claim it was a mistake and ask you to refund the difference. The check later bounces, leaving you stuck.

Tip: Only accept payments through secure online portals or in person with verified funds.

5. The work-from-home equipment scam

This one lures jobseekers. The “employer” sends a large check to buy office equipment, then directs you to forward the extra funds to a vendor. Of course, the check is fake, and the supposed vendor is also the scammer.

Tip: Legitimate employers provide equipment directly or reimburse verified expenses, not through overpayments.

CLICK HERE TO GET THE FOX NEWS APP

Scammers target remote workers by promising to provide a stipend for work-from-home tech. (iStock)

How to protect yourself from overpayment scams

Now that you’ve seen how these scams play out, from fake dog sitting gigs to marketplace frauds and bogus job offers, it’s clear they all follow the same playbook. Someone sends you too much money and pressures you to forward the extra. That “extra” never existed, and once the check bounces, you’re left holding the bag. The good news is, there are clear steps you can take to protect yourself and keep your money safe.

Pause before acting

Every scam in this article, from the dog walker hoax to rental deposit tricks, begins with an overpayment that looks harmless. If someone pays you more than you’re owed, it’s not a mistake. It’s a scam. Do not respond or send money to any third party. Save the check and envelope as evidence, then report it.

Verify funds with your bank

Scammers count on you trusting what you see in your account. In Bob’s case, his $4,358 check looked real because the bank showed it as “available.” But available isn’t the same as cleared. Always ask your bank to confirm when funds are fully verified before you spend a dime.

Avoid rushing

Urgency is the scammer’s strongest weapon. Marketplace fraudsters, renters and fake employers will pressure you to “fix” the mistake right away. Slow down, double-check and don’t let anyone force you into quick action.

Use secure payment systems

Whether it’s for rent, freelance work or selling a used item, scammers prefer paper checks because they’re easy to fake. Stick with secure, traceable payment platforms or in-person verified funds. That way, you don’t get stuck when a check bounces.

Keep records of all communication

If you receive a suspicious check, save everything: the envelope, emails, texts and any names used. In the dog sitting scam, Bob’s saved emails and the scammer’s phone number became valuable evidence. This documentation helps law enforcement and protects you if the scammer tries again under another identity.

Use a personal data removal service

Scammers often find victims by scraping personal details from online data brokers. That’s how they target renters, pet sitters or jobseekers. Using a personal data removal service can limit your exposure and make you harder to target in the first place. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

Enable fraud alerts with your bank

Many banks let you set fraud alerts for large deposits or unusual transactions. Turning these on gives you a chance to review suspicious activity before a scammer pressures you into acting on it.

Report scams

Just like Bob did when he cut contact with the fake pet owner, reporting scams helps protect others. File with the Federal Trade Commission (FTC) at reportfraud.ftc.gov and your state attorney general. You can also alert your local police and community groups to stop scammers from targeting someone else.

Kurt’s key takeaways

Overpayment scams prey on trust and urgency. They can pop up in online sales, job offers, rental agreements and even friendly community boards. By knowing the warning signs, you can stop scammers before they reach your wallet. Stay cautious whenever you’re asked to deposit more than expected and forward the extra. If it sounds strange, it’s probably a scam.

What should be done to stop overpayment scams now that they’ve gotten out of hand? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

September 25, 2025
How retirees can stop fake debt collector scams
NEWYou can now listen to Fox News articles!

You pick up the phone and hear a stern voice claiming you owe money. Maybe it’s for a credit card you don’t recognize, a loan you never took out or some old bill you thought was long gone. Panic sets in, especially if the caller threatens arrest, wage garnishment or lawsuits.

Unfortunately, this scenario is becoming all too common. Scammers are posing as debt collectors, and retirees are among their favorite targets. Even legitimate debt collection companies have crossed the line. One such company was ordered to pay over $8 million for harassing people into paying fake debts.

The good news? With a little knowledge and some practical steps, you can spot these calls, protect yourself and stop them before they get too close for comfort.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

JURY DUTY PHONE SCAMS ON THE RISE AS FRAUDSTERS IMPERSONATE LOCAL OFFICIALS, THREATEN ARREST

A 96-year-old woman sits in an armchair in her apartment in Germany on Sept. 1, 2025, and makes a phone call. (Matthias Balk/picture alliance via Getty Images)

Why retirees are prime targets

Scammers don’t call at random. Retirees often make ideal marks because:
- Less frequent monitoring: Many retirees check credit reports and bank accounts less often, making it easier for fraud to go unnoticed.
- Accumulated assets: Retirement savings, pensions and home equity make seniors look “cash-rich” to scammers.
- Trust factor: Politeness and trust on the phone can be exploited.
- Less tech-savvy: Some retirees feel less comfortable with online verification.
This combination creates a perfect storm for fake debt collection scams.

Red flags of fake debt collector calls

Recognizing the signs can stop scammers in their tracks.
- Immediate threats or pressure: Real collectors cannot threaten arrest or use abusive language under the Fair Debt Collection Practices Act (FDCPA).
- Unusual payment methods: Gift cards, wire transfers and cryptocurrency are red flags. Legitimate collectors use checks, debit or bank payments.
- Refusal to verify debt: If they won’t send written proof, hang up.
- Mismatch with public records: Fake companies often use official-sounding names that don’t exist.
Requests for unrelated personal information: Collectors don’t need your Social Security number or bank logins.

FAKE AGENT PHONE SCAMS ARE SPREADING FAST ACROSS THE US

Kurt “Cyberguy” Knutsson lays out red flags of fake debt collector calls. (Matthias Balk/picture alliance via Getty Images)

How to safely verify debt collector calls

Even if a call raises red flags, it’s essential to verify the information before taking action. Here’s how:

1) Request written verification

Under the FDCPA, you have the right to ask for a debt validation letter. This document should include:
- The creditor’s name
- Original amount owed
- Verification that the collector is legally authorized to collect the debt.
Ask for this before paying or sharing any personal info.

2 Look up the collector

Check with state attorneys general offices or the Consumer Financial Protection Bureau (CFPB). Verify that the company exists and is licensed to collect in your state.

3) Contact the original creditor

If you recognize the debt or think it may be legitimate, call the creditor directly using a verified phone number. Do not rely on the caller’s number; scammers often spoof official-looking numbers.

4) Use trusted resources

The FTC offers a “Debt Collection” section on its website with tips and complaint forms. If you suspect fraud, filing a report can help stop the scammers from targeting others.

CLICK HERE TO GET THE FOX NEWS APP

Experts warn retirees to be vigilant regarding fake debt collector calls. (Kurt “CyberGuy” Knutsson)

Pro tip: Extra step to protect your personal information

Fraudsters rely on personal data to make calls sound convincing. Reducing the amount of information available about you online lowers your risk. Data brokers collect and sell details like your name, phone, address and even past debts. A data removal service can automatically remove your data from hundreds of broker sites, making it harder for scammers to find and target you.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

When and where to report a scam

If you’ve encountered a fake debt collector, report them right away:
- FTC: File at FTC.gov
- State Attorney General: Use the consumer complaint division in your state
- CFPB (Consumer Financial Protection Bureau): Submit a complaint online at consumerfinance.gov/complaint/or by phone
Reporting helps protect other retirees from falling victim.

Kurt’s key takeaways

Protecting your retirement isn’t just about managing your savings; it’s about defending your personal information, too. Scammers thrive on fear, urgency and trust, but you now have the knowledge to push back. By spotting red flags, verifying calls and reducing what’s available about you online, you can stop fake debt collectors in their tracks.

If a scammer called you tomorrow, would you be ready to spot the lies and protect your hard-earned savings? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
September 24, 2025
Social media verification systems lose power as scammers purchase checkmarks to appear legitimate

NEWYou can now listen to Fox News articles!

Social media makes it easy to connect with people, but it also makes it just as easy for fraudsters to pretend they are someone they are not. Fake accounts, misleading checkmarks and smooth-talking profiles are everywhere, and not everyone knows how to spot them. I recently received an email from Marie from Boynton Beach, Florida, with a similar concern:

“I have been on X, and it seems quite a few people turn out to be not who they say they are. Mostly the ones that are verified. I am not that good tech-wise. Is there a way other than me knowing immediately they are a fraud?? Thank God I am not the type to give personal information or money.”

It is a fair concern, Marie. With scams becoming more polished, the line between real and fake accounts is harder to see. Let’s break down why fraud is so common on social media, the red flags you should look out for, and the simple habits that can keep you from getting duped.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

WHATSAPP BANS 6.8M SCAM ACCOUNTS, LAUNCHES SAFETY TOOL

A man logs into his social media account on a laptop. Fraudsters often exploit online activity to trick users. (Kurt “CyberGuy” Knutsson)

Why social media is a playground for scammers

Social platforms are built for speed and visibility. Anyone can create an account in minutes, post content instantly and connect with strangers worldwide. This openness is what makes social media engaging, but it is also what makes it ripe for abuse. Fraudsters exploit the fact that posts, comments and messages are consumed quickly and often without much scrutiny.

Verification systems that were once meant to help users identify legitimate accounts have also lost some of their power. On platforms where checkmarks can be purchased, scammers can buy credibility without earning it. Add in the algorithms that reward viral content and sudden spikes in engagement, and you get the perfect environment for fraud to spread unnoticed.

Scammers know people often lower their guard on social media. In these spaces, users share personal details, build emotional ties with influencers and trust posts that look familiar. As a result, the combination of speed, trust and visibility creates an ideal environment for fraud to spread rapidly.

META DELETES 10 MILLION FACEBOOK ACCOUNTS THIS YEAR, BUT WHY?

A woman browses social media on her laptop. Scammers use fake accounts and misleading profiles to lure victims. (Kurt “CyberGuy” Knutsson)

The cost of falling for a scam

When people think of scams, they often imagine losing a one-time sum of money. The reality is far more damaging. Clicking a bad link or handing over credentials can snowball into long-term consequences. Once scammers get access to your information, it can be sold on dark web marketplaces, used to open fraudulent accounts or leveraged for identity theft.

There is also the reputational cost. If your social media account is hijacked, scammers can use it to trick your friends, family or followers, spreading fraud even further under your name. Cleaning up that mess can take weeks and may permanently damage your credibility.

Social media apps are prime hunting grounds for scammers who rely on speed and trust to deceive victims. (Kurt “CyberGuy” Knutsson)

Practical steps you can take to stay safe on social media

There are simple ways to protect yourself without needing technical expertise. I have listed some of the crucial steps below.

1) Scrutinize profiles before engaging

Fake accounts often have clear giveaways. Look at how long the account has existed, whether it posts original content and the kind of followers it has. Scammers usually recycle generic profile photos or steal images from real people. Reverse image searches can help you confirm if a photo belongs to someone else.

Even with verification, be skeptical. On platforms where checkmarks can be purchased, anyone can appear “official” without being trustworthy. Treat every new interaction with caution until proven otherwise.

FACEBOOK CRYPTO ADS LEAD TO DANGEROUS MALWARE SCAMS

2) Avoid clicking on random links

Fraudsters often send links over DMs, comments or even ads. These links may lead to phishing sites designed to steal your credentials or malware that installs silently on your device. One careless click can expose your information.

This is where having strong antivirus software comes in. Even if you accidentally land on a malicious site, a strong antivirus can block harmful downloads and warn you before malware runs. Think of it as a safety net for moments when curiosity gets the better of you.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com/.

3) Protect your logins

Phishing scams frequently mimic login screens for X, Instagram or Facebook. They are designed to trick you into typing your username and password into a fake form. Once you do, the scammer immediately takes over your account.

A password manager can be a lifesaver here. It only fills in your login details on the genuine site you have saved. If it does not recognize the page, that is a red flag that you are looking at a fake. On top of that, a password manager makes it easier to use strong, unique passwords for each account, which limits damage if one gets compromised.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/.

4) Keep personal info under wraps

The less information fraudsters can find about you, the weaker their scams become. Many impersonators use details like your hometown, job or relatives to build trust. If your email, phone number or address is floating around the web, scammers can weaponize that too.

A personal data removal service can help here by scrubbing your details from people-search sites and data brokers. While not foolproof, reducing your digital footprint makes you a harder target for impersonation or social engineering scams. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/.

SOCIAL SECURITY ADMINISTRATION PHISHING SCAM TARGETS RETIREES

5) Stay alert to impersonation scams

Fraudsters often pretend to be well-known figures, influencers or even customer support staff. They use urgency like “limited offer,” “you have won” or “your account will be closed” to pressure you into responding fast.

When money, gift cards or personal details are involved, slow down. Contact the real brand or person through official channels to verify. If you are unsure, simply ignore the request.

6) Trust your instincts

One of the strongest defenses you have is your gut feeling. If a verified profile is asking for money, if a giveaway sounds too good to be true or if someone’s tone feels off, it probably is. Scammers rely on you ignoring that little voice that says something is not right.

Take a breath, pause and think before you act. That moment of hesitation often makes the difference between staying safe and becoming a victim.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

Social media can be entertaining, informative and even empowering, but it is also one of the easiest hunting grounds for fraudsters. They thrive on speed, trust and distraction, hoping you will react before you think. While no tool or habit can guarantee absolute safety, combining skepticism with smart protective steps puts you in a much stronger position.

Do you think paid verification badges make it harder to spot scammers? Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

September 23, 2025
How a SIM farm like the one found near the UN threatens telecom networks

NEW YORK — The U.S. Secret Service has found and is quietly dismantling a massive network of “SIM farms” across the New York area just as world leaders gather for meetings at the United Nations.

Matt McCool, the special agent in charge of the Secret Service’s New York field office, said agents found multiple sites filled with servers and stacked SIM cards, of which more than 100,000 cards were already active. Though the investigation is ongoing and no arrests have been made, he described it as a well-funded, highly organized enterprise and possibly run by nation-state actors — perpetrators from particular countries.

Officials also warned of the havoc the network could have caused if left intact. McCool compared the potential impact to the cellular blackouts that followed the Sept. 11 attacks and the Boston Marathon bombing, when networks collapsed under strain.

So what are these SIM farms and what are they capable of?

SIM farms are hardware devices that can hold numerous SIM cards from different mobile operators. These devices then exploit voice over internet protocol (VoIP) technology to send and receive bulk messages or calls.

While initially developed for legitimate purposes, such as low cost international calling, the technology has become a cornerstone of organized fraud targeting mass audiences — phishing texts and scam calls.

“Scams have become so sophisticated now. Phishing emails, texts, spoofing caller ID, all of this technology gives scammers that edge,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center.

In this case, the devices were concentrated within 35 miles of the U.N. building. The investigation is ongoing, but McCool said forensic analysis currently believe the system could have been used to send encrypted messages to organized crime groups, cartels and terrorist organizations.

Anthony J. Ferrante, the global head of the cybersecurity practice at FTI, an international consulting firm, said the photos show a very sophisticated and established SIM farm that could be used for any number of nefarious activities, including the potential to overwhelm cellular networks with millions of calls in just a few minutes.

“So if you can imagine that type of magnitude on cellular networks, it would just overwhelm them and cause them to shut down,” Ferrante said in an interview. He also notes that it’s possible the system could be used for surveillance operations, given its proximity to the United Nations, “potentially that equipment could be used to either intercept communications, eavesdrop on communications, or actually, clone devices, as well.”

Ferrante, who previously served in key security positions at the White House and the FBI, says he’s awaiting the results of the investigation before drawing any conclusions about the nature of the setup, but he emphasizes that the scale of the operation shows how simple tools can pose real risks to critical infrastructure.

“The masterminds could have set this up a long time ago and be operating from thousands of miles away,” he said. “It’s a stark reminder of how deeply interconnected our world has become, where local vulnerabilities can be exploited globally.”

Source link

September 23, 2025
Beware of fake Wi-Fi networks that steal your data when traveling

NEWYou can now listen to Fox News articles!

Earlier this year, Australian police arrested a passenger for running a malicious Wi-Fi network both at an airport and during a flight. The setup looked just like the airline’s own Wi-Fi service, but it wasn’t. Instead, it was what cybersecurity researchers call an “evil twin,” a fake hotspot designed to trick people into handing over their credentials.

The idea isn’t new, but the setting is. For years, fake Wi-Fi networks have been a common trick in cafes, hotels, and airports. What makes this case stand out is that the attacker took it to the skies, exploiting the growing reliance on in-flight Wi-Fi for entertainment and internet access.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CyberGuy.com newsletter.

What is an evil twin Wi-Fi attack?

An evil twin hotspot is a wireless network that impersonates a legitimate one by copying its name, also known as the SSID. When multiple networks with the same name exist, your phone or laptop often connects to the one with the stronger signal, which is usually the attacker’s.

Travelers check their phones while navigating delays and flight cancellations at the Austin-Bergstrom International Airport on July 19, 2024, in Austin, Texas. (Brandon Bell/Getty Images)

Once connected, victims are often redirected to a fake login or landing page. In this case, the malicious portal requested passengers’ email addresses, passwords, or even social media credentials under the pretense of granting access to the airline’s entertainment system. The stolen information could then be used for account takeovers, identity theft, or further attacks.

Why travel Wi-Fi is a prime target

Travel creates a perfect storm for these kinds of attacks. Whether you’re in a hotel, airport, cruise ship or airplane, you often have limited choices for getting online. Mobile data may be patchy or expensive, which pushes people toward the available Wi-Fi networks. Because these services feel official and are tied to trusted brands, travelers tend to assume they’re safe and let their guard down when login requests pop up.

Another trend adds to the risk. Travel providers are increasingly moving entertainment and services onto personal devices instead of offering built-in options. Airlines replace seatback screens with streaming portals, cruise lines promote app-based services and hotels direct guests to digital check-in platforms. All of these require a Wi-Fi connection, which means more people are logging on than ever before.

QANTAS DATA BREACH EXPOSES MILLIONS OF CUSTOMER RECORDS

How hackers trick you with fake in-flight Wi-Fi

Here’s how it worked in the Australian case. The attacker carried a portable hotspot onboard and named it to match the airline’s official Wi-Fi network. Passengers, seeing the fake network with stronger signal strength, connected automatically. They were then taken to a counterfeit login page asking for personal details.

A traveler awaits their delayed luggage after United Airlines grounded flights due to a tech outage at Newark Liberty International Airport in Newark, New Jersey, Aug. 6, 2025. (REUTERS/Ryan Murphy)

On a flight, the consequences are amplified. Passengers either give in and share data or lose access to entertainment for hours. The success rate of this attack is, quite literally, sky-high.

YOUR DISCARDED LUGGAGE TAGS ARE WORTH MONEY TO SCAMMERS

Why you need a VPN for in-flight Wi-Fi security

One of the best defenses against rogue Wi-Fi is a Virtual Private Network, or VPN. A VPN creates an encrypted tunnel between your device and the internet, making it far harder for attackers to intercept your data even if you connect to the wrong hotspot.

There is a catch, though. In-flight Wi-Fi systems often require you to disable your VPN temporarily to access the onboard portal. Even then, a VPN remains an important safeguard. Once you have cleared the login page and, if you have paid, connected to the internet, enabling your VPN ensures that any browsing, messaging, or app traffic stays private.

For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices at CyberGuy.com.

9 tips for using in-flight Wi-Fi safely

A VPN is important, but it isn’t the only defense you should rely on. Here are some other ways to stay safe when connecting midair:

1) Install strong antivirus software

Before you even think about connecting to in-flight Wi-Fi, make sure your device has a strong antivirus installed. It’s your first line of defense against malicious sites and apps that attackers may try to push through fake portals. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com.

James Garofalo of Colorado Springs is checking cellphone after his flight cancelation at Denver International Airport in Denver, Colorado, on Thursday, Dec. 22, 2022. (Hyoung Chang/The Denver Post)

2) Enable two-factor authentication (2FA)

Even if an attacker manages to steal your login credentials, 2FA can stop them from getting into your accounts. Use app-based authenticators rather than SMS codes whenever possible, since they work offline and are harder to intercept.

3) Turn off automatic Wi-Fi connections

Most phones and laptops are set to reconnect automatically to familiar networks. This makes it easier for a fake hotspot with the same name to trick your device. Before you board, switch off auto-connect and manually choose the correct airline Wi-Fi.

4) Use HTTPS everywhere

When browsing in-flight, check for the padlock icon in your browser’s address bar. HTTPS encrypts the connection between your device and the website, making it harder for attackers on public Wi-Fi to intercept your data.

5) Limit what you access

Even with precautions, in-flight Wi-Fi should be treated as untrusted. Avoid logging in to sensitive accounts like online banking or work systems. Stick to light browsing, streaming or messaging until you’re back on a secure connection.

6) Keep your device updated

Outdated operating systems and apps often have security holes attackers exploit. Before your trip, install the latest updates on your phone, tablet or laptop. Many updates include security patches that protect you against known vulnerabilities.

7) Use airplane mode with Wi-Fi only

When possible, switch your device to airplane mode and then enable only Wi-Fi. This reduces exposure from other radios (like Bluetooth or cellular roaming) that attackers sometimes target on flights.

8) Watch for phishing pop-ups and avoid suspicious clicks

Some fake in-flight portals use pop-ups or redirects designed to trick you into entering login details or clicking on malicious links. If a page asks for unnecessary information, like your full Social Security number, banking details or unrelated logins, treat it as a red flag. Close the page immediately and don’t click.

9) Log out after use

When the flight is over, sign out of the airline’s Wi-Fi portal and any accounts you accessed. This prevents session hijacking if the system keeps tokens cached.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

The rise of evil twin attacks in the air is a reminder that convenience often comes with hidden risks. As airlines push more passengers toward in-flight Wi-Fi, attackers are finding ways to exploit that dependency. Next time you fly, think twice before blindly connecting to the first Wi-Fi network that pops up. Sometimes, the safest choice is to stay offline until you land.

Would you rather go a few hours offline than risk using an untrusted hotspot midair? Let us know by writing to us at CyberGuy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CyberGuy.com newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

September 22, 2025
Why iPhone users are the new prime scam targets
NEWYou can now listen to Fox News articles!

New research may shock a lot of Apple fans: iPhone users are actually more likely to fall for online scams than Android owners. The problem isn’t the device itself; it’s the habits of the people using it.

The survey from Malwarebytes, a global cybersecurity company, of 1,300 adults across the United States, United Kingdom, Austria, Germany and Switzerland, found that many iPhone owners put blind trust in Apple’s security. That confidence makes them easier targets for scammers who count on overconfidence.

5 PHONE SETTINGS TO CHANGE RIGHT NOW FOR A SAFER SMARTPHONE

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

New research suggests iPhone users are more likely to fall for online scams than Android users. (Kurt “CyberGuy” Knutsson)

The truth about iPhone security habits

Here’s what the Malwarebytes survey uncovered:
- More than half of iPhone users (53%) admitted they’ve fallen for a scam, compared to 48% of Android users.
- Only 21% of iPhone owners add security software, while 29% of Android users do.
- Just 35% of iPhone users set unique, strong passwords, compared to 41% of Android owners.
- 47% of iPhone users grabbed a “best price” deal from shady sellers, compared to 40% of Android users.
- 41% of iPhone owners DM’d sellers for discounts on social media, compared to 33% of Android owners.
The takeaway? It’s not the phone that makes you safe, it’s your choices every time you go online.

A survey from Malwarebytes found that many iPhone owners blindly trust Apple’s security measures, which makes them easier targets for scammers who count on overconfidence. (Kurt “CyberGuy” Knutsson)

Why this matters

For years, Apple’s reputation led iPhone users to believe they were automatically safer. This study proves otherwise. Cybercriminals don’t care what brand of phone you carry; they care about how easy it is to trick you. And right now, too many iPhone users are letting their guard down.

Many iPhone software updates contain security patches that block new threats to keep users safe. (Kurt “CyberGuy” Knutsson)

7 ways to stay safe on iPhone

Even if you love your iPhone, staying safe means making smarter choices online. Follow these steps to keep scammers one step behind you.

1) Stop and double-check

If something feels off, whether it’s a text, link, or offer, pause. Scammers rely on urgency to trick you.

2) Avoid random links and shady DMs

Never click on links or QR codes from unknown senders. Always visit the company’s website directly. Also, use strong antivirus software to block malicious links before they reach you. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com/LockUpYourTech

3) Keep your software updated

Apple pushes out updates for a reason. Many contain security patches that block new threats. Make sure your iPhone is always running the latest iOS and app updates.

How to update iOS:
- Go to Settings
- Tap General
- Click Software Update and install any available updates.
Manually updating apps:
- Open the App Store.
- Tap your profile icon at the top right.
- Scroll down to see pending updates.
- Tap Update All (or update individual apps).
Enabling Automatic App Updates:
- Open Settings.
- Scroll down and tap App Store.
- Under Automatic Downloads, toggle on App Updates.
This way, your phone will always stay current, reducing the chances that hackers can exploit old vulnerabilities.

IS YOUR PHONE HACKED? HOW TO TELL AND WHAT TO DO

4) Pick stronger, unique passwords

Using the same password everywhere is a hacker’s dream. Create unique ones for each account. Consider using a password manager, which securely stores and generates complex passwords, reducing the risk of password reuse.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see CyberGuy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at CyberGuy.com/Passwords

5) Consider using a personal data removal service

Scammers thrive on the personal details they can easily find about you online, and iPhone users in particular tend to overshare and trust their device to keep them safe. That leaves a bigger trail for criminals to exploit. A personal data removal service helps wipe your information from data broker sites and shady lists that fuel targeted scams.

While no service can erase everything, it makes it much harder for crooks to connect the dots and trick you. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com/Delete

Get a free scan to find out if your personal information is already out on the web: CyberGuy.com/FreeScan

6) Turn on two-factor authentication (2FA)

Turning on two-factor authentication (2FA) is one of the most powerful ways to lock down your accounts. It adds an extra login step that blocks criminals, even if they already have your password. On your iPhone:
- Open the Settings app.
- Tap on [your name] (your Apple ID at the top).
- Select Sign‑In & Security.
- Tap Turn On Two‑Factor Authentication, then tap Continue.
- Enter a trusted phone number to receive verification codes (via text or call), tap Next, and enter the code sent to you to complete the setup.
Once set up, you’ll get a code each time you or someone else tries to sign in.

7) Don’t trade personal info for deals

Skip giving out your phone number or email just to snag a coupon, unlock a discount code, or enter a giveaway. Scammers use those details to target you later with spam, phishing attempts, and even identity theft schemes. Instead, create and use an alias email address for sign-ups, promotions, or contests. That way your real inbox stays private, and suspicious offers won’t expose your personal data.

For recommendations on private and secure email providers that offer alias addresses, visit CyberGuy.com/Mail

CLICK HERE TO GET THE FOX NEWS APP

What this means for you

If you own an iPhone, don’t assume Apple’s built-in tools are enough. Android users appear to be more proactive, but everyone is vulnerable. Real security comes from your habits, not your hardware.

Kurt’s key takeaways

The bottom line: iPhone users are falling for scams more often because they trust too much and protect too little. The fix is simple: be cautious, be skeptical, and add extra protection. Because when it comes to scams, it’s not about the device, it’s about you.

Do you still believe Apple makes you safer, or are you ready to admit that scammers can outsmart any phone? Let us know by writing to us at CyberGuy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
September 21, 2025
5 e-commerce tech terms every shopper should know
NEWYou can now listen to Fox News articles!

Shopping has gone digital, and with it comes a whole new language. From the way you pay to the platforms you browse, technology is rewriting the rules of retail. We’ll break down five essential terms that directly shape how you shop today, from affiliate links powering influencer recommendations to same-day delivery that gets products to your door in hours.

Stay tuned for more in this series as we decode the tech jargon behind the evolving world of e-commerce, answering the top questions we get from readers like you.

10 THINGS I WISH I KNEW BEFORE BUYING REFURBISHED ELECTRONICS

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

Online shopping comes with its own set of terms native to the digital space. (Kurt “CyberGuy” Knutsson)

1) Digital wallet

Your phone, your wallet

A digital wallet is an app that securely stores your credit cards, debit cards, tickets and even IDs on your smartphone. Instead of swiping plastic, you can simply tap your phone or smartwatch to pay at checkout.

Where you’ve likely used it:
- Apple Pay or Google Pay at a coffee shop.
- Samsung Pay at a grocery store.
- Storing boarding passes, concert tickets or loyalty cards.
Digital wallets use encryption and biometric security (like Face ID) to keep your payment data safe. They also cut down on physical clutter—no more fumbling with cards at the register.

Want to make sure your digital wallet is safe? Check out my guide to setting strong authentication and avoiding scams targeting mobile payments.

2) Buy now, pay later

How installment plans reshape shopping

You’ve probably seen “Pay in 4” or “Buy Now, Pay Later” (BNPL) at checkout. Some websites and services allow you to split purchases into smaller payments over time, typically with no interest if paid on schedule.

Why it matters:
- Makes big-ticket items more accessible.
- Helps you budget, but late fees can add up.
- Retailers sell more by lowering the upfront cost.
If you want even more ways to manage expenses, take a look at my guide on saving big at the grocery store using simple, proven hacks. For even more ways to stretch your dollars, check out my guide on the best ways to save money on gas with apps and loyalty programs.

9 ONLINE PRIVACY RISKS YOU PROBABLY DON’T KNOW ABOUT

A digital wallet is an app that securely stores your credit cards, debit cards, tickets and other items like IDs on your smartphone. (Jakub Porzycki/NurPhoto via Getty Images)

3) Same-day fulfillment

From warehouse to your doorstep in hours

The phrase same-day fulfillment describes when retailers use advanced logistics to process, pack, and ship your order so you get it within hours instead of days. Think Amazon Prime Now or Walmart’s express delivery.

How it works:
- Local warehouses and stores act as mini shipping hubs.
- Algorithms map the fastest routes for couriers.
- Automation speeds up picking, packing, and delivery.
It’s convenience at its peak, and for urgent needs (like a birthday gift you forgot), same-day fulfillment is a lifesaver. Be sure to check out my list of the 5 best secrets to shopping smarter on Amazon to save time and money.

4) Social commerce

Shopping where you scroll

Social commerce is the blend of social media and online shopping. Instead of just seeing ads, you can now buy directly through platforms like TikTok Shop, Instagram Checkout or Pinterest.

What makes it unique:
- Seamless shopping without leaving the app.
- Real-time recommendations from influencers and creators.
- Viral products can sell out within hours.
For consumers, it’s impulse buying made easier. For businesses, it’s a new way to reach audiences where they already spend time.

Want to avoid scams? Stick to verified shops and use buyer protection options when available. For more ways to stay safe while shopping online, check out my CyberGuy guide on how to tell if an online store is real or a scam.

Social commerce blends the experiences of online shopping and browsing social media. (Kurt “CyberGuy” Knutsson)

5) Dropshipping

Selling without the stockroom

Dropshipping is a retail model where the seller doesn’t keep products in stock. Instead, when you place an order, it’s sent directly to a third-party supplier who ships it straight to your door.

How it works:
- You buy from an online shop.
- The shop forwards your order to a manufacturer or wholesaler.
- That supplier handles storage, packing and shipping.
Why it’s popular:
- Entrepreneurs can start online stores without investing in warehouses.
- Stores can offer a wide variety of products without holding inventory.
The downside? Shipping times may be longer, product quality can vary and customer service sometimes suffers since the seller isn’t handling the goods directly. Still, dropshipping has become a cornerstone of e-commerce, powering countless online shops you scroll past every day. For some advice on how to start and grow an online store, visit CyberGuy’s guide on 10 easy ways to help launch a successful online shop.

CLICK HERE TO GET THE FOX NEWS APP

Pro tip: protect yourself while shopping online

Even as shopping gets more convenient, cyberthreats also grow. Fake stores, phishing scams, and shady links can put your data at risk. That’s why running a strong antivirus program is essential.

Why antivirus matters for e-commerce:
- Scans links and downloads before they harm your device
- Blocks malicious pop-ups on retail and social sites
- Warns you about suspicious checkout pages
Using strong antivirus software gives you peace of mind while shopping online. It’s a small step that keeps your personal and financial information safe as e-commerce evolves.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at CyberGuy.com/LockUpYourTech

Kurt’s key takeaways:

E-commerce is moving faster than ever. By understanding these five terms, you shop with confidence and spot trends before they become mainstream. From digital wallets to dropshipping, each concept shapes how products reach your hands. Stay curious, keep learning, and watch how retail continues to evolve.

What changes in online shopping do you think will matter most in the next few years? Let us know by writing to us at CyberGuy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
September 21, 2025
Cyberattack disrupts systems, causes delays at major European airports

A cyberattack targeting check-in and boarding systems has disrupted air traffic and caused delays at several of Europe’s major airports, officials said Saturday, though the initial impact appeared to be limited.

The disruptions to electronic systems initially reported at Brussels, Berlin’s Brandenburg and London’s Heathrow airports meant that only manual check-in and boarding was possible. Many other European airports said their operations were unaffected.

“There was a cyberattack on Friday night 19 September against the service provider for the check-in and boarding systems affecting several European airports including Brussels Airport,” said Brussels Airport in a statement, initially reporting a “large impact” on flight schedules.

Airports said the issue centered around a provider of check-in and boarding systems — not airlines or the airports themselves.

People at Brandenburg Airport airport as a cyber attack has caused delays, in Berlin, Germany, Saturday, Sept. 20, 2025.

Carsten Koall / AP

Collins Aerospace, whose systems help passengers check themselves in, print boarding passes and bag tags and dispatch their luggage from a kiosk, cited a “cyber-related disruption” to its MUSE (Multi-User System Environment) software at “select airports.”

As the day wore on, the fallout appeared to be contained.

Brussels Airport spokesperson Ihsane Chioua Lekhli told broadcaster VTM that by mid-morning, nine flights had been canceled, four were redirected to another airport and 15 faced delays of an hour or more. She said it wasn’t immediately clear how long the disruptions might last.

Axel Schmidt, head of communications at the Brandenburg airport, said that by late morning, “we don’t have any flights canceled due to this specific reason, but that could change.” The Berlin airport said operators had cut off connections to affected systems.

People at Brandenburg Airport airport as a cyber attack has caused delays, in Berlin, Germany, Saturday, Sept. 20, 2025.

Carsten Koall / AP

Heathrow, Europe’s busiest airport, said the disruption has been “minimal” with no flight cancellations directly linked to the problems afflicting Collins. A spokesperson would not provide details as to how many flights have been delayed as a result of the cyberattack.

The airports advised travelers to check their flight status and apologized for any inconvenience.

Collins, an aviation and defense technology company that is a subsidiary of RTX Corp., formerly Raytheon Technologies, said it was “actively working to resolve the issue and restore full functionality to our customers as quickly as possible.”

“The impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations,” it said in a statement.

It wasn’t the only cyber incident targeting airports. One of Russia’s busiest airports said on Friday that its website had been hacked and was offline. Pulkovo Airport in St. Petersburg said that access to its website was restricted, but that operations at the nation’s second-largest air hub were unaffected and specialists were working to restore service.

More from CBS News

Source link

September 20, 2025
Sam’s Club customers targeted by phishing scam using fake $100 reward offers
NEWYou can now listen to Fox News articles!

Dennis and Carole recently reached out to us with a warning about a suspicious email claiming to offer a $100 Sam’s Club reward.

“We received this yesterday, and my wife fell for the scam and initiated the free gift offer. No credit card other than email transferred,” Dennis said.

The email looked professional, with the official Sam’s Club logo at the top. It read, “YOUR OPINION IS IMPORTANT. Exclusive. YOU CAN GET A $100 REWARD.” It then invited the recipient to “Take a short survey to claim your $100 reward. Click the button below to get started,” with a bold black button labeled “GET STARTED NOW!”

Despite no credit card being entered, the couple wanted to know:
- Will scammers be able to charge their credit card?
- Do they already have credit card info?
- What steps should they take?
Let’s break this all down.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

THE TRUTH BEHIND THOSE MYSTERIOUS SHIPMENT EMAILS IN YOUR INBOX

A couple warns about a new email scam disguised as a Sam’s Club survey. (Kurt “CyberGuy” Knutsson)

Why this Sam’s Club email is a scam

At first glance, the email looked like it came straight from Sam’s Club, complete with the logo, blue color scheme and a tempting promise of a $100 reward for filling out a short survey. That’s exactly what scammers want you to think.

This is a classic phishing scam. Cybercriminals copy a trusted brand’s style to trick you into clicking their links or entering personal information. Once you engage, they can:
- Collect your email address for spam lists
- Send more realistic-looking phishing attempts
- Try to lure you into giving up payment or account details in future messages
- Direct you to malware-infected websites
In this case, only an email address was entered. That means there’s no direct credit card risk, yet. However, scammers now know the address is active and that someone at it will click through, making it more valuable for targeted scams later. The next step is protecting yourself quickly, because stopping them now is far easier than dealing with identity theft later.

DON’T FALL FOR THIS BANK PHISHING SCAM TRICK

Experts warn consumers not to click suspicious looking links. (Peter Dazeley)

How to protect yourself after clicking a link in a scam email

If you entered your email in a scam form, take these steps right away to reduce the risk of further attacks:

1) Use strong antivirus software

Run a scan with a trusted antivirus program. Many modern security tools also include phishing protection, blocking dangerous links before they can load. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at CyberGuy.com.

2) Mark the email as phishing

Use your email provider’s spam or phishing report tool to flag the message. This helps block future attempts and trains filters to catch similar scams.

3) Consider a data removal service

Data removal services can contact data brokers to remove your personal information from their lists. This makes it harder for scammers to target you with more personalized attacks. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap — and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Scammers are claiming to offer a $100 Sam’s Club reward. (REUTERS/Rick Wilking)

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

4) Watch for follow-up scams

Scammers often follow up with urgent-sounding emails to “confirm” your account or claim you won a prize. Delete these immediately without clicking links or opening attachments.

5) Change your passwords and strengthen security

Never reuse the same password across multiple accounts. If scammers target your email address, they may try it with common password guesses. Create unique, strong passwords for each account and store them in a reputable password manager.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

6) Report the scam

Forward the email to:
- Sam’s Club: phishing@samsclub.com
- FTC: reportphishing@apwg.org
Reporting helps both the brand and law enforcement track scam activity.

CLICK HERE TO GET THE FOX NEWS APP

Consumers are advised to report phishing emails to the company or the FTC. (CyberGuy.com)

Kurt’s key takeaways

Even if you avoid entering payment details, your personal information still has value to scammers. An email address can open the door to phishing attacks designed to steal passwords, install malware, or gather more sensitive data. Scammers know how to make an email look convincing, especially when they dangle a gift card as bait. By staying alert, reporting suspicious emails and protecting your personal data, you can reduce your risk.

Have you ever received a fake reward email from a brand you trust? How did you handle it? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
September 19, 2025
Stop Medicare scams before they stop you
NEWYou can now listen to Fox News articles!

Medicare is a tempting prize for scammers. Because it’s a public program funded by taxpayers, it has a huge budget to distribute and that’s what attracts scammers. In 2024, improper payments added up to $54 billion. Some scams involve setting up fake companies to file bogus claims, while others target beneficiaries directly, stealing their personal information and denying them their right to treatment.

If you fall victim to such a scam, the consequences can range from small financial losses to actual health risks. Scammers may trick you into paying fake fees, premiums or “copays” over the phone or online. They may also go after your personal information or Medicare number to bill for services or equipment you never requested, which could leave you with less coverage when you actually need treatment.

It’s better to know what you’re up against so you don’t accidentally lose your Medicare benefits.

FBI WARNS SENIORS ABOUT BILLION-DOLLAR SCAM DRAINING RETIREMENT FUNDS, EXPERT SAYS AI DRIVING IT

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CyberGuy.com newsletter

A patient is examined on Dec. 5, 2022, at the Indiana University Health Cancer Center. (Kelly Wilkinson/USA Today Network via Imagn Images)

What to look out for to recognize a Medicare scam

Scammers are getting more and more professional these days. With Medicare scams, fraudsters may use spoofed phone numbers, emails and websites to make their schemes seem more believable. Luckily, there are still some telltale signs to look out for.

Regardless of the communication method, phone, email, mail or in person, scammers will try to:
- Create fear or urgency
- Pressure you to act quickly
- Threaten you with consequences
Scam artists often try to create time pressure in order to compel their victims to act quickly, before they have time to think. (Kurt “CyberGuy” Knutsson)

Scammers calling you in Medicare’s name to demand payments

Some scammers use spoofed phone numbers to impersonate Medicare representatives. They may try to trick you into paying fake fees or buying unnecessary products.

These often include:
- Fake health insurance upgrades
- “Low-cost” medical equipment
- Fake tests or genetic kits
- Discounted medication
Remember: Medicare will never call you unless you ask them to, and they will never ask for money.

If you ever owe Medicare fees, you will be contacted by mail, not by phone.

Medicare will never charge random “activation” or “renewal” fees, those are always scams. However, Medicare itself is not completely free. Part A (hospital coverage) is free for most people, but Part B (doctor visits, outpatient care, preventive services) always requires a monthly premium, and you may also pay deductibles or copays for certain services.

Scammers try to mimic these legitimate bills to steal your money. If you’re asked for payment over the phone or online, that’s your red flag it’s a scam.

Scammers try to mimic these payments to steal your money

Scammers may try calling you in Medicare’s name to ask for your Medicare number or card details.

Money isn’t the only thing scammers are after; your Medicare number can be just as valuable, if not more so.

This scam follows a similar scheme: fraudsters call you pretending to be Medicare employees and ask you to provide your Medicare number for fake reasons, such as:
- Upgrading your plan
- Updating your account details
- Offering “free” drugs
- Issuing a new Medicare card
- … and more
Let me be clear: Medicare will never call you, whether it’s about paying fees, updating your account or anything else.

Scammers want your Medicare information so they can impersonate you and obtain medical supplies, prescription drugs or treatments in your name.

REMOVE YOUR DATA TO PROTECT YOUR RETIREMENT FROM SCAMMERS

Scammers calling you in Medicare’s name to extort your personal data

Your Social Security number (SSN) can be the final piece scammers need to impersonate you. During these calls, fraudsters may ask not only for your Medicare details but also for other personal information, such as your SSN, date of birth or similar data.

They often use the same excuses as when trying to obtain Medicare information, such as:
- Upgrading your plan
- Issuing new cards
- Other account-related reasons.
Let me emphasize this again: Medicare will never call you for these reasons.

Even if the phone number looks legitimate and the caller sounds professional, the moment you’re asked for personal details or payments, you know it’s a scam.

What to do if you suspect a Medicare scam

If it’s a phone call, just hang up.

You don’t need to explain yourself or engage in a conversation with scammers. If they threaten you with consequences, do not believe them; scammers use fear to pressure you into making poor decisions.

Remember: If Medicare or its service providers had important information to communicate, they would do so by mail, not by phone.

Apart from not letting scammers take advantage of you, you can also help others by:
- Reporting the fraud to Medicare at 1‑800‑MEDICARE (1‑800‑633‑4227)
- Reporting the fraud to the US Department of Health and Human Services at oig.hhs.gov/fraud/report-fraud/
- Reporting the fraud to the Federal Trade Commission (FTC) at reportfraud.ftc.gov/
A woman checks her Medicare account on her laptop. (Kurt “CyberGuy” Knutsson)

How to make yourself less of a target of Medicare scams

You don’t have to sit tight and hope that scammers won’t target you. Instead, you can take some active measures to make such attempts less likely.

1) Lower your online exposure

To target you, scammers first need to gather some basic information about you, like your phone number. That information and much more can be easily looked up on people search sites, platforms operated by data brokers that let people search for others. The good news is that you can opt out of these platforms. You can do it manually by visiting each website and filling out the opt-out forms or you can automate the process.

2) Use a data removal service to help you

Data removal services work on your behalf to erase personal details like your phone number, address and email from people-search sites and data broker databases. By reducing the amount of information available online, these services make it harder for scammers to find and target you. Many of them also monitor whether your data reappears, so you stay protected over time without having to constantly check dozens of sites yourself.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to come after you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.

Get a free scan to find out if your personal information is already out on the web: CyberGuy.com.

3) Monitor your Medicare statements regularly

Always review your Medicare Summary Notices (MSNs) or Explanation of Benefits (EOBs). These statements show what services have been billed in your name. If you see charges for services, equipment or prescriptions you never received, report it right away. Quick action can stop fraud before it impacts your care.

4) Use identity theft protection services

Identity theft protection tools can alert you if your Social Security number, Medicare number or other sensitive details show up on the dark web or are used to open new accounts. These services can also guide you through recovery if scammers misuse your information.

See my tips and best picks on how to protect yourself from identity theft at CyberGuy.com.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaways

Medicare scams are designed to exploit fear, urgency and confusion. By recognizing the warning signs and knowing what Medicare will and will not do, you can stay one step ahead of fraudsters. Protecting your personal information and reducing your online exposure are key to keeping your coverage safe. With a few smart habits, you can make yourself a less appealing target and help others by reporting scams when you see them.

Have you or someone you know ever been targeted by a Medicare scam, and how did you handle it? Let us know by writing to us at CyberGuy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
September 17, 2025
Hackers breach system responsible for New Orleans bond transactions, jail releases

Hackers breach system responsible for New Orleans bond transactions, jail releases – CBS News

Watch CBS News

A notorious ransomware group has claimed responsibility for a cyberattack at the Orleans Parish Sheriff’s Office. CBS News national reporter Kati Weis has the details.

[ad_2]
Source link

September 16, 2025