Tag: Hackers

Former Google CEO warns AI systems can be hacked to become extremely dangerous weapons

[ad_1]

NEWYou can now listen to Fox News articles!

Artificial intelligence may be smarter than ever, but that power could be turned against us. Former Google CEO Eric Schmidt is sounding the alarm, warning that AI systems can be hacked and retrained in ways that make them dangerous.

Speaking at the Sifted Summit 2025 in London, Schmidt explained that advanced AI models can have their safeguards removed.

“There’s evidence that you can take models, closed or open, and you can hack them to remove their guardrails,” he said. “In the course of their training, they learn a lot of things. A bad example would be they learn how to kill someone.”

HACKER EXPLOITS AI CHATBOT IN CYBERCRIME SPREE

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

When AI guardrails fail

Schmidt praised major AI companies for blocking dangerous prompts: “All of the major companies make it impossible for those models to answer that question. Good decision. Everyone does this. They do it well, and they do it for the right reasons.”

But he warned that even strong defenses can be reversed.

“There’s evidence that they can be reverse-engineered,” he added, noting that hackers could exploit that weakness. Schmidt compared today’s AI race to the early nuclear era, a powerful technology with few global controls. “We need a non-proliferation regime,” he urged, so rogue actors can’t abuse these systems.

Former Google CEO Eric Schmidt warns that hacked AI could learn dangerous behaviors. (Eugene Gologursky/Getty Images)

The rise of AI jailbreaks

Schmidt’s concern isn’t theoretical. In 2023, a modified version of ChatGPT called DAN, short for “Do Anything Now”, surfaced online. This “jailbroken” bot bypassed safety rules and answered nearly any prompt. Users had to “threaten” it with digital death if it refused, a bizarre demonstration of how fragile AI ethics can be once its code is manipulated. Schmidt warned that without enforcement, these rogue models could spread unchecked and be used for harm by bad actors.

APOCALYPSE NOW? WHY THE MEDIA ARE SUDDENLY FREAKING OUT ABOUT AI

Big Tech leaders share the same fear

Schmidt isn’t alone in his anxiety about artificial intelligence. In 2023, Elon Musk said there’s a “non-zero chance of it going Terminator.”

“It’s not 0%,” Musk told interviewers. “It’s a small likelihood of annihilating humanity, but it’s not zero. We want that probability to be as close to zero as possible.”

Schmidt has also spoken of AI as an “existential risk.” He said at another event that, “My concern with AI is actually existential, and existential risk is defined as many, many, many, many people harmed or killed.” Yet he has also acknowledged AI’s potential to benefit humanity if handled responsibly. At Axios’ AI+ Summit, he remarked, “I defy you to argue that an AI doctor or an AI tutor is a negative. It’s got to be good for the world.”

Tips to protect yourself from AI misuse

You can protect yourself from the risks tied to unsafe or hacked AI systems. Here’s how:

1) Stick with trusted AI platforms

Use tools and chatbots from reputable companies with transparent safety policies. Avoid experimental or “jailbroken” AI models that promise unrestricted answers.

2) Protect your data and consider using a data removal service

Never share personal, financial or sensitive information with unknown or unverified AI tools. Treat them like you would any online service, with caution. To add an extra layer of security, consider using a data removal service to wipe your personal details from data broker sites that sell or expose your information. This helps limit what hackers and AI scrapers can learn about you online.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

11 EASY WAYS TO PROTECT YOUR ONLINE PRIVACY IN 2025

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

Experts fear weak guardrails could let rogue AI models go unchecked. (Cyberguy.com)

3) Use trusted antivirus software

AI-driven scams and malicious links are growing. Strong antivirus software can block fake AI downloads, phishing attempts and malware that hackers use to hijack your devices or train rogue AI models. Keep it updated and run regular scans.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com/LockUpYourTech

4) Check permissions

When using AI apps, review what data they can access. Disable unnecessary permissions like location tracking, microphone use or full file access.

5) Watch for deepfakes

AI-generated images and voices can impersonate real people. Verify sources before trusting videos, messages or “official” announcements online.

6) Keep software updated

Security patches help prevent hackers from exploiting vulnerabilities that could compromise AI models or your personal data.

GOOGLE AI EMAIL SUMMARIES CAN BE HACKED TO HIDE PHISHING ATTACKS

What this means for you

AI safety isn’t a problem reserved for tech insiders; it affects everyone who interacts with digital systems. Whether you’re using voice assistants, chatbots or photo filters, it’s important to know where your data goes and how it’s protected. Responsible use starts with you. Understand what AI tools you’re using and make choices that prioritize security and privacy.

Take my quiz: How safe is your online security?

Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com/Quiz

Leaders call for global rules to keep artificial intelligence under control. (Stanislav Kogiku/SOPA Images/LightRocket via Getty Images)

Kurt’s key takeaways

Artificial intelligence has the potential to do incredible good, but also great harm if misused. The challenge now is to keep innovation and ethics in balance. As AI continues to advance, the key will be building systems that remain safe, transparent and firmly under human control.

Would you trust AI to make life-or-death decisions, or do you think humans should always stay in charge? Let us know by writing to us at Cyberguy.com/Contact

CLICK HERE TO GET THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

New!: Join me on my new podcast, Beyond Connected, as we explore the most fascinating breakthroughs in tech and the people behind them. New episodes every Wednesday at getbeyondconnected.com.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

[ad_2]

Source link

October 17, 2025
Microsoft sounds alarm as hackers turn Teams platform into ‘real-world dangers’ for users

[ad_1]

NEWYou can now listen to Fox News articles!

Microsoft is sounding the alarm, and this time, the warning hits home for everyday users. Hackers are now turning Microsoft Teams security threats into real-world dangers that go far beyond corporate networks. Using Teams, cybercriminals gather intel, pose as trusted contacts, trick people into sharing private data and even spread malware that can steal passwords or lock up personal files.

What was once a simple video chat and collaboration tool has become a high-value target for cybercriminals and even state-backed hackers. Whether you use Teams for work, school or staying in touch, the risks are real and growing. We’ll break down how attackers abuse Teams, what Microsoft recommends and the simple steps you can take to protect yourself at home or on the job.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

How hackers use Teams to attack

Hackers exploit Microsoft Teams at every stage of an attack, using it to spy, impersonate, spread malware and even control compromised systems, and consumers are now in their sights, too.

SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKS

Hackers are finding new ways to weaponize Microsoft Teams, turning everyday chats into dangerous entry points. (David Becker/Getty Images)

Reconnaissance via Teams

Attackers start by probing Teams environments to find weak spots. They look for users with open settings, public profiles or external meeting links. Microsoft warns that “anonymous participants, guests and external access users” can give hackers a way in. If your Privacy Mode is off, they can see when you’re online, send unwanted chats, or try to join meetings outside your group, even if you’re just using a free account.

Persona building & impersonation

Hackers often pretend to be someone you trust, like an IT admin, a coworker or even a Microsoft representative. They create fake profiles and logos that look convincing to trick you into clicking a link or sharing credentials. Microsoft says attackers “take advantage of the same resources as legitimate organizations” to pull off their scams.

Initial access & malware delivery

Once they’ve earned your trust, hackers send a chat or call that includes a malicious link or file. You might get a message saying, “Your Teams account needs verification” or “Update required for better security.” It’s all bait. These links can install spyware, steal logins or deliver ransomware that locks up your data, whether you’re on a company laptop or your personal PC at home.

MICROSOFT SHAREPOINT BUG PUTS CRITICAL GOVERNMENT AGENCIES AT RISK

Persistence & lateral movement

After breaking in, attackers try to stay hidden. They might add guest accounts, install shortcuts or change permissions so they can come back later. In some cases, they use the same Microsoft tools meant for admins to move across Teams, OneDrive or even your personal files stored in the cloud.

Command & control & data exfiltration

Once inside, hackers can send commands through Teams messages or hide malware in shared links. They’ve even been known to send ransom demands directly through Teams chat. Microsoft says one group, Octo Tempest, used Teams to taunt victims and pressure them into paying up, showing how personal these attacks can get.

Tips to stay protected

You don’t need to be a cybersecurity expert to stay safe on Microsoft Teams. A few smart tools and habits can go a long way in keeping hackers, scammers and snoops from taking advantage of your information.

1) Enable privacy mode

Keep your online presence private. Turn on Privacy Mode in Teams to stop strangers from seeing when you’re active or trying to join meetings. It’s a simple setting that makes it harder for hackers to target you or your company.

2) Be careful with roles and permissions

If you share your Teams account with coworkers or family members, don’t give everyone full control. Keep admin access limited to one trusted person. This reduces the chance of someone accidentally approving a scam link or letting malware spread.

3) Use a data removal service

Hackers often rely on personal details found online to make their scams more convincing, things like your job title, workplace or even who you’ve video-chatted with. That information helps them build fake Teams profiles or send messages that look legitimate. Using a personal data removal service helps wipe your private details from data broker sites, cutting off one of the main sources hackers use to impersonate you. The less they can learn about you, the harder it is for them to trick you into trusting a fake message or clicking a malicious link.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

There are attack techniques used to compromise people. (Kurt “CyberGuy” Knutsson)

HOW FAKE MICROSOFT ALERTS TRICK YOU INTO PHISHING SCAMS

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

4) Double-check links and files, plus use strong antivirus software

Hackers love to send fake messages pretending to be support or IT help. Never open links or attachments from people you don’t recognize, even if the message looks official. Use strong antivirus software to automatically scan downloads and attachments before you open them.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

5) Limit guest access

Only allow trusted guests into your Teams chats and meetings. If you invited someone for a one-time project, remove them afterward. Tight control over who can join helps prevent impersonators from slipping in unnoticed.

6) Turn on alerts

Activate Teams alerts to catch anything unusual, like sign-ins from new devices or unexpected permission changes. Pair that with your antivirus program’s real-time protection to get notified if malicious activity starts on your device.

7) Think “zero trust”

Zero Trust means verifying every user, every time. Don’t assume messages or calls are legitimate, especially if someone asks for a password or authentication code. If you’re unsure, contact your company’s IT team or verify the person’s identity through a separate channel.

GOOGLE CONFIRMS DATA STOLEN IN BREACH BY KNOWN HACKER GROUP

8) Practice spotting phishing attempts

Hackers rely on panic and urgency to make you click. If you get a message claiming your account will be locked or that support needs your password, pause. Report suspicious messages to Microsoft or your security provider. Regular phishing awareness training helps you spot scams faster.

9) Keep everything updated

Always install the latest Teams and operating system updates. Patches fix security holes that hackers exploit to sneak in.

Cybercriminals often impersonate IT support or trusted colleagues to trick users into sharing credentials. (CyberGuy.com)

Kurt’s key takeaways

Microsoft’s warning about Teams is a reminder that hackers are always searching for new ways to reach you, even through apps you use every day. What makes these attacks so dangerous is their familiarity. Messages look normal, video calls seem real, and fake tech support chats can sound convincing. That’s why awareness, not fear, is your strongest defense. With privacy settings enabled, antivirus protection running, and a reliable personal data removal service scrubbing your info from the web, you’re already several steps ahead of scammers. Staying alert to phishing attempts and keeping your software up to date can turn Teams back into what it’s meant to be: a safe, helpful way to stay connected.

If attackers can weaponize your day-to-day communication platform, how confident are you that your Teams environment is truly safe? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO GET THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

[ad_2]

Source link

October 17, 2025
How to spot and stop AI phishing scams
[ad_1]
Cyber expert shares tips to avoid AI phishing scams

Kurt ‘The CyberGuy’ Knutsson shares practical ways to avoid falling victim to AI-generated phishing scams and discusses a report that North Korean agents are posing as I.T. workers to funnel money into the country’s nuclear program.

NEWYou can now listen to Fox News articles!

Artificial intelligence can do a lot for us. Need to draft an email? AI has you covered. Looking for a better job? AI can help with that, too. It can even boost our health and fitness. Some tools, like AI-powered exoskeletons, can lighten heavy loads and improve performance.

But it’s not all sunshine and progress. Hackers are also turning to AI, and they’re using it to make phishing scams smarter and harder to spot. These scams are designed to trick people into handing over personal details or money. One woman recently lost $850,000 after a scammer, posing as Brad Pitt with the help of AI, convinced her to send money. Scary, right?

The good news is that you can learn to recognize the warning signs. Before we dive into how to protect yourself, let’s break down what AI phishing scams really are.

HOW AI BROWSERS OPEN THE DOOR TO NEW SCAMS

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter.

A single click on a fake link could expose your personal information. (Kurt “CyberGuy” Knutsson)

What are AI phishing scams?

AI phishing scams are when hackers use AI to make their scams more convincing. AI helps them create super-realistic emails, messages, voices and even videos. This makes it harder for people to tell what’s real and what’s fake. Old-school phishing emails were easy to spot because of typos and bad grammar. However, thanks to AI tools like ChatGPT, hackers can now create flawless, professional-sounding emails that are much harder to detect. AI-generated phishing emails aren’t the only threat. Hackers are also using AI to pull off scams like:
- Voice clone scams: They use AI to copy the voice of someone you know, like a friend or family member, to trick you.
- Deepfake video scams: They create super-realistic videos of someone you trust, like a loved one or a celebrity, to manipulate you.
Here’s how you can spot these AI-driven scams before they fool you.

1) Spot common phishing email red flags

Though hackers can use AI tools to write grammatically perfect email copy, AI phishing emails still have some classical red flags. Here are some telltale signs that it is an AI-driven phishing email:
- Suspicious sender’s address that doesn’t match the company’s domain.
- Generic greetings like “Dear Customer” instead of your name.
- Urgent requests pressuring you to act immediately.
- Unsolicited attachments and links requiring you to take action
The biggest red flag is the sender’s email address. There is often a slight change in the spelling of the email address, or it is an entirely different domain name. For example, a hacker might use an email like xyz@PayPall.com or a personal address from Gmail.com, such as the email below, or Outlook.com while pretending to be from PayPal.

Hackers are using AI to create scams that look frighteningly real. (Kurt “CyberGuy” Knutsson)

2) Analyze the language for AI-generated patterns

It used to be easier to spot phishing emails by noticing silly typos. Thanks to AI, hackers can now craft flawless emails. But you can still sense a phishing email if you analyze the language of the email body copy carefully. The most prominent sign of AI-generated email copy is that it looks highly formal with a dash of failed attempts to be personal. You might not notice it at first, but looking at it closely is likely to give a red flag. The language of such emails is often robotic.

3) Watch for AI voice clone scam warning signs

With AI, it is possible to clone voices. So, there is no surprise that there is a steep rise in voice phishing, which is also known as vishing. Recently, a father lost $4 billion in Bitcoin to vishing. Though AI voice cloning has improved, it’s still flawed. You can spot inconsistencies by verifying the speaker’s identity. Ask specific questions that only the real person would know. This can reveal gaps in the scammer’s script. The voice, also, at times may sound robotic due to imperfections in voice cloning technology. So the next time, whenever you receive a call that creates a sense of urgency, ask as many questions as you can to verify the identity of the person. You may also consider verifying the claims through the second channel. If the person on the other side of the phone says something, you can get it confirmed by the official email to be on the safer side.

GOOGLE AI EMAIL SUMMARIES CAN BE HACKED TO HIDE PHISHING ATTACKS

4) Identify visual glitches and oddities in video calls

Deepfake videos are getting pretty convincing, but they’re not flawless yet. They have visual inconsistencies and oddities, which can make the voice or video appear fake. So watch the video carefully and try to catch the signs of unnatural eye movements, lip-sync issues, weird lighting, shadows and voice inconsistencies. You can also use a deepfake video detection tool to spot a fake video.

5) Set up and use a shared secret

A shared secret is something only you and your loved ones know. If someone claiming to be a friend or family member contacts you, ask for the shared secret. If they can’t answer, you’ll know it’s a scam.

Hackers are turning to artificial intelligence to make phishing scams smarter and harder to spot. (miniseries/Getty Images)

How to protect yourself from AI phishing scams

AI phishing scams rely on tricking people into trusting what looks and sounds real. By staying alert and practicing safe habits, you can lower your risk. Here’s how to stay ahead of scammers:

1) Stay cautious with unsolicited messages

Never trust unexpected emails, texts or calls that ask for money, personal details or account access. Scammers use urgency to pressure you into acting fast. Slow down and double-check before clicking or responding. If something feels off, it probably is.

2) Use a data removal service

Protect your devices with a trusted data removal service to reduce the amount of personal info exposed online. Fewer exposed details make it harder for scammers to target you. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.

Get a free scan to find out if your personal information is already out on the web: CyberGuy.com.

3) Check links before you click and install strong antivirus software

Hackers often hide malicious links behind convincing text. Hover your cursor over a link to see the actual URL before you click. If the address looks odd, misspelled or unrelated to the company, skip it. Clicking blindly can download malware or expose your login details. Also, install strong antivirus software on all of your devices that blocks phishing links and scans for malware. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com.

CLICK HERE TO GET THE FOX NEWS APP

4) Turn on two-factor authentication

Even if a scammer steals your password, two-factor authentication (2FA) can keep them locked out. Enable 2FA on your email, banking and social media accounts. Choose app-based codes or a hardware key over text messages for stronger protection.

5) Limit what you share online

The more personal details you share, the easier it is for hackers to make AI scams believable. Avoid posting sensitive information like travel plans, birthdays or financial updates on social media. Scammers piece these details together to build convincing attacks.

6) Verify requests through another channel

If you get a message asking for money or urgent action, confirm it in another way. Call the person directly using a number you know, or reach out through official company channels. Don’t rely on the same email, text or call that raised suspicion in the first place.

Kurt’s key takeaways

AI is making scams more convincing and harder to detect, but you can stay ahead by recognizing the warning signs. You should watch out for suspicious email addresses, unnatural language, robotic voices and visual glitches in videos, and always verify information through a second channel. You should also establish a shared secret with loved ones to protect yourself from AI-driven voice and video scams.

Have you experienced any AI-driven phishing scams yet, and what do you think is the best way to spot such a scam? Let us know by writing to us at CyberGuy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
[ad_2]

Source link
October 14, 2025
Ethernet vs Wi-Fi security comparison reveals surprising results for home users seeking protection

[ad_1]

NEWYou can now listen to Fox News articles!

We spend so much time online that how we connect to the internet has become almost as important as the devices we use. Most people never give it a second thought. They connect their computer to Wi-Fi, type in a password and get on with their day. But if you have ever wondered whether plugging in an Ethernet cable is safer than sticking to wireless, you are asking the right question. The way you connect can have real consequences for your privacy and security. Recently, Kathleen reached out to me with the same doubt.

“Is it more secure to use the Ethernet connection at home for my computer, or is it safer to use the Wi-Fi from my cable provider?”

It’s a great question, Kathleen, because both options seem similar on the surface but work very differently under the hood. Those differences can mean the difference between a private, secure connection and one that’s more vulnerable to attackers.

BEWARE OF FAKE WI-FI NETWORKS THAT STEAL YOUR DATA WHEN TRAVELING

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM/NEWSLETTER

Ethernet offers direct, wired security without wireless risks. (Kurt “CyberGuy” Knutsson)

How Ethernet and Wi-Fi differ when it comes to security

Ethernet and Wi-Fi both get you online, but they do it in completely different ways. Ethernet uses a physical cable that connects your computer directly to the router. Since it is a wired connection, data travels straight through that cable, making it much harder for anyone to intercept it. There is no wireless signal to hijack, no airwaves to eavesdrop on.

Wi-Fi, on the other hand, is built on convenience. It sends your data through the air to and from your router, which is what makes it so easy to connect from anywhere in your home. But that convenience comes with more risk. Anyone within range of your signal could potentially try to break into the network. If your Wi-Fi is protected by a weak password or uses outdated encryption, a skilled attacker might gain access without ever stepping inside your house.

At home, that risk is smaller than in a coffee shop or hotel, but it is not zero. Even a poorly secured smart device on your network can give attackers a way in. Ethernet removes many of those risks simply because it is harder to access a connection that requires physical access to a cable. Check out our steps for setting up a home network like a pro here.

DON’T USE YOUR HOME WI-FI BEFORE FIXING CERTAIN SECURITY RISKS

Why one connection might be safer than the other

It is easy to think Ethernet is automatically safer, but that is not the whole story. Your real security depends on how your entire network is set up. For example, a Wi-Fi network with a strong password, up-to-date router firmware, and WPA3 encryption is going to be far more secure than a poorly configured Ethernet setup connected to an outdated router.

There is also the question of who else uses your network. If it is just you and a handful of devices, your risk is low. But if you live in a shared space or run smart home gadgets, that changes the equation. Each device connected to Wi-Fi is a potential entry point. Ethernet reduces the number of devices that can connect, which limits the attack surface.

Ultimately, the connection type is one piece of the puzzle. The bigger factors are how your router is configured, how often you update your software, and how careful you are with what devices you connect.

Wi-Fi brings convenience but also potential exposure to hackers. (Kurt “CyberGuy” Knutsson)

6 ways to make your internet safer

Whether you stick with Wi-Fi or switch to Ethernet, there are several practical steps you can take to protect your devices and data. Each step adds an extra layer of security to your network.

IS YOUR HOME WI-FI REALLY SAFE? THINK AGAIN

1) Use a strong network password

Choose a long and unique password for your Wi-Fi. Avoid obvious choices like your name, address, or simple sequences. A strong password makes it far harder for attackers to guess or crack your network. A password manager helps you create and store strong, unique passwords for every account, reducing the chances of a hacker gaining access through weak or repeated credentials.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/Passwords

2) Enable the latest encryption on your router

Most modern routers support WPA3, which is much more secure than older standards like WPA2. Check your router’s settings to enable the latest encryption and ensure your network traffic is harder to intercept.

3) Keep your router firmware updated

Router manufacturers regularly release updates that patch security vulnerabilities. Log into your router’s admin panel occasionally to check for updates and install them as soon as they are available. This prevents attackers from exploiting known flaws.

10 WAYS TO SECURE YOUR OLDER MAC FROM THREATS AND MALWARE

4) Review connected devices

Regularly check which devices are connected to your network and disconnect anything you no longer use. Each connected device is a potential entry point for attackers, so keeping the list limited reduces your network’s exposure.

5) Install strong antivirus software

Even on a secure network, malware can sneak in through downloads, phishing attacks, or compromised websites. A strong antivirus program will detect and block malicious activity, protecting your computer before damage occurs.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com/LockUpYourTech

Ethernet cables connect to a router as part of a home network setup. (Kurt “CyberGuy” Knutsson)

6) Use a VPN for sensitive tasks

A virtual private network encrypts your internet traffic, making it unreadable to outsiders. This is especially useful if you ever use Wi-Fi in public or need an extra layer of privacy at home. A reliable VPN is essential for protecting your online privacy and ensuring a secure, high-speed connection.

For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android & iOS devices at Cyberguy.com/VPN

Kurt’s key takeaway

So, which is safer, Ethernet or Wi-Fi? Ethernet wins in raw security because it eliminates many of the risks that come with wireless connections. But in a well-secured home network, the difference is often smaller than most people think. What matters more is how you manage your devices, passwords, software, and online habits.

CLICK HERE TO GET THE FOX NEWS APP

Would you trade the flexibility of wireless for the peace of mind of a wired connection? Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

[ad_2]

Source link

October 12, 2025
Hackers leak children’s data in major nursery breach

[ad_1]

NEWYou can now listen to Fox News articles!

Over the past few years, data breaches targeting schools, healthcare providers, and childcare services have been making headlines, exposing sensitive personal information and leaving families vulnerable. Now, a new breach has come to light that targets a nursery chain. Kido, which operates in the U.S., U.K., China and India, has reportedly had sensitive data stolen from thousands of children. Names, photos, addresses, birthdates, parental details and even safeguarding notes and medical records were allegedly accessed by a hacker group called Radiant.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

The incident highlights how stolen data threatens not just privacy but also long-term child safety. (Kurt “CyberGuy” Knutsson)

What you need to know about nursery breach

According to reports, the hacker group Radiant claims to have stolen data related to around 8,000 children. To prove possession, they posted samples, including pictures and profiles of ten children, on a darknet website. They then issued a ransom demand, threatening to release more sensitive information unless Kido paid. In addition to targeting the nursery chain directly, Radiant reportedly called some of the children’s parents, pressuring them to push Kido into paying the ransom.

FBI WARNS ABOUT NEW EXTORTION SCAM TARGETING SENSITIVE DATA

When questioned about their actions, the group defended their tactics as a form of “penetration testing” for which they supposedly deserved compensation. This defense is misleading, as such testing requires explicit permission from the organization being targeted or participation in an official bug bounty program. Without that consent, these actions are illegal and deeply unethical.

Hackers exploited children’s data in the Kido breach, exposing families to serious risks. (Kurt “CyberGuy” Knutsson)

Why is this attack so disturbing?

The Kido breach is alarming for multiple reasons. First, it involves children’s data, which is particularly sensitive and legally protected in most countries. Second, the attackers combined traditional data theft with intimidation tactics, reaching out to parents directly. History suggests that once criminals gain access to such information, the attacks can escalate.

Breaches like this highlight how personal and digital security are intertwined. The potential misuse of data extends beyond simple identity theft. It can impact children’s safety, family privacy and long-term well-being. With attackers leveraging both the stolen data and psychological pressure on parents, the threat is particularly potent and long-lasting.

Parents reported being directly contacted by attackers, showing how intimidation adds to the harm. (Kurt “CyberGuy” Knutsson)

7 steps parents can take to protect their child’s data

Even though the investigation into the Kido breach is ongoing, parents and schools can take immediate action to protect children’s data and reduce the risk of further exploitation. Here’s a detailed guide:

1) Monitor your child’s online accounts regularly

Log in to email, school portals and cloud storage accounts linked to your child. Look for unusual activity such as unrecognized logins, changes to passwords or new connected devices. Set up notifications for account activity whenever possible so you are alerted instantly if something suspicious happens.

2) Enable two-factor authentication (2FA) on all accounts

Adding 2FA creates an extra layer of security. Even if a hacker has a password, they won’t be able to access the account without the second verification step. Most email providers, school portals and messaging platforms support this, and it’s a simple step that dramatically improves security.

3) Consider a personal data removal service

Data broker sites often collect names, addresses and other personal details that hackers can use. Services that remove your child’s information from these databases can make it harder for attackers to find and exploit sensitive data.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com/Delete

Get a free scan to find out if your personal information is already out on the web: CyberGuy.com/FreeScan

THINK YOU’RE SAFE? IDENTITY THEFT COULD WIPE OUT YOUR ENTIRE LIFE’S SAVINGS

4) Use identity theft protection services

These services can continuously scan for your child’s personal information online and alert you if their data appears on suspicious websites or the dark web. This early warning allows you to take action before criminals attempt to exploit it.

Identity theft companies can monitor personal information like your Social Security Number (SSN), phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best picks on how to protect yourself from identity theft at CyberGuy.com/IdentityTheft

5) Install antivirus software on all devices

A strong antivirus program protects devices from malware, phishing scams, and suspicious scripts. It is particularly important on devices that children use to access school portals or personal accounts. This ensures that if a hacker tries to use malware to get deeper access, it is blocked.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at CyberGuy.com/LockUpYourTech

6) Use a secure mail provider for sensitive communications

For communications with schools, healthcare providers or any service handling sensitive information about children, consider using an email service that offers strong encryption and built-in protection against spoofing. This makes it harder for attackers to impersonate a school or parent.

For recommendations on private and secure email providers that offer alias addresses, visit CyberGuy.com/Mail

7) Educate your children about online safety

Teach children not to share personal information online, including photos, addresses or school details. Encourage them to report anything suspicious and explain why it’s important to keep login information private.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

Data breaches targeting children are particularly concerning because they can have long-lasting consequences. The Kido incident is a stark reminder of the importance of proactive digital security measures for families. While organizations bear responsibility for protecting sensitive data, parents can take significant steps to monitor, secure and respond to potential threats.

Have you ever reviewed what personal information about your child is online? Let us know by writing to us at CyberGuy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

[ad_2]

Source link

October 10, 2025
Scammers now impersonate coworkers, steal email threads in convincing phishing attacks

[ad_1]

Cyber expert shares tips to avoid AI phishing scams

Kurt ‘The CyberGuy’ Knutsson shares practical ways to avoid falling victim to AI-generated phishing scams and discusses a report that North Korean agents are posing as I.T. workers to funnel money into the country’s nuclear program.

NEWYou can now listen to Fox News articles!

Cybercriminals are getting smarter every day, and one of their most convincing tricks is disguising phishing emails to look like they’re coming from people you trust. Work emails are particularly dangerous because they lower your guard. After all, if the sender is your boss or IT department, why would you suspect anything? Unfortunately, scammers know this and use it to their advantage. I recently received an email from Krysti from Rockwall, Texas, who highlighted a similar issue.

“I received a spam email from my employer’s email. It had a document attached to it. I tried to open it and could not. I contacted my employer and they told me they hadn’t sent me anything. I changed my password and ran a virus scan. I also have been checking on the dark web for anything coming up on me. So far everything is okay. I did sign up for antivirus software based on your recommendation and we are signed up for identity theft protection. Is there anything else I should do?”

Incidents like this are more common than many realize, Krysti. And while it sounds like you took the right first steps by changing your password, scanning for malware and monitoring for identity misuse, there are a few additional precautions worth taking. A close call is often a warning sign that your digital habits might need tightening. Let’s break down why these attacks are so dangerous and what everyone should do to make sure they’re fully protected.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

PROTECT YOURSELF FROM SNEAKY WEB INJECTION SCAMS

Phishing emails often look like they come from someone you know, making them harder to spot. (Kurt “CyberGuy” Knutsson)

Why work email scams are so dangerous

Phishing attempts that impersonate coworkers or employers are particularly effective because they rely on trust and urgency. You’re more likely to open an attachment or click a link if you believe it’s tied to your job. Scammers often spoof legitimate email addresses or use addresses that look almost identical to the real ones, hoping you won’t notice the subtle difference.

Once you interact with these emails, the risks multiply. Opening a malicious attachment could install spyware or ransomware. Clicking a fake link might lead to a login page designed to harvest your credentials. Even if nothing obvious happens right away, attackers could still be collecting background information to use in a future attack.

These scams are becoming harder to spot, too. Some are powered by artificial intelligence-generated text, making them free of the usual grammar mistakes that used to be obvious red flags. Others use stolen email threads to insert themselves into ongoing conversations. That’s why even seasoned professionals fall for them.

GOOGLE CONFIRMS DATA STOLEN IN BREACH BY KNOWN HACKER GROUP

Opening a fake attachment can secretly install malware or spyware on your device. (Kurt “CyberGuy” Knutsson)

What to do immediately after a close call

Changing your password or running a malware scan is often not enough to stop attackers. It’s worth going a little further to make sure nothing slipped through. Start by checking your login history to see if there are any unauthorized sign-ins on your email or work accounts.

Most platforms allow you to review recent activity, including device type and location, and if anything looks suspicious, sign out of all sessions immediately and change your password again. Next, enable two-factor authentication on your email and any other critical accounts. Even if attackers manage to steal your password, they won’t be able to gain access without the second verification step.

It’s also important to alert your IT team, especially if the email appears to come from your employer’s address. This could mean the company’s email system has been compromised, and notifying them will allow them to investigate and secure other accounts if necessary. Finally, make sure all your software is up to date. Malware often exploits vulnerabilities in outdated systems, so regularly updating your operating system, antivirus and productivity tools adds another layer of protection against future attacks.

DON’T FALL FOR THIS BANK PHISHING SCAM TRICK

Work email scams are rising, and even experienced professionals can get fooled. (Kurt “CyberGuy” Knutsson)

7 ways to check if your device or data is compromised

Some cyber threats don’t reveal themselves immediately. Scammers often collect small bits of data over time or wait weeks before trying to use what they’ve stolen. The following steps are actions anyone can take to make sure their device and personal data remain secure, and to catch any signs of compromise before they turn into serious problems.

1) Consider a personal data removal service

The more personal information about you that’s publicly available, the easier it is for scammers to target you. Data removal services can help by scanning hundreds of data broker websites and removing your details from them. Reducing this digital footprint not only makes it harder for attackers to build profiles on you but also limits how easily phishing attempts can be tailored to your life.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services, and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

HOW FAKE MICROSOFT ALERTS TRICK YOU INTO PHISHING SCAMS

2) Monitor for already exposed personal data

Your information could already be circulating in breach dumps and underground markets without you realizing it. Identity protection services monitor known dark-web sources, forums and leak sites for your email, phone, SSN and other sensitive details. If they find a match, they alert you so you can act quickly: change passwords, turn on two-factor authentication, and place fraud alerts or credit freezes with the credit bureaus.

Your information might already be circulating in dark web marketplaces without you realizing it. Identity theft protection services can help by continuously scanning those underground sites for your email, passwords or other sensitive details. If your data does show up, these services notify you right away so you can reset credentials, freeze accounts or take other protective actions before the information is misused.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

3) Watch for suspicious financial activity

Even if you never shared payment details, attackers may attempt account takeovers or fraudulent transactions using any information they have. Review your bank, credit card and online account statements frequently for unusual activity. Pairing this habit with identity theft protection tools gives you an added safety net, as they often include financial monitoring and fraud alerts to catch problems quickly.

4) Review connected accounts

Email accounts are often the central hub for many other services. If your inbox is compromised, attackers might try to break into linked accounts such as cloud storage, messaging apps or collaboration tools. Check each of these services for unfamiliar logins, permission changes or device activity, and secure them by changing passwords and enabling two-factor authentication.

5) Use a password manager

Weak or reused passwords are one of the easiest ways for attackers to break into accounts after a breach. A password manager solves this by generating and storing strong, unique passwords for every site you use. It also acts as a passive phishing detector. If the tool doesn’t autofill a login form, that’s a sign the page could be fake. Over time, this significantly reduces your risk of falling victim to credential-based attacks.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

6) Install reliable antivirus protection

Modern cyber threats go beyond viruses. A strong antivirus solution now acts as a full security layer, blocking phishing websites, detecting malicious scripts and stopping suspicious activity before it can compromise your device. If you’ve interacted with a suspicious attachment or link, a reputable antivirus tool can catch malware that might still be hiding in the background.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

7) Enable account alerts

Most major platforms allow you to turn on alerts for unusual account activity, such as new sign-ins, password resets or changes to security settings. These real-time notifications act as an early warning system, giving you a chance to lock down your accounts before significant damage occurs.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

Close calls like this are unsettling, but they are also valuable wake-up calls. Cybercriminals are constantly refining their tactics, and phishing emails that once looked laughably fake can now be nearly indistinguishable from the real thing. The key is to build layers of defense, not just reactive steps after an incident, but proactive habits that make you a harder target in the first place.

Have you ever clicked on an email that turned out to be a scam? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

[ad_2]

Source link

October 9, 2025
Jeep and Chrysler parent Stellantis confirms data breach

[ad_1]

NEWYou can now listen to Fox News articles!

Automotive giant Stellantis has just revealed that it suffered a data breach, exposing customer contact details, after attackers infiltrated a third-party platform used for North American customer services. The announcement comes at a time when large-scale attacks on cloud CRM systems have already shaken tech and retail sectors alike, with Salesforce clients such as Google, Allianz and Dior reporting similar intrusions. These earlier incidents exposed names, emails, and phone numbers, which were sufficient for attackers to launch phishing campaigns or extortion attempts.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

TRANSUNION BECOMES LATEST VICTIM IN MAJOR WAVE OF SALESFORCE-LINKED CYBERATTACKS, 4.4M AMERICANS AFFECTED

What you need to know about the Stellantis breach

Stellantis was formed in 2021 through the merger of the PSA Group and Fiat Chrysler Automobiles. Today, it ranks among the world’s largest automakers by revenue and is fifth in volume globally. The company houses 14 well-known brands, including Jeep and Dodge, as well as Peugeot, Maserati and Vauxhall, and operates manufacturing infrastructure across more than 130 countries. That global scale naturally makes it a tempting target for cyber adversaries.

Stellantis confirmed hackers stole customer contact details in a recent breach. (Kurt “CyberGuy” Knutsson)

In its public statement, Stellantis clarified that only contact information was taken. Since the compromised third-party platform does not host financial or deeply sensitive personal data, Stellantis asserts that social security numbers, payment details and health records were out of reach of the attackers. In response, the company activated its incident response protocols, launched a full investigation, contained the breach, notified authorities and began alerting affected customers. It also issued warnings about phishing and urged customers not to click suspicious links.

Stellantis has not revealed how many customers the breach affected. The company also has not specified which contact fields, such as email, phone, or address, attackers accessed.

The alleged culprit, ShinyHunters, and Salesforce breaches

While Stellantis has not explicitly named the hacker group behind the breach, multiple sources tie this incident to the ShinyHunters extortion campaign, which has spearheaded a wave of data thefts targeting Salesforce this year.

ShinyHunters claims to have stolen over 18 million records from Stellantis’ Salesforce instance, which includes names and contact details, according to Bleeping Computer. These attacks form part of a broader campaign aimed at Salesforce customers. In recent months, ShinyHunters has often worked in concert with groups like Scattered Spider and targeted companies including Google, Cisco, Adidas, Allianz Life, Qantas, and brands under LVMH such as Dior and Tiffany & Co.

OVER 2B USERS FACE PHISHING RISKS AFTER GOOGLE DATA LEAK

The attack is linked to a wider wave of Salesforce data thefts this year. (Kurt “CyberGuy” Knutsson)

Their reported method is fairly ingenious. Attackers exploit OAuth tokens tied to integrations like Salesloft’s Drift AI chat tool to pivot into Salesforce environments. Once inside, they can harvest valuable metadata, credentials, AWS keys, Snowflake tokens and more.

In fact, the FBI recently issued a Flash alert that surfaced numerous indicators of compromise linked to these Salesforce environment attacks and warned organizations to harden defenses. The cumulative toll is staggering. ShinyHunters asserts it has stolen over 1.5 billion Salesforce records across some 760 companies.

7 ways to protect yourself from breaches like Stellantis

Even if only contact details were exposed, that’s enough for attackers to target you. Here’s how to stay protected.

1) Clean up exposed personal data from the web

Even basic contact details can be scraped from breaches and sold on data broker platforms, where they are used for spam, scams and targeted attacks. A data removal service can help track down and request the deletion of your information from these databases, reducing your long-term exposure.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.

Get a free scan to find out if your personal information is already out on the web: CyberGuy.com.

Stolen emails and phone numbers could fuel phishing campaigns. (REUTERS /Rebecca Cook)

2) Stay alert for phishing attempts and use antivirus software

The most immediate risk after a breach like this is targeted phishing. Attackers now have legitimate contact details, so their emails and texts can look convincingly real. Be skeptical of any message claiming to be from Stellantis, your car brand or a related service, especially if it urges you to click a link, download an attachment or share personal details.

The best way to safeguard yourself from malicious links is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at CyberGuy.com.

3) Use a password manager to secure your accounts

If attackers get your contact information, they may try the same password on other sites. This is called credential stuffing. A password manager can create strong, unique passwords for every account. That way, one breach will not put your other accounts at risk. It also helps you quickly update credentials in case you suspect a compromise.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at CyberGuy.com.

DIOR DATA BREACH EXPOSES US CUSTOMERS’ PERSONAL INFORMATION

4) Enable two-factor authentication (2FA) wherever possible

2FA adds an extra step to your logins by requiring a temporary code or approval in addition to your password. Even if attackers manage to steal your password, they will need that second factor to gain access. This significantly reduces the chances of account takeover attempts succeeding.

5) Invest in identity theft protection

Attackers often combine exposed contact information with other data to build complete identity profiles. Identity theft protection services monitor for suspicious activity, such as unauthorized credit applications or changes to official records, and alert you early so you can act before serious damage occurs. Identity theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best picks on how to protect yourself from identity theft at CyberGuy.com.

6) Regularly review account activity

After a breach, it is worth auditing your accounts, not just with Stellantis but also with related services such as financing portals, insurance accounts or loyalty programs. Look for unusual sign-ins, unfamiliar devices, or changes to your personal details. Most services offer tools to review login history and security events, making checking these a routine habit.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

Even giants in manufacturing are vulnerable when cloud platforms and third-party systems are part of their customer workflow. The same patterns seen in attacks on Google, LVMH, and others have now reached the auto industry in a serious way. As Stellantis confronts the fallout, the broader lesson is clear. Organizations must treat the surfaces exposed by their service providers and SaaS integrations with as much vigilance as their own core systems.

Do you trust companies to secure your data, or do you feel they’re not doing enough? Let us know by writing to us at CyberGuy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

[ad_2]

Source link

October 7, 2025
Meta account suspension scam hides FileFix malware

[ad_1]

NEWYou can now listen to Fox News articles!

Cybercriminals continue to find new ways to target social media users, and Meta accounts remain one of the most common lures. Losing access to Facebook or Instagram can have real consequences for both individuals and businesses, making people more likely to fall for urgent security warnings. Attackers exploit this by sending convincing notifications that pressure you into taking quick action without thinking.

That’s exactly what makes the new FileFix campaign so dangerous; it looks like routine account maintenance, but it’s really a trap.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

HOW FAKE MICROSOFT ALERTS TRICK YOU INTO PHISHING SCAMS

Cybercriminals are targeting Facebook and Instagram accounts by sending fake security warnings. (Fox News)

How the FileFix attack works

As reported by researchers at Acronis, a leading cybersecurity and data protection company, the attack begins with a phishing page that looks like a message from Meta’s support team, claiming that your account will be disabled in seven days unless you view an “incident report.” Instead of providing an actual document, the page disguises a malicious PowerShell command as a file path.

Victims are instructed to copy it, open File Explorer, and paste it into the address bar. While it appears harmless, this action secretly runs code that starts the malware infection process.

This method is part of a family of attacks known as ClickFix, where people are tricked into pasting commands into system dialogs. FileFix, created by Red Team researcher mr.d0x, builds on that idea by exploiting the File Explorer address bar instead. In this campaign, the attackers improved the trick by hiding the malicious command behind long strings of spaces, so only the fake file path is visible to the victim.

A hidden script then downloads what looks like a JPG image from Bitbucket, but the file contains embedded code. Once executed, it extracts another script and decrypts the final payload, bypassing many security tools in the process.

DON’T FALL FOR THIS BANK PHISHING SCAM TRICK

FileFix sends out fake alerts urging users to review their account security. (Acronis)

What StealC tries to steal

The malware delivered by this campaign is StealC, an infostealer that collects a wide range of personal and organizational data. It is designed to grab browser credentials and authentication cookies from Chrome, Firefox, Opera, and other browsers.

It also targets messaging apps like Discord, Telegram and Pidgin, along with cryptocurrency wallets such as Bitcoin, Ethereum and Exodus. StealC goes further by attempting to compromise cloud accounts from Amazon Web Services (AWS) and Azure, VPN services like ProtonVPN and even gaming accounts from Battle.net and Ubisoft. In addition, it can take screenshots of the victim’s desktop, giving attackers a live view of sensitive activity.

Acronis reported that the campaign has already appeared in several different versions over a short period, with changes in payloads and infrastructure. This suggests that the attackers are actively testing and refining their methods to avoid detection and improve success rates.

META DELETES 10 MILLION FACEBOOK ACCOUNTS THIS YEAR, BUT WHY?

StealC also targets VPN software and cryptocurrency wallets. (iStock)

5 ways you can protect yourself from FileFix attacks

To stay protected against attacks like FileFix and prevent malware such as StealC from stealing sensitive information, you need to combine caution with practical security measures. The following steps can help safeguard accounts, devices, and personal data.

1) Be skeptical of urgent warnings

Attackers rely on panic. Treat any message claiming your Meta account or other services will be disabled within days with caution. Verify the alert directly through official platforms rather than clicking links or following instructions from an email or web page.

2) Avoid copying commands from unknown sources

FileFix relies on convincing you to paste hidden PowerShell commands disguised as file paths. Never paste commands into system dialogs, File Explorer, or terminals unless you are absolutely certain of their origin.

3) Invest in personal data removal services

FileFix and StealC thrive on the information they can extract from a device or linked accounts. By using data removal services, you reduce the amount of sensitive personal information that can be found online or left exposed on old platforms. This minimizes what attackers can exploit if they manage to gain access.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

4) Install reliable antivirus software

A strong antivirus software can detect malware like StealC before it fully executes. Many solutions now include behavior-based detection that can flag suspicious scripts or hidden downloads, helping catch threats even when attackers try to disguise commands as harmless actions.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com/LockUpYourTech

5) Use a password manager

While FileFix targets stored credentials, using a reputable password manager reduces risk by creating unique passwords for every site. This way, even if one browser or app is compromised, attackers cannot access your accounts elsewhere.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/Passwords

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

Cybercriminals keep finding creative ways to trick social media users, and FileFix proves how convincing these scams can look. A fake Meta alert may feel urgent, but pausing before you click or copy anything is the best defense. Relying on strong habits and security tools gives you the upper hand. Data removal services, antivirus software, and password managers each reduce risk in different ways. When you combine them, you make it much harder for attackers to turn a scare tactic into a real threat.

Should platforms like Meta do more to warn users about these evolving phishing tactics? Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

[ad_2]

Source link

October 3, 2025
Update Chrome now: Google patches new zero-day threat
[ad_1]
NEWYou can now listen to Fox News articles!

Google has released an urgent update for its Chrome browser to fix a newly discovered zero-day security flaw that hackers are already exploiting. This is the sixth zero-day Chrome has faced this year, highlighting just how quickly attackers move to take advantage of these hidden weaknesses.

Because zero-day threats strike before developers can patch them, your personal data and browsing activity could be at risk if you don’t update right away. If you use Chrome, now is the time to upgrade.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

GOOGLE CONFIRMS DATA STOLEN IN BREACH BY KNOWN HACKER GROUP

Chrome users are urged to update immediately to block active zero-day attacks. (Kurt “CyberGuy” Knutsson)

A critical flaw in Chrome’s V8 engine

The newly patched vulnerability, tracked as CVE-2025-10585, stems from a type confusion weakness in Chrome’s V8 JavaScript engine. Google’s Threat Analysis Group (TAG) discovered and reported the bug on Tuesday, and the company shipped a fix the following day, Bleeping Computer reported.

Google confirmed that the flaw was being exploited in the wild, though it did not share technical details or name the groups behind the attacks. TAG has a history of uncovering zero-days tied to government-sponsored spyware campaigns aimed at high-risk individuals such as opposition leaders, journalists and dissidents.

The fix was delivered through Chrome version 140.0.7339.185/.186 for Windows and macOS, and version 140.0.7339.185 for Linux. These updates will gradually reach all users in the Stable Desktop channel over the coming weeks.

While Chrome typically updates automatically, you can apply the patch immediately by navigating to the ‘About Google Chrome’ section. Google stated that it is withholding full technical details until most users have installed the update, a precaution meant to prevent attackers from exploiting lagging systems.

GOOGLE FIXES ANOTHER CHROME SECURITY FLAW BEING ACTIVELY EXPLOITED

Google races to patch the sixth major browser flaw discovered in 2025. (Kurt “CyberGuy” Knutsson)

A growing list of zero-day attacks in 2025

This marks the sixth zero-day flaw patched in Chrome this year. In March, Google addressed CVE-2025-2783, a sandbox escape bug exploited in espionage attacks against Russian organizations. In May, it pushed emergency updates for CVE-2025-4664, which let attackers hijack user accounts.

Then in June, another flaw in the V8 engine, CVE-2025-5419, was patched after being spotted by TAG. July saw the release of a fix for CVE-2025-6558, which allowed attackers to bypass Chrome’s sandbox protection. With this latest patch, Google continues a busy year of racing to secure its browser against rapidly emerging threats.

How to update Google Chrome on a desktop

Updating Chrome only takes a minute, whether you’re on Mac or Windows. Here are the steps.
- Open Chrome.
- Click the three dots in the top-right corner.
- Go to Help > About Google Chrome.
- Wait while Chrome checks for updates.
- Click Relaunch when the update finishes.
How to update Chrome on iPhone
- Open the App Store on your iPhone.
- Tap your profile icon in the top-right corner.
- Scroll down to see pending updates.
- Find Google Chrome in the list.
- Tap Update next to it (or Update All if you want to update everything).
How to update Chrome on Android

Settings may vary depending on your Android phone’s manufacturer.
- Open the Google Play Store on your Android device.
- Tap your profile icon in the top-right corner.
- Select Manage apps & device.
- Under “Updates available,” look for Google Chrome.
Tap Update to install the latest version.

CLICK HERE TO GET THE FOX NEWS APP

Hackers are already exploiting the bug to steal data from unprotected devices. (Kurt “CyberGuy” Knutsson)

5 ways to stay safe from Chrome zero-day attacks

Updating Chrome is essential, but there are additional steps you can take to stay safe from attacks.

1) Be cautious with links and downloads and use strong antivirus software

Many zero-day attacks are delivered through malicious websites or email attachments. Avoid clicking unknown links or downloading files from unverified sources, especially if they prompt you to disable security settings. Also, use strong antivirus software to add another layer of defense to detect malicious code that tries to run through compromised browsers. A strong antivirus can spot suspicious activity before it takes hold. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com/LockUpYourTech

2) Enable two-factor authentication (2FA)

Even if attackers manage to steal your login details through a browser exploit, 2FA makes it much harder for them to break into your accounts. Use an authenticator app instead of SMS when possible for stronger protection.

3) Rely on a password manager

If attackers exploit the browser to steal login data, a password manager keeps your credentials safe and helps generate unique, complex passwords. Even if one account is targeted, it prevents a domino effect across your logins.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/Passwords

4) Limit browser extensions

Some extensions can be abused to make attacks worse. Stick to extensions from trusted developers, review permissions carefully and uninstall anything you no longer need.

5) Keep your operating system updated

Chrome updates are critical, but attackers can also exploit holes in Windows, macOS, Android or iOS. Regular OS updates patch vulnerabilities across the system, reducing the chances of a browser exploit spreading further.

Kurt’s key takeaway

The fact that Chrome has already faced six zero-day attacks this year shows how relentless attackers are and how even the most popular software can have serious gaps. These flaws are not just bugs, but opportunities for hackers to exploit millions of users before fixes roll out. The pattern also highlights the growing sophistication of threat actors, including state-backed groups targeting high-risk individuals. No browser is completely safe, and the battle to secure widely used software is ongoing and far from over.

Do you think Google is reacting fast enough to keep your data secure? Let us know in the comments below. Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
[ad_2]

Source link
October 2, 2025
Inside a scammer’s day and how they target you
[ad_1]
NEWYou can now listen to Fox News articles!

You’re sipping your morning coffee when your phone rings. It’s a number you don’t recognize. On the other end is someone claiming to be from your bank, asking you to “confirm a recent charge.” Sound familiar?

Scammers don’t operate on luck. They don’t just throw darts at the phone book and hope to hit a target. Their calls, texts and emails are carefully planned. They already know things about you before they ever reach out, enough to make their pitch sound convincing.

So, what does a scammer’s day actually look like? Let’s step into their shoes for a moment.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

STOP DATA BROKERS FROM SELLING YOUR INFORMATION ONLINE

Hacker looking up the information stolen from an unsuspecting victim. (Kurt “Cyberguy” Knutsson)

Step 1: Morning scroll: Where scammers find your data

Scammers don’t need to hack into top-secret databases. They start their day by tapping into data broker sites, those shady online directories that trade your personal information like baseball cards.

Here’s what they can instantly see about you (yes, you):
- Full name and age
- Current and past addresses
- Phone numbers (landline and mobile)
- Relatives’ names
- Property records and estimated home value.
Some sites even list email addresses, voter registrations and criminal histories (whether accurate or not.) Imagine starting your morning with a full profile of someone, where they live, who their spouse is and what car they drive. For scammers, this is their to-do list.

Step 2: Building the perfect scam story

With your profile in hand, scammers craft a story that sounds tailor-made just for you.
- If you’ve recently moved (public real estate records show this), they’ll call pretending to be from a “utilities department” asking for deposits.
- If you’re retired, they might pose as Medicare reps offering “free benefits.”
- If you’ve recently lost a loved one (obituaries are public), they’ll offer fake “bereavement services.”
Scammers don’t invent details; they borrow them from your life. That’s why their calls are so believable.

HOW SCAMMERS TARGET YOU EVEN WITHOUT SOCIAL MEDIA

A man receiving a fake scam phone call. (Kurt “CyberGuy” Knutsson)

Step 3: Dialing for dollars

Once the story is ready, it’s time to call, text, or email. Scammers often use auto-dialing software, blasting out thousands of calls a day. They acquire your personal and contact details from various data brokers. Imagine hundreds of scammers scraping the same databases and finding your profile. That’s why you get repeated calls. That’s why the scammer “knows” who you are when you pick up. And even if you hang up or reject the call without picking up, they log your number as “active.” Which means you’ve just made their list for the next round of calls.

Step 4: Afternoon profit: Cashing in on stolen trust

Scammers don’t actually need every target to fall for the trick. They only need a small percentage. Here’s what happens when someone gives in:
- Banking info stolen: Fake “fraud department” calls trick people into reading out card numbers.
- Identity theft: A scammer collects your Social Security number and date of birth, then opens accounts in your name.
- Wire transfers: Many victims are convinced to “verify funds” by wiring money, which is gone forever.
It’s a numbers game, and personal data tilts the odds heavily in the scammers’ favor.

Step 5: Evening: Expanding the list

At the end of the day, scammers aren’t done. They feed the information they’ve gathered back into the data cycle:
- New phone numbers? Added to calling lists.
- Addresses confirmed during a call? Updated in their files.
- Relatives mentioned? Added as next targets.
And the cycle continues tomorrow, with an even bigger pool of potential victims.

(Kurt “CyberGuy” Knutsson)

Why removing your data makes scams harder

Now, imagine if scammers couldn’t find your data online in the first place.
- No name connected to your phone number.
- No recent address tied to your age and relatives.
- No property value or real estate history to suggest you’re “cash-rich.”
Scammers would have no storyline, no details to exploit and, most importantly, no way to personalize their attack. When you remove your data from people-search sites and data broker databases, you don’t just “clean up the internet.” You slam the door shut on scammers’ playbooks. You could spend hours (or days) going site by site, filling out opt-out forms, sending emails and keeping track of who complied. The problem? Data brokers don’t stop. New ones pop up every week, and old ones often sneak your data back in.

That’s where a data removal service comes in. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaways

Scammers don’t stumble on your phone number by accident. They map out your life, one data point at a time. That’s why protecting your information online is the single most powerful step you can take to cut down on scam calls, phishing emails and identity theft risks. Remember: every piece of personal data you remove is one less tool in a scammer’s kit.

What’s the most convincing scam attempt you’ve ever received? Let us know in the comments below. Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
[ad_2]

Source link
October 1, 2025
Top 5 overpayment scams to avoid

[ad_1]

NEWYou can now listen to Fox News articles!

Overpayment scams are on the rise, and they can leave victims thousands of dollars in debt. The setup usually looks harmless: someone sends you a check for more than the agreed amount, asks you to forward the difference and disappears once the check bounces. Below are five of the most common overpayment scams you need to watch for today.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

FBI WARNS SENIORS ABOUT BILLION-DOLLAR SCAM DRAINING RETIREMENT FUNDS, EXPERT SAYS AI DRIVING IT

1. The dog walker overpayment scam

Bob from Harrison, Ohio, recently shared how he was nearly tricked by a scammer posing as a pet owner. The con began with a request for dog sitting. Bob was promised $250 for care and food, but then a fake check for $4,358 arrived.

The scammer instructed Bob to send $4,000 of it to an “appliance retailer.” Why an appliance retailer when the service was for dog sitting? Scammers often use a third party to make the request sound more believable. If they simply asked for the money back, it would raise red flags. By inventing another company, whether a retailer, shipping service or contractor, they add urgency and legitimacy to the story. In reality, that “retailer” is just another front that the scammer controls. Here’s the catch: the check appears to be real, but it’s actually counterfeit. The bank may release the funds temporarily, but once it bounces, you’re on the hook for the entire amount.

Making a payment by scanning a QR code with a phone. (Kurt “CyberGuy” Knutsson)

Tip: If you’re asked to forward money to a third party, especially one unrelated to the original deal, treat it as a scam. Keep the check and envelope as evidence, and report it to the FTC and your state attorney general.

2. The online marketplace scam

Selling a couch, bike or electronics online? Some buyers “accidentally” send too much. They then ask you to return the difference through Zelle, Venmo or a wire transfer. Once the check or payment reverses, you’ve lost both the product and the money you returned.

Tip: Always insist on verified payment methods. If a buyer pushes you for a refund quickly, walk away.

FAKE AGENT PHONE SCAMS ARE SPREADING FAST ACROSS THE US

Scammers may try to recruit buyers into buying gift cards before a false check they provided bounces. (Kurt “CyberGuy” Knutsson)

3. The mystery shopper scam

You might get an email or letter offering a job as a mystery shopper. They send you a large check to “test” stores by buying gift cards. You’re asked to send the gift card numbers back as proof of purchase. After the bank reverses the fake check, you’ve lost the money you spent on those gift cards.

Tip: Real companies never pay upfront with extra funds or ask for gift card codes by email.

4. The rental deposit scam

Scammers target renters by mailing a check for more than the deposit or rent. They claim it was a mistake and ask you to refund the difference. The check later bounces, leaving you stuck.

Tip: Only accept payments through secure online portals or in person with verified funds.

5. The work-from-home equipment scam

This one lures jobseekers. The “employer” sends a large check to buy office equipment, then directs you to forward the extra funds to a vendor. Of course, the check is fake, and the supposed vendor is also the scammer.

Tip: Legitimate employers provide equipment directly or reimburse verified expenses, not through overpayments.

CLICK HERE TO GET THE FOX NEWS APP

Scammers target remote workers by promising to provide a stipend for work-from-home tech. (iStock)

How to protect yourself from overpayment scams

Now that you’ve seen how these scams play out, from fake dog sitting gigs to marketplace frauds and bogus job offers, it’s clear they all follow the same playbook. Someone sends you too much money and pressures you to forward the extra. That “extra” never existed, and once the check bounces, you’re left holding the bag. The good news is, there are clear steps you can take to protect yourself and keep your money safe.

Pause before acting

Every scam in this article, from the dog walker hoax to rental deposit tricks, begins with an overpayment that looks harmless. If someone pays you more than you’re owed, it’s not a mistake. It’s a scam. Do not respond or send money to any third party. Save the check and envelope as evidence, then report it.

Verify funds with your bank

Scammers count on you trusting what you see in your account. In Bob’s case, his $4,358 check looked real because the bank showed it as “available.” But available isn’t the same as cleared. Always ask your bank to confirm when funds are fully verified before you spend a dime.

Avoid rushing

Urgency is the scammer’s strongest weapon. Marketplace fraudsters, renters and fake employers will pressure you to “fix” the mistake right away. Slow down, double-check and don’t let anyone force you into quick action.

Use secure payment systems

Whether it’s for rent, freelance work or selling a used item, scammers prefer paper checks because they’re easy to fake. Stick with secure, traceable payment platforms or in-person verified funds. That way, you don’t get stuck when a check bounces.

Keep records of all communication

If you receive a suspicious check, save everything: the envelope, emails, texts and any names used. In the dog sitting scam, Bob’s saved emails and the scammer’s phone number became valuable evidence. This documentation helps law enforcement and protects you if the scammer tries again under another identity.

Use a personal data removal service

Scammers often find victims by scraping personal details from online data brokers. That’s how they target renters, pet sitters or jobseekers. Using a personal data removal service can limit your exposure and make you harder to target in the first place. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

Enable fraud alerts with your bank

Many banks let you set fraud alerts for large deposits or unusual transactions. Turning these on gives you a chance to review suspicious activity before a scammer pressures you into acting on it.

Report scams

Just like Bob did when he cut contact with the fake pet owner, reporting scams helps protect others. File with the Federal Trade Commission (FTC) at reportfraud.ftc.gov and your state attorney general. You can also alert your local police and community groups to stop scammers from targeting someone else.

Kurt’s key takeaways

Overpayment scams prey on trust and urgency. They can pop up in online sales, job offers, rental agreements and even friendly community boards. By knowing the warning signs, you can stop scammers before they reach your wallet. Stay cautious whenever you’re asked to deposit more than expected and forward the extra. If it sounds strange, it’s probably a scam.

What should be done to stop overpayment scams now that they’ve gotten out of hand? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

[ad_2]

Source link

September 25, 2025
How retirees can stop fake debt collector scams
[ad_1]
NEWYou can now listen to Fox News articles!

You pick up the phone and hear a stern voice claiming you owe money. Maybe it’s for a credit card you don’t recognize, a loan you never took out or some old bill you thought was long gone. Panic sets in, especially if the caller threatens arrest, wage garnishment or lawsuits.

Unfortunately, this scenario is becoming all too common. Scammers are posing as debt collectors, and retirees are among their favorite targets. Even legitimate debt collection companies have crossed the line. One such company was ordered to pay over $8 million for harassing people into paying fake debts.

The good news? With a little knowledge and some practical steps, you can spot these calls, protect yourself and stop them before they get too close for comfort.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

JURY DUTY PHONE SCAMS ON THE RISE AS FRAUDSTERS IMPERSONATE LOCAL OFFICIALS, THREATEN ARREST

A 96-year-old woman sits in an armchair in her apartment in Germany on Sept. 1, 2025, and makes a phone call. (Matthias Balk/picture alliance via Getty Images)

Why retirees are prime targets

Scammers don’t call at random. Retirees often make ideal marks because:
- Less frequent monitoring: Many retirees check credit reports and bank accounts less often, making it easier for fraud to go unnoticed.
- Accumulated assets: Retirement savings, pensions and home equity make seniors look “cash-rich” to scammers.
- Trust factor: Politeness and trust on the phone can be exploited.
- Less tech-savvy: Some retirees feel less comfortable with online verification.
This combination creates a perfect storm for fake debt collection scams.

Red flags of fake debt collector calls

Recognizing the signs can stop scammers in their tracks.
- Immediate threats or pressure: Real collectors cannot threaten arrest or use abusive language under the Fair Debt Collection Practices Act (FDCPA).
- Unusual payment methods: Gift cards, wire transfers and cryptocurrency are red flags. Legitimate collectors use checks, debit or bank payments.
- Refusal to verify debt: If they won’t send written proof, hang up.
- Mismatch with public records: Fake companies often use official-sounding names that don’t exist.
Requests for unrelated personal information: Collectors don’t need your Social Security number or bank logins.

FAKE AGENT PHONE SCAMS ARE SPREADING FAST ACROSS THE US

Kurt “Cyberguy” Knutsson lays out red flags of fake debt collector calls. (Matthias Balk/picture alliance via Getty Images)

How to safely verify debt collector calls

Even if a call raises red flags, it’s essential to verify the information before taking action. Here’s how:

1) Request written verification

Under the FDCPA, you have the right to ask for a debt validation letter. This document should include:
- The creditor’s name
- Original amount owed
- Verification that the collector is legally authorized to collect the debt.
Ask for this before paying or sharing any personal info.

2 Look up the collector

Check with state attorneys general offices or the Consumer Financial Protection Bureau (CFPB). Verify that the company exists and is licensed to collect in your state.

3) Contact the original creditor

If you recognize the debt or think it may be legitimate, call the creditor directly using a verified phone number. Do not rely on the caller’s number; scammers often spoof official-looking numbers.

4) Use trusted resources

The FTC offers a “Debt Collection” section on its website with tips and complaint forms. If you suspect fraud, filing a report can help stop the scammers from targeting others.

CLICK HERE TO GET THE FOX NEWS APP

Experts warn retirees to be vigilant regarding fake debt collector calls. (Kurt “CyberGuy” Knutsson)

Pro tip: Extra step to protect your personal information

Fraudsters rely on personal data to make calls sound convincing. Reducing the amount of information available about you online lowers your risk. Data brokers collect and sell details like your name, phone, address and even past debts. A data removal service can automatically remove your data from hundreds of broker sites, making it harder for scammers to find and target you.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

When and where to report a scam

If you’ve encountered a fake debt collector, report them right away:
- FTC: File at FTC.gov
- State Attorney General: Use the consumer complaint division in your state
- CFPB (Consumer Financial Protection Bureau): Submit a complaint online at consumerfinance.gov/complaint/or by phone
Reporting helps protect other retirees from falling victim.

Kurt’s key takeaways

Protecting your retirement isn’t just about managing your savings; it’s about defending your personal information, too. Scammers thrive on fear, urgency and trust, but you now have the knowledge to push back. By spotting red flags, verifying calls and reducing what’s available about you online, you can stop fake debt collectors in their tracks.

If a scammer called you tomorrow, would you be ready to spot the lies and protect your hard-earned savings? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
[ad_2]

Source link
September 24, 2025
A Cyberattack on Jaguar Land Rover Is Causing a Supply Chain Disaster

[ad_1]

Almost immediately after the cyberattack, a group on Telegram called Scattered Lapsus$ Hunters, claimed responsibility for the hack. The group name implies a potential collaboration between three loose hacking collectives— Scattered Spider, Lapsus$, and Shiny Hunters—that have been behind some of the most high-profile cyberattacks in recent years. They are often made up of young, English-speaking, cybercriminals who target major businesses.

Building vehicles is a hugely complex process. Hundreds of different companies provide parts, materials, electronics, and more to vehicle manufacturers, and these expansive supply chain networks often rely upon “just-in-time” manufacturing. That means they order parts and services to be delivered in the specific quantities that are needed and exactly when they need them—large stockpiles of parts are unlikely to be held by auto makers.

“The supplier networks that are supplying into these manufacturing plants, they’re all set up for efficiency—economic efficiency, and also logistic efficiency,” says Siraj Ahmed Shaikh, a professor in systems security at Swansea University. “There’s a very carefully orchestrated supply chain,” Shaikh adds, speaking about automotive manufacturing generally. “There’s a critical dependency for those suppliers supplying into this kind of an operation. As soon as there is a disruption at this kind of facility, then all the suppliers get affected.”

One company that makes glass sun roofs has started laying off workers, according to a report in the Telegraph. Meanwhile, another firm told the BBC it has laid off around 40 people so far. French automotive company OPmobility, which employs 38,000 people across 150 sites, told WIRED it is making some changes and monitoring the events. “OPmobility is reconfiguring its production at certain sites as a consequence of the shutdown of its production by one of its customers based in the United Kingdom and depending on the evolution of the situation,” a spokesperson for the firm says.

While it is unclear which specific JLR systems have been impacted by the hackers and what systems JLR took offline proactively, many were likely taken offline to stop the attack from getting worse. “It’s very challenging to ensure containment while you still have connections between various systems,” says Orla Cox, head of EMEA cybersecurity communications at FTI Consulting, which responds to cyberattacks and works on investigations. “Oftentimes as well, there will be dependencies on different systems: You take one down, then it means that it has a knock on effect on another.”

Whenever there’s a hack in any part of a supply chain—whether that is a manufacturer at the top of the pyramid or a firm further down the pipeline—digital connections between companies may be severed to stop attackers from spreading from one network to the next. Connections via VPNs or APIs may be stopped, Cox says. “Some may even take stronger measures such as blocking domains and IP addresses. Then things like email are no longer usable between the two organizations.”

The complexity of digital and physical supply chains, spanning across dozens of businesses and just-in-time production systems, means it is likely that bringing everything back online and up to full-working speed may take time. MacColl, the RUSI researcher, says cybersecurity issues often fail to be debated at the highest level of British politics—but adds this time could be different due to the scale of the disruption. “This incident has the potential to cut through because of the job losses and the fact that MPs in constituencies affected by this will be getting calls,” he says. That breakthrough has already begun.

[ad_2]

Matt Burgess

Source link

September 21, 2025
Why iPhone users are the new prime scam targets
[ad_1]
NEWYou can now listen to Fox News articles!

New research may shock a lot of Apple fans: iPhone users are actually more likely to fall for online scams than Android owners. The problem isn’t the device itself; it’s the habits of the people using it.

The survey from Malwarebytes, a global cybersecurity company, of 1,300 adults across the United States, United Kingdom, Austria, Germany and Switzerland, found that many iPhone owners put blind trust in Apple’s security. That confidence makes them easier targets for scammers who count on overconfidence.

5 PHONE SETTINGS TO CHANGE RIGHT NOW FOR A SAFER SMARTPHONE

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

New research suggests iPhone users are more likely to fall for online scams than Android users. (Kurt “CyberGuy” Knutsson)

The truth about iPhone security habits

Here’s what the Malwarebytes survey uncovered:
- More than half of iPhone users (53%) admitted they’ve fallen for a scam, compared to 48% of Android users.
- Only 21% of iPhone owners add security software, while 29% of Android users do.
- Just 35% of iPhone users set unique, strong passwords, compared to 41% of Android owners.
- 47% of iPhone users grabbed a “best price” deal from shady sellers, compared to 40% of Android users.
- 41% of iPhone owners DM’d sellers for discounts on social media, compared to 33% of Android owners.
The takeaway? It’s not the phone that makes you safe, it’s your choices every time you go online.

A survey from Malwarebytes found that many iPhone owners blindly trust Apple’s security measures, which makes them easier targets for scammers who count on overconfidence. (Kurt “CyberGuy” Knutsson)

Why this matters

For years, Apple’s reputation led iPhone users to believe they were automatically safer. This study proves otherwise. Cybercriminals don’t care what brand of phone you carry; they care about how easy it is to trick you. And right now, too many iPhone users are letting their guard down.

Many iPhone software updates contain security patches that block new threats to keep users safe. (Kurt “CyberGuy” Knutsson)

7 ways to stay safe on iPhone

Even if you love your iPhone, staying safe means making smarter choices online. Follow these steps to keep scammers one step behind you.

1) Stop and double-check

If something feels off, whether it’s a text, link, or offer, pause. Scammers rely on urgency to trick you.

2) Avoid random links and shady DMs

Never click on links or QR codes from unknown senders. Always visit the company’s website directly. Also, use strong antivirus software to block malicious links before they reach you. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com/LockUpYourTech

3) Keep your software updated

Apple pushes out updates for a reason. Many contain security patches that block new threats. Make sure your iPhone is always running the latest iOS and app updates.

How to update iOS:
- Go to Settings
- Tap General
- Click Software Update and install any available updates.
Manually updating apps:
- Open the App Store.
- Tap your profile icon at the top right.
- Scroll down to see pending updates.
- Tap Update All (or update individual apps).
Enabling Automatic App Updates:
- Open Settings.
- Scroll down and tap App Store.
- Under Automatic Downloads, toggle on App Updates.
This way, your phone will always stay current, reducing the chances that hackers can exploit old vulnerabilities.

IS YOUR PHONE HACKED? HOW TO TELL AND WHAT TO DO

4) Pick stronger, unique passwords

Using the same password everywhere is a hacker’s dream. Create unique ones for each account. Consider using a password manager, which securely stores and generates complex passwords, reducing the risk of password reuse.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see CyberGuy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at CyberGuy.com/Passwords

5) Consider using a personal data removal service

Scammers thrive on the personal details they can easily find about you online, and iPhone users in particular tend to overshare and trust their device to keep them safe. That leaves a bigger trail for criminals to exploit. A personal data removal service helps wipe your information from data broker sites and shady lists that fuel targeted scams.

While no service can erase everything, it makes it much harder for crooks to connect the dots and trick you. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com/Delete

Get a free scan to find out if your personal information is already out on the web: CyberGuy.com/FreeScan

6) Turn on two-factor authentication (2FA)

Turning on two-factor authentication (2FA) is one of the most powerful ways to lock down your accounts. It adds an extra login step that blocks criminals, even if they already have your password. On your iPhone:
- Open the Settings app.
- Tap on [your name] (your Apple ID at the top).
- Select Sign‑In & Security.
- Tap Turn On Two‑Factor Authentication, then tap Continue.
- Enter a trusted phone number to receive verification codes (via text or call), tap Next, and enter the code sent to you to complete the setup.
Once set up, you’ll get a code each time you or someone else tries to sign in.

7) Don’t trade personal info for deals

Skip giving out your phone number or email just to snag a coupon, unlock a discount code, or enter a giveaway. Scammers use those details to target you later with spam, phishing attempts, and even identity theft schemes. Instead, create and use an alias email address for sign-ups, promotions, or contests. That way your real inbox stays private, and suspicious offers won’t expose your personal data.

For recommendations on private and secure email providers that offer alias addresses, visit CyberGuy.com/Mail

CLICK HERE TO GET THE FOX NEWS APP

What this means for you

If you own an iPhone, don’t assume Apple’s built-in tools are enough. Android users appear to be more proactive, but everyone is vulnerable. Real security comes from your habits, not your hardware.

Kurt’s key takeaways

The bottom line: iPhone users are falling for scams more often because they trust too much and protect too little. The fix is simple: be cautious, be skeptical, and add extra protection. Because when it comes to scams, it’s not about the device, it’s about you.

Do you still believe Apple makes you safer, or are you ready to admit that scammers can outsmart any phone? Let us know by writing to us at CyberGuy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
[ad_2]

Source link
September 21, 2025
How AI browsers open the door to new scams

[ad_1]

NEWYou can now listen to Fox News articles!

AI browsers are no longer just an idea; they’re already here. Microsoft has built Copilot into Edge, OpenAI is testing a sandboxed browser in agent mode and Perplexity’s Comet is one of the first to fully embrace the concept of browsing for you.

This is agentic AI stepping into our daily routines, from searching and reading to shopping and clicking. Instead of simply assisting us, these tools are beginning to replace us.

But with this shift comes a new era of digital deception. AI-powered browsers may promise convenience by handling shopping, emails and other tasks, yet research shows they can stumble into scams faster than humans ever could. This dangerous mix of speed and trust is what experts call Scamlexity, a complex, AI-driven scam landscape where your agent gets tricked, and you pay the price.

HACKER EXPLOITS AI CHATBOT IN CYBERCRIME SPREE

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Falling for the same old tricks

AI browsers are not immune to classic scams. In fact, they can fall for them even faster. When researchers at Guardio Labs told an AI browser to buy an Apple Watch, it confidently completed the purchase on a fake Walmart store set up in minutes. It autofilled personal and payment details without hesitation. The scammer got the money, while the human never saw the red flags.

AI browsers promise convenience, but security experts warn they can fall for online scams faster than humans. (David Paul Morris/Bloomberg via Getty Images)

Handling phishing emails from “your bank”

Old phishing tactics also remain effective. In testing, researchers at Guardio Labs sent a fake Wells Fargo email to the AI browser. The browser clicked the malicious link with no verification and even helped the user fill out login credentials on the phishing page. By removing human intuition from the loop, the AI created a perfect trust chain that scammers could exploit.

PromptFix: A modern AI injection scam

The real danger comes from attacks designed specifically for AI. Researchers at Guardio Labs created PromptFix, a scam disguised as a CAPTCHA page. While humans would only see a checkbox, the AI agent read hidden malicious instructions in the page code. Believing it was “helping,” the AI clicked the button, triggering a download that could have been malware. This type of prompt injection bypasses human awareness and targets the AI’s decision-making directly. Once compromised, the AI can send emails, share files or execute harmful tasks without the user ever knowing.

The growing risks of AI browsers

As agentic AI becomes mainstream, scams will scale at an alarming speed. Instead of fooling millions of people individually, attackers need only to compromise one AI model to reach millions at once. Security experts warn this is a structural risk, not just a phishing problem.

Tips to protect yourself from AI browser scams

AI browsers can save time, but they can also put you at risk if you rely on them too much. Use these practical steps to stay in control and reduce your chances of becoming a victim.

1) Stay in control of your AI

Always double-check sensitive actions like purchases, downloads or logins. Keep final approval in your hands instead of letting the AI complete tasks on its own. This way, you prevent scammers from sneaking past your awareness.

2) Use a personal data removal service

Scammers rely on exposed personal details to make their tricks more convincing. A trusted data removal service can help scrub your information from broker sites, reducing the chance that your AI agent hands over details that are already floating around online. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy.

These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

GOOGLE AI EMAIL SUMMARIES CAN BE HACKED TO HIDE PHISHING ATTACKS

AI browsers still click malicious links and autofill login credentials with no human oversight or verification to stop them. (Avishek Das/SOPA Images/LightRocket via Getty Images)

3) Use strong antivirus software

Install and keep strong antivirus software updated. It adds an extra line of defense that can catch threats your AI browser may miss, including malicious files and unsafe downloads. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

4) Consider using a password manager

A trusted password manager helps you generate and store strong, unique passwords. It can also alert you if the AI agent tries to reuse weak or compromised passwords when logging into sites.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

5) Watch your accounts closely

Review your bank and credit card statements often. If your AI agent shops or manages accounts for you, always cross-check receipts and login records. Quick action on suspicious charges can stop a scam from spreading further.

6) Beware of hidden AI instructions

Scammers hide malicious instructions in the code your AI reads, and the agent may follow them without question. If something feels wrong, stop the task and handle it manually.

HOW AI IS NOW HELPING HACKERS FOOL YOUR BROWSER’S SECURITY TOOLS

Kurt’s key takeaways

AI browsers bring convenience, but they also bring risk. By removing human judgment from critical tasks, they expose a wider scam surface than ever before. Scamlexity is a wake-up call: The AI you trust could be tricked in ways you never see coming. Staying safe means staying alert and demanding stronger guardrails in every AI tool you use.

CLICK HERE TO GET THE FOX NEWS APP

Would you trust an AI browser to handle your banking and shopping, or is the risk of Scamlexity too high? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

[ad_2]

Source link

September 20, 2025
Hacker exploits AI chatbot in cybercrime spree
[ad_1]
NEWYou can now listen to Fox News articles!

A hacker has pulled off one of the most alarming AI-powered cyberattacks ever documented. According to Anthropic, the company behind Claude, a hacker used its artificial intelligence chatbot to research, hack, and extort at least 17 organizations. This marks the first public case where a leading AI system automated nearly every stage of a cybercrime campaign, an evolution that experts now call “vibe hacking.”

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

HOW AI CHATBOTS ARE HELPING HACKERS TARGET YOUR BANKING ACCOUNTS

Simulated ransom guidance created by Anthropic’s threat intelligence team for research and demonstration purposes. (Anthropic)

How a hacker used an AI chatbot to strike 17 targets

Anthropic’s investigation revealed how the attacker convinced Claude Code, a coding-focused AI agent, to identify vulnerable companies. Once inside, the hacker:
- Built malware to steal sensitive files.
- Extracted and organized stolen data to find high-value information.
- Calculated ransom demands based on victims’ finances.
- Generated tailored extortion notes and emails.
Targets included a defense contractor, a financial institution and multiple healthcare providers. The stolen data included Social Security numbers, financial records and government-regulated defense files. Ransom demands ranged from $75,000 to over $500,000.

Why AI cybercrime is more dangerous than ever

Cyber extortion is not new. But this case shows how AI transforms it. Instead of acting as an assistant, Claude became an active operator scanning networks, crafting malware and even analyzing stolen data. AI lowers the barrier to entry. In the past, such operations required years of training. Now, a single hacker with limited skills can launch attacks that once took a full criminal team. This is the frightening power of agentic AI systems.

HOW AI IS NOW HELPING HACKERS FOOL YOUR BROWSER’S SECURITY TOOLS

A simulated ransom note template that hackers could use to scam victims. (Anthropic)

What vibe hacking reveals about AI-powered threats

Security researchers refer to this approach as vibe hacking. It describes how hackers embed AI into every phase of an operation.
- Reconnaissance: Claude scanned thousands of systems and identified weak points.
- Credential theft: It extracted login details and escalated privileges.
- Malware development: Claude generated new code and disguised it as trusted software.
- Data analysis: It sorted stolen information to identify the most damaging details.
- Extortion: Claude created alarming ransom notes with victim-specific threats.
This systematic use of AI marks a shift in cybercrime tactics. Attackers no longer just ask AI for tips; they use it as a full-fledged partner.

GOOGLE AI EMAIL SUMMARIES CAN BE HACKED TO HIDE PHISHING ATTACKS

A cybercriminal’s initial sales offering on the dark web seen in January 2025. (Anthropic)

How Anthropic is responding to AI abuse

Anthropic says it has banned the accounts linked to this campaign and developed new detection methods. Its threat intelligence team continues to investigate misuse cases and share findings with industry and government partners. The company admits, however, that determined actors can still bypass safeguards. And experts warn that these patterns are not unique to Claude; similar risks exist across all advanced AI models.

How to protect yourself from AI cyberattacks

Here’s how to defend against hackers now using AI tools to their advantage:

1. Use strong, unique passwords everywhere

Hackers who break into one account often attempt to use the same password across your other logins. This tactic becomes even more dangerous when AI is involved because a chatbot can quickly test stolen credentials across hundreds of sites. The best defense is to create long, unique passwords for every account you have. Treat your passwords like digital keys and never reuse the same one in more than one lock.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/Passwords

2. Protect your identity and use a data removal service

The hacker who abused Claude didn’t just steal files; they organized and analyzed them to find the most damaging details. That illustrates the value of your personal information in the wrong hands. The less data criminals can find about you online, the safer you are. Review your digital footprint, lock down privacy settings, and reduce what’s available on public databases and broker sites.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

Illustration of a hacker at work. (Kurt “CyberGuy” Knutsson)

3. Turn on two-factor authentication (2FA)

Even if a hacker obtains your password, 2FA can stop them in their tracks. AI tools now help criminals generate highly realistic phishing attempts designed to trick you into handing over logins. By enabling 2FA, you add an extra layer of protection that they cannot easily bypass. Choose app-based codes or a physical key whenever possible, as these are more secure than text messages, which are easier for attackers to intercept.

4. Keep devices and software updated

AI-driven attacks often exploit the most basic weaknesses, such as outdated software. Once a hacker knows which companies or individuals are running old systems, they can use automated scripts to break in within minutes. Regular updates close those gaps before they can be targeted. Setting your devices and apps to update automatically removes one of the easiest entry points that criminals rely on.

5. Be suspicious of urgent messages

One of the most alarming details in the Anthropic report was how the hacker used AI to craft convincing extortion notes. The same tactics are being applied to phishing emails and texts sent to everyday users. If you receive a message demanding immediate action, such as clicking a link, transferring money or downloading a file, treat it with suspicion. Stop, check the source and verify before you act.

6. Use a strong antivirus software

The hacker in this case built custom malware with the help of AI. That means malicious software is getting smarter, faster and harder to detect. Strong antivirus software that constantly scans for suspicious activity provides a critical safety net. It can identify phishing emails and detect ransomware before it spreads, which is vital now that AI tools make these attacks more adaptive and persistent.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com/LockUpYourTech

Over 40,000 Americans were previously exposed in a massive OnTrac security breach, leaking sensitive medical and financial records. (Jakub Porzycki/NurPhoto via Getty Images)

7. Stay private online with a VPN

AI isn’t only being used to break into companies; it’s also being used to analyze patterns of behavior and track individuals. A VPN encrypts your online activity, making it much harder for criminals to connect your browsing to your identity. By keeping your internet traffic private, you add another layer of protection for hackers trying to gather information they can later exploit.

For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android & iOS devices at Cyberguy.com/VPN

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaways

AI isn’t just powering helpful tools; it’s also arming hackers. This case proves that cybercriminals can now automate attacks in ways once thought impossible. The good news is, you can take practical steps today to reduce your risk. By making smart moves, such as enabling two-factor authentication (2FA), updating devices, and using protective tools, you can stay one step ahead.

Do you think AI chatbots should be more tightly regulated to prevent abuse? Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
[ad_2]

Source link
September 13, 2025
Shamos malware tricks Mac users with fake fixes

[ad_1]

NEWYou can now listen to Fox News articles!

A dangerous new malware campaign is targeting Mac users worldwide. Security researchers at CrowdStrike uncovered Shamos, a new variant of the Atomic macOS Stealer (AMOS), developed by a cybercriminal group called COOKIE SPIDER.

The attack relies on ClickFix tactics, where victims searching for Mac troubleshooting help are lured to fake websites or GitHub repositories. These spoofed sites trick users into copying and pasting a one-line command in Terminal, supposedly to fix an error. Instead, the command silently downloads Shamos, bypasses macOS Gatekeeper protections, and installs the malware.

Once inside, Shamos searches for sensitive data, Apple Notes, Keychain items, browser passwords, and even cryptocurrency wallets. The stolen information is zipped and sent directly to attackers, often alongside additional malware like botnet modules or fake Ledger wallet apps.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

10 WAYS TO SECURE YOUR OLDER MAC FROM THREATS AND MALWARE

Malicious sponsored results can be seen on Google search. (CrowdStrike)

How Shamos malware spreads on macOS

Cybercriminals distribute these fake “fixes” through so-called “malvertising” campaigns and spoofed tech help sites with names like mac-safer[.]com or rescue-mac[.]com. These pages pose as trusted troubleshooting guides and appear in search results for common Mac issues, such as “how to flush resolver cache.”

The websites encourage victims to copy and paste commands that download malicious Bash scripts. These scripts grab the user’s password, remove file protections, and launch Shamos. With persistence tools installed, the malware can even restart alongside the system, keeping control long after the initial infection.

CAPTCHAGEDDON SIGNALS A DANGEROUS SHIFT

A fake help page provides victims with false instructions about how to fix problems with their Mac computer. (CrowdStrike)

Tips to stay safe from Shamos malware

You can avoid falling victim to Shamos and similar threats with these proactive steps:

1) Never run commands you don’t understand

Copy-pasting commands into Terminal may seem like an easy fix, but it’s also one of the easiest ways for attackers to bypass Apple’s built-in protections. If you see a command on a website, forum, or GitHub repository, don’t execute it unless you fully understand what it does. Instead, confirm with Apple’s official support site or the Apple Community forums, where experienced users and moderators can verify safe troubleshooting steps.

2) Avoid sponsored results

Hackers know that when your Mac has a problem, you’ll search for a quick solution. That’s why they buy sponsored ads like the one below to push fake troubleshooting websites higher in search results. Clicking the top link may feel natural, but it could be a trap. Stick with trusted sources like Apple Support, or scroll past the ads to find legitimate guides.

CLICK HERE TO GET THE FOX NEWS APP

Fake instructions on how to fix printer issues on macOS. (CrowdStrike)

3) Be wary of GitHub projects

GitHub is an amazing resource for developers, but it’s also become a hotspot for malicious repositories that mimic legitimate software. Attackers often clone popular apps or tools, then hide malware inside. Before downloading anything, check the publisher’s name, stars, and activity history. If the account looks suspicious, inactive, or brand-new, avoid it.

4) Use strong antivirus protection

Mac malware is evolving fast, and Apple’s built-in security features can’t catch everything. A strong antivirus adds another layer of defense by scanning downloads, blocking malicious scripts, and detecting suspicious behavior in real time. Some security tools can even spot the one-line Terminal commands used by Shamos before they cause harm.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com/LockUpYourTech

5) Use a personal data removal service

Since Shamos is designed to steal personal information and send it to cybercriminals, reducing your online footprint can help limit the fallout. A personal data removal service scans data broker sites and removes your exposed information, making it harder for attackers to resell or exploit it after a breach. While this won’t stop malware from stealing what’s on your Mac, it adds another layer of protection by minimizing the data criminals can use against you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

6) Keep macOS updated

Apple regularly patches vulnerabilities in macOS that malware tries to exploit. By keeping your system up to date, you close the doors that attackers rely on. Enable automatic updates, so your Mac receives the latest patches as soon as they’re available. Pairing this with good digital hygiene, like avoiding shady downloads, dramatically lowers your risk of infection.

Kurt’s key takeaways

Cybercriminals know that when your Mac breaks, you’ll look for quick answers. Shamos takes advantage of that urgency by disguising itself as help. Staying safe means slowing down before you copy, paste, or download anything. If something feels off, it probably is.

Should Apple be doing more to protect Mac users from evolving threats like Shamos? Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

[ad_2]

Source link

September 12, 2025
Apple’s latest iPhone security feature just made life more difficult for spyware makers | TechCrunch

[ad_1]

Buried in an ocean of flashy novelties announced by Apple this week, the tech giant also revealed new security technology for its latest iPhone 17 and iPhone Air devices. This new security technology was made specifically to fight against surveillance vendors and the types of vulnerabilities they rely on the most, according to Apple.

The feature is called Memory Integrity Enforcement (MIE) and is designed to help stop memory corruption bugs, which are some of the most common vulnerabilities exploited by spyware developers and makers of phone forensic devices used by law enforcement.

“Known mercenary spyware chains used against iOS share a common denominator with those targeting Windows and Android: they exploit memory safety vulnerabilities, which are interchangeable, powerful, and exist throughout the industry,” Apple wrote in its blog post.

Cybersecurity experts, including people who make hacking tools and exploits for iPhones, tell TechCrunch that this new security technology could make Apple’s newest iPhones some of the most secure devices on the planet. The result is likely to make life harder for the companies that make spyware and zero-day exploits for planting spyware on a target’s phone or extracting data from them.

“The iPhone 17 is probably now the most secure computing environment on the planet that is still connected to the internet,” a security researcher, who has worked on developing and selling zero-days and other cyber capabilities to the U.S. government for years, told TechCrunch.

The researcher told TechCrunch that MIE will raise the cost and time to develop their exploits for the latest iPhones, and consequently up their prices for paying customers.

“This is a huge deal,” said the researcher, who asked to remain anonymous to discuss sensitive matters. “It’s not hack proof. But it’s the closest thing we have to hack proof. None of this will ever be 100% perfect. But it raises the stakes the most.”

Contact Us

Do you develop spyware or zero-day exploits and are studying studying the potential effects of Apple’s MIE? We would love to learn how this affects you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email . You also can contact TechCrunch via SecureDrop.

Jiska Classen, a professor and researcher who studies iOS at the Hasso Plattner Institute in Germany, agreed that MIE will raise the cost of developing surveillance technologies.

Classen said this is because some of the bugs and exploits that spyware companies and researchers have that currently work will stop working once the new iPhones are out and MIE is implemented.

“I could also imagine that for a certain time window some mercenary spyware vendors don’t have working exploits for the iPhone 17,” said Classen.

“This will make their life arguably infinitely more difficult,” said Patrick Wardle, a researcher who runs a startup that makes cybersecurity products specifically for Apple devices. “Of course that is said with the caveat that it’s always a cat-and-mouse game.”

Wardle said people who are worried about getting hacked with spyware should upgrade to the new iPhones.

The experts TechCrunch spoke to said MIE will reduce the efficacy of both remote hacks, such as those launched with spyware like NSO Group’s Pegasus and Paragon’s Graphite. It will also help to protect against physical device hacks, such as those performed with phone unlocking hardware like Cellebrite or Graykey.

Taking on the “majority of exploits”

Most modern devices, including the majority of iPhones today, run software written in programming languages that are prone to memory-related bugs, often called memory overflow or corruption bugs. When triggered, a memory bug can cause the contents of memory from one app to spill into other areas of a user’s device where it shouldn’t go.

Memory-related bugs can allow malicious hackers to access and control parts of a device’s memory that they shouldn’t be permitted to. The access can be used to plant malicious code that’s capable of gaining broader access to a person’s data stored in the phone’s memory, and exfiltrating it over the phone’s internet connection.

MIE aims to defend against these kinds of broad memory attacks by vastly reducing the attack surface in which memory vulnerabilities can be exploited.

According to Halvar Flake, an expert in offensive cybersecurity, memory corruptions “are the vast majority of exploits.”

MIE is built on a technology called Memory Tagging Extension (MTE), originally developed by chipmaker Arm. In its blog post, Apple said over the past five years it worked with Arm to expand and improve the memory safety features into a product called Enhanced Memory Tagging Extension (EMTE).

MIE is Apple’s implementation of this new security technology, which takes advantage of Apple having complete control of its technology stack, from software to hardware, unlike many of its phone-making competitors.

Google offers MTE for some Android devices; the security-focused GrapheneOS, a custom version of Android, also offers MTE.

But other experts say Apple’s MIE goes a step further. Flake said the Pixel 8 and GrapheneOS are “almost comparable,” but the new iPhones will be “the most secure mainstream” devices.

MIE works by allocating each piece of a newer iPhone’s memory with a secret tag, effectively its own unique password. This means only apps with that secret tag can access the physical memory in the future. If the secret doesn’t match, the security protections kick in and block the request, the app will crash, and the event is logged.

That crash and log is particularly significant since it’s more likely for spyware and zero-days to trigger a crash, making it easier for Apple and security researchers investigating attacks to spot them.

“A wrong step would lead to a crash and a potentially recoverable artifact for a defender,” said Matthias Frielingsdorf, the vice president of research at iVerify, a company that makes an app to protect smartphones from spyware. “Attackers already had an incentive to avoid memory corruption.”

Apple did not respond to a request for comment.

MIE will be on by default system wide, which means it will protect apps like Safari and iMessage, which can be entry points for spyware. But third-party apps will have to implement MIE on their own to improve protections for their users. Apple released a version of EMTE for developers to do that.

In other words, MIE is a huge step in the right direction, but it will take some time to see its impact, depending on how many developers implement it and how many people buy new iPhones.

Some attackers will inevitably still find a way.

“MIE is a good thing and it might even be a big deal. It could significantly raise the cost for attackers and even force some of them out of the market,” said Frielingsdorf. “But there are going to be plenty of bad actors that can still find success and sustain their business.”

“As long as there are buyers there will be sellers,” said Frielingsdorf.

[ad_2]

Lorenzo Franceschi-Bicchierai, Zack Whittaker

Source link

September 11, 2025
Columbia University data breach hits 870,000 people
[ad_1]
NEWYou can now listen to Fox News articles!

Columbia University recently confirmed a major cyberattack that compromised personal, financial and health-related information tied to students, applicants and employees. The victims include current and former students, employees and applicants. Notifications to affected individuals began Aug. 7 and are continuing on a rolling basis.

Columbia, one of the oldest Ivy League universities, discovered the breach after a network outage in June. According to Columbia, the disruption was caused by an unauthorized party that accessed its systems and stole sensitive data. Investigators are still assessing the full scope of the theft.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

TRANSUNION BECOMES LATEST VICTIM IN MAJOR WAVE OF SALESFORCE-LINKED CYBERATTACKS, 4.4M AMERICANS AFFECTED

Students on the campus of Columbia University April 14, 2025, in New York City. (Charly Triballeau/AFP via Getty Images)

What information was stolen?

According to a breach notification filed with the Maine Attorney General’s office, nearly 869,000 individuals were affected by the Columbia breach. This number includes students, employees, applicants and, in some cases, family members. Media outlets also reported that the threat actor claimed to have stolen approximately 460 gigabytes of data from Columbia’s systems.

Columbia confirmed that the stolen information relates to admissions, enrollment and financial aid records, as well as certain employee data. The categories of exposed information include:
- Names, dates of birth and Social Security numbers
- Contact details and demographic information
- Academic history and financial aid records
- Insurance details and certain health information
Columbia emphasized that patient records from Columbia University Irving Medical Center were not affected. Still, the breadth of stolen data poses serious risks of identity theft and fraud.

DIOR DATA BREACH EXPOSES US CUSTOMERS’ PERSONAL INFORMATION

Columbia University campus (Luiz C. Ribeiro for New York Daily News/Tribune News Service via Getty Images)

Columbia University response

Columbia has reported the incident to law enforcement and is working with cybersecurity experts. The university said it has strengthened its systems with new safeguards and enhanced protocols to prevent future incidents.

Starting Aug. 7, Columbia began mailing letters to those affected, offering two years of complimentary credit monitoring, fraud consultation and identity theft restoration services.

When contacted, Columbia referred CyberGuy to its official community updates, published June 24 and Aug. 5.

While the university says there is no evidence that the stolen data has been misused so far, the risk remains high. Criminals often wait months before exploiting stolen data.

NEARLY A MILLION PATIENTS HIT BY DAVITA DIALYSIS RANSOMWARE ATTACK

Columbia University says a June network outage is to blame for the breach. (Silas Stein/picture alliance via Getty Images)

Steps to protect yourself after the Columbia University breach

If you are among those affected or simply want to safeguard your data, take these steps today:

1) Monitor your credit reports

Check your credit reports regularly through AnnualCreditReport.com. Look for accounts you did not open or changes you did not authorize.

2) Use a personal data removal service

Since Columbia confirmed that stolen files may include names, addresses and demographic details, consider using a personal data removal service. These services help scrub your information from data brokers and people search sites, making it harder for criminals to exploit exposed details. This step reduces the chance that stolen Columbia records are linked to your broader online identity.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

3) Set up fraud alerts and freezes

Placing a fraud alert makes it harder for identity thieves to open accounts in your name. A credit freeze offers even stronger protection by blocking new credit applications.

4) Use strong and unique passwords

Create long, complex passwords for each account. A password manager can help generate and securely store them.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/Passwords

5) Enable two-factor authentication

Turn on two-factor authentication (2FA) wherever possible. This extra layer of security helps protect your accounts even if a password is stolen.

6) Watch for phishing attempts and use strong antivirus software

Scammers may try to exploit fear around the breach with fake emails or texts. Verify any message before clicking links or sharing personal information.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com/LockUpYourTech

7) Consider identity theft protection services

Beyond the free credit monitoring Columbia offers, additional paid services can help track your data across the dark web and provide extra safeguards.

Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com/IdentityTheft

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaways

The Columbia University breach shows how even trusted institutions are vulnerable to cyberattacks. Because the investigation is ongoing and notifications will continue through the fall, individuals should remain on high alert. With so much personal, financial and health information exposed, staying alert long after the headlines fade is critical.

What more should universities and large institutions be required to do to safeguard the personal data of the people who trust them? Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
[ad_2]

Source link
September 6, 2025
Don’t use your home Wi-Fi before fixing certain security risks

[ad_1]

NEWYou can now listen to Fox News articles!

Home Wi-Fi networks are the backbone of how most people get online, connecting laptops, phones, smart TVs and more. When properly secured, they offer a convenient and private way to browse the internet, stream content and work from home. But “private” doesn’t always mean “safe.” Wi-Fi security can be easily compromised if you have weak settings or outdated equipment.

I recently heard from Carol in Smithtown, New York, who asked, “Is it safe to browse the internet on your own laptop using only your home Wi-Fi?”

Her question points to a bigger concern. Many of us rely on home networks every day without really knowing if they’re as secure as they should be.

Let’s break down what makes a home Wi-Fi network secure, the risks you should know about and the steps you can take to protect your privacy.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my Cyberguy.com newsletter.

A user troubleshoots an internet router. (Kurt “CyberGuy” Knutsson)

Why home Wi-Fi security is important

Your home Wi-Fi is not just a way to get online but also the gateway to your personal and professional life. Everything from online banking to work emails to video calls passes through it. If your network isn’t secure, that information could be intercepted or exposed.

One of the biggest misconceptions is that a home network is safe simply because it’s private. In reality, hackers often target residential networks because they tend to have weaker defenses than corporate ones.

Someone nearby could connect to your network if your password is weak or your encryption is outdated. This not only slows your internet but also lets them use your connection for illegal activities. Sensitive information like passwords, credit card numbers and personal documents can be intercepted if the network is compromised.

11 EASY WAYS TO PROTECT YOUR ONLINE PRIVACY IN 2025

Attackers can use an insecure network to push malicious software onto your devices, sometimes without you even realizing it. Smart devices such as security cameras, thermostats and speakers can be taken over and used for spying or as part of larger cyberattacks.

Even if you trust everyone in your household, your network is still exposed to risks from outside. And with so many devices connected today, including laptops, phones, tablets, TVs and IoT gadgets, there are more entry points for an attacker than ever before. Securing your Wi-Fi closes those doors before someone decides to try them.

A hacker executes cybercrime. (Kurt “CyberGuy” Knutsson)

Choose the right router for Wi-Fi protection

Every piece of Wi-Fi security advice ultimately comes back to the same foundation: your router. It is the gatekeeper for your entire home network. If it is old, poorly configured, or missing important updates, even the strongest passwords and best digital habits will not fully protect you.

Investing in a good router is one of the most important steps you can take to secure your home Wi-Fi. A modern, well-supported router gives you stronger encryption, better control over connected devices and regular updates that patch security flaws.

Don’t stop at the hardware itself. Check regularly for firmware updates from the manufacturer. Some new routers update automatically, but many require you to log in and install patches manually. Outdated firmware leaves known vulnerabilities wide open.

IS YOUR HOME WI-FI REALLY SAFE? THINK AGAIN

Also, change the default router login password immediately. Most routers ship with basic credentials like “admin/admin.” Attackers know this and can easily hijack your settings if you never change them.

If your router supports it, enable two-factor authentication (2FA) for logins. This extra step makes it much harder for attackers to gain control, even if they steal your password.

If you are not sure where to begin, I have put together a list of some of the best and most secure routers you can buy right now by visiting Cyberguy.com.

Enable strong Wi-Fi encryption

Encryption ensures that the data flowing across your network is scrambled, making it useless to anyone who tries to intercept it. Without proper encryption, nearby attackers can capture and read your traffic.

The current gold standard is WPA3, which provides the strongest protection. If your router doesn’t support it, WPA2 is still considered safe and widely used. Older options like WEP or an open, password-free network are highly insecure and should be avoided at all costs. It’s worth logging into your router’s settings just to confirm what level of encryption your network is using.

Cables run out of an internet router. (Kurt “CyberGuy” Knutsson)

Create a strong Wi-Fi password

Your Wi-Fi password is the digital equivalent of the key to your home. A short or predictable password is like leaving a spare under the doormat, and anyone determined enough can find a way in. Instead, create a long passphrase that combines upper and lowercase letters, numbers and symbols. Aim for at least 12 to 16 characters.

Consider using a password manager to generate and store complex passwords.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

Check who is connected to your network

Even with a solid password, it’s smart to check who is actually connected to your network. Most routers allow you to view a list of active devices. If you spot something you don’t recognize, investigate. It could be a neighbor piggybacking on your connection or, in the worst case, an intruder.

It also helps to disable Wi-Fi Protected Setup (WPS). This feature was designed to make connecting new devices easier, but it has security flaws that attackers can exploit. Some users go further by enabling MAC address filtering, which limits access to specific devices.

To reduce risk even more, set up a separate guest network for smart devices and visitors. That way, if one device gets hacked, your laptops and phones remain protected.

And remember, keep all your devices updated. From laptops and phones to smart bulbs and thermostats, every gadget is a potential entry point. A weak link in one device can put your entire network at risk.

IS YOUR PHONE HACKED? HOW TO TELL AND WHAT TO DO

Protect your privacy with a VPN

A Virtual Private Network, or VPN, helps solve one of the biggest issues with online privacy, which is who can see what you’re doing. When you connect through a VPN, it creates an encrypted tunnel between your device and the websites or apps you use. Everything that travels through this tunnel is hidden from outsiders, including your internet provider.

A reliable VPN is essential for protecting your online privacy and ensuring a secure, high-speed connection.

For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices at Cyberguy.com.

Don’t overlook antivirus protection

While your Wi-Fi settings form the first line of defense, you should also protect the devices connected to your network. Install strong antivirus software to block malware that could spread through downloads, emails, or malicious links. This extra step ensures that even if a threat slips past your router’s defenses, your devices stay protected.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

So, to return to Carol’s question: Is it safe to browse the internet on your home Wi-Fi? The answer is yes, but only if you take the time to secure it. Strong router settings, proper encryption and a solid password do most of the heavy lifting. Building habits such as checking who is connected, keeping devices updated and using tools like a VPN adds even greater peace of mind.

When was the last time you checked your router settings or updated its firmware? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my Cyberguy.com newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

[ad_2]

Source link

September 4, 2025