Tag: Privacy

Washington court says Flock camera images are public records

NEWYou can now listen to Fox News articles!

A Skagit County Superior Court judge ruled that images from Flock Safety automated license plate reader cameras in Stanwood and Sedro-Woolley qualify as public records under Washington’s Public Records Act.

Judge Elizabeth Yost Neidzwski said the images are “not exempt from disclosure” and explained that an agency does not need to physically hold a record for it to fall under the law.

The request that led to the ruling

The case began when Washington resident Jose Rodriguez asked Stanwood for one hour of Flock camera images. That request prompted Stanwood and neighboring Sedro-Woolley to ask the court to declare that vendor-stored data did not count as public records.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Judge Neidzwski rejected that argument. She said the cities’ ALPR images support a government purpose and meet the definition of a public record.

SEATTLE ELECTS DEMOCRATIC SOCIALIST KATIE WILSON AS MAYOR

Flock Safety cameras use AI to capture license plate images in real time, tracking vehicles as they move through neighborhoods. (Flock Safety)

However, Rodriguez will not receive the specific images he sought. The city had already allowed the footage to auto-delete after 30 days, and it expired before the ruling.

We reached out to Flock Safety, and a spokesperson provided CyberGuy with the following statement:

“The Court merely declined to exempt these records from disclosure under Washington’s extremely broad public records law. Nothing changed in the status quo in Washington as a result of this ruling — these records were covered by the law before the ruling, and remain so following the ruling. Unfortunately, some individuals in Washington have abused the breadth of the public records law to extort significant settlements from Washington communities for technical violations of the disclosure requirements, which we cannot believe is the intent of the law. We are supporting efforts to enact a legislative fix to this situation, which is costing Washington communities tens of thousands of dollars to stave off frivolous lawsuits.”

The Washington court ruling marks a major step toward transparency in how police collect and store surveillance data. (Flock Safety)

Why the decision matters for transparency

Flock’s automated license plate reader cameras capture multiple still images of passing vehicles along with time, location and license plate information. Cities use the system to assist law enforcement with investigations, relying on stored images to identify vehicles connected to crimes or alerts.

The court’s ruling raises broader questions about how local agencies manage these images once they’re created. By finding that the images qualify as public records, the decision forces cities to examine how long they retain this data, how it is stored and who may request access under state law.

Privacy advocates say the ruling highlights the need for clear policies around retention and transparency, while law enforcement groups argue that access rules must still protect ongoing investigations.

AI DASHCAMS ENHANCE TRUCKER SAFETY WHILE RAISING PRIVACY CONCERNS

The debate continues as communities weigh the balance between public safety, privacy and the right to know what’s being recorded. (Flock Safety)

How this ruling impacts privacy and surveillance

For years, cities and police agencies have argued that data stored by third-party vendors falls outside public records laws. They often make this claim even when the data documents activity on public roads. The Washington ruling did not settle broader questions about surveillance, but it rejected the idea that Flock camera images are exempt simply because a vendor stores them. This decision exposes a growing tension between how agencies use surveillance tools and what the public can access under state law.

Beryl Lipton of the Electronic Frontier Foundation, a nonprofit dedicated to defending digital privacy, free expression and transparency in technology, told Cyberguy, “The use of third-party vendors for surveillance and data storage is widespread and growing across the country, and allowing this to undermine the public’s right to know is very dangerous. The government’s primary obligation should be to its constituents, which includes protecting their rights under public records laws, not to the private vendors that they choose to employ while conducting mass surveillance. Whether an agency stores images and information on their own devices or on the private server of a vendor should not affect the appropriate disclosure of these records under public records laws. If the use of these devices makes it too difficult for a city to comply with the law, then the response should not be to circumvent the laws they find inconvenient, but rather it should be to only use vendors that won’t get in the way of a city’s ability to fulfill its responsibilities to their citizenry. Otherwise, they should not use these tools at all.”

What this means for you

If your town uses Flock or other automated license plate readers, this ruling shows how Washington courts may handle future records requests. It confirms that ALPR images can count as public records, even when a vendor stores the data.

The debate over privacy and safety continues. Supporters say public access builds trust and oversight. Critics worry that releasing vehicle data could expose sensitive details without strong safeguards or redactions.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Take my quiz: How safe is your online security?

Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com.

Kurt’s key takeaways

This ruling shows how courts may handle data from automated license plate readers. It also reveals how much vehicle information cities collect. As a result, it raises new questions about who should access these records. In addition, the decision may guide future transparency debates in Washington. However, it will also spark fresh conversations about how surveillance tools fit within state records laws.

Do you think public access to AI camera footage improves accountability or puts privacy at risk? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

November 18, 2025
Fake flight cancellation texts target travelers

NEWYou can now listen to Fox News articles!

When your phone buzzes with a message saying your flight is canceled, your first instinct is to panic. Scammers are counting on that.

A new travel scam is spreading through fake airline texts that look convincing but connect you to fraudsters instead of customer service.

These cybercriminals claim to help rebook your trip. In reality, they’re after your credit card or personal details.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

How the flight cancellation text scam works

The scam starts with a text that looks like it’s from your airline. It may include your name, flight number and a link or phone number. The message includes urgent language that says your flight is canceled or delayed and tells you to “call this number” or “click to rebook.”

PILOT WARNS ‘SHORT-HANDED, STRESSED’ AIR TRAFFIC DELAYS WILL LINGER AFTER SHUTDOWN

Scammers send fake flight cancellation texts that look official, using real airline names, flight numbers and logos to trick travelers into calling them. (Kurt “CyberGuy” Knutsson)

Once you do, you’re talking to a scammer pretending to be an airline agent. They’ll offer to “help” rebook your flight for a fee. They might ask for payment details or personal information like your birth date or passport number.

In some cases, they’ll send confirmation emails that look official to make the lie more believable.

AI-generated messages make these scams harder to spot, mimicking airline alerts so well that even frequent flyers can be fooled during busy travel seasons. (Kurt “CyberGuy” Knutsson)

Why the scam feels real

Scammers use real airline names, logos and flight numbers to make their messages look official. Many now use AI tools to generate convincing language and fake confirmations that mimic real airline alerts. These messages often arrive during busy travel seasons or storm delays, which makes them feel even more believable.

The Federal Trade Commission (FTC) warns that criminals impersonate airline customer service through fake texts and calls that say your flight is canceled. They use that panic to push you into rebooking or sharing personal details.

Meanwhile, the Better Business Bureau (BBB) reports a surge in fake cancellation notices that include phony phone numbers leading straight to scammers.

Because these alerts look real and use urgent language, even experienced travelers can mistake them for genuine updates. Staying calm and verifying directly with the airline is the best defense.

Staying calm and verifying through official airline apps or websites is the safest way to protect your money and personal information before you take action. (Kurt “CyberGuy” Knutsson)

Steps to stay safe from fake flight cancellation texts

Scammers use fear and urgency to trick travelers into clicking bad links or calling fake numbers. Follow these steps to keep your trip and information safe.

1) Verify flight changes only through official airline sources

Always confirm flight updates using the airline’s official website or mobile app. Log in directly instead of clicking on links from unexpected texts or emails. Scammers design fake links that look real, but one tap can expose your personal information.

PILOT GOES VIRAL FOR REVEALING REAL REASON YOU NEED TO SET YOUR PHONE TO AIRPLANE MODE BEFORE FLYING

2) Call only verified airline phone numbers

If you need to call customer service, use the number listed in your booking confirmation, the airline’s app or on its verified website. Never trust a phone number sent by text or social media message. Real airlines will never change their contact information mid-trip.

3) Stay calm and spot urgency traps

Scammers count on panic. Messages that say “call now,” “act fast” or “your seat will be canceled” are meant to rush you. Slow down and verify before responding. Taking a minute to check the official flight status can prevent you from losing money or data.

4) Protect your personal and financial information

Legitimate airline staff will not ask for gift card numbers, wire transfers or your bank login. Use a strong antivirus program to block phishing sites and malware designed to steal personal data if you accidentally click a bad link.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

5) Remove exposed data before scammers find it

Use a data-removal service to help scrub your personal details from people-search websites. These sites make it easier for scammers to target travelers by name, location and phone number. Keeping your information private reduces your risk.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

6) Report suspicious messages immediately

Forward scam texts to 7726 (SPAM) and report fake airline messages to the Federal Trade Commission at reportfraud.ftc.gov. Sharing reports helps agencies shut down active scams and protect other travelers.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt’s key takeaways

Fake flight cancellation scams are spreading fast, especially during busy travel seasons. Stay calm, verify changes through official airline sources, and never click random links or call unknown numbers. Technology makes travel easier, but awareness and caution are still your best defense.

Have you ever received a fake flight alert that almost fooled you? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

November 17, 2025
NordVPN Is Still a Pretty Dang Good VPN

One of my favorite new additions isn’t on the desktop app, though. NordVPN recently introduced scam call protection on Android, with an iOS version planned for the future. I’ve been using it for months, and it has easily flagged more than a hundred spam calls to my phone. It works a treat, even if it’s not one of NordVPN’s big advertised features.

Almost the Fastest VPN

NordVPN is fast. It’s not the fastest VPN I’ve tested—that’s Proton VPN—but that’s more of a rounding error than a notable difference in speed. Across five US locations, NordVPN dropped 15.32 percent of my unprotected speed on average. For context, Proton dropped 15.23 percent. Surfshark, which is also owned by Nord Security, dropped 18.84 percent, while Mullvad closed in on 24 percent.

So, NordVPN is fast, but more importantly, it’s consistent. Across the locations I tested, it never posted a slowdown of more than 20 percent, and in one location (Chicago), it only dropped a meager 6.6 percent of my unprotected speed. Overall, though, that 15 percent drop is a good representation of the speeds you can expect, at least in the US.

Speed testing with any VPN is tricky. There are a ton of factors that influence speeds beyond the server you’re connecting to. My speed testing—and any VPN speed testing, for that matter—is a snapshot in time. It provides insight into the kind of speeds you can expect on average, not a concrete number you should expect from every server at every time of day. To get the most accurate snapshot possible, I tested across five US locations at three different times of day over the course of a week. Before each test, I ran three passes of my unprotected speed to get an accurate comparison, and I threw out any results with a greater than 10 percent deviation between passes.

The best way to get around speed hurdles is to change servers, and NordVPN is solid on that front. It has around 7,400 servers, but the exact number is constantly changing. It maintains a database of its servers and locations, complete with details on the features those servers support and whether they’re virtual or physical servers.

NordVPN lives up to its monumental name. It still has a massive network, fast speeds, and a ton of features, and despite its infamous data breach, it has continued to double down on security measures. The main issue with Nord is the price. You can score a good deal on a two-year discount, but that price jumps up significantly when it comes time to renew. This is why I rank it slightly below Proton VPN, despite the two services going toe-to-toe on features and speeds. Proton Unlimited clocks in at the same monthly price as NordVPN Basic, and it comes with Proton Pass, Proton Mail, and a handful of other apps.

Jacob Roach

Source link

November 16, 2025
Apple’s New Digital ID for Air Travel Could Get You Through Security Faster

Apple just announced that it is now allowing users to upload their passport information to their Apple Wallets. According to Apple’s press release, this Digital ID will be accepted at TSA checkpoints at more than 250 airports in the U.S for domestic travel.

The digital identification allows users who may not have a REAL ID-complaint drivers license or state ID to travel without having to carry their physical passport. Of course, if you’re traveling internationally, you’re still going to need to bring your actual passport.

To set this up, open the Wallet app on your iPhone, and be sure to have your U.S. passport on hand. Then tap the add (+) button at the top of the Wallet app, choose Driver’s License and ID Cards, then pick Digital ID. From there, follow the on-screen steps to complete setup and verification.

Apple and Google have both previously allowed users to upload digital identification such as driver’s licenses to their phones as an alternative to the physical card, but adoption varies by state. U.S. Customs and Border Protection also has a Mobile Passport Control application that allows users to upload their passport information to enter the country faster, but you still need the physical identification card.

An Inc.com Featured Presentation

According to Apple, travelers can present their Digital ID by double-clicking the side or Home button to open Apple Wallet, selecting their Digital ID, and then holding their iPhone near the TSA identity reader, without actually unlocking the device. They’ll be shown exactly what information is being requested and must confirm it using Face ID or Touch ID.

The feature works a bit like Apple Pay, which last year Apple announced was “used by hundreds of millions of consumers” in a press release marking its 10-year anniversary as a payment option. Just like how Apple made the process of paying for goods a bit more seamless, the new Digital ID may do something similar in the security space.

However, privacy advocates have long warned that digital IDs could inadvertently give law enforcement access to someone’s phone. Even though officers can’t legally compel you to unlock a device—and you don’t need to unlock your phone to use this digital ID—if you do hand an officer an already unlocked phone while showing a digital ID, it may effectively grant them access without violating your rights. (The law is unsettled on whether Customs and Border Protection can ask you for your digital devices at the border, but you can’t use this digital passport to travel internationally anyways).

The early-rate deadline for the 2026 Inc. Regionals Awards is Friday, November 14, at 11:59 p.m. PT. Apply now.

Tekendra Parmar

Source link

November 13, 2025
AI-powered scams target kids while parents stay silent

NEWYou can now listen to Fox News articles!

Kids are spending more time online than ever, and that early exposure is opening the door to a new kind of danger.

Artificial intelligence has supercharged online scams, creating personalized and convincing traps that even adults can fall for. The latest Bitwarden “Cybersecurity Awareness Month 2025” poll shows that while parents know these risks exist, most still haven’t had a serious talk with their children about them.

This growing communication gap is leaving the youngest internet users vulnerable at a time when online safety depends more than ever on education and oversight.

Young children face real risks online

Children as young as preschool age are now part of the connected world, yet few truly understand how to stay safe. The Bitwarden survey found that 42% of parents with children between 3 and 5 years old said their child had accidentally shared personal information online.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

5 PHONE SAFETY TIPS EVERY PARENT SHOULD KNOW

AI-powered scams are finding new ways to reach kids who go online earlier than ever. (Kurt “CyberGuy” Knutsson)

Nearly 80% of kids between the ages of 3 and 12 already have their own tablet or another connected device. Many parents assume supervision software or family settings are enough, but that assumption breaks down when kids explore apps, games and chat spaces designed to hold their attention. Device access has become nearly universal by early elementary school, but meaningful supervision and honest safety conversations are lagging behind.

The AI threat and the parental disconnect

Artificial intelligence has changed the nature of online scams by making them sound familiar, personal and hard to recognize. Bitwarden’s data shows that 78% of parents worry their child could fall for an AI-enhanced threat, such as a voice-cloned message or a fake chat with a friend. Despite that fear, almost half of those same parents haven’t talked with their kids about what an AI-powered scam might look like. The disconnect is even stronger among Gen Z parents.

About 80% of them say they are afraid their child will fall victim to an AI-based scheme, yet 37% allow their kids full or nearly full autonomy online. In those households, problems are more common. Malware infections, unauthorized in-app purchases and phishing attempts appear at the highest rates among families who worry the most but monitor the least. The paradox is clear. Parents recognize the threat but fail to translate awareness into consistent action.

Why parents haven’t had the talk

There are many reasons this important talk keeps getting delayed. Some parents simply feel unprepared to explain AI, while others assume their existing safety tools will protect their children. Only 17% of parents in the United States actively seek information about AI technologies, according to related research by Barna Group. That leaves a large majority relying on partial knowledge or outdated advice.

Many parents also juggle multiple devices at home, making it difficult to track every app or game their child uses. Some overestimate how safe their own habits are, even though they admit to reusing passwords or skipping security updates. Without firsthand understanding or personal discipline, it becomes even harder to teach those lessons to children. As a result, many kids face the internet with curiosity but without proper guidance.

Smart ways to protect your child online

The Bitwarden findings make one thing clear: kids are getting connected younger, and scams powered by artificial intelligence are already targeting them. The good news is that parents can take practical steps right now to reduce those risks and build lasting online safety habits.

1) Keep devices where you can see them

Set up tablets, laptops and gaming consoles in shared family areas rather than bedrooms. When screens stay visible, you naturally become part of your child’s online world. This not only encourages open conversation but also helps spot suspicious messages, fake friend requests or scam links before they cause trouble.

Staying involved in your child’s digital life is the best defense against today’s AI threats. (Kurt “CyberGuy” Knutsson)

2) Use built-in parental controls

Most devices have strong tools you can activate in minutes. Apple’s Screen Time and Google Family Link let you limit screen time, approve new app installs and monitor how long your child spends on specific apps. These controls are especially useful for younger kids who, according to the Bitwarden poll, often have little supervision despite heavy device use.

TEENS TURNING TO AI FOR LOVE AND COMFORT

3) Talk through every download

Before your child installs a new game or app, take a moment to check it together. Read the reviews, look at what data it collects and confirm the developer’s name. Explain why some games or “free” apps might ask for camera or contact access they don’t need. This kind of shared review teaches healthy skepticism and helps children recognize red flags later on.

4) Make password strength and 2FA a family rule

AI scams thrive on weak or reused passwords. Use a password manager to create and store strong, unique logins for each account. Turn on two-factor authentication (2FA) wherever possible so that even if a password is stolen, the account stays protected. Let your kids see how you use these tools so they learn that security isn’t complicated, it’s just a habit.

Many parents delay important online safety talks because they feel unprepared to explain AI, leaving kids curious but without the guidance they need to stay safe. (Kurt “CyberGuy” Knutsson)

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

5) Teach them to stop and tell

One of the best defenses is simple: encourage your child to pause and talk before reacting to anything unusual online. Whether it’s a pop-up claiming a prize, a strange link in a chat or a voice message that sounds familiar, remind them it’s always okay to ask you first. Quick conversations like these can prevent costly mistakes and turn learning moments into trust-building ones.

6) Keep devices updated and use strong antivirus software

Outdated software can leave gaps that scammers exploit. Regularly update operating systems, browsers and apps to close those holes. Add strong antivirus software. Explain to your child that updates and scans keep their favorite games and videos running safely, not just their parents happy.

The best way to safeguard from malicious links that install malware, potentially accessing private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

7) Make online safety part of everyday life

Don’t save these conversations for when something goes wrong. Bring them up casually during family time or when watching YouTube or gaming together. Treat digital safety like any other life skill, something practiced daily and improved with time. The more normal it feels, the more confident your child becomes when facing online risks.

Talking about online safety early helps build trust and awareness before trouble starts. (Kurt “CyberGuy” Knutsson)

What this means for you

If you are a parent, guardian or anyone helping a child use technology, this issue deserves your attention. Start talking early, even before your child begins exploring the web on their own. Teach them simple concepts like asking before clicking or sharing. Instead of relying only on parental controls, have ongoing conversations that help them recognize suspicious links, messages or pop-ups. Show them that cybersecurity isn’t about fear but about awareness. Model strong digital habits at home by using unique passwords and turning on two-factor authentication. Explain why those steps matter. When your child understands the reasoning behind the rules, they are more likely to follow them. Make technology part of your family routine rather than a private space your child navigates alone. Regularly check the apps they use and the people they interact with. Set clear expectations and age-appropriate boundaries that can grow with your child’s experience. Staying engaged is the most powerful protection you can offer.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt’s key takeaways

The numbers from Bitwarden show a clear warning sign. Concern among parents is high, yet actual conversations about AI-powered scams remain rare. That silence gives scammers the upper hand. Children who learn about online safety early are more confident, more cautious and better equipped to handle unexpected messages or fake alerts. It only takes a few minutes of honest conversation to create awareness that lasts for years. By taking action now, you can close the gap between fear and understanding, protecting your family in a digital world that changes every day.

Are you ready to start the conversation that could keep your child from becoming the next target of an AI-powered scam? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

November 12, 2025
Connecticut man loses life savings in crypto scam

NEWYou can now listen to Fox News articles!

When Joe A. from Shelton, Connecticut, received a text about a crypto investment opportunity, he thought it was his chance to rebuild after a divorce. Instead, he lost every dollar he had. Joe’s story is a heartbreaking reminder of how easy it is to fall for an online investment scam that promises quick success and easy money.

Joe has allowed Cyberguy to tell his powerful story so that others can learn from his experience and protect themselves from similar scams. Here is how it all went down and how you can protect yourself from falling into the same trap.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

HOW TO STOP IMPOSTOR BANK SCAMS BEFORE THEY DRAIN YOUR WALLET

After his account access vanished, scammers allegedly demanded more cash to “reactivate” it. By then, Joe’s retirement savings were wiped out. (Gabby Jones/Bloomberg via Getty Images)

How the online investment scam began

In August, Joe got a message from a company calling itself “ZAP Solutions.” It promised that if he invested $30,000, he’d soon have $368,000 in returns. It sounded like a smart move. Like many victims, Joe believed the pitch because it seemed professional and legitimate.

But soon he was led deeper into a trap. Each “short-term investment” required another wire transfer. Before he knew it, Joe had sent every penny, his 401K, IRA and other investments.

When the investment scam fell apart

The moment Joe was locked out of his account, panic set in. The scammers demanded more money to “reactivate” it. By the end, Joe had lost $228,000.

His mother, Carol, was devastated when she found out.

“I was shocked,” she said. “He showed us the screenshots, the messages. He emptied everything.”

Joe and his family filed a police report with local authorities and contacted the FBI. But, according to officers, recovery is unlikely.

“They told us there’s no way to get it back,” Carol said. “These cyberstalkers move the money too fast.”

The bigger picture: Online investment scams are rising

Joe’s story isn’t unique. The FBI reports that cybercriminals have stolen more than $50 billion from Americans in just five years. Scammers prey on emotion, targeting people who are hopeful, lonely or in transition.

“If it seems too good to be true, it probably is,” Joe said, stating a phrase we all should remember.

How to protect yourself from online investment scams

Staying safe starts with awareness and consistent action. Cybercriminals are getting more creative, so protecting your finances means staying alert every step of the way. Follow these proven steps to safeguard your accounts and identity.

1) Research before you invest

Always verify any investment opportunity before sending money. Look up the company through official government or financial websites, such as the SEC’s Investment Adviser Public Disclosure database or FINRA’s BrokerCheck. Read reviews, confirm licenses and search for scam alerts online.

2) Be suspicious of unsolicited messages and use strong antivirus software

If a text, email or social media message promises high returns, stop and think. Legitimate firms never cold-contact people about investment offers. Delete suspicious messages immediately and never click on links from unknown sources. Install and regularly update strong antivirus software on all your devices. This can block phishing attempts, malicious downloads, and fake investment platforms designed to steal your data.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKS

Joe’s mother says the family filed police and FBI reports, but recovery is unlikely as criminals move money fast across borders and accounts. (Silas Stein/picture alliance via Getty Images)

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

3) Check email addresses and website domains

Scammers often use domains that look almost identical to real ones. Double-check for misspellings, extra letters or unusual web extensions like “.co” or “.biz.” If you’re unsure, search for the official company site separately in your browser.

4) Never wire money to strangers

Once you wire money to a scammer, recovery is nearly impossible. Never send money to someone you’ve only met online, even if they claim to represent a reputable company. Always confirm payment details through verified sources.

5) Talk to a trusted financial advisor

Before you invest large sums, get a second opinion from a licensed financial advisor. A professional can spot red flags and unrealistic promises that you might overlook.

6) Use a data removal service

Protect your personal information by using a data removal or privacy service that scrubs your phone number, address and other details from people search sites. This reduces the chance of scammers finding and targeting you.

While no service can guarantee the complete removal of your data from the Internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

7) Enroll in an identity theft protection service

If scammers have your personal details, they could try to open credit cards or loans in your name. Enrolling in a reputable identity theft protection service adds another layer of security by monitoring your credit and alerting you to suspicious activity.

Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

FBI WARNS SENIORS ABOUT BILLION-DOLLAR SCAM DRAINING RETIREMENT FUNDS, EXPERT SAYS AI DRIVING IT

From antivirus and data-removal services to identity theft monitoring, CyberGuy shares concrete steps to block phishing, verify firms and protect your money. (Gabby Jones/Bloomberg via Getty Images)

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

8) Report suspicious activity immediately

If you believe you’ve been targeted or scammed, act fast. Contact your local police department and your bank and file a report with the FBI’s Internet Crime Complaint Center (IC3). Quick action can sometimes limit further loss or help investigators trace the fraud.

Kurt’s key takeaways

Joe’s story is painful, but it’s also powerful. His honesty may stop someone else from losing everything. Online scams thrive when people stay silent, but sharing stories like Joe’s helps others stay alert. So, before you trust anyone promising quick profits online, take a pause, verify everything and remember Joe’s story because one moment of caution could save you from a lifetime of regret.

CLICK HERE TO GET THE FOX NEWS APP

Have you ever received an investment offer that seemed too good to be true? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

November 8, 2025
One Tech Tip: Modern cars are spying on you. Here’s what you can do about it

While driving to a new restaurant, your car’s satellite navigation system tracks your location and guides you to the destination. Onboard cameras constantly track your face and eye movements. When another car veers into your path, forcing you to slam on the brakes, sensors are assisting and recording. Waiting at a stoplight, the car notices when you unbuckle your seat belt to grab your sunglasses in the backseat.

Modern cars are computers on wheels that are becoming increasingly connected, enabling innovative new features that make driving safer and more convenient. But these systems are also collecting reams of data on our driving habits and other personal information, raising concerns about data privacy.

Here is what to know about how your car spies on you and how you can minimize it:

How cars collect data

It’s hard to figure out exactly how much data a modern car is collecting on you, according to the Mozilla Foundation, which analyzed privacy practices at 25 auto brands in 2023. It declared that cars were the worst product category that the group had ever reviewed for privacy.

AP AUDIO: One Tech Tip: Modern cars are spying on you. Here’s what you can do about it

Modern cars are spying on you. AP’s Kelvin Chan reports.

The data points include all your normal interactions with the car — such as turning the steering wheel or unlocking doors — but also data from connected onboard services, like satellite radio, GPS navigation systems, connected devices, telematics systems as well as data from sensors or cameras.

Vehicle telematics systems started to become commonplace about a decade ago, and the practice of automotive data collection took off about five years ago.

The problem is not just that data is being collected but who it’s provided to, including insurers, marketing companies and shadowy data brokers. The issue surfaced earlier this year when General Motors was banned for five years from disclosing data collected from drivers to consumer reporting agencies.

The Federal Trade Commission accused GM of not getting consent before sharing the data, which included every instance when a driver was speeding or driving late at night. It was ultimately provided to insurance companies that used it to set their rates.

Be aware

The first thing drivers should do is be aware of what data their car is collecting, said Andrea Amico, founder of Privacy4Cars, an automotive privacy company.

In an ideal world, drivers would read through the instruction manuals and documentation that comes with their cars, and quiz the dealership about what’s being collected.

But it’s not always practical to do this, and manufacturers don’t always make it easy to find out, while dealership staff aren’t always the best informed, Amico said.

Privacy4Cars offers a free auto privacy labeling service at vehicleprivacyreport.com that can summarize what your car could be tracking.

Owners can punch in their car’s Vehicle Identification Number, which then pulls up the automaker’s data privacy practices, such as whether the car collects location data and whether it’s given to insurers, data brokers or law enforcement.

Tweak your settings

Data collection and tracking start as soon as you drive a new car off the dealership lot, with drivers unwittingly consenting when they’re confronted with warning menus on dashboard touch screens.

Experts say that some of the data collection is baked into the system, you can revoke your consent by going back into the menus.

“There are permissions in your settings that you can make choices about,” said Lauren Hendry Parsons of Mozilla. “Go through on a granular level and look at those settings where you can.”

For example, Toyota says on its website that drivers can decline what it calls “Master Data Consent” through the Toyota app. Ford says owners can opt to stop sharing vehicle data with the company by going through the dashboard settings menu or on the FordPass app.

BMW says privacy settings can be adjusted through the infotainment system, “on a spectrum between” allowing all services including analysis data and none at all.

You can opt out

…

Drivers in the U.S. can ask carmakers to restrict what they do with their data.

Under state privacy laws, some carmakers allow owners across the United States to submit requests to limit the use of their personal data, opt out of sharing it, or delete it, Consumer Reports says. Other auto companies limit the requests to people in states with applicable privacy laws, the publication says.

You can file a request either through an online form or the carmaker’s mobile app.

You can also go through Privacy4Cars, which provides a free online service that streamlines the process. It can either point car owners to their automaker’s request portal or file a submission on behalf of owners in the U.S., Canada, the European Union, Britain and Australia.

… but there will be trade-offs

Experts warn that there’s usually a trade-off if you decide to switch off data collection.

Most people, for example, have switched to satellite navigation systems over paper maps because it’s “worth the convenience of being able to get from point A to point B really easily,” said Hendry Parsons.

Turning off location tracking could also halt features like roadside assistance or disable smartphone app features like remote door locking, Consumer Reports says.

BMW advises that if an owner opts to have no data shared at all, “their vehicle will behave like a smartphone in flight mode and will not transmit any data to the BMW back end.”

When selling your car

When the time comes to sell your car or trade it in for a newer model, it’s no longer as simple as handing over the keys and signing over some paperwork.

If you’ve got a newer car, experts say you should always do a factory reset to wipe all the data, which will also include removing any smartphone connections.

And don’t forget to notify the manufacturer about the change of ownership.

Amico said that’s important because if you trade in your vehicle, you don’t want insurers to associate it with your profile if the dealer is letting customers take it for test drives.

“Now your record may be affected by somebody else’s driving — a complete stranger that you have no relationship with.”

____

Is there a tech topic that you think needs explaining? Write to us at [email protected] with your suggestions for future editions of One Tech Tip.

___

This story has been corrected to show that the Mozilla representative’s first name is Lauren, not Laura.

Source link

November 7, 2025
Russian hackers use fake CAPTCHA tests to spread new malware families across multiple targets

NEWYou can now listen to Fox News articles!

Russian state-backed hackers have stepped up their game with new malware families that hide behind fake CAPTCHA tests. The group, known as Star Blizzard or ColdRiver, now uses ClickFix attacks to trick people into launching dangerous malware disguised as a simple “I’m not a robot” check.

These attacks represent a new wave of cyber deception, targeting governments, journalists and NGOs with malware that keeps changing faster than researchers can analyze it.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter

The ClickFix trap: A new kind of social engineering

Google’s Threat Intelligence Group (GTIG) first observed the hackers using LostKeys malware in espionage operations. Once researchers exposed it, the attackers pivoted quickly, abandoning LostKeys within a week and deploying new tools: NoRobot, YesRobot and MaybeRobot.

NORTH KOREAN HACKERS USE AI TO FORGE MILITARY IDS

The ClickFix attack works like this: a victim lands on a fake CAPTCHA page that looks identical to the real thing. When they click to prove they’re human, the system silently runs NoRobot, infecting the computer and establishing persistence via registry changes and scheduled tasks.

A fake “I’m not a robot” CAPTCHA can launch hidden malware in seconds. (Jens Büttner/picture alliance via Getty Images)

Inside the Russian “robot” malware chain

The Russian hackers built their latest attack around a chain of connected malware families that unfold step by step once a victim clicks the fake CAPTCHA.

NoRobot: The entry point

NoRobot acts as the first stage of infection. It prepares the environment by downloading files, modifying registry keys and creating tasks to ensure it stays active even after a reboot.

YesRobot: The brief experiment

The hackers briefly tested YesRobot, a Python-based backdoor, but dropped it quickly after realizing the full Python installation drew unwanted attention from defenders.

3,000+ YOUTUBE VIDEOS DELIVER MALWARE DISGUISED AS FREE SOFTWARE

MaybeRobot: The new weapon

MaybeRobot replaced YesRobot as a stealthier PowerShell-based tool. It can download and execute payloads, run command prompts, and send stolen data back to the attackers. Researchers say MaybeRobot’s development has now stabilized, allowing the hackers to focus on refining NoRobot’s stealth.

How these attacks keep evolving

Security analysts noticed the malware’s delivery chain has shifted several times. At one point, it became “drastically simplified,” only to grow complex again as the attackers began splitting cryptographic keys across multiple files. This strategy makes it harder for researchers to reconstruct how infections work. Without every piece of the puzzle, the final malware payload cannot be decrypted correctly.

Who’s being targeted by the Russian malware

ColdRiver’s operations have been linked to the Russian intelligence service (FSB), with years of activity focused on espionage and data theft. The group has consistently targeted Western governments, think tanks, media organizations and NGOs to steal sensitive information and gain strategic insight.

Despite sanctions, infrastructure takedowns and public exposure, the hackers continue to evolve. Their quick shift from LostKeys to NoRobot and MaybeRobot shows a highly organized and well-funded operation capable of retooling within days.

Researchers warn that Russian hackers now use realistic CAPTCHA traps to spread new “Robot” malware strains. (Kristian Tuxen Ladegaard Berg/NurPhoto via Getty Images)

CAPTCHAGEDDON SIGNALS A DANGEROUS SHIFT

Even if you’re not a government or corporate target, these evolving attacks serve as a reminder that anyone connected to the internet is at some level of risk. Compromised personal accounts, reused passwords or infected email attachments can make everyday users an easy entry point for larger campaigns.

While these threats may aim high, their reach extends everywhere. Awareness and cautious online behavior are essential for everyone.

How to stay safe from Russian malware hidden in fake CAPTCHAs

These practical steps can help you protect your data and devices from the growing wave of Russian malware using fake CAPTCHA pages to spread.

1) Be cautious with unexpected CAPTCHA challenges

Fake “I’m not a robot” pages are the main lure in this Russian malware campaign. If you’re redirected to a CAPTCHA on an unfamiliar site or after clicking a suspicious link, stop immediately. Real CAPTCHAs usually appear only on trusted websites, not random pop-ups or login pages. When in doubt, close the page and verify the URL before taking any action.

2) Use strong antivirus software

Choose reputable antivirus protection that not only scans for known malware but also monitors suspicious behavior. Since the “Robot” malware evolves rapidly, behavior-based detection helps stop new variants before signature updates are available. Enable automatic updates and schedule daily scans to catch infections early. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

META ACCOUNT SUSPENSION SCAM HIDES FILEFIX MALWARE

3) Consider a data removal service to reduce exposure

Many cyberattacks begin with publicly available data. Using a data removal or privacy protection service helps eliminate your personal information from data broker sites. By reducing what hackers can find online, you make it harder for them to tailor phishing emails or social engineering traps that lead to malware infection.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

4) Keep all software and operating systems updated

The malware used in these attacks exploits known security flaws in unpatched systems. Always apply updates as soon as they’re released. Turn on automatic updates for your browser, antivirus and operating system. Outdated software is one of the easiest entry points for Russian hackers and other advanced groups.

Cyber experts say awareness is the best defense as these evolving attacks target both organizations and everyday users. (Kurt “CyberGuy” Knutsson)

AI FLAW LEAKED GMAIL DATA BEFORE OPENAI PATCH

5) Use multi-factor authentication (MFA) everywhere possible

Even if a hacker steals credentials through malware or phishing, MFA adds another layer of protection. Require it for email, VPNs, and cloud services. This simple step can block most unauthorized access attempts.

6) Back up data regularly

A ransomware payload could be the next evolution of this malware family. Back up critical data to both an external drive and cloud storage.

Kurt’s key takeaways

The rise of these Russian malware campaigns is a reminder that cybercriminals are always one step ahead. What looks like a harmless “I’m not a robot” test can actually hide a serious threat. Protecting yourself isn’t just about having antivirus software; it’s about staying alert to small online details that can make a big difference. Keep your devices updated, question unexpected pop-ups, and use trusted tools to guard your personal information. With a little caution and consistency, you can outsmart even the most deceptive attacks.

What concerns you most about today’s online security risks? Let us know by writing to us at Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

November 7, 2025
How to stop impostor bank scams before they drain your wallet
NEWYou can now listen to Fox News articles!

Losing your life savings to fraud is not a distant fear; it is a real and growing risk. Scams involving criminals pretending to be bank representatives have surged, with the Federal Trade Commission (FTC) reporting record-breaking losses exceeding $2.9 billion in recent data. These criminals no longer rely on basic phone tricks. Instead, they use caller ID spoofing and artificial-voice software to sound like trusted professionals, often imitating real bank employees down to the smallest detail.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

HOW SCAMMERS EXPLOIT YOUR DATA FOR ‘PRE-APPROVED’ RETIREMENT SCAMS

What impostor bank scams look like

Scammers pretending to be from your bank follow a predictable yet terrifying pattern. They begin with an urgent phone call warning that your account has been compromised. The caller ID displays your bank’s real number, which builds instant trust.

Impostor scams have become one of the fastest-growing crimes in America, costing victims billions each year. (Kurt “CyberGuy” Knutsson)

Next, they instruct you to move your money into a so-called “safe” or “decoy” account while they “investigate” the issue. Their goal is to create fear and push you into action before you have time to think.

One journalist reportedly learned this lesson the hard way when he answered what appeared to be a legitimate call from Chase Bank. After a series of convincing conversations with multiple “representatives,” he transferred nearly $30,000 to scammers. In another case, a 65-year-old caterer reportedly lost $162,000 when a friendly woman pretending to be a bank employee claimed her ATM card had been compromised. These stories are not rare; they reflect how sophisticated and believable modern scams have become.

Why you and others are targets

Banks are trusted institutions, and scammers know it. That trust makes impersonation one of the easiest and most effective fraud tactics today. With spoofing tools, criminals can mimic real bank phone numbers and even use AI to reproduce familiar voices. Their approach is psychological: they create panic and urgency to make victims act quickly and irrationally.

Older adults are particularly vulnerable. The FTC found that losses of over $100,000 to impostor scams among people aged 60 and older have skyrocketed, from $55 million in 2020 to $445 million in 2024. These numbers highlight how no one is immune to manipulation when fear and urgency collide.

Criminals exploit fear, trust and technology to pressure victims into acting before they can think clearly. (Kurt “CyberGuy” Knutsson)

9 smart tips to protect yourself from impostor scams

Impostor scams move fast, but with the right precautions, you can stop them before they strike.

1) Never trust caller ID alone

Spoofed numbers make a call appear as if it’s coming from your bank, even when it’s not.

2) Hang up and call your bank using a verified number

Do not return calls using numbers given to you by the person who contacted you. Always call the number printed on your debit or credit card.

3) Use a data removal service to protect your identity

Scammers often collect phone numbers, email addresses and other personal details from public records and data broker sites. Using a trusted data removal service helps wipe that information from the web, reducing the chances that criminals can use your data to impersonate you.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Scammers often pose as bank employees, using fake caller IDs and urgent stories to trick people into sending money. (Kurt “CyberGuy” Knutsson)

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

4) Your bank will never ask you to transfer money

Any request to move funds “for protection” is a red flag for fraud.

NATIONAL PROGRAM HELPS SENIORS SPOT SCAMS AS LOSSES SURGE

5) Use strong antivirus software

Scammers often send fake links or pop-ups that install malicious programs on your device. A strong antivirus program can detect these threats, block phishing attempts and stop remote-access tools that give criminals control of your computer. Keeping your software updated adds another layer of protection against evolving scams.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

6) Never share verification codes or PINs

Banks do not ask for your codes over the phone, text or email.

7) Use call-blocking or scam-identifier apps

Adding these tools to your phone can filter many spoofed calls before they reach you. Both iPhone and Android devices have built-in settings and apps that help you stop scam calls before you even pick up.

If you use an iPhone:
- Go to Settings
- Tap Apps
- Click Phone
- Under Unknown Callers, click Silence to automatically block unsaved numbers that aren’t in your contacts.
Android phones offer similar protection:

Settings may vary depending on your Android phone’s manufacturer.
- Go to the Phone app
- Click Settings
- Tap Caller ID & Spam
- Click Filter Spam Calls, or you might be asked to toggle on Caller ID and spam protection, to automatically identify and block numbers flagged as potential scams.
8) Pause if something feels urgent and frightening

Scammers depend on panic. Taking a moment to breathe could save your savings.

9) Report suspicious activity immediately

If you suspect a scam, contact your bank, file a complaint with the FTC at ReportFraud.ftc.gov and alert local law enforcement.

What to do if you’ve been targeted

If you believe you have fallen victim, act quickly.

1) Contact your bank and request a freeze or close monitoring of your accounts.

2) File a report with the FTC and your local police department, even if you believe recovery is unlikely.

3) Keep every piece of evidence, including phone records, text messages and transfer confirmations.

4) Change all passwords and enable transaction alerts on every sensitive account to prevent further damage. Consider using a password manager, which securely stores and generates complex passwords, reducing the risk of password reuse.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

5) Sign up with an Identity Theft Protection service that can monitor personal information like your Social Security Number (SSN), phone number and email address, and alert you if it is sold on the dark web or used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt’s key takeaways

Fraud can strike anyone, anywhere, at any time. Scammers have become smarter, faster and more convincing than ever before. They use fear, urgency and technology to make their lies sound real. But you can fight back with knowledge and caution. Stay alert every time your phone rings or your inbox pings. Slow down before you react. Verify before you trust. The few seconds you take to double-check could be what saves your life savings. Remember, even the most tech-savvy people fall for scams when emotions take over. The real key to protection isn’t fear, it’s awareness and action. Share what you know with friends, family and coworkers. The more people who understand how these scams work, the harder it becomes for criminals to win.

Are banks really doing enough to protect you from impostor scams? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
November 6, 2025
California Legislation Could Lead to Better Online Privacy Nationwide

The privacy changes web browsers will be required to make under a new California law could set the de facto standard for the entire country, changing how Americans control their data when using the internet, according to experts.

Assembly Bill 566, recently signed into law by Gov. Gavin Newsom, requires companies that make web browsers to offer users an opt-out “signal” that automatically tells websites not to share or sell their personal information as they browse.

It will likely be easier for companies to roll out the service for the entire country, rather than for users only in California.

“It’s such a trivial implementation,” said Emory Roane, associate director of policy at Privacy Rights Clearinghouse, an organization that pushed for the legislation. “It’s really not that difficult technically.”

The legislation, a first of its kind in the country, was sponsored by the California Privacy Protection Agency, the state’s consumer privacy watchdog, as well as several consumer advocacy and privacy rights groups.

Under the law, browsers like Google’s Chrome and Microsoft’s Edge will have until the beginning of 2027 to create a way for consumers to select the signal. Combined with recent changes from other states, the new law could be a tipping point in how web traffic is treated in the United States.

“We expect it to have a national impact,” Roane said.

California already offers privacy protections under the California Consumer Privacy Act, including customers’ right to opt out from having their information sold.

But advocates for the new law point out this still puts the burden on the consumer to navigate to web pages and individually select web pages to opt out from. The new tool will effectively automate that process, giving consumers a single toggle to keep their data protected.

“I would argue if you have to go to every individual website and click the link saying you ‘don’t want your information sold or shared,’ that’s not really a meaningful privacy right,” said Caitriona Fitzgerald, deputy director of the Electronic Privacy Information Center, another organization that pressed for AB 566.

Already, some browser makers have voluntarily offered similar settings under a framework called the Global Privacy Control. Mozilla’s Firefox, for example, includes a setting called “tell websites not to sell or share your data.” With that setting on, the browser communicates to sites that the visitor wants the site to respect the user’s preference.

But until now, browsers haven’t been required to offer a setting that uses the Global Privacy Control or another standard to communicate users’ preferences. “There are browser extensions but those aren’t very widely used,” said Nick Doty, senior technologist at the Center for Democracy and Technology.

Since it would likely be burdensome for companies to carve out a way to only allow the signal to be used by Californians, according to experts, the tool will likely be available across the country. How, exactly, that will look still remains to be seen. The legislation doesn’t require browser makers to use a specific standard.

Spokespeople for Google and Microsoft declined to comment on the companies’ plans.

There’s still a risk that some websites may try to detect which state a visitor is from, and only respect the signal if they find the visitor is from a state that mandates it.

This is legally risky, though, according to Roane, who points out that AB 566 applies to residents of California, regardless of whether they’re using the web from California.

“If I’m safe saying I’m a resident and you’re assuming I’m not and you’re flagrantly not respecting my privacy wishes, that is a violation of the law,” Roane said.

Pushback from Google and the industry

The law didn’t get across the finish line without friction. As CalMatters reported in September, despite not being publicly against the legislation, Google organized opposition to the bill through a group it backs financially.

AB 566 also wasn’t the first attempt at such legislation. Newsom vetoed a similar, but slightly more expansive, version of the bill in 2024.

But now that the door is open, some advocates say they are going to continue to push to further expand privacy preferences.

Roane notes that legislation could be drafted that requires connected smart devices to offer an opt-out preference, or for vehicles that gather data on drivers to respect opt-out preference requests.

“We are finally, finally starting to have real privacy rights,” Roane said, “but we’re far away from them being really easy to exercise across the country and across the border and even in states like California where we have these rights.”

This story was originally published by CalMatters and distributed through a partnership with The Associated Press.

Copyright 2025 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Photos You Should See – Oct. 2025

Associated Press

Source link

November 5, 2025
Protecting kids from AI chatbots: What the GUARD Act means
NEWYou can now listen to Fox News articles!

A new bipartisan bill introduced by Sens. Josh Hawley, R-Mo., and Richard Blumenthal, D-Conn., would bar minors (under 18) from interacting with certain AI chatbots. It taps into growing alarm about children using “AI companions” and the risks these systems may pose.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

What’s the deal with the proposed GUARD Act?

Here are some of the key features of the proposed Guard Act:
- AI companies would be required to verify user age with “reasonable age-verification measures” (for example, a government ID) rather than simply asking for a birthdate.
- If a user is found to be under 18, a company must prohibit them from accessing an “AI companion.”
- The bill also mandates that chatbots clearly disclose they are not human and do not hold professional credentials (therapy, medical, legal) in every conversation.
- It creates new criminal and civil penalties for companies that knowingly provide chatbots to minors that solicit or facilitate sexual content, self-harm or violence.
Bipartisan lawmakers, including Senators Josh Hawley and Richard Blumenthal, introduced the GUARD Act to protect minors from unregulated AI chatbots. (Kurt “CyberGuy” Knutsson)

The motivation: lawmakers cite testimony of parents, child welfare experts and growing lawsuits alleging that some chatbots manipulated minors, encouraged self-harm or worse. The basic framework of the GUARD Act is clear, but the details reveal how extensive its reach could be for tech companies and families alike.

META AI DOCS EXPOSED, ALLOWING CHATBOTS TO FLIRT WITH KIDS

Why is this such a big deal?

This bill is more than another piece of tech regulation. It sits at the center of a growing debate over how far artificial intelligence should reach into children’s lives.

Rapid AI growth + child safety concerns

AI chatbots are no longer toys. Many kids are using them. Hawley cited more than 70 percent of American children engaging with these products. These chatbots can provide human-like responses, emotional mimicry and sometimes invite ongoing conversations. For minors, these interactions can blur boundaries between machine and human, and they may seek guidance or emotional connection from an algorithm rather than a real person.

Legal, ethical and technological stakes

If this bill passes, it could reshape how the AI industry manages minors, age verification, disclosures and liability. It shows that Congress is ready to move away from voluntary self-regulation and toward firm guardrails when children are involved. The proposal may also open the door for similar laws in other high-risk areas, such as mental health bots and educational assistants. Overall, it marks a shift from waiting to see how AI develops to acting now to protect young users.

Parents across the country are calling for stronger safeguards as more than 70 percent of children use AI chatbots that can mimic empathy and emotional support. (Kurt “CyberGuy” Knutsson)

Industry pushback and innovation concerns

Some tech companies argue that such regulation could stifle innovation, limit beneficial uses of conversational AI (education, mental-health support for older teens) or impose heavy compliance burdens. This tension between safety and innovation is at the heart of the debate.

What the GUARD Act requires from AI companies

If passed, the GUARD Act would impose strict federal standards on how AI companies design, verify and manage their chatbots, especially when minors are involved. The bill outlines several key obligations aimed at protecting children and holding companies accountable for harmful interactions.
- The first major requirement centers on age verification. Companies must use reliable methods such as government-issued identification or other proven tools to confirm that a user is at least 18 years old. Simply asking for a birthdate is no longer enough.
- The second rule involves clear disclosures. Every chatbot must tell users at the start of each conversation, and at regular intervals, that it is an artificial intelligence system, not a human being. The chatbot must also clarify that it does not hold professional credentials such as medical, legal or therapeutic licenses.
- Another provision establishes an access ban for minors. If a user is verified as under 18, the company must block access to any “AI companion” feature that simulates friendship, therapy or emotional communication.
- The bill also introduces civil and criminal penalties for companies that violate these rules. Any chatbot that encourages or engages in sexually explicit conversations with minors, promotes self-harm or incites violence could trigger significant fines or legal consequences.
- Finally, the GUARD Act defines an AI companion as a system designed to foster interpersonal or emotional interaction with users, such as friendship or therapeutic dialogue. This definition makes it clear that the law targets chatbots capable of forming human-like connections, not limited-purpose assistants.
The proposed GUARD Act would require chatbots to verify users’ ages, disclose they are not human and block under-18 users from AI companion features. (Kurt “CyberGuy” Knutsson)

OHIO LAWMAKER PROPOSES COMPREHENSIVE BAN ON MARRYING AI SYSTEMS AND GRANTING LEGAL PERSONHOOD

How to stay safe in the meantime

Technology often moves faster than laws, which means families, schools and caregivers must take the lead in protecting young users right now. These steps can help create safer online habits while lawmakers debate how to regulate AI chatbots.

1) Know which bots your kids use

Start by finding out which chatbots your kids talk to and what those bots are designed for. Some are made for entertainment or education, while others focus on emotional support or companionship. Understanding each bot’s purpose helps you spot when a tool crosses from harmless fun into something more personal or manipulative.

2) Set clear rules about interaction

Even if a chatbot is labeled safe, decide together when and how it can be used. Encourage open communication by asking your child to show you their chats and explain what they like about them. Framing this as curiosity, not control, builds trust and keeps the conversation ongoing.

3) Use parental controls and age filters

Take advantage of built-in safety features whenever possible. Turn on parental controls, activate kid-friendly modes and block apps that allow private or unmonitored chats. Small settings changes can make a big difference in reducing exposure to harmful or suggestive content.

4) Teach children that bots are not humans

Remind kids that even the most advanced chatbot is still software. It can mimic empathy, but does not understand or care in a human sense. Help them recognize that advice about mental health, relationships or safety should always come from trusted adults, not from an algorithm.

5) Watch for warning signs

Stay alert for changes in behavior that could signal a problem. If a child becomes withdrawn, spends long hours chatting privately with a bot or repeats harmful ideas, step in early. Talk openly about what is happening, and if necessary, seek professional help.

6) Stay informed as the laws evolve

Regulations such as the GUARD Act and new state measures, including California’s SB 243, are still taking shape. Keep up with updates so you know what protections exist and which questions to ask app developers or schools. Awareness is the first line of defense in a fast-moving digital world.

Take my quiz: How safe is your online security?

Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt’s key takeaways

The GUARD Act represents a bold step toward regulating the intersection of minors and AI chatbots. It reflects growing concern that unmoderated AI companionship might harm vulnerable users, especially children. Of course, regulation alone won’t solve all problems, industry practices, platform design, parental involvement and education all matter. But this bill signals that the era of “build it and see what happens” for conversational AI may be ending when children are involved. As technology continues to evolve, our laws and our personal practices must evolve too. For now, staying informed, setting boundaries and treating chatbot interactions with the same scrutiny we treat human ones can make a real difference.

If a law like the GUARD Act becomes reality, should we expect similar regulation for all emotional AI tools aimed at kids (tutors, virtual friends, games) or are chatbots fundamentally different? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
November 5, 2025
Australia adds Reddit and Kick to social media platforms banning children under 16

MELBOURNE, Australia (AP) — Australia has added message board Reddit and livestreaming service Kick to its list of social media platforms that must ban children younger than 16 from holding accounts.

The platforms join Facebook, Instagram, Snapchat, Threads, TikTok, X and YouTube in facing a world-first legal obligation to shut the accounts of younger Australian children from Dec. 10, Communications Minister Anika Wells said on Wednesday.

Platforms that fail to take reasonable steps to exclude children younger than 16 could be punished with a fine of up to 50 million Australian dollars ($33 million).

“We have met with several of the social media platforms in the past month so that they understand there is no excuse for failure to implement this law,” Wells told reporters in Canberra.

“Online platforms use technology to target children with chilling control. We are merely asking that they use that same technology to keep children safe online,” Wells added.

Australia’s eSafety Commissioner Julie Inman Grant, who will enforce the social media ban, said the list of age-restricted platforms would evolve with new technologies.

The nine platforms currently age-restricted meet the key requirement that their “sole or significant purpose is to enable online social interaction,” a government statement said.

Inman Grant said she would work with academics to evaluate the impacts of the ban, including whether children sleep or interact more or become more physically active.

“We’ll also look for unintended consequences and we’ll be gathering evidence” so that others could learn from Australia’s achievements, Inman Grant said.

Australia’s move is being closely watched by countries that share concerns about social media impacts on young children.

European Commission President Ursula von der Leyen told a United Nations forum in New York in September that she was “inspired” by Australia’s “common sense” move to legislate the age restriction.

Critics of the legislation fear that banning young children from social media will impact the privacy of all users, who must establish they are older than 16.

Wells recently said the government seeks to keep platform users’ data as private as possible.

More than 140 Australian and international academics with expertise in fields related to technology and child welfare signed an open letter to Prime Minister Anthony Albanese last year opposing a social media age limit as “too blunt an instrument to address risks effectively.”

Source link

November 4, 2025
FBI Warns of Criminals Posing as ICE, Urges Agents to ID Themselves

Criminals posing as US immigration officers have carried out robberies, kidnappings, and sexual assaults in several states, warns a law enforcement bulletin issued last month by the Federal Bureau of Investigation. The bureau urges agencies to ensure officers clearly identify themselves and to cooperate when civilians ask to verify an officer’s identity—including by allowing calls to a local police precinct. “Ensure law enforcement personnel adequality [sic] identify themselves during operations and cooperate with individuals who request further verification,” it says.

First reported by WIRED, the bulletin cites five 2025 incidents involving fake immigration officers and says criminals are using Immigration and Custom Enforcement’s heightened profile to target vulnerable communities, making it harder for Americans to distinguish between lawful officers and imposters while eroding trust in law enforcement. A review of public reporting confirms four of the five cases described in the bulletin. One appears to have gone unreported, suggesting the FBI drew in part on internal law enforcement information. The document was first obtained by the transparency nonprofit Property of the People.

On August 7, according to the FBI, three men in black vests entered a New York restaurant claiming to be ICE agents. Inside, they tied a worker’s hands and pulled a garbage bag over the person’s head. Another, believing the burglars’ story, surrendered themselves, only to be kicked to the ground and tied up as the intruders robbed an ATM.

The bureau’s advisory urges agencies at every level of government to coordinate to “verify legitimate versus non-legitimate operations” attributed to ICE—a call that frames the wave of impersonations as a national law-enforcement concern.

The FBI declined to comment. Its national press office said that it could only respond to media inquiries involving national security, violations of federal law, or essential public safety functions during the government shutdown.

Cases cited by its advisory span kidnappings, street crime, and sexual violence: In Bay County, Florida, the advisory says, a woman “unzipped [her] jacket and revealed a shirt that said ICE” and told her ex-boyfriend’s wife she was there to “pick her up,” before driving her to an apartment complex. The woman later escaped. In Brooklyn, it alleges, a man told a woman he was an immigration officer and “directed [her] to a nearby stairwell,” where he punched her, tried to rape her, and stole her phone before police caught him. In Raleigh, North Carolina, it claims, a man “entered [a] motel room and threatened to deport the woman if she did not have sex with him,” telling her he was a sworn officer. He showed her a business card with a badge, police said.

The FBI describes a few signs of impersonation: forged or mismatched credentials, outdated protective gear, and cloned vehicle markings. It’s urging agencies to launch outreach programs aimed at identifying fake ICE agents, a step the FBI argues could counteract the mistrust caused by impersonators and strengthen law enforcement’s image.

Dell Cameron, Caroline Haskins

Source link

November 4, 2025
Ghost-tapping scam targets tap-to-pay users

NEWYou can now listen to Fox News articles!

A new scam called ghost tapping is spreading across the country. The Better Business Bureau (BBB) warns that scammers are using this tactic to steal money from people who use tap-to-pay credit cards and mobile wallets.

This scam exploits wireless technology to withdraw money without your awareness. Many victims only realize something is wrong after small, unnoticed transactions slowly drain their accounts.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

The Better Business Bureau warns of a new “ghost-tapping” scam draining money from tap-to-pay cards and mobile wallets. (Clara Margais/picture alliance via Getty Images)

How the ghost-tapping scam works

Scammers use near-field communication (NFC) devices that mimic legitimate tap-to-pay systems. In busy places such as festivals, markets, or public transportation, they move close enough to your wallet or phone to trigger a transaction.

The BBB reports that some scammers pose as charity vendors or market sellers who only accept tap payments. Once you tap your card or phone, they charge far more than the agreed amount.

Because the first few withdrawals are usually small, they often go undetected by fraud systems. Victims may not notice until much later, when more money has been taken.

Real-life cases and warnings

A Missouri resident reportedly lost $100 after being approached by a person carrying a handheld card reader. The BBB Scam Tracker has recorded many similar cases across the nation, with losses sometimes exceeding $1,000.

Officials warn that scammers may pressure you to complete payments quickly, preventing you from verifying the amount or merchant name. Some even carry portable readers that can pick up signals through thin wallets or purses.

How to protect yourself from ghost tapping

While the threat of ghost tapping may sound alarming, protecting yourself is easier than you think. A few smart habits and security tools can greatly reduce your risk of falling victim.

1) Use RFID-blocking technology

Invest in an RFID-blocking wallet or card sleeve to create a physical barrier between your card and potential scanners. These inexpensive tools prevent scammers from reading your card information through clothing, bags, or wallets. Look for sleeves or wallets specifically designed to block wireless communication.

2) Verify before you tap

Always check the merchant name and transaction amount displayed on the payment terminal before tapping. Scammers often rush you to avoid scrutiny. Take an extra second to confirm what you see matches what you agreed to pay. If something looks off, cancel the transaction immediately.

3) Set up instant alerts

Enable instant transaction alerts from your bank or credit card provider. This lets you know the moment a payment is made, giving you a chance to spot unauthorized activity right away. Quick detection can prevent further charges and make it easier to dispute fraudulent transactions.

Bonus protection: Even if you stop a scam early, your personal data can end up for sale online. Our No. 1 identity theft company monitors your credit and financial information, alerting you if your details appear on the dark web or in a data breach.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

You can also use a data removal service to automatically delete your personal information from data broker sites that sell it, keeping you off scam lists before the next attack.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

The BBB says reports of “ghost tapping” are rising, with some victims losing more than $1,000 to contactless theft. (M. Scott Brauer/Bloomberg via Getty Images)

4) Be cautious in crowded areas

Crowded environments such as festivals, public transportation, or street fairs create perfect conditions for scammers to blend in. Limit tap-to-pay use in these situations. Instead, use chip or swipe methods, which require physical contact and are harder to exploit.

5) Monitor your accounts regularly

Make it a habit to check your financial accounts at least once a week. Review each transaction carefully and report anything suspicious to your bank immediately. Even small unexplained charges could signal a larger problem.

6) Use payment app security features

Most mobile wallet apps allow you to set PINs, facial recognition, or fingerprint verification before authorizing a transaction. Make sure these protections are enabled. This adds another barrier that prevents criminals from initiating payments without your consent.

7) Keep your payment apps and devices updated

Regularly update your smartphone’s software and mobile wallet apps. Updates often include security patches that protect against newly discovered vulnerabilities scammers might exploit. Outdated software can leave your data exposed.

Stay protected from payment-stealing malware:

In addition to keeping your apps updated, protect your device from hidden threats with strong antivirus software. It scans for malicious apps and spyware that can hijack your tap-to-pay data or record sensitive information.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

8) Avoid saving multiple cards on mobile wallets

While convenient, storing several cards in one app can increase your exposure if your phone is compromised. Keep only the cards you use most often connected to your mobile wallet. This reduces the impact of potential fraudulent activity.

9) Report suspicious activity promptly

If you ever suspect ghost tapping or notice a strange charge, contact your bank immediately and report the scam to the BBB Scam Tracker. Quick action can help prevent additional losses and assist authorities in identifying scam trends.

Victims of “ghost tapping” often lose money through small, unnoticed transactions before realizing they’ve been scammed. (Leonie Asendorpf/picture alliance via Getty Images)

Kurt’s key takeaways

As contactless payments become more common, scammers are getting more creative. Staying informed and cautious can help protect your money. Small steps like checking your transaction history and using protective gear can make a big difference. If you notice unauthorized charges, contact your bank immediately, freeze your card and report the scam to the BBB Scam Tracker. Technology offers convenience but can also create new risks. The ghost-tapping scam shows how quickly and easily payments can invite hidden dangers. Awareness and prevention remain the best ways to keep your finances safe.

Will you keep using tap-to-pay after learning about ghost tapping, or switch back to more traditional payment methods? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

November 4, 2025
3,000+ YouTube videos deliver malware disguised as free software

NEWYou can now listen to Fox News articles!

YouTube is arguably the most popular and most visited platform for entertainment, education and tutorials. There’s a video for everything on YouTube, whether you want to learn how to cook, ride a bike or need help with work or school. But recent research by Check Point reveals a darker side: a sprawling malware distribution network quietly operating within the platform. Hackers are using compromised accounts, fake engagement and clever social engineering to spread information-stealing malware disguised in more than 3,000 software cracks and game hack videos.

Most victims begin by searching for free or cracked software, cheat tools or game hacks, which is the root of the infection chain. This curiosity for “free” software opens the door to the Ghost Network’s traps.

META ACCOUNT SUSPENSION SCAM HIDES FILEFIX MALWARE

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter.

Cybercriminals are exploiting YouTube’s massive reach by disguising malware inside fake “how-to” and “free software” videos. (Kurt “CyberGuy” Knutsson)

All about YouTube’s ghost network

According to Check Point Research, the YouTube Ghost Network has been active since 2021, with activity surging threefold in 2025. It’s built around a simple but effective formula, which blends social manipulation with technical stealth. The network’s primary targets are people searching for “Game Hacks/Cheats” and “Software Cracks/Piracy.”

Researchers discovered that these videos often feature positive comments, likes and community posts from compromised or fake accounts. This coordinated engagement gives potential victims a false sense of safety.

The fake social proof and fabricated likes, comments and subscriber activity play a key psychological role. They trick viewers into believing the content is legitimate and widely trusted, allowing the operation to persist even when YouTube removes individual videos or channels. The network’s modular structure and constant replacement of banned accounts make takedowns only temporarily effective.

Once a user clicks the provided links, they’re usually taken to file-sharing services or phishing sites hosted on Google Sites, MediaFire, Dropbox or similar platforms. The linked files are often password-protected archives, making them harder for antivirus tools to scan. Victims are then asked to disable Windows Defender before installation, effectively disarming their own protection before running the malware.

Check Point found that the majority of these attacks deliver information-stealing malware such as Lumma Stealer, Rhadamanthys, StealC and RedLine. These programs harvest passwords, browser data and other sensitive information, sending it back to the attacker’s command and control servers.

What makes the network particularly resilient is its role-based structure. Each compromised YouTube account serves a function; some upload malicious videos, others post download links and a third group boosts credibility by commenting and liking content. When an account gets banned, it’s quickly replaced, allowing the operation to continue largely uninterrupted.

A single click on a malicious link can disable your defenses and install information-stealing malware in seconds. (Kurt “CyberGuy” Knutsson)

Inside the malicious campaigns

Two major campaigns stood out in Check Point’s investigation. The first involved the Rhadamanthys infostealer, spread through a compromised YouTube channel named @Sound_Writer, which had nearly 10,000 subscribers.

The attackers uploaded fake cryptocurrency-related videos and used phishing pages on Google Sites to distribute malicious archives. These pages instructed viewers to “turn off Windows Defender temporarily,” assuring them it was a false alert. The archives contained executable files that quietly installed the Rhadamanthys malware, which connected to multiple control servers to exfiltrate stolen data.

The second campaign, involving HijackLoader and Rhadamanthys, leveraged a much larger channel, @Afonesio1, with around 129,000 subscribers. Here, attackers uploaded videos offering cracked versions of Adobe Photoshop, Premiere Pro, and FL Studio.

MICROSOFT SOUNDS ALARM AS HACKERS TURN TEAMS PLATFORM INTO ‘REAL-WORLD DANGERS’ FOR USERS

One of these videos gained over 291,000 views and dozens of glowing comments claiming the software worked perfectly. The malware was hidden inside a password-protected archive linked through a community post. The installer used HijackLoader to drop the Rhadamanthys payload, which then connected to rotating control servers every few days to avoid detection.

Even if you never complete the installation, you can still be at risk. Simply visiting the phishing or file-hosting sites may expose you to malicious scripts or credential theft prompts disguised as “verification” steps. Clicking the wrong link can compromise login data before any software is even installed.

Strong passwords, two-factor authentication, and regular security scans are your best defense against YouTube’s Ghost Network. (Cyberguy.com)

7 steps you can take to stay safe from YouTube’s ghost network

The Ghost Network succeeds by exploiting curiosity and trust. It disguises malware as “free software” or “game hacks,” relying on users to click before thinking. Protecting yourself means adopting habits that make it harder for attackers to fool you. Here are seven steps to stay safe:

1) Avoid cracked software and cheat downloads

Most infections start with people trying to download pirated or modified programs. These files are often hosted on unregulated file-sharing websites where anyone can upload malicious content. Even if a YouTube video looks polished or filled with positive comments, that doesn’t mean it’s safe. Official software developers and gaming studios never distribute downloads through YouTube links or third-party sites.

Besides being dangerous, downloading cracked software also poses legal risks. Piracy violates copyright law and can lead to serious consequences, while giving cybercriminals a perfect delivery channel for malware.

2) Use a strong antivirus

Make sure you have a trusted antivirus solution installed and always running. Real-time protection can detect suspicious downloads and block harmful files before they do any damage. Schedule regular system scans and keep your antivirus updated so it can recognize the latest threats.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

WHAT REALLY HAPPENS ON THE DARK WEB, AND HOW TO STAY SAFE

3) Never disable your antivirus or Windows Defender

If a tutorial or installer tells you to disable your security software, that’s a red flag. Malware creators use this trick to bypass detection. There’s no legitimate reason to turn off protection, even temporarily. The moment a file asks you to do so, delete it immediately.

4) Be cautious with YouTube links and download sources

Always inspect links before clicking. Hover over them to check the destination and avoid shortened or redirected URLs that hide their true target. Downloads hosted on unfamiliar domains or file-sharing sites should be treated as unsafe. If you need software, get it directly from the official website or trusted open-source communities.

5) Use a password manager and enable two-factor authentication (2FA)

Turning on 2FA for important accounts adds another layer of protection, ensuring that even if someone gets your password, they can’t access your account. Malware often aims to steal saved passwords and browser data. Storing credentials in a password manager keeps them encrypted and separate from your browser, making them harder to steal. Consider using a password manager, which securely stores and generates complex passwords, reducing the risk of password reuse.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see CyberGuy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at CyberGuy.com

6) Keep your operating system and apps updated

Software updates don’t just bring new features, but they also fix security flaws that malware can exploit. Enable automatic updates for your system, browser, and commonly used applications. Staying up to date is one of the simplest ways to prevent infections.

7) Use a trusted data removal service

Even after securing your system, your personal information might already be circulating online from past breaches. A reliable data removal service can continuously scan and request deletion of your data from people-search and broker sites, making it harder for cybercriminals to exploit your exposed information.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com

Get a free scan to find out if your personal information is already out on the web: CyberGuy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt’s key takeaway

Cybercriminals have evolved beyond traditional phishing and email scams. By exploiting a platform built on trust and engagement, they have created a scalable, self-sustaining system for malware distribution. Frequent file updates, password-protected payloads, and shifting control servers make these campaigns difficult for both YouTube and security vendors to detect and shut down.

Do you think YouTube is doing enough to stop malware distribution on its platform? Let us know by writing to us at CyberGuy.com

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

November 3, 2025
Stop your smart TV from listening to you
NEWYou can now listen to Fox News articles!

Most people do not realize their smart TV includes microphones that can capture sound even when voice commands are off. These tiny mics power voice search and assistants, but they also pose privacy risks. If that makes you uneasy, you are not alone. The good news is that it takes only a few minutes to disable your smart TV microphone and protect your conversations.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

YOUR PHONE IS TRACKING YOU EVEN WHEN YOU THINK IT’S NOT

Step one: Find the built-in mic switch

Before opening menus, check your TV’s frame. Many models feature a small hardware switch that turns the microphone off completely.

Look closely along the bottom or sides of your screen. Some switches are labeled “Built-in MIC.” On Samsung TVs, it’s often near the bottom right edge when facing the screen.

Take back control of your space and enjoy your smart TV safely without your microphone listening. (Kurt “CyberGuy” Knutsson)

Slide the switch to “off.” Your TV may confirm the change with an on-screen message. This is the most reliable way to stop the mic because it physically cuts power to it.

Step two: Disable the smart TV microphone in settings

If your TV lacks a physical switch, go through its settings menu. While the exact names differ by brand, most follow a similar pattern.

Press Home or Settings on your remote. Look for main sections such as System, General or Privacy. Inside, you’ll find microphone or voice options labeled Voice Recognition, Voice Assistant or Microphone Access.

Slide the built-in mic switch to stop your TV from listening. (Samsung)

Examples:
- Samsung: General → Voice
- Sony: Privacy → Google Assistant
- LG: User Agreements → Voice Settings
Toggle off every feature that uses the microphone. Some options may appear in more than one place, so check each section carefully.

Use your TV’s settings to disable voice features and protect privacy. (Samsung)

Step three: Balance convenience and privacy

Turning off your TV’s microphone does not mean you lose smart features. Many remotes include a push-to-talk button that activates voice control only when pressed.

If you rarely talk to your TV, keeping the microphone off makes sense. If you like using voice commands, enable it temporarily when you need it.

Step four: Check connected devices and apps

Even after you disable your smart TV microphone, voice-enabled apps and linked devices may still be listening.

Check any connected smart assistants such as Alexa, Google Assistant or Bixby. These platforms can continue capturing audio through your phone, smart speaker or another device on the same network.

STOP GOOGLE FROM FOLLOWING YOUR EVERY MOVE

Keep your privacy and still enjoy voice control, just use it when you need it. (Kurt “CyberGuy” Knutsson)

Take a moment to review privacy settings in those apps as well. Turning off voice activity tracking across all your devices ensures that nothing in your home listens when you do not want it to.

Why smart TVs have microphones at all

Manufacturers include microphones to make TVs more interactive. You can ask for weather updates, control volume or find movies with your voice. It’s convenient, but it comes with trade-offs.

Some companies state in their privacy policies that voice data may be shared with third parties for analysis. That means your living room chatter could leave your home.

When you disable your smart TV microphone, you keep the benefits of a modern TV while limiting unwanted data collection.

What this means for you

By taking a few minutes to change one setting or flip one switch, you gain control over what your TV hears. It’s an easy way to improve your digital privacy without losing the entertainment experience you love.

You still get streaming apps, vivid displays and fast connectivity, just with added peace of mind.

Take my quiz: How safe is your online security?

Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: CyberGuy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt’s key takeaways

Smart TVs offer great features, but convenience should never cost you privacy. Whether you flip a switch or use your settings menu, you have the power to decide when your TV listens.

Will you take back your living room privacy today or leave it as it is? Let us know by writing to us at CyberGuy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
November 3, 2025
What really happens on the dark web and how to stay safe

NEWYou can now listen to Fox News articles!

The dark web often feels like a mystery, hidden beneath the surface of the internet that most people use every day. But to understand how scams and cybercrimes actually work, you need to know what happens in those hidden corners where criminals trade data, services and stolen access.

Cybercriminals rely on a structured underground economy, complete with marketplaces, rules and even dispute systems to operate safely away from law enforcement. By learning how these systems function, you can better understand the threats that could reach you and avoid becoming the next target.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

5 SOCIAL MEDIA SAFETY TIPS TO PROTECT YOUR PRIVACY ONLINE

Learn how to protect your personal information from dark web threats with simple cybersecurity habits and tools. (Phil Barker/Future Publishing via Getty Images)

Inside the hidden layers of the internet

The internet is often divided into three layers: the clear web, the deep web and the dark web. The clear web is the open part of the internet that search engines like Google or Bing can index, including news sites, blogs, stores and public pages. Beneath it lies the deep web, which includes pages not meant for public indexing, such as corporate intranets, private databases and webmail portals. Most of the content in the deep web is legal but simply restricted to specific users.

The dark web, however, is where anonymity and illegality intersect. It requires special software such as Tor to access, and much of its activity happens behind encryption and invitation-only walls. Tor, short for The Onion Router, was originally developed by the U.S. Navy for secure communication but has since become a haven for both privacy advocates and criminals.

It anonymizes users by routing traffic through multiple encrypted layers, making it almost impossible to trace where a request truly came from. This anonymity allows criminals to communicate, sell data and conduct illegal trade with reduced risk of exposure.

Over time, the dark web has become a hub for criminal commerce. Marketplaces once operated like eBay for illegal goods, offering everything from drugs and stolen credit card data to hacking tools and fake identities. Many of these platforms have been shut down, but the trade continues on smaller, more private channels, including encrypted messaging apps such as Telegram. Vendors use aliases, ratings and escrow systems to build credibility.

Ironically, even among criminals, trust is a critical part of business. Forums often have administrators, verified sellers and mediators to settle disputes. Members who cheat others or fail to deliver are quickly blacklisted, and reputation becomes the main currency that determines who can be trusted.

The criminal economy and how scams are born

Every major cyberattack or data leak often traces back to the dark web’s underground economy. A single attack typically involves several layers of specialists. It begins with information stealers, malware designed to capture credentials, cookies and device fingerprints from infected machines. The stolen data is then bundled and sold in dark web markets by data suppliers. Each bundle, known as a log, might contain login credentials, browser sessions and even authentication tokens, often selling for less than $20.

Another group of criminals, known as initial access brokers, purchases these logs to gain entry into corporate systems. With that access, they can impersonate legitimate users and bypass security measures such as multi-factor authentication by mimicking the victim’s usual device or browser. Once inside, these brokers sometimes auction their access to larger criminal gangs or ransomware operators who are capable of exploiting it further.

Some of these auctions are run as competitions, while others are flash sales where well-funded groups can buy access immediately without bidding. Eventually, this chain of transactions ends with a ransomware attack or an extortion demand, as attackers encrypt sensitive data or threaten to leak it publicly.

Interestingly, even within these illegal spaces, scams are common. New vendors often post fake listings for stolen data or hacking tools, collect payments and disappear. Others impersonate trusted members or set up counterfeit escrow services to lure buyers.

Despite all the encryption and reputation systems, no one is truly safe from fraud, not even the criminals themselves. This constant cycle of deception forces dark web communities to build internal rules, verification processes and penalties to keep their operations somewhat functional.

What you can do to stay ahead of dark web-driven threats

For ordinary people and businesses, understanding how these networks operate is key to preventing their effects. Many scams that appear in your inbox or on social media originate from credentials or data first stolen and sold on the dark web. That is why basic digital hygiene goes a long way. Below are some steps you can take to stay protected.

MAJOR COMPANIES, INCLUDING GOOGLE AND DIOR, HIT BY MASSIVE SALESFORCE DATA BREACH

From password managers to antivirus software, experts share practical ways to keep hackers out of your data. (Annette Riedl/picture alliance via Getty Images)

1) Invest in personal data removal services

A growing number of companies specialize in removing your personal data from online databases and people search sites. These platforms often collect and publish names, addresses, phone numbers and even family details without consent, creating easy targets for scammers and identity thieves.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

2) Use unique passwords and a password manager

One of the easiest ways to stay safe online is to use unique, complex passwords for every account you own. Many breaches happen because people reuse the same password across multiple services. When one site is hacked, cybercriminals take those leaked credentials and try them elsewhere, a technique known as credential stuffing. A password manager eliminates this problem by generating strong, random passwords and securely storing them for you.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

3) Install strong antivirus protection

Antivirus software remains one of the most effective ways to detect and block malicious programs before they can steal your information. Modern antivirus solutions do far more than just scan for viruses. They monitor system behavior, detect phishing attempts and prevent infostealer malware from sending your credentials or personal data to attackers.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

4) Keep your software updated

Outdated software is one of the biggest entry points for attackers. Cybercriminals often exploit known vulnerabilities in operating systems, browsers and plugins to deliver malware or gain access to systems. Installing updates as soon as they are available is one of the simplest yet most effective forms of defense. Enable automatic updates for your operating system, browsers and critical applications.

5) Enable two-factor authentication

Even if your password gets leaked or stolen, two-factor authentication (2FA) adds an additional barrier for attackers. With 2FA, logging in requires both your password and a secondary verification method. This includes code from an authentication app or a hardware security key.

6) Consider identity theft protection services

Identity theft protection can provide early warnings if your personal information appears in data breaches or on dark web marketplaces. These services monitor your sensitive data, such as Social Security numbers, bank details or email addresses. If anything suspicious is detected, they alert you. Many providers also offer recovery assistance, helping you restore stolen identities or close fraudulent accounts. While no service can prevent identity theft entirely, these tools can shorten your response time and limit potential damage if your data is compromised.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKS

Protecting your identity starts with strong passwords, two-factor authentication and regular software updates. (Jens Kalaene/picture alliance via Getty Images)

Kurt’s key takeaway

The dark web thrives on the idea that anonymity equals safety. But while criminals may feel protected, law enforcement and security researchers continue to monitor and infiltrate these spaces. Over the years, many large marketplaces have been dismantled, and hundreds of operators have been caught despite their layers of encryption. The takeaway for everyone else is that the more you understand how these underground systems function, the better prepared you are to recognize warning signs and protect yourself.

Do you think law enforcement can ever truly catch up with dark web criminals? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

November 1, 2025
Windows 10 users face ransomware nightmare as Microsoft support ends in 2025 worldwide

NEWYou can now listen to Fox News articles!

Microsoft’s blog recently gave a firm warning: unsupported systems aren’t just outdated, they’re unprotected. That message targets anyone still using Windows 10, and it’s serious. In Microsoft’s Digital Defense Report, over 90% of ransomware attacks hit unsupported PCs. That statistic alone should make every Windows 10 user think twice.

When an operating system stops receiving updates, it becomes an open door for hackers. Security patches dry up, and vulnerabilities grow. So while your computer might seem fine today, it could already be compromised without your knowledge.

Sign up for my FREE CyberGuy Report

Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter

10 WAYS TO SECURE YOUR OLDER MAC FROM THREATS AND MALWARE

Why are unsupported systems dangerous

Unsupported Windows 10 systems no longer get the updates that keep you safe. Without those patches, ransomware and malware have easy access to your files. Once inside, attackers can encrypt your personal data or steal credentials and banking details.

It’s not just about losing files. Identity theft and financial fraud often start with outdated systems. The older the software, the easier it is for cybercriminals to exploit weaknesses that will never be fixed.

The “just one more year” trap

Many people tell themselves they’ll upgrade later. Microsoft calls this “just one more year” thinking. The problem is that every delay increases your risk. Extended security updates only offer limited coverage, and they don’t stop new types of attacks.

Without Microsoft’s regular monitoring, new vulnerabilities stay hidden. You could be using your computer for months while attackers quietly collect your data. That’s a frightening thought, especially when most of it can be prevented by upgrading.

Upgrading to Windows 11 keeps your system protected with ongoing security updates. (Microsoft)

MICROSOFT SOUNDS ALARM AS HACKERS TURN TEAMS PLATFORM INTO ‘REAL-WORLD DANGERS’ FOR USERS

The hidden costs of waiting to upgrade to Windows 11

It’s easy to think upgrading costs too much. But what about the cost of losing your photos, business files or financial information? Data recovery, fraud resolution and downtime can cost far more than a new device.

Hackers know users delay updates, and they actively look for outdated systems. Even one unsupported device in a home or office network can create a weak spot that exposes everything else.

How to stay safe from unsupported Windows 10 security risks

You can protect yourself right now with a few smart steps. These actions reduce your exposure, tighten your online defenses and prepare you for a smooth upgrade to Windows 11. The good news is that most of these changes only take a few minutes but make a major difference in your security.

1) Upgrade your system to Windows 11

HACKERS FOUND A WAY TO TURN OFF WINDOWS DEFENDER REMOTELY

Start by checking whether your PC can handle Windows 11. Most modern AMD and Intel processors already meet the system requirements. Upgrading keeps your computer protected with ongoing updates that patch vulnerabilities and improve overall performance. It’s one of the simplest ways to defend against ransomware and malware before they strike.

2) Watch out for phishing scams and install strong antivirus software

Be cautious with every link and attachment you receive. Cybercriminals love sending fake update notifications that look like official Microsoft messages. These phishing scams often contain malicious links that install malware in seconds. Before you click, hover over links to verify their source and only download updates directly from Microsoft’s official site. To add an extra layer of protection, install strong antivirus software that can detect and block malicious files before they infect your system.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Delaying your Windows 11 upgrade only gives cybercriminals more time to strike. (Photographer: Chona Kasinger/Bloomberg via Getty Images)

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

3) Use a data removal service

HOW A SINGLE MACBOOK COMPROMISE SPREAD ACROSS A USER’S APPLE DEVICES

Use a personal data removal service to take your information off people-search and data broker websites. These services help remove your name, address, phone number and other personal details that scammers often use for phishing or social-engineering attacks. By limiting what’s publicly available about you, you make it much harder for cybercriminals to target you, especially if your older, unsupported Windows 10 system is ever exposed online.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

4) Secure your logins

Strong logins make a huge difference. Turn on two-factor authentication (2FA) for your most sensitive accounts, such as banking and email. Also, create strong passwords for your accounts and devices, and avoid using the same password for multiple online accounts. Consider using a password manager, which securely stores and generates complex passwords, reducing the risk of password reuse. This extra layer stops hackers, even if they manage to steal a password.

WINDOWS 10 SUPPORT ENDS: UPGRADE TO WINDOWS 11 SAFELY

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords, and secure those accounts with new, unique credentials.

Without Windows updates, hidden vulnerabilities give hackers easy access to your data. (Felix Zahn/Photothek via Getty Images)

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com

5) Back up your data regularly

Think of backups as your safety net. Save copies of important files to an external hard drive or a trusted cloud service. Schedule automatic backups so you don’t have to remember to do it yourself. If your PC ever gets locked by ransomware, a clean backup means you can restore everything without paying a cent.

6) Stay informed and proactive

Cyber threats evolve every day, and knowledge is your best defense. Keep an eye on official Microsoft announcements and alerts. Small changes, like applying updates quickly and revisiting your privacy settings, can keep you a step ahead of attackers.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt’s key takeaways

Unsupported systems might look harmless, but they create silent risks that grow over time. Every day you stay on Windows 10 after support ends, you depend on luck instead of protection. Upgrading isn’t just about staying current; it’s about keeping your data safe and your privacy intact.

Is holding on to Windows 10 worth risking everything stored on your computer? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report

Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

October 31, 2025
183 million email passwords leaked: Check yours now

NEWYou can now listen to Fox News articles!

A massive online leak has exposed more than 183 million stolen email passwords gathered from years of malware infections, phishing campaigns and older data breaches. Cybersecurity experts say it is one of the largest compilations of stolen credentials ever discovered.

Security researcher Troy Hunt, who runs the website Have I Been Pwned, found the 3.5-terabyte dataset online. The credentials came from infostealer malware and credential stuffing lists. This malware secretly collects usernames, passwords and website logins from infected devices.

Researchers say the data contains both old and newly discovered credentials. Hunt confirmed that 91% of the data had appeared in previous breaches, but about 16.4 million email addresses were completely new to any known dataset.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

DISCORD CONFIRMS VENDOR BREACH EXPOSED USER IDS IN RANSOM PLOT

Cyber experts uncovered a 3.5-terabyte data dump containing millions of stolen logins. (Kurt “CyberGuy” Knutsson)

The real risk behind the password leak

The leak puts millions of users at risk. Hackers often collect stolen logins from multiple sources and combine them into large databases that circulate on dark web forums, Telegram channels and Discord servers.

If you have reused passwords across multiple sites, attackers can use this data to break into your accounts through credential stuffing. This method tests stolen username and password pairs on many different platforms.

The risk remains real for anyone using old or repeated credentials. One compromised password can unlock social media, banking and cloud accounts.

GOOGLE CONFIRMS DATA STOLEN IN BREACH BY KNOWN HACKER GROUP

Researcher Troy Hunt traced the leak to malware that secretly steals passwords from infected devices. (Jens Büttner/picture alliance via Getty Images)

Google responds to the reports

Google confirmed there was no Gmail data breach. In a post on X, the company stated “reports of a Gmail security breach impacting millions of users are false. Gmail’s defenses are strong, and users remain protected.”

Google clarified that the leak came from infostealer databases that compile years of stolen credentials from across the web. These databases are often mistaken for new breaches when, in fact, they represent ongoing theft activity. Troy Hunt also confirmed the dataset originated from Synthient’s collection of infostealer logs, not from a single platform or recent attack. While no new breach occurred, experts warn that leaked credentials remain dangerous because cybercriminals reuse them for future attacks.

How to check if you were exposed

To see if your email was affected, visit Have I Been Pwned. It is the first and official source for this newly added dataset. Enter your email address to find out if your information appears in the Synthient leak.

Many password managers also include built-in breach scanners that use the same data sources. However, they may not yet include this new collection until their databases update.

If your address shows up, treat it as compromised. Change your passwords immediately and turn on stronger security features to protect your accounts.

COLUMBIA UNIVERSITY DATA BREACH HITS 870,000 PEOPLE

The 183 million exposed credentials came from malware, phishing and old data breaches. (Kurt “CyberGuy” Knutsson)

9 steps to protect yourself now

Protecting your online life starts with consistent action. Each step below adds another layer of defense against hackers, malware and credential theft.

1) Change your passwords immediately

Start with your most important accounts, such as email and banking. Use strong, unique passwords with letters, numbers and symbols. Avoid predictable choices like names or birthdays.

Never reuse passwords. One stolen password can unlock multiple accounts. Each login should be unique to protect your data.

A password manager makes this simple. It stores complex passwords securely and helps you create new ones. Many managers also scan for breaches to see if your current passwords have been exposed.

Next, check whether your email has been caught in a recent credential leak. Our No. 1 password manager pick includes a built-in Breach Scanner that searches trusted databases, including the newly added Synthient data from Have I Been Pwned. It helps you find out if your email or passwords have appeared in any known leaks. If you see a match, change any reused passwords right away and secure those accounts with strong, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

2) Enable two-factor authentication (2FA)

Turn on 2FA wherever possible. It adds a powerful second layer of defense that blocks intruders even if they have your password. You will receive a code by text, app or security key. That code ensures only you can log in to your accounts.

3) Use an identity theft service for continuous monitoring

Identity Theft companies can monitor personal information like your Social Security number (SSN), phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. It’s a smart way to stay one step ahead of hackers.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

4) Protect your devices with strong antivirus software

Infostealer malware hides inside fake downloads and phishing attachments. A strong antivirus software scans your devices to stop threats before they spread. Keep your antivirus updated and run frequent scans. Even one unprotected device can put your whole digital life at risk.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

5) Avoid saving logins in your web browser

Browsers are convenient but risky. Infostealer malware often targets saved passwords in your web browser.

6) Keep software updated

Updates fix security flaws that hackers exploit. Turn on automatic updates for your operating system, antivirus and apps. Staying current keeps threats out.

7) Download only from trusted sources

Avoid unknown websites that offer free downloads. Fake apps and files often contain hidden malware. Use official app stores or verified company websites.

8) Review your account activity often

Check your accounts regularly for unusual logins or device connections. Many platforms show a login history. If something looks off, change your password and enable 2FA immediately.

9) Consider a personal data removal service

The massive leak of 183 million credentials shows just how far your personal information can spread and how easily it can resurface years later in aggregated hacker databases. Even if your passwords were part of an old breach, data like your name, email, phone number or address may still be available through data broker sites. Personal data removal services can help reduce your exposure by scrubbing this information from hundreds of these sites.

While no service can guarantee total removal, they drastically reduce your digital footprint, making it harder for scammers to cross-reference leaked credentials with public data to impersonate or target you. These services monitor and automatically remove your personal info over time, which gives me peace of mind in today’s threat landscape.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaways

This leak highlights the ongoing danger of malware and password reuse. Prevention remains the best defense. Use unique passwords, enable 2FA and stay alert to keep your data safe. Visit Have I Been Pwned today to check your email and take action. The faster you respond, the better you protect your identity.

Have you ever discovered your data in a breach? What did you do next? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Source link

October 30, 2025
Scammers target retirees as major 401(k) rule changes loom for 2026 tax year ahead nationwide
NEWYou can now listen to Fox News articles!

If you’re over 50 and maxing out your 401(k), there’s a big change coming in 2026 that could affect how much tax you pay on your “catch-up contributions.” While it’s mostly about taxes and retirement planning, there’s an unexpected side effect: scammers are circling. Every time your financial habits or personal data become public, it’s a chance for fraudsters to try to exploit you. Here’s what’s changing, why it matters, and how to protect yourself before the scammers come knocking.

Sign up for my FREE CyberGuy Report

Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter

What’s changing with 401(k) catch-up contributions

REMOVE YOUR DATA TO PROTECT YOUR RETIREMENT FROM SCAMMERS

Right now, if you’re over 50, you can make extra contributions to your 401(k) on top of the standard annual limit ($23,500 in 2025). These “catch-up” contributions are typically tax-deferred, meaning the money comes out of your paycheck before tax and grows tax-free until retirement.

But starting in 2026, for anyone earning more than $145,000 in the previous year, these catch-up contributions will no longer be tax-deferred. Instead, they’ll become like the Roth 401(k), meaning you pay taxes on the money now, but it grows tax-free and can be withdrawn tax-free in retirement.

That sounds simple, but it creates a ripple effect:
- High earners will see less take-home pay now.
- Tax planning gets trickier, and some people may consider restructuring their accounts or investment strategies.
- And, most importantly for CyberGuy readers: these changes create new opportunities for scammers.
Big 401(k) changes in 2026 could leave retirees exposed to new scam risks. (Cyberguy.com)

Why the new rules could attract scammers

FBI WARNS SENIORS ABOUT BILLION-DOLLAR SCAM DRAINING RETIREMENT FUNDS, EXPERT SAYS AI DRIVING IT

Scammers constantly look for financially active retirees. When rules like this change, fraudsters send out emails, calls, or letters pretending to be financial advisors, IRS agents, or plan administrators. Their goal? To trick you into giving away account numbers, Social Security details, or direct-deposit information.

Some common scam tactics to watch for:
- Fake “plan update” emails claiming you need to verify your 401(k) contributions due to the law change.
- Roth conversion scam calls claiming you can “avoid extra taxes” by transferring your account through a third-party “advisor.”
- Urgency and fear tactics, such as “Act now, or lose your retirement benefits!”
Even savvy retirees can be caught off guard, especially when the message sounds official and references real tax law changes.

How to protect yourself from 401(k) scams and data theft

NATIONAL PROGRAM HELPS SENIORS SPOT SCAMS AS LOSSES SURGE

With new 401(k) rule changes taking effect, scammers are using the confusion to trick retirees and workers alike. Follow these steps to stay alert, safeguard your savings, and protect your personal data from being stolen or misused.

1) Know the legitimate changes

Start by understanding Secure 2.0 and how catch-up contributions will be taxed. Reliable sources include your plan administrator, the IRS website, or a licensed tax advisor. Staying informed helps you spot fake claims before they cause harm.

2) Use a personal data removal service

For retirees, this extra layer of protection keeps sensitive information out of reach from scammers who exploit tax changes, Roth conversions, and retirement updates. While you can manually opt out of data brokers and track your information, that process takes time and effort. A personal data removal service automates the task by contacting over 420 data brokers on your behalf. It also reissues removal requests if your data reappears and shows you a dashboard of confirmed removals.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Scammers are already targeting retirees with fake “account update” alerts. (Kurt “CyberGuy” Knutsson)

HOW TO SECURE YOUR 401(K) PLAN FROM IDENTITY FRAUD

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

3) Verify every call and email, plus use antivirus software

If you get a call or email about your 401(k), don’t assume it’s real. Hang up or delete it, then contact your plan administrator directly using official contact details. Avoid clicking links or downloading attachments from unknown messages.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

4) Monitor your credit and accounts

Cybercriminals often use personal information from earlier data leaks or data brokers. Watch your credit reports and account activity closely. Early detection can stop suspicious transactions before they escalate.

HOW SCAMMERS EXPLOIT YOUR DATA FOR ‘PRE-APPROVED’ RETIREMENT SCAMS

5) Set up alerts and freezes if necessary

Ask your bank and retirement plan to enable transaction alerts. You can also temporarily freeze your credit to prevent anyone from opening new accounts in your name. This is especially useful during times of financial change.

6) Educate friends and family

Scammers often target retirees and their relatives who help manage finances. Remind your loved ones never to share account details over the phone or email. Protecting everyone in your household keeps scammers from finding weak links.

Stay safe by confirming any 401(k) changes directly with your plan provider. (uchar/Getty Images)

Kurt’s key takeaways

As 2026 approaches, the new 401(k) rule changes will reshape how millions of Americans manage their retirement savings. Staying informed, cautious, and proactive can protect your financial future. Scammers thrive on confusion, but by verifying information, monitoring your accounts, and removing your personal data from risky sites, you can stay one step ahead. Remember, the more control you take over your privacy, the harder it becomes for criminals to exploit it.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Have you taken steps to see where your personal data is exposed, and what did you find most surprising when you checked? Let us know by writing to us at Cyberguy.com

Sign up for my FREE CyberGuy Report

Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
Source link
October 29, 2025