ReportWire

Tag: Security

  • Google dismantles 9M-device Android hijack network

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Free apps are supposed to cost you nothing but storage space. But in this case, they may have cost millions of people control over their own internet connections.

    Google says it has disrupted what it believes was the world’s largest residential proxy network, one that secretly hijacked around 9 million Android devices, along with computers and smart home gadgets. Most people had no idea their devices were being used since the apps worked normally, and nothing looked broken.

    But behind the scenes, those devices were quietly routing traffic for strangers, including cybercriminals.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    STOP GOOGLE FROM FOLLOWING YOUR EVERY MOVE
     

    Google says it disrupted a massive residential proxy network that secretly hijacked about 9 million Android and smart devices. (AaronP/Bauer-Griffin/GC Images)

    How your device became part of a proxy network

    According to Google’s Threat Intelligence Group, the network was tied to a company known as IPIDEA. Instead of spreading through obvious malware, it relied on hidden software development kits, or SDKs, that were embedded inside more than 600 apps. These apps ranged from simple utilities to VPN tools and other free downloads. When you installed one, the app performed its advertised function. But it also enrolled your device into a residential proxy network.

    That means your phone, computer or smart device could be used as a relay point for someone else’s internet traffic. That traffic might include scraping websites, launching automated login attempts or masking the identity of someone conducting shady online activity. From the outside, it looked like that activity came from your home IP address. You wouldn’t see it happening, and in many cases, you wouldn’t notice any major performance issues.

    Google says in a single seven-day period earlier this year, more than 550 separate threat groups were observed using IP addresses linked to this infrastructure. That includes cybercrime operations and state-linked actors. Residential proxy networks are attractive because they make malicious traffic look like normal consumer activity. Instead of coming from a suspicious data center, it appears to come from someone’s living room.

    What Google did to shut it down

    Google says it took legal action in a U.S. federal court to seize domains used to control the infected devices and route proxy traffic. It also worked with companies like Cloudflare and other security firms to disrupt the network’s command-and-control systems. Google claims it also updated Play Protect, the built-in Android security system, so that certified devices would automatically detect and remove apps known to include the malicious SDKs.

    However, Google also warned that many of these apps were distributed outside the official Play Store. That matters because Play Protect can only scan and block threats tied to apps installed through Google Play. Third-party app stores, unofficial downloads and uncertified Android devices carry far greater risk.

    IPIDEA has claimed its service was meant for legitimate business use, such as web research and data collection. But Google’s research suggests the network was heavily abused by criminals. Even if some users knowingly installed bandwidth-sharing apps in exchange for rewards, many did not receive clear disclosure about how their devices were being used.

    Google’s investigation also found significant overlap between different proxy brands and SDK names. What looked like separate services were often tied to the same infrastructure. That makes it harder for consumers to know which apps are safe and which are quietly monetizing their connection.

    300,000 CHROME USERS HIT BY FAKE AI EXTENSIONS
     

    Samsung phones sit on display.

    Hidden software inside more than 600 apps allegedly turned phones and computers into internet relays for cybercriminals. (David Paul Morris/Bloomberg via Getty Images)

    7 ways you can protect yourself from Android proxy attacks

    If millions of devices can be quietly turned into internet relay points, the big question is, how do you make sure yours isn’t one of them? These steps reduce the risk that your phone, TV box or smart device gets pulled into a proxy network without you realizing it.

    1) Stick to official app stores

    Only download apps from the Google Play Store or other trusted app marketplaces. Some apps hide small pieces of code that can secretly use your internet connection. These are often spread through third-party app stores or direct app files called “APKs,” which are Android app files installed manually instead of through the Play Store. When you sideload apps this way, you bypass Google’s built-in security checks. Sticking to official stores helps keep those hidden threats off your device.

    2) Avoid “earn money by sharing bandwidth” apps

    If an app promises rewards for sharing your unused internet bandwidth, that’s a major red flag. In many cases, that is exactly how residential proxy networks recruit devices. Even if it sounds legitimate, you are effectively renting out your IP address. That can expose you to abuse, blacklisting or deeper network vulnerabilities.

    3) Review app permissions carefully

    Before installing any app, check what permissions it requests. A simple wallpaper app should not need full network control or background execution privileges. After installation, go into your phone’s settings and audit which apps have constant internet access, background activity rights or special device permissions.

    4) Install strong antivirus software

    Today’s mobile security tools can detect suspicious app behavior, unusual internet activity and hidden background services. Strong antivirus software adds an extra layer of protection beyond what’s built into your device, especially if you’ve installed apps in the past that you’re unsure about. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    5) Keep your devices updated

    Android security updates patch vulnerabilities that proxy operators may exploit. If you’re using an older phone, tablet or Android TV box that no longer receives updates, it may be time to upgrade. Unpatched devices are easier targets for hidden SDK abuse and botnet enrollment.

    6) Use a strong password manager

    If your device ever becomes part of a proxy network or is otherwise compromised, attackers often try to pivot into your accounts next. That’s why you should never reuse passwords. A password manager generates long, unique passwords for every account and stores them securely, so one breach does not unlock your email, banking or social media. Many password managers also include breach monitoring tools that alert you if your credentials appear in leaked databases, giving you a chance to act before real damage is done. Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

    7) Remove apps you don’t fully trust

    Go through your installed apps and delete or uninstall anything you don’t recognize or haven’t used in months. The fewer apps running on your device, the fewer opportunities there are for hidden SDKs to operate. If you suspect your device has been compromised, consider a full reset and reinstall only essential apps from trusted sources.

    ANDROID MALWARE HIDDEN IN FAKE ANTIVIRUS APP

    A person uses a laptop with a Google search tab open on the screen.

    Threat groups and state-linked actors allegedly used compromised devices to mask online activity and automate attacks. (Photo Illustration by Serene Lee/SOPA Images/LightRocket via Getty Images)

    Kurt’s key takeaway

    Residential proxy networks operate in a gray area that sounds harmless on paper but can quickly become a shield for cybercrime. In this case, millions of everyday devices were quietly enrolled into a system that attackers used to hide their tracks. Google’s takedown is a major move, but the broader market for residential proxies is still growing. That means you need to be cautious about what you install and what permissions you grant. Free apps are rarely truly free. Sometimes, the product being sold is you and your internet connection.

    Have you ever installed an app that promised rewards for sharing bandwidth, or used a free VPN without thinking twice about it? Let us know your thoughts by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter 

    Copyright 2026 CyberGuy.com.  All rights reserved.

    Related Article

    Stop Google from following your every move

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Spyware can hijack your phone in seconds

    [ad_1]

    NEWYou can now listen to Fox News articles!

    You already know malware is out there. You hear about phishing emails, fake apps and data breaches almost every week. But every so often, something comes along that feels more personal. ZeroDayRAT spyware is one of those threats.

    If your device gets infected, attackers can see almost everything happening on your phone. That includes your messages, notifications, location and even live camera feeds. Let that sink in for a second.

    This is not some clunky virus from years ago. Security researchers at iVerify, a mobile security and digital forensics company, describe it as a complete mobile compromise toolkit. And it works on both iPhone and Android devices.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    ZeroDayRAT spyware can secretly access messages, camera feeds and banking apps on infected iPhone and Android devices. (Stefan Sauer/picture alliance via Getty Images)

    What makes ZeroDayRAT spyware so dangerous?

    Many types of malware focus on one goal. Some steal passwords. Others spy on text messages. ZeroDayRAT spyware goes much further.

    Once installed, the infected device starts transmitting data back to a central dashboard controlled by the attacker. From there, they get:

    • A full stream of incoming notifications
    • A searchable inbox of text messages
    • Device model and operating system details
    • Battery level and lock status
    • Network activity and app usage

    In other words, they can build a detailed profile of your daily life. Reports say the dashboard even shows a live activity timeline. That timeline reveals who you talk to most, which apps you use and when you are most active online. For anyone who values privacy, that is chilling.

    It can watch and listen in real time

    Here is where things get even more disturbing.

    ZeroDayRAT spyware includes keylogging and live surveillance tools. That means attackers can:

    • Capture every keystroke with context
    • See which app you opened
    • Track how long you spent inside it
    • Record gestures and inputs
    • Access your microphone
    • Activate your front or rear camera
    • View your screen in real time

    Imagine someone watching your screen as you log into your bank account. Or listening while you have a private conversation. This is not a hypothetical capability. According to reporting, those features are built directly into the platform.

    Your banking and crypto apps are targets too

    Many people assume mobile malware only steals passwords. ZeroDayRAT spyware goes after money directly. It reportedly includes tools designed to target digital payment and banking apps such as Apple Pay and PayPal. It can also intercept banking notifications and use clipboard injection to redirect cryptocurrency transfers to the attacker’s wallet.

    Even without full remote control of your phone, that level of access is enough to drain accounts and steal digital assets. And here is another troubling detail. Reports indicate the platform is openly sold on Telegram, which lowers the barrier for would-be cybercriminals. You do not need advanced hacking skills to use it. That combination of power and accessibility makes this threat especially concerning.

    Why Apple and Google are tightening app rules

    There is a reason Apple strongly discourages installing apps outside the App Store. Google is also exploring changes to how sideloading works on Android. When apps bypass official stores, security screening becomes weaker. That opens the door for spyware like ZeroDayRAT to sneak in. While no system is perfect, sticking to trusted app marketplaces dramatically lowers your risk.

    How to tell if ZeroDayRAT spyware is on your phone

    Advanced spyware is designed to stay hidden. You may not see a flashing warning that something is wrong. Still, your phone often gives subtle clues when something is off. Watch for these warning signs.

    Unusual battery drain

    Spyware that streams data, records audio or tracks location runs constantly in the background. If your battery suddenly drains much faster than normal, especially after no major app changes, that can be a red flag.

    Phone overheating without heavy use

    If your device feels hot even when you are not gaming or streaming video, background surveillance activity could be consuming resources.

    Strange data usage spikes

    Check your mobile data usage in settings. A sudden jump may indicate that your phone is transmitting large amounts of information to an external server.

    Unknown apps or configuration changes

    Look for apps you do not remember installing. On iPhone, check for unknown configuration profiles under Settings. On Android, review installed apps and device administrator permissions.

    Unexpected login alerts

    If you receive password reset emails or login alerts you did not trigger, assume your credentials may be compromised.

    Microphone or camera indicators are activating randomly

    Both iPhone and Android show visual indicators when the camera or microphone is in use. If those indicators appear when you are not actively using them, investigate immediately.

    If you suspect spyware, do not ignore it. Back up essential data, perform a factory reset and restore only trusted apps. In severe cases, consult a mobile security professional.

    149 MILLION PASSWORDS EXPOSED IN MASSIVE CREDENTIAL LEAK

    Person typing on their phone's keyboard.

    Security researchers warn ZeroDayRAT functions as a full mobile surveillance toolkit sold openly online. (Photographer: Angel Garcia/Bloomberg via Getty Images)

    How to remove ZeroDayRAT spyware from your phone

    If you believe your phone may be infected, act quickly. Do not keep using it normally while you figure things out. Follow these steps.

    1) Disconnect immediately

    Turn off Wi-Fi and cellular data. This stops the spyware from sending more data to the attacker while you take action.

    2) Change your passwords from a different device

    Do not use the potentially infected phone to change passwords. Use a trusted computer or another secure device. Update passwords for email, banking, social media and payment apps first. Enable two-factor authentication (2FA) on every account. Consider using a password manager, which securely stores and generates complex passwords, reducing the risk of password reuse.  Check out the best expert-reviewed password managers of 2026 at Cyberguy.com

    3) Run a trusted mobile security scan

    Install and run strong antivirus software on your phone. Let it scan your device for malicious apps, suspicious configuration profiles or hidden spyware components. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    4) Remove suspicious apps and profiles

    On iPhone, check SettingsGeneralVPN & Device Management for unknown configuration profiles. Delete anything you do not recognize. On Android, review installed apps and remove anything unfamiliar. Also, check device administrator settings and revoke access from unknown apps.

    5) Back up essential data carefully

    If you plan to reset your phone, back up only photos, contacts and critical files. Avoid restoring full system backups that could reintroduce malicious software.

    6) Perform a factory reset

    A full factory reset on your iPhone or Android is often the most effective way to remove advanced spyware. This wipes the device and removes hidden malware components. After the reset, reinstall apps manually from the official app store instead of restoring everything automatically. Before performing a factory reset, back up important photos, contacts and files, as this process permanently deletes everything stored on the device.

    7) Monitor your financial accounts

    Because ZeroDayRAT targets banking and crypto apps, watch your accounts closely for unusual transactions. Contact your bank immediately if you see suspicious activity.

    When to replace the device

    In rare cases, if the phone was deeply compromised or jailbroken, replacing the device may be the safest option. While that sounds extreme, protecting your identity and finances is worth more than the cost of a new phone.

    Ways to stay safe from ZeroDayRAT spyware

    The good news is that you still have control over your digital safety. Start with these practical steps to reduce your risk of infection and limit the damage if spyware ever targets your phone.

    1) Avoid sideloading apps

    Only install apps from the App Store or Google Play Store. Official stores screen apps for malicious code and remove threats when discovered. Do not download apps from links in emails or text messages. If an app asks you to install it from outside the store, treat that as a red flag.

    2) Think before you tap and use strong antivirus protection

    Do not click links from unknown senders. Even one tap can trigger a malicious download or redirect you to a fake login page. Install strong antivirus software on your mobile device. Good mobile security apps scan for spyware, block malicious websites and warn you about suspicious behavior in real time. Some also alert you if your personal information appears in known data breaches, which adds another layer of protection. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    3) Keep your phone updated

    Install operating system updates as soon as they become available. Security updates patch vulnerabilities that spyware platforms like ZeroDayRAT try to exploit. Turning on automatic updates helps ensure you do not miss critical fixes.

    4) Review app permissions regularly

    Check which apps have access to your camera, microphone and location. Remove permissions that do not make sense. If a simple game wants constant microphone access, that should raise questions. Limiting permissions reduces what spyware can capture.

    5) Use strong authentication

    Turn on two-factor authentication (2FA) for banking, email and social media accounts. Even if spyware captures a password, that second verification step can stop attackers from logging in. Use a reputable password manager to create strong, unique passwords for every account.

    6) Use a data removal service to reduce your exposure

    Spyware operators often profile targets using personal data that is already available online. Data broker websites collect your phone number, address, relatives and more. A reputable data removal service can help remove your personal details from many of these sites. The less information criminals can gather about you, the harder it becomes to target you with convincing phishing attacks or social engineering.  Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com. Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    7) Do not bypass your phone’s built-in security protections

    Some people modify their phones to remove manufacturer restrictions so they can install unofficial apps or customize the system. On an iPhone, this is called jailbreaking. On Android, it is known as rooting. While that may sound harmless, it removes important security safeguards that are designed to block spyware and malicious software. Once those protections are gone, threats like ZeroDayRAT have a much easier time installing and hiding on your device. Keeping your phone in its original security state adds a powerful layer of protection that most people never see but benefit from every day.

    YOUR PHONE SHARES DATA AT NIGHT: HERE’S HOW TO STOP IT

    Woman typing on her smartphone.

    Experts say the spyware can activate a phone’s microphone and camera without a user’s knowledge. (Karl-Josef Hildenbrand/picture alliance via Getty Images)

    Kurt’s key takeaways

    ZeroDayRAT spyware feels unsettling because it attacks something we rely on every day. Your phone holds your conversations, photos, financial apps and personal routines. When a single piece of malware can see your screen, hear your voice and track your location, the stakes get higher. The silver lining is this. Most infections still depend on user action. A bad link was clicked. A suspicious app was installed. A warning ignored. Staying cautious may not sound exciting, but it remains one of the strongest defenses you have.

    Now here is the question worth asking. If spyware can already access your camera, messages and money in one package, are tech companies and app stores doing enough to protect you? Let us know your thoughts by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com. All rights reserved.

    Related Article

    Android malware hidden in fake antivirus app

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Conduent data breach hits millions across multiple states

    [ad_1]

    NEWYou can now listen to Fox News articles!

    A ransomware attack on government technology giant Conduent is turning out to be far bigger than first reported. What initially sounded like a limited incident now appears to affect tens of millions of people across multiple states. In Texas alone, at least 15.4 million residents may have had their data exposed. Oregon has reported another 10.5 million affected individuals. And notifications have also gone out to hundreds of thousands of people in states like Delaware, Massachusetts and New Hampshire. If you rely on state healthcare programs or government services, your data could be part of this breach.

    Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter

    What we know about the breach so far

    149 MILLION PASSWORDS EXPOSED IN MASSIVE CREDENTIAL LEAK

    What started as a “limited” ransomware incident now appears to impact tens of millions of people across multiple states. (Sebastian Kahnert/picture alliance via Getty Images)

    The cyberattack happened in January 2025 and was later claimed by the Safeway ransomware gang, which says it stole more than 8 terabytes of data. Conduent first disclosed the incident publicly in April, months after hackers disrupted its systems and caused outages to government services across the country.

    The company initially said about 4 million people in Texas were affected. That number has since jumped to 15.4 million, nearly half the state’s population. Oregon’s attorney general reported another 10.5 million impacted residents. Combined with other states issuing notifications, the total could reach into the dozens of millions.

    The stolen data includes names, Social Security numbers, medical information, and health insurance details. That combination is particularly dangerous because it can be used for identity theft, medical fraud, and highly targeted scams.

    Conduent processes data for large corporations, state agencies, and government healthcare programs. The company says its systems support services for more than 100 million people nationwide. However, it has not confirmed whether the breach affects that many individuals.

    In a filing with the SEC, Conduent acknowledged that the stolen data included a “significant number” of individuals’ personal information tied to its clients’ end users, meaning people who rely on government agencies and corporate services powered by the company.

    RANSOMWARE ATTACK EXPOSES SOCIAL SECURITY NUMBERS AT MAJOR GAS STATION CHAIN

    Why this breach is especially concerning

    Unlike a retail breach, where credit card data might be exposed, this incident involves deeply sensitive personal and medical information. Social Security numbers and health records are long-term identifiers. You cannot simply cancel or replace them like a debit card.

    Healthcare-related data is especially valuable on the black market because it can be used to file fraudulent insurance claims, obtain prescription drugs, or open financial accounts. And because Conduent works behind the scenes for state agencies, many people may not even realize their data was stored by the company in the first place.

    Conduent said it is still in the process of notifying affected individuals and expects to complete those notifications by early 2026. The company did not provide a clearer timeline or confirm how many total people will ultimately be alerted. Many people could be waiting months before knowing whether their information was compromised.

    Conduent responds to January 2025 data breach

    We reached out to Conduent for comment, and a company spokesperson provided CyberGuy with the following statement:

    “As previously disclosed in its April 2025 Form 8-K filing with the SEC, in January 2025, Conduent discovered that it was the victim of a cybersecurity incident. With respect to that incident, Conduent has agreed to send notification letters, on behalf of its clients, to individuals whose personal information may have been affected by this incident. Working in conjunction with our clients, we expect to send out all of the consumer notifications by April 15. In addition, a dedicated call center has been set up to address consumer inquiries. At this time, Conduent has no evidence of any attempted or actual misuse of any information potentially affected by this incident.

    “Upon discovery of the incident, Conduent acted quickly to secure its networks, restore its systems and operations, notify law enforcement, and conduct an investigation with the assistance of third-party forensics experts. In addition, given the nature and complexity of the data involved, Conduent worked diligently with a dedicated review team, including internal and external experts, and conducted a detailed analysis of the affected files to identify the personal information contained therein, which was a time-intensive process.

    “Both Conduent and our third-party experts monitor the dark web regularly and have no evidence of any personal information being released on the dark web.

    “Rest assured, we have followed all of the right protocols and have assured our clients that we have secured the necessary data. Conduent has been working with law enforcement and takes this matter seriously. We regret any inconvenience this incident may have caused.”

    How can I check if my information was sold on the dark web?

    To check if your information was sold on the dark web, you can go to haveibeenpwned.com and enter your email address into the search bar. The website will search to see what data of yours is out there and display if there were data breaches associated with your email address on various sites.

    If you find your data is out on the web, remove it with a data removal service. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

    Hacker typing into a computer.

    Hackers claim they stole more than 8 terabytes of data, including Social Security numbers and sensitive medical information. (Philip Dulian/picture alliance via Getty Images)

    8 steps you can take to protect yourself after the Conduent breach

    When a breach involves Social Security numbers and medical data, you need to think long term. Here’s what you should do.

    1) Place a credit freeze

    A credit freeze prevents lenders from opening new accounts in your name without your approval. It’s free and can be placed with Equifax, Experian, and TransUnion. This is one of the strongest protections you can put in place after an SSN exposure. You can temporarily lift it if you need to apply for credit.

    2) Monitor your credit reports regularly

    You’re entitled to free credit reports from all three major bureaus. Look for unfamiliar accounts, credit inquiries, or address changes. Early detection makes it much easier to shut down fraud before it snowballs.

    3) Use a password manager

    If attackers obtained personal details like your name and email, they may try credential-stuffing attacks against your other accounts. A password manager creates strong, unique passwords for every account, so one breach does not unlock everything else. Many password managers also include breach alerts if your credentials show up in known leaks.

    Also, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

    Check out the best expert-reviewed password managers of 2026 at Cyberguy.com

    4) Secure your email account first

    Your email account is the gateway to nearly everything. Protect it with a strong password and two-factor authentication. Review recovery settings and recent login activity to make sure nothing has been altered.

    5) Enable two-factor authentication everywhere possible

    Two-factor authentication (2FA) adds another barrier, even if someone has your password. Use an authenticator app rather than SMS whenever possible for stronger protection.

    6) Install strong antivirus software

    Strong antivirus software can help block malicious links, phishing attempts, and ransomware. After a major breach, scammers often target victims with follow-up attacks pretending to offer help or compensation. Security software adds another layer of protection.

    Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

    7) Consider identity theft protection

    Identity theft services monitor your Social Security number, financial accounts, and even dark web marketplaces. If your information is misused, they can alert you quickly and help you recover faster. When SSNs are exposed, ongoing monitoring becomes especially important.

    See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com

    8) Reduce your digital footprint with a data removal service

    Scammers often combine breach data with personal details found on data broker sites. A data removal service works to remove your phone number, address, and other exposed information from hundreds of databases. While no service can erase everything, reducing what’s publicly available makes targeted fraud much harder.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

    Someone typing on a computer in a dark room.

    Because Conduent powers government and healthcare services behind the scenes, many affected people may not even realize their data was stored there. (Thomas Trutschel/Photothek via Getty Images)

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

    Kurt’s key takeaway

    The Conduent breach highlights a growing risk that many people never see coming. When large government contractors are hit, millions can be affected at once. And because these companies operate behind the scenes, you may not even realize they hold your data. If your information was exposed, taking action now can prevent long-term damage. The sooner you lock things down, the harder it becomes for criminals to profit from your data.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Do you think companies that process government data are doing enough to protect it? Let us know your thoughts by writing to us at Cyberguy.com

    Sign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter 

    Copyright 2026 CyberGuy.com.  All rights reserved. 

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • YouTube TV billing scam emails are hitting inboxes

    [ad_1]

    NEWYou can now listen to Fox News articles!

    An email arrived that looked like a routine billing alert for YouTube TV Premium. Near the top, it displayed “BILLING FAILED” in capital letters. Below that, the message claimed the payment was declined and urged immediate action to keep streaming. This email was sent to us by Jackie from New York, NY, who immediately knew something was wrong.

    “I’m not a YouTube TV Premium subscriber so I knew right away this was a scam. So why am I receiving these emails?”

    — Jackie from New York, NY

    That question matters. If a billing alert references a service you do not use, it is almost always a scam. The email still appeared legitimate. Billing notices like this are common, and scammers rely on that familiarity to slip past quick checks.

    Another warning sign appeared in the sender’s details. The message was routed through a domain with no connection to Google or YouTube. That mismatch confirmed what Jackie already suspected.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    TAX SEASON SCAMS 2026: FAKE IRS MESSAGES STEALING IDENTITIES

    Cybersecurity experts warn that billing emails from domains unrelated to Google or YouTube are a major red flag. (Photo by S3studio/Getty Images)

    Why this scam feels so convincing

    Scammers understand behavior. People skim emails. They react quickly when access to familiar services feels threatened. This message uses recognizable branding, clean formatting and simple language. It also assumes the recipient already subscribes. That assumption is intentional. These emails go out in bulk, knowing some recipients really do have YouTube TV and may act before verifying.

    Urgency language is meant to push for quick action

    Scam emails rely on pressure. This one uses several subtle cues.

    ‘BILLING FAILED’ draws immediate focus

    Capital letters pull attention to the problem first. It feels like a system notice, even though no real account check took place.

    ‘Fix your payment now to keep streaming’ creates momentum

    That line suggests access could stop at any moment. Scammers know interruptions feel urgent, so they push fast decisions.

    ‘Status: Payment declined’ sounds technical

    The word status makes the message feel automated and official. In reality, scammers use vague labels because they cannot see real billing data.

    ‘Date: Today’ adds time pressure

    Including today makes the issue feel current and unresolved. Legitimate companies rarely demand same-day action through email links alone.

    When urgency replaces clarity, that pressure itself becomes the warning sign.

    ROBINHOOD TEXT SCAM WARNING: DO NOT CALL THIS NUMBER

    YouTube playing on a TV screen.

    Scam emails mimicking YouTube TV billing notices use urgent language and fake support buttons to steal login and payment details. (Robert Michael/picture alliance via Getty Images)

    Red flags hiding in plain sight

    The layout of the email matters as much as the wording.

    “Confirm billing” buttons are designed to prompt clicks

    The red CONFIRM BILLING button encourages action before verification. Real companies usually direct users to sign in normally, not through a single email button.

    “Contact support” links can be misleading

    The black CONTACT SUPPORT button looks official and helpful. In scam emails, these links often lead to fake support pages or phishing forms.

    Color and design influence behavior

    Red suggests urgency. Dark colors suggest authority. Familiar branding builds comfort. Together, they encourage quick action.

    If an email pushes any button to fix a problem, pause and verify first.

    The biggest red flag most people miss

    The message claims to be about YouTube TV. The sending infrastructure points somewhere else. Lifeheaters.com has no legitimate relationship with Google or YouTube. Billing emails should always come from official domains tied directly to the company.

    We reached out to Google, YouTube’s parent company, and a spokesperson told us, “We can confirm that this is a phishing scam and not an official communication from YouTube.”

    How to protect yourself from YouTube TV billing email scams

    If you receive a billing alert like this, pause before acting. Scammers rely on speed and stress. These steps help you stay in control.

    1) Go straight to the official website or app

    Instead of clicking links in the email, open a new browser tab. Then go directly to the official YouTube TV website or app. Real billing issues always appear inside your account dashboard.

    2) Check billing inside your account settings

    Once you are logged in, review your payment status. If there is a real problem, you will see it there. If everything looks normal, the email is fake.

    3) Inspect links before you click

    Hover your cursor over any link in the email. Look closely at the destination. If the domain does not clearly match Google or YouTube, do not click it. That mismatch is a major warning sign. Also, installing strong antivirus software adds a critical layer of protection. It can block malicious links, flag phishing pages and stop malware before it installs. That matters if you accidentally click the wrong thing. The best way to protect yourself from malicious links that install malware and potentially access your private information is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com.

    4) Act fast if you already clicked

    If you clicked the link or entered information, respond quickly. Change your Google password right away. Consider using a password manager to securely store and generate complex passwords, reducing the risk of password reuse.  Then review recent account activity and payment methods for any suspicious activity.

    Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

    Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

    5) Remove your data from data broker sites

    Scammers often target people using leaked personal data. A data removal service helps reduce how much of your information is floating around online. Less exposed data means fewer targeted scam attempts.

    While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    6) Watch for sender domains that do not match

    Legitimate companies send billing emails from their own domains. A message about YouTube TV should never route through an unrelated site like lifeheaters.com. That disconnect alone is enough to walk away.

    7) Never update payment info through email links

    Scammers want your login details or credit card number. Avoid giving them either. Always update billing information directly inside your account, not through an email prompt.

    HOW TO SAFELY VIEW YOUR BANK AND RETIREMENT ACCOUNTS ONLINE

    YouTube app download screen.

    Google confirmed a YouTube TV “billing failed” email routed through an unrelated domain was a phishing scam. (Jakub Porzycki/NurPhoto via Getty Images)

    Kurt’s key takeaways

    This email looked polished. The message felt urgent. The branding felt familiar. Yet one small detail gave it away. Billing emails should always come from official domains and verified accounts. When they do not, trust your instincts and verify independently. Pausing for ten seconds can save you weeks of cleanup.

    Have you received a billing or subscription email that looked real but turned out to be fake? What tipped you off? Let us know your thoughts by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP 

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Panera Bread data breach exposes 5.1M customers

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Another major consumer brand has joined the growing list of companies hit by serious data breaches. Panera Bread has confirmed a cybersecurity incident after the hacking group ShinyHunters claimed it stole millions of customer records.

    The breach exposes a wide range of personal details, raising real concerns for anyone who has ever placed an order, created an account or shared contact information with the popular bakery chain.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    SUBSTACK DATA BREACH EXPOSES EMAILS AND PHONE NUMBERS

    Panera Bread confirmed a data breach after hackers claimed they stole millions of customer records containing contact information.  (AP Photo)

    What happened in the Panera Bread data breach?

    ShinyHunters added Panera Bread to its data leak site earlier this year, initially claiming it had stolen more than 14 million customer records. According to the group, the stolen data includes names, email addresses, phone numbers, home addresses and account-related information.

    Panera Bread has since confirmed a cybersecurity incident. In a statement to media outlets, the company described the exposed data as customer “contact information” and said it has contacted law enforcement and taken steps to address the incident. Panera has not shared technical details about how the attack occurred or whether customers need to take specific actions.

    Even “contact information” can be dangerous in the wrong hands. When combined, these details can be used for identity theft, targeted phishing and highly convincing social-engineering scams.

    ShinyHunters claims the attackers accessed Panera’s systems through Microsoft Entra single sign-on (SSO). While Panera has not confirmed that claim, it closely mirrors recent warnings from Okta about a surge in voice-phishing attacks targeting SSO platforms.

    In these attacks, criminals pose as IT or helpdesk staff and call employees directly. They pressure targets to approve authentication requests or enter login credentials on fake SSO pages. Once attackers capture session tokens or credentials, they can bypass some forms of multifactor authentication and move laterally through company systems. This approach relies on human trust rather than technical exploits, making it increasingly effective.

    How many people were actually affected?

    At first glance, claims that 14 million customers were affected suggested an enormous breach. However, researchers at Have I Been Pwned? later clarified that the attackers stole 14 million records, not data tied to 14 million unique individuals.

    After reviewing the leaked dataset, researchers now estimate the breach affected approximately 5.1 million unique people. The exposed information includes email addresses along with associated names, phone numbers, and physical addresses.

    That distinction matters, but it does not eliminate risk. Once stolen data is released publicly, it can spread quickly across criminal forums and be reused for years.

    149 MILLION PASSWORDS EXPOSED IN MASSIVE CREDENTIAL LEAK

    The hacking group ShinyHunters leaked stolen Panera customer data online after an attempted extortion failed.

    The hacking group ShinyHunters leaked stolen Panera customer data online after an attempted extortion failed. (Panera Bread)

    Hackers leaked the data after extortion failed

    ShinyHunters reportedly attempted to extort Panera Bread before publishing the stolen data. When those efforts failed, the group released a 760MB archive containing millions of customer records on its leak site.

    This reflects a broader shift in cybercrime. Instead of locking systems with ransomware, many groups now focus on quietly stealing data and threatening public exposure. These attacks are faster, harder to detect, and often just as profitable.

    ShinyHunters has used similar tactics in other high-profile incidents involving Bumble, Match Group, Crunchbase and other consumer platforms.

    Lawsuits filed after Panera breach disclosure

    The breach has already triggered legal fallout. Multiple class-action lawsuits have been filed in U.S. federal court, alleging that Panera failed to adequately protect customer data.

    The lawsuits claim Panera knew or should have known about security weaknesses and seek damages, improved security practices, and long-term identity theft protection for affected customers. Panera has not publicly commented on the litigation.

    A troubling pattern for Panera Bread

    This is not Panera Bread’s first major security lapse. In 2018, a cybersecurity researcher revealed that Panera had left millions of customer records exposed online in plain text. That incident later led to lawsuits and settlements.

    Repeated breaches often point to deeper challenges. Large organizations can struggle to secure cloud services, identity systems, and employee access at scale. When attackers target identity platforms instead of infrastructure, a single mistake can expose millions of records.

    We reached out to Panera Bread for a comment, but did not hear back before our deadline. 

    GRUBHUB CONFIRMS DATA BREACH AMID EXTORTION CLAIMS

    Person typing on their laptop.

    Exposed contact details like names, emails, and addresses can fuel phishing scams and identity theft long after a breach becomes public. (Donato Fasano/Getty Images)

    7 steps you can take to protect yourself following the Panera data breach

    When a major consumer brand suffers a breach, customers often don’t realize the risk until weeks or months later. These steps help limit what attackers can do with your information if your Panera data falls into the wrong hands.

    1) Use a strong, unique password for every account

    If you ever created a Panera Bread account, reset its password immediately. If you reused that password anywhere else, those accounts are now at risk, too. Attackers routinely test breached passwords across email, shopping and banking sites.

    A password manager helps by generating strong, unique passwords for every account and storing them securely so you never need to reuse credentials. Many password managers also alert you if your email or passwords appear in known data breaches, giving you an early warning to lock things down fast.

    Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

    Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

    2) Enable two-factor authentication (2FA) wherever possible

    Two-factor authentication (2FA) adds a second step to the login process, usually through an app or device you control. Even if someone gets your password through phishing or a breach, 2FA makes it much harder for them to access your account.

    3) Be cautious of phishing messages

    Cybercriminals often follow up breaches with fake emails or in-app messages pretending to offer help or security updates. Always double-check the sender and avoid clicking links. When in doubt, open the app or website directly rather than responding to the message. Using strong antivirus software adds another layer of protection by flagging malicious links and blocking known threats before they can do harm. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    4) Limit the personal details you share

    When names, email addresses, phone numbers and physical addresses are exposed, identity theft becomes a real risk. Identity theft-protection services monitor your personal information, alert you if it appears on the dark web, and watch for attempts to open new accounts in your name.

    If something does go wrong, these services often include recovery support to help freeze accounts, dispute fraud, and guide you through the cleanup process.

    See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

    5) Reduce your digital footprint with a data removal service

    Scammers don’t rely on one breach alone. They combine leaked data with information from data broker sites to build detailed profiles. Data removal services help remove your phone number, home address and other personal details from hundreds of these sites.

    While no service can erase everything, reducing what’s publicly available makes it much harder for criminals to target you with convincing scams or identity fraud. This is one of the most effective long-term ways to lower your risk after any major breach.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    6) Secure your email account

    Your email account controls password resets for most services. Protect it with a strong password and 2FA. Regularly review login activity and recovery settings, so attackers can’t use your email to take over other accounts.

    7) Watch for account changes after breach news

    Not every breach leads to immediate account takeovers. In some cases, attackers quietly test access weeks later. That is why staying alert after breach reports matters. Watch for password reset emails you did not request, profile changes you did not make, or new messages you did not send. Unexpected logouts or security alerts are also red flags. If you notice anything unusual, change your password immediately and review your security settings.

    Kurt’s key takeaway

    The Panera Bread data breach is another reminder that even familiar brands can become major cyber targets. While Panera says only contact information was exposed, that data is often enough to fuel scams and identity theft long after headlines fade. Staying proactive after breach news is now part of protecting your digital life.

    Do you still trust large brands to protect your personal information, or have repeated breaches changed how much data you’re willing to share? Let us know by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • 5 trendy tech words shaping today’s internet culture

    [ad_1]

    NEWYou can now listen to Fox News articles!

    If your social media feed feels noisier, stranger or more manipulated than it used to, you’re not alone. The internet runs on its own language now, and those buzzwords quietly shape what you see, what you don’t see and how companies target you. From viral “slop” content to shadowbans and targeted ads, these terms influence how information spreads and how platforms treat your account.

    Let’s break down five key phrases so you can understand what’s really happening behind your screen and stay in control of your digital life.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    CLEAN UP YOUR SOCIAL MEDIA FEED AND CUT THE NOISE

    If your social media feed feels louder and more chaotic, algorithm-driven trends like “slop” and shadowbanning may be shaping what you see. (Jan Woitas/picture alliance via Getty Images)

    1) Slop

    The flood of low-quality content that is taking over your social media feed

    “Slop” refers to mass-produced, low-effort digital content, often generated quickly by AI or churned out purely for clicks and engagement. This includes spammy articles, recycled videos, misleading thumbnails and content created without real value.

    While slop may seem harmless, it can crowd out reliable information, spread misinformation and overwhelm your feed with noise instead of useful content. Platforms often struggle to control it because slop is designed to game algorithms.

    Why this matters:

    • Low-quality content can drown out trustworthy sources
    • Slop is often designed to manipulate clicks and attention
    • AI-generated misinformation can spread faster than ever
    • Curating your feed helps reduce exposure to low-value content

    The good news is you can take back control by curating your feed and cutting the noise. 

    2) Burner account

    The hidden identity behind anonymous profiles

    A burner account is a secondary or anonymous social media account used to hide a person’s real identity. Some people use burner accounts for privacy, while others use them for trolling, harassment, spying or secretly viewing content.

    Because burner accounts are difficult to trace, they are often linked to online harassment, fake engagement or manipulation of public conversations. Platforms attempt to detect suspicious behavior, but many burner accounts still slip through the cracks.

    Why this matters:

    • Anonymous accounts can spread misinformation or harassment
    • Burners are often used to manipulate comments and engagement
    • They make it harder to verify who is behind the content

    Being cautious with unknown accounts protects your safety.

    3) Shadowban

    When platforms quietly decide what you don’t see

    A shadowban doesn’t only affect creators; it can affect what you see as a user. Platforms sometimes limit the visibility of certain accounts, topics, or types of content without telling you. This means posts may be hidden, pushed lower in your feed or never shown to you at all, even if you follow the account.

    This type of filtering is often driven by algorithms designed to reduce spam, harmful content or policy violations, but it can also shape what information reaches you without you realizing it. Over time, this can subtly influence your perception of what’s popular, trending or widely discussed.

    Why this matters:

    • You may not see all content from accounts you follow
    • Algorithms quietly filter what appears in your feed
    • Your view of trends and conversations can be shaped
    • Platform controls influence what information reaches you

    YOUR PHONE SHARES DATA AT NIGHT: HERE’S HOW TO STOP IT

    iPhone on a social media screen.

    From burner accounts to clickbait, online buzzwords influence how information spreads and how users are targeted. (Brent Lewin/Bloomberg via Getty Images)

    4) Clickbait

    Headlines designed to make you click, not inform you

    Clickbait uses exaggerated, misleading or emotionally charged headlines to attract attention and drive clicks. While some clickbait is harmless, it often leads to low-quality or misleading content that doesn’t deliver on its promise.

    Clickbait works because it exploits curiosity, fear or surprise, powerful emotional triggers that drive engagement. It’s a core tactic used by low-quality publishers and viral content farms.

    Why this matters

    • Clickbait can spread misinformation or distort facts
    • It’s designed to manipulate attention rather than inform
    • Recognizing it helps you avoid low-value content
    • Trustworthy sources focus on clarity, not shock value

    5) Targeted ads

    Why the internet seems to know what you want

    Targeted ads use data about your behavior, searches, location and interests to deliver personalized advertisements. This is why you might see ads related to something you recently searched, clicked or even talked about near your phone.

    Advertisers build detailed profiles based on browsing activity, app usage and online behavior to predict what you are most likely to buy or engage with.

    What this does:

    • Shows ads based on your interests and behavior
    • Uses browsing history, location and app activity
    • Builds advertising profiles over time
    • Drives highly personalized marketing

    One more thing to know: Targeted advertising relies heavily on data collection. Adjusting privacy settings, limiting ad tracking and regularly reviewing app permissions can reduce how much data advertisers use to profile you.

    Pro Tip: Control the data that fuels the system

    If targeted ads feel a little too accurate, it’s because data brokers are constantly collecting and selling your information. Beyond adjusting privacy settings, consider removing your personal data from broker sites to shrink the profile advertisers build around you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    Stay tuned for more in this series as we decode the internet’s most talked-about terms and answer the top questions we hear from readers like you.

    Take my quiz: How safe is your online security?

    Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com.

    SUPER BOWL SCAMS SURGE IN FEBRUARY AND TARGET YOUR DATA

    Phone resting on a keyboard.

    Understanding digital terms like “slop” and clickbait can help users take back control of their feeds. (Photo by Jakub Porzycki/NurPhoto via Getty Images)

    Kurt’s key takeaways

    The modern internet runs on more than just technology; it runs on attention, algorithms and influence. Understanding terms like slop, shadowban and targeted ads helps you recognize how platforms shape your experience and how companies compete for your clicks. The more you understand these trends, the easier it becomes to filter noise, protect your privacy and stay in control of what you see online.

    Confused by a trending internet term or want something explained? Let us know by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Tax season scams 2026: Fake IRS messages stealing identities

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Tax season no longer begins in April. For scammers, it starts the moment the calendar flips to January. 

    While you’re waiting for your W-2 or 1099 to arrive, cybercriminals are already sending out waves of fake IRS messages, “refund problem” alerts and account verification scams. These messages feel alarmingly real, and that’s not an accident.

    The truth is, today’s tax scams don’t rely on random guessing. They rely on your personal data, pulled from online data brokers, public records and previous breaches. And once your information is in circulation, you become part of a high-value target list.

    Let’s break down what’s really happening – and how you can protect yourself before the first fake message lands in your inbox.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    ROBINHOOD TEXT SCAM WARNING: DO NOT CALL THIS NUMBER

    Tax scammers are targeting Americans as soon as January with fake IRS emails and refund alerts designed to steal personal data. (Photo illustration by Michael Bocchieri/Getty Images)

    The new wave of tax scams

    Every year, scammers refine their tactics. And every year, they get better at making their messages look legitimate. Here are the most common scams hitting Americans before tax season even peaks:

    1) Fake IRS emails and texts

    These messages look official. They use real IRS language, government-style formatting and even fake case numbers. You might see something like:

    “Your tax account is under review. Immediate action is required to avoid penalties.”

    The email may include:

    • IRS logos and official-looking headers
    • Threatening language about audits or fines
    • A link that appears to go to a government website.

    But when you click, you’re taken to a fake IRS portal designed to steal:

    • Your Social Security number
    • Your date of birth
    • Your bank account details
    • Your IRS login credentials.

    Once scammers have that, they can file fake returns, redirect your refund or impersonate you for years.

    2) ‘Refund Issue’ alerts

    This is one of the most effective tax scams because it preys on something people are already waiting for: their money. The message usually says:

    “Your tax refund has been delayed due to a verification issue. Please confirm your information.”

    It feels believable. You just filed. You are expecting a refund. And the message arrives right when you’re checking your bank account.

    The link leads to a perfect copy of:

    • A government site
    • A tax filing service
    • Or a bank login page.

    Every keystroke you enter is captured. Scammers now have your identity, your financial access and your tax data – all from one click.

    3) Benefit and identity verification scams

    These scams impersonate the:

    • IRS
    • Social Security Administration
    • State tax offices.

    Often, they use what seem to be legitimate titles like “tax resolution officer” and state that you have unresolved tax activity. They claim your benefits, tax records or identity are “on hold” and must be verified immediately.

    Typical messages say: “Your benefits account has been temporarily suspended. Verify your identity to restore access.” Or: “We detected unusual activity on your tax profile. Confirm your information now.”

    The goal is simple: panic. When people panic, they don’t slow down. They don’t double-check. They click. And once they do, scammers collect everything they need to fully impersonate the victim.

    HOW TO SAFELY VIEW YOUR BANK AND RETIREMENT ACCOUNTS ONLINE

    Multiple W-2 tax forms.

    Cybercriminals use data broker profiles and breach records to personalize tax scams and make them appear legitimate. (Andrew Harrer/Bloomberg via Getty Images)

    Why these messages feel so real

    You may wonder: How do they know my name? My address? My tax service?

    They don’t guess. They buy it. Data brokers collect and sell personal profiles that can include your:

    • Full name and address history
    • Phone numbers and email addresses
    • Family members and marital status
    • Estimated income and property records
    • Age, retirement status and employer history.

    Scammers use this data to personalize their messages. That’s why the email doesn’t feel random. It feels meant for you. And once your profile is sold or leaked, it can be reused again and again.

    The real target isn’t your refund. It’s your identity

    Once scammers steal your Social Security number, tax ID or bank details, the damage doesn’t stop with one scam.

    They can:

    • File fake tax returns
    • Open credit lines in your name
    • Redirect benefits
    • Sell your identity on criminal marketplaces.

    Tax scams are often the entry point to long-term identity theft.

    The ‘pre-tax season cleanup’ most people skip

    Most people think clearing browser cookies or changing passwords is enough. It’s not. Your information still lives in data broker databases, where scammers shop for victims.

    That’s why I recommend a data removal service that automates data removal and goes directly to the source. Instead of chasing scams one by one, these services help remove the reason you’re targeted in the first place.

    While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    Practical steps to protect yourself this tax season

    Here’s what I recommend before filing:

    • Never click tax links from emails or texts. Go directly to official websites. Strong antivirus software can help block malicious links before they install malware or steal personal information. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
    • Use strong, unique passwords for tax services and email.  A password manager helps create and store strong, unique passwords and alerts you if your email appears in known data breaches. Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials. Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.
    • Enable two-factor authentication (2FA) wherever possible.
    • Freeze your credit if you’re not applying for loans. To learn more about how to do this, go to Cyberguy.com and search “How to freeze your credit.” 
    • Remove your data from brokers before scammers find it, as discussed above.

    2026 VALENTINE’S ROMANCE SCAMS AND HOW TO AVOID THEM

    1040 tax form on a table.

    Fake “refund issue” messages trick taxpayers into entering Social Security numbers and bank details on fraudulent sites. (Photo illustration by Michael Bocchieri/Getty Images)

    Kurt’s key takeaways

    Tax scams don’t start in April; they start when your data is sold. The more complete your profile becomes, the easier it is for scammers to impersonate government agencies and steal your identity. By removing your personal data now, you’re not just protecting your refund; you’re protecting your future. This tax season, don’t wait for the alert. Remove the risk.

    Have you received a suspicious IRS text or email this tax season, and what made you question whether it was real? Let us know by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Don’t ignore Apple’s urgent security update

    [ad_1]

    NEWYou can now listen to Fox News articles!

    If you use an iPhone, iPad, Mac, Apple Watch or Apple TV, listen up. Apple has released a major security update to fix a zero-day vulnerability, which is a security hole that hackers discover and exploit before the company has a chance to fix it. 

    Attackers were already using it in targeted attacks. In other words, this was not just a possibility. It was happening.

    The flaw, tracked as CVE-2026-20700, affects multiple Apple operating systems. If you have delayed updates lately, this is one you should not ignore.

    If you own an Android or Windows PC, this is also a good reminder to check for updates. 

    Sign up for my FREE CyberGuy Report 
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    APPLE PATCHES TWO ZERO-DAY FLAWS USED IN TARGETED ATTACKS

    Apple’s latest security updates affect iPhone, iPad, Mac, Apple Watch and Apple TV, so now is the time to check every device you own. (iStock)

    What is CVE-2026-20700 and why it matters

    CVE-2026-20700 is a memory corruption vulnerability affecting:

    • iOS 26.3
    • iPadOS 26.3
    • macOS Tahoe 26.3
    • watchOS 26.3
    • tvOS 26.3
    • visionOS 26.3

    In simple terms, this bug could allow an attacker to run arbitrary code on your device. That opens the door to spyware, hidden backdoors or silent takeovers without obvious warning signs. Apple says this vulnerability was used as part of an infection chain combined with two previously patched flaws against devices running older versions of iOS. Those earlier bugs were fixed in December 2025. Devices that skipped those updates remained exposed. This is how many real attacks unfold. Hackers chain vulnerabilities together and quietly move in.

    Which devices need updating?

    Here is a breakdown of the available updates:

    • iOS 26.3 and iPadOS 26.3 for iPhone 11 and later, plus newer iPads
    • iOS 18.7.5 and iPadOS 18.7.5 for iPhone XS, XS Max, XR and iPad 7th generation
    • macOS Tahoe 26.3, Sequoia 15.7.4, Sonoma 14.8.4
    • tvOS 26.3 for Apple TV HD and Apple TV 4K
    • watchOS 26.3 for Apple Watch Series 6 and later
    • visionOS 26.3 for Apple Vision Pro
    • Safari 26.3 for supported macOS versions

    If your device qualifies, update it as soon as possible.

    Why this update deserves attention

    Security updates can feel routine. Many of us see the notification and decide to deal with it later. This time is different. Apple confirmed the flaw was actively exploited. That means attackers already know how to use it. Running older software gives them a window of opportunity. Updating closes that window.

    How to update your iPhone or iPad

    Updating takes only a few minutes.

    • Go to Settings
    • Tap General
    • Tap Software Update
    • If an update appears, tap Download and Install
    • Turn on Automatic Updates so you do not miss future fixes

    Keep your device connected to Wi-Fi and power during the process.

    APPLE WARNS MILLIONS OF IPHONES ARE EXPOSED TO ATTACK

    An iOS update screen

    Once you reach this screen on your iPhone, tap Update Now to install Apple’s latest security fix immediately. (Kurt “CyberGuy” Knutsson)

    How to update your Mac

    • Click the Apple menu in the upper left corner
    • Choose System Settings or System Preferences
    • Select General
    • Click Software Update
    • If an update appears, select Restart Now or Update Tonight

    Your Mac may restart during the process. Keep it plugged in and connected to the internet until the update finishes.

    A macOS update screen

    Mac users will see options like Update Tonight or Restart Now, and installing this update closes a flaw already exploited in attacks. (Kurt “CyberGuy” Knutsson)

    How to update Apple Watch

    • Keep your Watch on its charger and near your iPhone
    • Open the Watch app on your iPhone
    • Tap General
    • Tap Software Update
    • Tap Download and Install if available

    Your Watch will restart during the update.

    A watchOS update screen

    Your Apple Watch also receives critical security fixes, so keep it on the charger and update it just like your iPhone. (Kurt “CyberGuy” Knutsson)

    How to update Apple TV

    • Open Settings on Apple TV
    • Go to System
    • Select Software Updates
    • Choose Update Software
    • Select Download and Install

    Stay connected to power and Wi Fi until the update completes.

    How to update Safari

    Safari updates are included with macOS updates.

    • Go to the Apple menu
    • Click System Settings
    • Select General
    • Click Software Update

    If Safari appears separately, click Update Now and restart your Mac.

    How to update your Apple Vision Pro

    • Put on your Vision Pro and open the Settings app.
    • Select General from the sidebar.
    • Tap Software Update.
    • If an update appears for visionOS 26.3, choose Download and Install.
    • Make sure your Vision Pro stays charged and connected to Wi-Fi until the update completes.

    MALICIOUS MAC EXTENSIONS STEAL CRYPTO WALLETS AND PASSWORDS

    Ways to stay safe

    Installing this update is the most important step. Still, there are additional habits that strengthen your protection.

    • Turn on automatic updates for every Apple device
    • Restart devices regularly to clear temporary processes
    • Avoid clicking unsolicited links or attachments, and use strong antivirus software. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
    • Remember, Apple threat notifications will never ask for passwords or verification codes
    • Be cautious when viewing HTML-formatted emails in Apple Mail
    • Consider enabling Lockdown Mode if you face a higher risk

    Cybercriminals rely on hesitation. They count on us assuming we will get to the update later.

    Kurt’s key takeaways

    Apple moved fast to fix this vulnerability, and that is reassuring. Now it is up to us to do our part. I get it. Updates interrupt your day. They force a restart. They rarely feel urgent. But here is the thing. Installing updates is still the simplest and most effective way to protect your device from active threats. A few minutes now can prevent a serious security problem later.

    What is your biggest reason for delaying updates, and has it ever cost you? Let us know by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report 
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Substack data breach exposes emails and phone numbers

    [ad_1]

    NEWYou can now listen to Fox News articles!

    If you read newsletters to stay informed, here is an update worth paying attention to. Substack, a popular platform where writers, journalists and creators send email updates directly to subscribers, has confirmed a data breach that exposed user data.

    The company says the exposed information includes email addresses, phone numbers and internal account metadata. More sensitive data, such as passwords, credit card numbers and financial information, was not affected. That is good news. Still, many users are asking how this happened and why it took months to detect.

    For clarity, CyberGuy does not use Substack to send its newsletters.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    ROBINHOOD TEXT SCAM WARNING: DO NOT CALL THIS NUMBER

    Substack confirmed a data breach that exposed users’ email addresses, phone numbers and internal account metadata after unauthorized access in October. (Photo Illustration by Robin Utrecht/SOPA Images/LightRocket via Getty Images)

    What we know so far about the Substack breach

    According to Substack, the unauthorized access occurred in October but was not identified until February. That means user data may have been exposed for several months before the issue was discovered. In response to CyberGuy’s request for comment, Substack shared an email from CEO and cofounder Chris Best that was sent to affected users on Wednesday, Feb. 4.

    “I’m incredibly sorry this happened,” Best wrote. “We take our responsibility to protect your data and your privacy seriously, and we came up short here.” He went on to say the company will “work very hard to make sure it does not happen again.”

    According to Best, Substack identified evidence of a system issue on February 3 that allowed an unauthorized third party to access limited user data in October. He confirmed the accessed data included email addresses, phone numbers and internal metadata. He also said passwords, credit card numbers and financial information were not accessed.

    What Substack says it is doing now

    Substack says it has fixed the system issue that allowed the unauthorized access and has launched a full investigation. The company also said it does not have evidence that the exposed information is being misused. Even so, it encouraged users to take extra caution with emails or text messages that appear suspicious. While the statement clarifies what data was exposed, it does not explain why the access went undetected for several months or what specific safeguards are now in place to prevent a similar incident. That gap remains a key concern.

    Why exposed emails and phone numbers still matter

    Email addresses and phone numbers are often the first pieces of information used in scams. Once attackers have verified contact details, they can send messages that feel personal, urgent or familiar. Those messages may reference subscriptions, billing or account changes to pressure people into clicking links or sharing information. Even without passwords, this type of exposure can increase the risk of phishing and impersonation attempts. That is why awareness matters now.

    MICROSOFT ‘IMPORTANT MAIL’ EMAIL IS A SCAM: HOW TO SPOT IT

    Person typing code on their laptop.

    Security experts warn exposed email addresses and phone numbers can fuel phishing and impersonation scams. (Photo by Annette Riedl/picture alliance via Getty Images)

    Ways to stay safe after the Substack breach

    If you have a Substack account, now is a good time to tighten things up.

    1) Watch for targeted messages

    Be cautious with emails or texts that reference your Substack account subscriptions or payments. Scammers may use real details to sound convincing.

    2) Avoid clicking links under pressure

    Urgent language is a common tactic. Go directly to Substack’s website instead of using links in messages. Use a strong antivirus to safeguard yourself from malicious links that install malware, potentially accessing your private information.

    Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    3) Change your password anyway

    Even if passwords were not exposed, updating them adds a layer of protection, especially if you reuse passwords elsewhere. Consider using a password manager, which securely stores and generates complex passwords, reducing the risk of password reuse. 

    Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

    Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

    4) Limit data exposure

    Consider using a data removal service to reduce where your email and phone number appear online. Fewer data points make scams harder to pull off. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    5) Use two-factor authentication

    Enable two-factor authentication (2FA) wherever possible to reduce the risk of account takeover.

    SOUNDCLOUD DATA BREACH EXPOSES 29.8 MILLION USER ACCOUNTS

    Person typing on their laptop.

    The company said passwords and financial information were not accessed, but the breach went undetected for months. (Photographer: Luke MacGregor/Bloomberg via Getty Images)

    Kurt’s key takeaways

    Substack’s breach is a reminder that even creator-focused platforms face real security risks. While the company says sensitive data was not affected, unanswered questions remain about detection delays and transparency. Email addresses and phone numbers are powerful tools in the wrong hands. Staying alert now can prevent bigger problems later. Trust is built on clarity, and users are still waiting for it.

    Have you changed how you protect your email and phone number after recent data breaches, and what steps have made you feel safer? Let us know by writing to us at Cyberguy.com

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter. 

    Copyright 2026 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Fake ad blocker breaks PCs in new malware extension scam

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Fake browser extensions are nothing new, but this one takes things a step further by deliberately breaking your computer to scare you into infecting it.

    Security researchers have uncovered a malicious Chrome and Edge extension called NexShield that pretends to be a fast, privacy-friendly ad blocker. Once installed, it crashes your browser on purpose and then tricks you into “fixing” the problem by running dangerous commands on your own PC.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    MALICIOUS GOOGLE CHROME EXTENSIONS HIJACK ACCOUNTS

    A fake Chrome and Edge extension called NexShield crashes browsers to trick users into running malicious commands. (Sina Schuldt/picture alliance via Getty Images)

    How the NexShield ad blocker scam works

    NexShield was promoted as a lightweight ad blocker supposedly created by Raymond Hill, the real developer behind the popular uBlock Origin extension. That claim was false, but it helped the extension look legitimate enough to spread through online ads and search results before it was taken down from the Chrome Web Store.

    Once installed, NexShield immediately starts abusing Chrome or Edge in the background. Researchers at Huntress found that it opens endless internal browser connections until your system runs out of memory (via Bleeping Computer). Tabs freeze, CPU usage spikes, RAM fills up, and the browser eventually hangs or crashes completely.

    After you restart the browser, NexShield displays a scary pop-up warning that claims your system has serious security problems. When you click to “scan” or “fix” the issue, you’re shown instructions telling you to open Command Prompt and paste a command that’s already been copied to your clipboard.

    That single paste is the trap. The command launches a hidden PowerShell script that downloads and runs malware. To make detection harder, the attackers delay the payload execution for up to an hour after installation, creating distance between the extension and the damage it causes.

    Why this fake browser extension attack is especially dangerous

    This campaign is a new variation of the well-known ClickFix scam, which relies on convincing you to run commands yourself. Huntress calls this version CrashFix because instead of faking a system failure, it causes a real one.

    In corporate environments, the attack delivers a Python-based remote access tool called ModeloRAT. This malware allows attackers to spy on systems, run commands, change system settings, add more malware and maintain long-term access. Researchers say the threat group behind it, tracked as KongTuke, appears to be shifting focus toward enterprise networks where the payoff is higher.

    Home users weren’t the primary target in this campaign, but that doesn’t mean they’re safe. Even if the final payload was unfinished for consumer systems, uninstalling the extension alone is not enough. Some malicious components can remain behind. The biggest danger here isn’t a browser bug. It’s trust. The attack works because it looks like a helpful fix from a trusted tool, and it pressures you to act quickly while your system feels broken.

    “Microsoft Defender provides built in protections to help identify and stop malicious or unwanted browser extensions and the harmful behaviors associated with them,” Tanmay Ganacharya, VP of Microsoft Threat Protection, told CyberGuy. “Our security technologies are designed to detect and mitigate tactics like the ones described in this campaign, and they are continuously updated to help keep customers safe. We encourage consumers and organizations to follow our security best practices for reducing exposure to social engineering-based threats. Guidance on strengthening your security posture against techniques like this can be found in our blog, ⁠Think Before You Click (Fix): Analyzing the ClickFix Social Engineering Technique, on the Microsoft Security blog.”

    We also reached out to Google for comment.

    7 steps you can take to stay safe from malicious browser extensions

    A few smart habits and the right tools can dramatically reduce your risk, even when malicious extensions slip past official app stores.

    1) Only install extensions from trusted publishers

    Before installing any browser extension, check the publisher name, official website and update history. Reputable tools clearly identify their developer and have years of user reviews. Be cautious of “new” extensions that claim to come from well-known creators, especially if the name or branding looks slightly off.

    2) Never run unknown commands

    No legitimate browser extension will ever ask you to open Command Prompt or paste a command to fix an issue. That’s a massive red flag. If something breaks your browser and then tells you to run system commands, close it and seek help from a trusted source.

    3) Use a strong antivirus

    Strong antivirus software can detect malicious scripts, suspicious PowerShell activity and remote access tools like ModeloRAT. This is especially important because these attacks rely on delayed execution that basic defenses might miss.

    The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    MALICIOUS MAC EXTENSIONS STEAL CRYPTO WALLETS AND PASSWORDS

    Person sitting at their desk, typing into their computer.

    After freezing your browser, the rogue extension urges users to paste a PowerShell command that installs malware. (Annette Riedl/picture alliance via Getty Images)

    4) Use a password manager to limit fallout

    If malware gains access to your system, stored browser passwords are often the first target. A password manager keeps credentials encrypted and separate from your browser, reducing the risk of account takeover even if something slips through.

    Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

    Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

    5) Keep Windows, Chrome and Edge fully updated

    Security updates don’t just patch bugs. They also improve protection against malicious extensions, script abuse and unauthorized system changes. Turn on automatic updates so you’re not relying on memory to stay protected.

    6) Consider an identity theft protection service

    If malware ever runs on your system, assume personal data could be at risk. Identity protection services can monitor for misuse of your information, alert you early and help with recovery if fraud occurs.

    Identity Theft companies can monitor personal information like your Social Security number (SSN), phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

    See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

    7) Reduce your online footprint with a data removal service

    Many attacks become more effective when criminals already have your personal details. Data removal services help pull your information from broker sites, making it harder for attackers to craft convincing follow-up scams or targeted phishing.

    While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    FAKE ERROR POPUPS ARE SPREADING MALWARE FAST

    Woman using her laptop computer.

    Security researchers say the NexShield ad blocker scam deliberately overloads memory to force a system crash. (Photo by Sebastian Gollnow/picture alliance via Getty Images)

    Kurt’s key takeaway

    Cybercriminals are getting better at blending technical tricks with psychological pressure. Instead of relying on exploits alone, they break things on purpose and wait for you to panic. If a browser extension crashes your system and then tells you to “fix” it by running commands, stop immediately. The safest response is not to fix the problem fast, but to question why you’re being asked to fix it at all.

    CLICK HERE TO GET THE FOX NEWS APP

    How many browser extensions are installed on your computer right now? Let us know by writing to us at Cyberguy.com.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Why physical ID theft is harder to fix than credit card fraud

    [ad_1]

    NEWYou can now listen to Fox News articles!

    It started with a voicemail from a Hertz rental car location in Miami, Florida. A 57-year-old woman in Los Alamitos, California, was asked when she planned to return a Mercedes-Benz she had never rented. A thief had stolen her driver’s license, replaced the photo with their own and used it to rent the vehicle. The same identity was used to open a credit card account, book airline tickets and reserve hotel stays. By the time she learned what happened, the fraud involved businesses in multiple states.

    Clearing her name required police reports in two jurisdictions, written disputes with the credit card issuer and repeated contact with the rental company and hotels. Her accounts were frozen while she submitted notarized copies of her identification and signed fraud affidavits. The process lasted more than a week. She reported losing $78,500 and spent nearly 10 days dealing with the fallout from one stolen ID.

    Credit card fraud is usually limited to a single account number. Physical ID theft gives someone the ability to act as you in the real world. As a result, the cleanup process is longer, more intrusive and often tied to your legal record.

    Sign up for my FREE CyberGuy Report

    Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

    5 MYTHS ABOUT IDENTITY THEFT THAT PUT YOUR DATA AT RISK

    A stolen driver’s license can allow someone to rent cars, open accounts and sign contracts in your name. (Photo by Silas Stein/picture alliance via Getty Images)

    How credit card fraud recovery works

    Under the Fair Credit Billing Act, you report unauthorized charges to the card issuer within 60 days of the statement date. Federal law limits your liability to $50, and most major issuers waive that entirely. The bank cancels the compromised card number, issues a replacement and removes the disputed charges after an investigation. You may need to confirm transactions and sign a fraud affidavit. The account number changes. Your name, driver’s license and Social Security number stay the same. In most cases, fraud is resolved within one or two billing cycles. That structure gives consumers clarity. There is one issuer, one investigation and one account to correct.

    Why physical ID theft recovery is more complicated

    Physical ID theft creates problems that go far beyond one financial account. When someone uses your driver’s license, they step into your legal identity. Start with reporting requirements. Most states require you to file a police report before the DMV will issue a replacement linked to fraud. That report number becomes part of your official record. If the misuse happened in another state, you may need to file a second report there.

    Next, understand what replacing the card actually does. A new physical card does not erase prior activity. Rental contracts, utility accounts, hotel stays, or police interactions tied to the stolen license still carry your name and license number. Fixing those records takes work. You must contact each business directly and submit documentation. No central agency reverses everything at once. Each company sets its own rules and timeline.

    The stakes can rise quickly. For example, if someone abandons a rental car or commits a crime using your stolen ID, law enforcement databases may record your name. At that point, the situation shifts from financial inconvenience to legal exposure.

    HOW TO PROTECT A LOVED ONE’S IDENTITY AFTER DEATH

    A passport

    Police reports and formal disputes are often required before businesses will remove fraudulent records.  (Kurt “Cyberguy” Knutsson)

    How to prove physical ID theft was not yours

    With credit card fraud, the issuer investigates the charge. With physical ID theft, businesses and agencies often require you to prove that you did not authorize the activity. That process usually starts at IdentityTheft.gov. The FTC generates an Identity Theft Report, which serves as an official statement of fraud. Most banks, collection agencies and rental companies will not proceed without it.

    You may also need:

    • A local police report
    • A copy of your driver’s license
    • A notarized identity affidavit
    • Proof of residence tied to the date of the fraud

    When thieves open fraudulent accounts in your name, dispute each one separately. Act quickly. Send a written response within 30 days of the first collection notice to protect your rights under federal law. Fraud that appears on your credit report requires another step. Contact Equifax, Experian and TransUnion individually and submit formal disputes with supporting documentation. The credit bureaus then have up to 30 days to complete their investigations. No central agency manages these corrections for you. Instead, every company sets its own documentation rules and timeline. Therefore, you must track deadlines, follow up consistently and keep detailed records of every communication.

    You cannot simply replace your driver’s license number after identity theft

    When a credit card number is stolen, the bank issues a new one. When a driver’s license is stolen, the number usually remains the same. In California, if your driver’s license is lost or stolen, you can request a replacement card through the DMV online system or at a field office. The official process gets you a new physical card. No new license number is automatically assigned when the card is stolen.

    If there is identity misuse tied to the license number, the DMV fraud review process allows you to submit documentation, including police reports, to support an identity theft claim before they take further action. A Social Security number is even harder to change. The Social Security Administration approves new numbers only in cases involving continued harm. Applicants must provide extensive documentation and appear in person.

    A stolen physical ID, such as your license, includes:

    • Full legal name
    • Date of birth
    • Address
    • Driver’s license number
    • Signature

    That information is sufficient for in-person identity checks, rental contracts, certain loan applications and travel-related transactions.

    Hands typing on a laptop with green code on screen

    Credit monitoring alerts can help you detect identity misuse before it spreads across multiple accounts. (Kurt “CyberGuy” Knutsson)

    Why ongoing identity protection matters

    There is no single agency that tracks misuse of your driver’s license across rental companies, lenders, collection agencies and law enforcement systems. That burden falls on you.

    Identity theft services monitor your identity across all three credit bureaus and alert you to new credit inquiries, account openings and changes to your credit file. If fraud appears, you are assigned a dedicated U.S.-based case manager who helps:

    • File disputes with Equifax, Experian and TransUnion
    • Prepare and submit FTC Identity Theft Reports
    • Contact creditors and collection agencies
    • Track documentation deadlines and responses
    • Assist with reimbursement claims when eligible

    Plans can include identity theft insurance of up to $1 million per adult to cover eligible expenses such as lost wages, legal fees and document replacement costs related to identity theft recovery.

    No service can prevent every misuse of a stolen ID. But when the issue involves police reports, credit bureaus, tax agencies and collection accounts, having structured support can make all the difference.

    The California woman in this case was not enrolled in an identity theft protection service. Some businesses may reverse fraudulent charges, but it is unclear whether she recovered the full $78,500.

    See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Kurt’s key takeaways

    Credit card fraud follows a defined path. You report the charge, the issuer investigates and your account number changes. In most cases, the disruption ends there. Physical ID theft moves differently. It spreads across rental companies, hotels, credit bureaus and sometimes law enforcement databases. Instead of one dispute, you may face several. Instead of replacing a number, you must protect a permanent identity marker tied to your name. That shift matters. A stolen driver’s license carries your legal identity into the real world. Therefore, recovery demands documentation, patience and persistence. Each business sets its own rules. Each agency runs its own timeline. You coordinate the process. The lesson is clear. Protecting your financial accounts is critical. However, protecting your physical identification may be even more important. Once someone uses it in person, the cleanup becomes personal, procedural and time-consuming. Layered monitoring, early alerts and fast reporting reduce long-term damage. The faster you respond, the more control you keep.

    Have you ever dealt with physical ID theft, and did the recovery process take longer than you expected? Let us know your thoughts by writing to us at Cyberguy.com

    Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Android malware hidden in fake antivirus app

    [ad_1]

    NEWYou can now listen to Fox News articles!

    If you use an Android phone, this deserves your attention. 

    Cybersecurity researchers warn that hackers are using Hugging Face, a popular platform for sharing artificial intelligence (AI) tools, to spread dangerous Android malware. 

    At first, the threat appears harmless because it is disguised as a fake antivirus app. Then, once you install it, criminals gain direct access to your device. Because of this, the threat stands out as especially troubling. It combines two things people already trust — security apps and AI platforms.

    Sign up for my FREE CyberGuy Report

    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

    MALICIOUS GOOGLE CHROME EXTENSIONS HIJACK ACCOUNTS

    Researchers say hackers hid Android malware inside a fake antivirus app that looked legitimate at first glance.  (Kurt “CyberGuy” Knutsson)

    What Hugging Face is and why it matters

    For anyone unfamiliar, Hugging Face is an open platform where developers share AI, NLP and machine learning models. It is widely used by researchers and startups and has become a central hub for AI experimentation. That openness is also what attackers exploited. Because Hugging Face allows public repositories and supports many file types, criminals were able to host malicious code in plain sight.

    The fake antivirus app behind the attack

    The malware first appeared in an Android app called TrustBastion. On the surface, it looks like a helpful security tool. It promises virus protection, phishing defense and malware blocking. In reality, it does the opposite. 

    Once installed, TrustBastion immediately claims your phone is infected. It then pressures you to install an update. That update delivers the malicious code. This tactic is known as scareware. It relies on panic and urgency to push users into tapping before thinking.

    FAKE ERROR POPUPS ARE SPREADING MALWARE FAST

    A fake Android antivirus app in the Google Play store

    The fake TrustBastion app mimics a legitimate Google Play update screen to trick users into installing malware.  (Bitdefender)

    How the malware spreads and adapts

    According to Bitdefender, a global cybersecurity company, the campaign centers on a fake Android security app called TrustBastion. Victims were likely shown ads or warnings claiming their device was infected and were instructed to manually install the app.

    The attackers hosted TrustBastion’s APK files directly on Hugging Face, placing them inside public datasets that appeared legitimate at first glance. Once installed, the app immediately prompted users to install a required “update,” which delivered the actual malware.

    After researchers reported the malicious repository, it was taken down. However, Bitdefender observed that nearly identical repositories quickly reappeared, with small cosmetic changes but the same malicious behavior. That rapid re-creation made the campaign harder to fully shut down.

    What this Android malware can actually do

    This Trojan is not minor or annoying. It is invasive. Bitdefender says the malware can:

    Take screenshots of your device

    Show fake login screens for financial services

    Capture your lock screen PIN

    Once collected, that data is sent to a third-party server. From there, attackers can move quickly to drain accounts or lock you out of your own phone.

    What Google says about the threat

    Google says users who stick to official app stores are protected. A Google spokesperson told CyberGuy, “Based on our current detection, no apps containing this malware are found on Google Play.

    “Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services.

    “Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play.”

    BROWSER EXTENSION MALWARE INFECTED 8.8M USERS IN DARKSPECTRE ATTACK

    A person typing on their Android phone

    Once installed, the malware could capture screenshots, fake login details and even your lock screen PIN. (Kurt “CyberGuy” Knutsson)

    How to stay safe from Hugging Face Android malware

    This threat is a reminder that small choices matter. Here is what you should do right now:

    1) Stick to trusted app stores

    Only download apps from reputable sources like Google Play Store or the Samsung Galaxy Store. These platforms have moderation and scanning in place.

    2) Read reviews before installing

    Look closely at ratings, download counts and recent comments. Fake security apps often have vague reviews or sudden rating spikes.

    3) Use a data removal service

    Even careful users can have personal data exposed. A data removal service helps remove your phone number, email and other details from data broker sites that criminals rely on. That reduces follow-up scams, fake security alerts and account takeover attempts.

    While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. 

    These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

    4) Run Play Protect and use strong antivirus software

    Scan your device regularly with Play Protect and back it up with strong antivirus software for added protection. Google Play Protect, which is built-in malware protection for Android devices, automatically removes known malware. However, it is important to note that Google Play Protect may not be enough. Historically, it hasn’t been 100% effective at removing all known malware from Android devices.

    The best way to protect yourself against malicious links that install malware and potentially access your private information is to have strong antivirus software installed on all your devices. This protection can also help you detect phishing emails and ransomware, keeping your personal information and digital assets safe.

    Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com

    5) Avoid sideloading APK files

    Avoid installing apps from websites outside the app store. These apps bypass security checks, so always verify the publisher name and URL.

    6) Lock down your Google account

    Your phone security depends on it. Enable two-step verification (2FA) first, then use a strong, unique password stored in a password manager to prevent account takeovers.

    Next, see if your email has been exposed in past breaches. Our No. 1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

    Check out the best expert-reviewed password managers of 2026 at Cyberguy.com

    7) Be cautious with permissions

    Be cautious with accessibility permissions. Malware often abuses them to take control of your device.

    8) Watch app updates closely

    Malware can hide inside fake updates. Be cautious of urgent fixes that push you outside the app store.

    Kurt’s key takeaways

    This attack shows how quickly trust can be weaponized. A platform designed to advance AI research was repurposed as a delivery system for malware. A fake antivirus app became the threat it claimed to stop. Staying safe no longer means avoiding sketchy-looking apps. It means questioning even those apps that appear helpful and professional.

    Have you seen something on your phone that made you question its security? Let us know your thoughts by writing to us at Cyberguy.com

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report 

    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter. 

    Copyright 2026 CyberGuy.com.  All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Robinhood text scam warning: Do not call this number

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Most scam texts are easy to spot, but this one feels different. At first glance, the message looks polished and uses official branding that signals credibility. It also includes technical details that sound serious, which can cause even cautious people like Bob to pause instead of instantly deleting it. He shared the text message with CyberGuy after second-guessing whether it could be real.

    “I received a text message from someone, some entity I do not recognize. Normally, I just delete this phishing spam, but in this case, I wonder if someone has my personal, financially related info. Have you seen this before?”

    — Text message sent to Bob

    Yes, this exact message format has been circulating widely. The screenshot below points to a Robinhood impersonation scam, not a legitimate security alert. For those of you who might not be familiar, Robinhood is a popular financial app that lets people trade stocks, options and cryptocurrency from their phones. 

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    MICROSOFT ‘IMPORTANT MAIL’ EMAIL IS A SCAM: HOW TO SPOT IT

    Kurt “CyberGuy” Knutsson is warning of a Robinhood phishing scheme. (Kurt “CyberGuy” Knutsson)

    What the scam text actually says

    At the top of the message is a warning designed to trigger urgency:

    “Safety Reminder: If this wasn’t you, please call +1 (888) 497-####.”

    Below that, a realistic looking Robinhood graphic claims:

    • An API key was linked to an external wallet
    • Permissions include trade and transfer
    • A linked wallet labeled Robinhood-Wallet
    • An IP address listed as 128.51.100.##
    • A date and time stamp from January 23, 2026

    The message ends by calling itself a mandatory service SMS meant to keep the account secure. To most people, this feels official. That feeling is intentional.

    Why this message is designed to scare

    This scam relies on presentation, not accuracy. Technical language like API key and IP address sound authoritative. It creates pressure to act even when the details are unclear. The phone number is the real objective. Calling it connects directly to scammers trained to sound calm, helpful and urgent at the same time. The message also avoids links on purpose. A phone call feels safer than clicking, which lowers suspicion.

    The most important thing to understand

    Receiving this text does not mean an account has been accessed. Messages like this go out in bulk. Phone numbers often come from unrelated data breaches and marketing lists. The sender does not know who actually has a Robinhood account. The scam only works if someone reacts.

    A spokesperson for Robinhood told us the company is seeing a rise in financial scams and says it has safeguards in place “to monitor, report, and disrupt fraudulent activity.” The spokesperson urged customers not to engage with suspected scams and to use resources on Robinhood’s support page to help identify and avoid them.

    What to do right now if you get this text

    If this message shows up on your phone, pause for a moment. These scams succeed when fear takes over. Staying calm keeps you in control. These steps break the scam’s momentum and help protect your accounts before any real damage can occur.

    1) Do not call the phone number

    This is the single most important step. The phone number in the text connects directly to scammers posing as Robinhood security. Once on the call, they often claim there is an active threat and push for immediate action. They may ask you to verify account details, share one-time codes or approve fake transfers. No legitimate financial company handles account security through an unsolicited phone call.

    2) Do not click links or reply to the message

    Avoid interacting with the text at all. Replying confirms your number is active, while clicking anything can lead to fake login pages, follow-up scams or malware. Strong antivirus software can help block malicious links and scam sites if one is tapped accidentally, but the safest move is to ignore the message entirely. Cutting off interaction stops the scam immediately. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

    3) Check your account the safe way

    If you have a Robinhood account, always go directly to the source. Open the official app or manually type the website address into your browser. Never use links or phone numbers included in the text.

    Once logged in, review:

    • Security alerts
    • Recent account activity
    • Linked apps
    • API or third-party access

    If nothing appears there, the message was fake, and your account is safe.

    TAX SEASON SCAMS SURGE AS FILING CONFUSION GROWS

    Robinhood loaded on a laptop screen.

    Cyber experts warn a widely shared “Safety Reminder” text is a Robinhood impersonation scam, not a real breach alert. (Photo Illustration by Scott Olson/Getty Images)

    4) Turn on two-factor authentication

    Two-factor authentication (2FA) adds a critical layer of protection. Even if scammers obtain a password, they cannot access an account without the second verification step. This stops many account takeover attempts in their tracks.

    5) Use strong, unique passwords

    Never reuse passwords across financial accounts. Strong, unique passwords limit the damage from unrelated data breaches. A password manager can help generate and store secure passwords, so you don’t have to remember them.

    Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

    Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

    6) Reduce exposure with a data removal service

    If scam texts like this keep appearing, it often means your phone number is circulating among data brokers. A data removal service can help reduce that exposure over time.

    While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    7) Remove old or unused linked apps

    Over time, accounts can accumulate connections that are no longer needed. Review linked apps and remove anything unfamiliar or unused. Fewer connections mean fewer potential attack paths.

    8) Block the sending number

    After confirming your account is safe, block the number that sent the message. This prevents repeat attempts from the same source and reduces future interruptions.

    9) Report the message as spam

    Robinhood encourages users to contact its customer support team with any scam or fraud concerns or to verify suspicious messages. Suspected phishing attempts can be reported directly to reportphishing@robinhood.com, the spokesperson said. Also, report the message as spam in your messaging app. This helps improve filtering systems and can prevent similar scams from reaching others.

    10) Save the message as evidence

    Finally, before deleting it, take a screenshot. This gives you a record in case you need to report the scam later or explain what happened. It also helps remove doubt once the message is gone.

    5 MYTHS ABOUT IDENTITY THEFT THAT PUT YOUR DATA AT RISK

    Robinhood logo on a smartphone.

    Scammers are using technical jargon and official-looking branding to trick users into revealing financial account details. (Photo illustration by Cheng Xin/Getty Images)

    Kurt’s key takeaways

    This scam works by leveraging trust in a well-known brand and using fear to push for quick decisions. The message is designed to rush and intimidate, not to inform. The strongest defense is simple. Pause. Check accounts directly through official apps. Do not let technical language or urgency force a reaction. You do not need to understand every detail to stay safe. Questioning a message like this protects something far more valuable than time. And it raises an important question worth asking every time a security alert appears on your phone.

    Have you received a suspicious security text or call recently? Tell us what it looked like and how you handled it by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP 

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • How to safely view your bank and retirement accounts online

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Logging into your bank, retirement or investment accounts is now part of everyday life. Still, for many people, it comes with a knot in the stomach. You hear about hacks, scams and stolen identities and wonder if simply checking your balance could open the door to trouble. That concern landed in our inbox from Mary.

    “How do I protect my bank accounts, 401K and non-retirement accounts when I view them online?”

    — Mary in Baltimore, Ohio

    Mary’s question is a good one, because protecting your money online is not about one magic setting. It comes down to smart habits layered together.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    DATA BREACH EXPOSES 400,000 BANK CUSTOMERS’ INFO

    Securing your device with updates and antivirus software is the first step in protecting your financial accounts online. (REUTERS/Andrew Kelly)

    Secure your device before logging into financial accounts

    Everything begins with the device in your hands. If it isn’t secure, even the strongest password can be exposed. These essentials help lock things down before you ever sign in.

    Start with these device security basics:

    • Keep your phone, tablet and computer fully updated with the latest operating system and browser versions
    • Use strong, always-on antivirus protection to block malware and phishing attempts. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
    • Avoid public Wi-Fi when accessing financial accounts, or use a trusted VPN if you have no other option.  For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices at Cyberguy.com.

    Protect your bank and investment account logins

    Your login details are the front door to your money. Strengthening them reduces the chance that anyone else can get inside.

    Strengthen your account logins by:

    • Using strong, unique passwords for every financial account
    • Avoiding saved passwords on shared or older devices
    • Relying on a password manager to create and store credentials securely. Our No. 1 pick, includes a built-in breach scanner that alerts you if your information appears in known leaks. If you find a match, change any reused passwords immediately and secure those accounts with new, unique credentials.
    • Checking whether your email or passwords have appeared in known data breaches and updating reused passwords immediately. Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.
    • Turning on two-factor authentication (2FA) wherever it’s available

    Avoid common online banking scams when logging in

    Even well-secured accounts can be compromised through careless access. How you log in matters.

    Reduce your risk when accessing financial accounts:

    • Typing website addresses yourself or using saved bookmarks
    • Avoiding login links sent by email or text, even if they look official
    • Checking for “https” and the lock icon before entering credentials
    • Logging out completely after every session, especially on mobile devices

    Add extra layers of protection to financial accounts

    Person typing on their laptop.

    Strong, unique passwords and two-factor authentication help stop criminals even if one login is exposed. (Photo by Neil Godwin/Future via Getty Images)

    DON’T LET AI PHANTOM HACKERS DRAIN YOUR BANK ACCOUNT

    Think of these as early warning systems. They help catch problems quickly, before real damage is done.

    Enable financial account alerts and safeguards:

    • Setting up alerts for logins, withdrawals, password changes and new payees
    • Requiring extra confirmation for large or unusual transactions
    • Freezing your credit with the major credit bureaus to block new accounts opened in your name. To learn more about how to do this, go to Cyberguy.com and search “How to freeze your credit.” 

    Protect your identity beyond your bank accounts

    Your financial accounts are only part of the picture. Identity protection helps stop problems before they ever reach your bank.

    Go beyond basic banking security:

    • Monitoring for identity theft involving your Social Security number, phone number and email
    • Using an identity protection service that alerts you if your data appears on the dark web or is used fraudulently. See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com
    • Removing your personal information from data broker websites that buy and sell consumer data. A data removal service reduces risk before identity theft happens. Check out my top picks for data removal services, and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Review bank and credit statements for early warning signs

    Review your bank, credit card and investment statements regularly, even when nothing looks suspicious. Small red flags often appear long before major losses.

    Everyday security habits that prevent financial scams

    Many successful scams rely on pressure and trust, not advanced technology. Good habits close those gaps.

    Practice smart daily security habits:

    • Never allow anyone to log into your accounts remotely, even if they claim to be from your bank
    • Avoid storing photos of IDs, Social Security cards, or account numbers on your phone or email
    • Stop immediately if something feels off, and contact the institution directly using a verified phone number
    Logging in the right way, by typing web addresses yourself and avoiding suspicious links, reduces phishing risks.  

    Logging in the right way, by typing web addresses yourself and avoiding suspicious links, reduces phishing risks.   (Martin Bertrand / Hans Lucas / AFP via Getty Images)

    Kurt’s key takeaways

    Checking your bank or retirement accounts online should feel routine, not risky. With updated devices, strong logins, careful access and smart habits, you can keep control of your money without giving up convenience. Security is not about fear. It is about staying one step ahead.

    Have you ever clicked a financial alert and wondered afterward if it was real or a scam? Let us know your thoughts by writing to us at Cyberguy.com

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Gabbard ends task force that aimed to reform intelligence gathering after less than a year

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Director of National Intelligence Tulsi Gabbard announced she was ending the work of a task force that sought to reform the U.S. intelligence community, including rooting out what she described as the politicization of intelligence gathering, after less than a year since its creation.

    Gabbard established the group in April, when it was also tasked with probing ways to reduce spending on intelligence and whether reports on high-profile topics such as COVID-19 should be declassified.

    In a statement on Wednesday, Gabbard said the task force’s work was always intended to be temporary after she was tapped to oversee coordination of the 18 U.S. intelligence agencies.

    “In less than one year, we’ve brought a historic level of transparency to the intelligence community,” Gabbard said in her statement. “My commitment to transparency, truth, and eliminating politicization and weaponization within the intelligence community remains central to all that we do.”

    TULSI GABBARD DENIES WRONGDOING OVER DELAYED WHISTLE-BLOWER COMPLAINT REFERRAL TO CONGRESS MEMBERS: ‘BASELESS’

    Director of National Intelligence Tulsi Gabbard announced she was ending the work of a task force that sought to reform the U.S. intelligence community. (Photo by ANDREW CABALLERO-REYNOLDS/AFP via Getty Images)

    The number of officers assigned to the task force, as well as their identities, are classified, according to Gabbard’s office.

    The officers will now return to other intelligence agencies to continue the work the group started, her office added.

    The group sparked criticism against Gabbard after its creation, with Democrats and some intelligence insiders raising questions about whether it would be used to undermine intelligence agencies and bring them under tighter control of President Donald Trump.

    Sen. Mark Warner, D-VA, vice chairman of the Senate Intelligence Committee, said last year that the group appeared to be a “pass for a witch hunt” designed to target intelligence officers deemed disloyal to Trump.

    TRUMP CLAIMS DNI TULSI GABBARD WAS AT GEORGIA ELECTION HUB SEARCH BECAUSE AG PAM BONDI WANTED HER THERE

    Tulsi Gabbard speaks

    The task force sought to root out alleged politicization of intelligence gathering. (Chip Somodevilla/Getty Images)

    “This seems to be just a pass for a witch hunt and that’s going to further undermine our national security,” Warner told Reuters at the time.

    Gabbard has implemented significant changes to the country’s intelligence gathering in the last year, including by using agencies to back up Trump’s claims about alleged interference in the 2016 and 2020 elections.

    In August, she revealed plans to cut her office’s workforce and slash more than $700 million from its annual budget. She also fired two top intelligence officials in May after concluding that they opposed Trump.

    Since Gabbard took over as director, the federal government has revoked the security clearances of dozens of former and current officials, including high-profile political opponents of the president, which critics have panned as being a punishment for siding against Trump rather than posing security risks.

    President Trump and DNI Tulsi Gabbard

    The officers assigned to the task force will now return to other intelligence agencies. (Andrew Harnik/Getty Images)

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Gabbard’s presence for a recent FBI search of a Georgia election office in connection to the 2020 election has led to criticism from Democrats who argue she is blurring the traditional lines between foreign intelligence collection and domestic law enforcement.

    The CIA has also released additional information about its investigations into the origins of COVID-19, such as an assessment released last year that affirmed the position that it most likely originated in a lab in China.

    The Associated Press contributed to this report.

    [ad_2]

    Source link

  • 2026 Valentine’s romance scams and how to avoid them

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Valentine’s Day should be about connection. However, every February also becomes the busiest season of the year for romance scammers. In 2026, that risk is higher than ever.

    These scams are no longer simple “lonely hearts” schemes. Instead, modern romance fraud relies on artificial intelligence, data brokers and stolen personal profiles. Rather than sending random messages and hoping for a response, scammers carefully select victims using detailed personal data. From there, they use AI to impersonate real people, create convincing conversations and build trust at scale.

    As a result, if you are divorced, widowed or returning to online dating after the holidays, this is often the exact moment scammers target you.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    WHEN DATING APPS GET HACKED, YOUR PRIVATE LIFE GOES PUBLIC

    Romance scams surge around Valentine’s Day as criminals use artificial intelligence and stolen data to target widowed, divorced and older adults returning to online dating. (Omar Karim/Middle East Images/AFP via Getty Images)

    The new face of romance scams in 2026

    Romance scams are no longer slow, one-on-one cons. They’re now high-tech operations designed to target hundreds of people at once. Here’s what’s changed:

    1) AI-generated personas that look and sound real

    In the past, fake profiles used stolen photos and broken English. Today, scammers use AI-generated faces, voices and videos that don’t belong to any real person, making them almost impossible to reverse search.

    You may be interacting with a profile that:

    • Has years of realistic-looking social media posts
    • Shares daily photos that match the story they tell
    • Sends customized voice notes that sound natural
    • Appears on “video calls” using AI face-mapping software.

    Some scam networks even create entire fake families and friend groups online, so the person appears to have a real life, real friends and real history. To the victim, it feels like a genuine connection because the “person” behaves like one in every way.

    2) Automated relationship scripts that adapt to you

    Behind the scenes, many scammers now use software platforms that manage dozens of conversations at once. This is known as “scamware” and is incredibly hard to flag.

    These systems:

    • Track your replies
    • Flag emotional triggers (grief, loneliness, fear, trust)
    • Suggest responses based on your mood and history.

    When you mention that you are widowed, the tone quickly becomes more comforting. Meanwhile, if you say you are financially stable, the story shifts toward so-called “business opportunities.” And if you hesitate, the system responds by introducing urgency or guilt. It feels personal, but in reality, you’re being guided through a pre-written emotional funnel designed to lead to one outcome: money.

    3) Crypto and “investment romance” scams

    One of the fastest-growing versions of romance fraud now blends love and money. A BBC World Service investigation recently revealed that many romance scams are now run by organized criminal networks across Southeast Asia, using what insiders call the “pig butchering” model, where victims are slowly “fattened up” with trust before being financially destroyed.

    These operations use call center style setups, data broker profiles, scripted conversations and AI tools to target thousands of people at once. This is not accidental fraud. It’s an industry.

    And the reason you were selected is simple. Your personal data made you easy to find, easy to profile and easy to target.

    After weeks of trust-building, the scammer introduces:

    • A “private” crypto platform
    • A fake trading app
    • A business or investment opportunity, “they use themselves.”

    They may show fake dashboards, fake profits and even let you “withdraw” small amounts at first to build trust. But once larger sums are sent, the site disappears and so does the person. There is no investment. There is no account. And there is no way to recover the funds.

    AI DEEPFAKE ROMANCE SCAM STEALS WOMAN’S HOME AND LIFE SAVINGS

    Hacker typing code on their laptop.

    Data brokers selling personal details fuel a new wave of romance fraud by helping scammers select financially stable, older victims before contact is made. (Jens Büttner/picture alliance via Getty Images)

    How scammers find you before you ever match

    The biggest misconception is that romance scams begin on dating apps. They don’t. They begin long before that, inside massive databases run by data brokers. These companies collect and sell profiles that include:

    • Your age and marital status
    • Whether you’re widowed or divorced
    • Your home address history
    • Your phone number and email
    • Your family members and relatives
    • Your income range and retirement status.

    Scammers buy this data to build shortlists of ideal victims.

    The data brokers behind romance scams

    They filter for:

    • Age 55-plus
    • Widowed or divorced
    • Living alone
    • Financially stable
    • Not active on social media.

    That’s how they know who to target before the first message is ever sent.

    Why are widowed and retired adults targeted first?

    Scammers aren’t cruel by accident. They target people who are statistically more likely to respond. If you’ve lost a spouse, moved recently or reentered the dating world, your personal data often shows that. That makes you a priority target. And once your name lands on a scammer’s list, it can be sold again and again. That’s why many victims say, “I blocked them, but new ones keep showing up.” It’s not a coincidence. It’s data recycling.

    How the scam usually unfolds

    Most romance scams follow the same pattern:

    • Friendly introduction: A warm message. No pressure. Often references something personal about you.
    • Fast emotional bonding: They mirror your values, your experiences, even your grief.
    • Distance and excuses: They can’t meet. There’s always a reason: military deployment, overseas job, business travel.
    • A sudden “crisis”: Medical bills, business losses, frozen accounts, investment opportunities.
    • Money requests: Wire transfers, gift cards, crypto or “temporary help.”

    By the time money is involved, the emotional connection is already strong. Many victims send thousands before realizing it’s a scam.

    The Valentine’s Day cleanup that stops scams at the source

    If you want fewer scam messages this year, you need to remove your personal information from the places scammers buy it. That’s where a data removal service comes in. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. 

    These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    Practical steps to protect yourself this February

    Here’s what you can do right now:

    • Never send money to someone you haven’t met in person
    • Be skeptical of fast emotional bonding
    • Verify profiles with reverse image searches
    • Don’t share personal details early
    • Remove your data from broker sites.
    • Use strong antivirus software to block malicious links and fake login pages. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    When you combine these steps, you remove the access, urgency and leverage scammers rely on.

    SUPER BOWL SCAMS SURGE IN FEBRUARY AND TARGET YOUR DATA

    Person typing on their phone.

    Cybercriminals now deploy AI-generated faces, voices and scripted conversations to impersonate real people and build trust at scale in modern romance scams. (Martin Bertrand/Hans Lucas/AFP via Getty Images)

    Kurt’s key takeaways

    Romance scams are no longer random. They are targeted, data-driven and emotionally engineered. This Valentine’s Day, the best gift you can give yourself is privacy. By removing your personal data from broker databases, you make it harder for scammers to find you, profile you and exploit your trust. And that’s how you protect not just your heart, but your identity, your savings and your peace of mind.

    Have you or someone you love been contacted by a Valentine’s Day romance scam that felt real or unsettling?  Let us know your thoughts by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Microsoft ‘Important Mail’ email is a scam: How to spot it

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Scam emails are getting better at looking official. This one claims to be an urgent warning from Microsoft about your email account. It looks serious. It feels time sensitive. And that is exactly the point. Lily reached out after something about the message did not sit right.

    “I need help with an email that I’m unsure is valid. Hoping you can help me determine whether this is a valid or a scam. I have attached two screenshots below. Thank you in advance,” Lily wrote.

    Here is the important takeaway up front. This email is not from Microsoft. It is a scam designed to rush you into clicking a dangerous link.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

    WHY CLICKING THE WRONG COPILOT LINK COULD PUT YOUR DATA AT RISK

    A closer look at the sender shows a red flag scammers hope you will miss, a free email address posing as a trusted brand. (Kurt “CyberGuy” Knutsson)

    Why this Microsoft ‘Important Mail’ email is a scam

    Once you slow down and read it closely, the red flags pile up quickly.

    A generic greeting

    It opens with “Dear User.” Microsoft uses your name. Scammers avoid it because they do not know who you are.

    A hard deadline meant to scare you

    The message claims your email access will stop on Feb. 5, 2026. Scammers rely on fear and urgency to short-circuit good judgment.

    A completely wrong sender address

    The email came from accountsettinghelp20@aol.com. Microsoft does not send security notices from AOL. Ever.

    Pushy link language

    “PROCEED HERE” is designed to trigger a fast click. Microsoft messages sent to you to are clearly labeled Microsoft.com pages.

    Fake legal language

    Lines like “© 2026 All rights reserved” are often copied and pasted by scammers to look official.

    Attachments that should not be there

    Microsoft account alerts do not include image attachments. That alone is a major warning sign.

    10 WAYS TO PROTECT SENIORS FROM EMAIL SCAMS

    Windows 10 security flaws leave millions vulnerable

    The fake Microsoft email uses urgency and vague language to pressure you into clicking before you have time to think. (Kurt “CyberGuy” Knutsson)

    What would have happened if you clicked

    If you clicked the link, you would almost certainly land on a fake Microsoft login page. From there, attackers aim to steal:

    • Your email address
    • Your password
    • Access to other accounts tied to that email

    Once they have your email, they can reset passwords, dig through old messages and launch more scams using your identity.

    HACKERS ABUSE GOOGLE CLOUD TO SEND TRUSTED PHISHING EMAILS

    Person on phone

    Scam emails often reach people on their phones, where small screens make it easier to miss warning signs and click fast. (Kurt “CyberGuy” Knutsson)

    What to do if this email lands in your inbox

    If an email like this shows up, slow down and follow these steps in order. Each one helps stop the scam cold.

    1) Do not click or interact at all

    Do not click links, buttons or images. Do not reply. Even opening attachments can trigger tracking or malware. Strong antivirus software can block phishing pages, scan attachments and warn you about dangerous links before damage happens. Make sure yours is active and up to date. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    2) Delete the message immediately

    Once it is reported, delete it. There is no reason to keep it in your inbox or trash.

    3) Check your account the safe way

    If you want peace of mind, open a new browser window and go directly to the official Microsoft account website. Sign in normally. If there is a real issue, it will appear there.

    4) Change your password if you clicked

    If you clicked anything or entered information, change your Microsoft password right away. Use a strong, unique password you do not use anywhere else. A password manager can generate and store it securely for you. Then review recent sign-in activity for anything suspicious.

    Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

    Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

    5) Enable two-factor authentication

    Turn on two-factor authentication (2FA) for your Microsoft account. This adds a second check, which can stop attackers even if they get your password.

    6) Use a data removal service for long-term protection

    Scammers often find targets through data broker sites. A data removal service helps reduce how much personal information is publicly available, which lowers your exposure to phishing in the first place.

    While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    7) Report it as spam or phishing 

    Use your email app’s built-in reporting tool. This helps train filters and protects other users from seeing the same scam.

    Extra protection tips for real Microsoft notices

    When Microsoft actually needs your attention, the signs look very different.

    • Alerts appear inside your Microsoft account dashboard
    • Messages do not demand immediate action through random email links
    • Notices never come from free email services like AOL, Gmail or Yahoo

    That contrast makes scams easier to spot once you know what to look for.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Kurt’s key takeaways

    Scammers are counting on you being busy, distracted or worried about losing access to your email. That is why messages like this lean so hard on urgency. Your email sits at the center of your digital life, so attackers know a shutdown threat gets attention fast. The good news is that slowing down for even a few seconds changes everything. Lily did exactly the right thing by stopping and asking first. That single habit can prevent identity theft, account takeovers and a long, frustrating cleanup. Remember this rule. Emails that threaten shutdowns and demand immediate action are almost never legitimate. When something feels urgent, that is your cue to pause, verify on your own and never let an email rush you into a mistake.

    Have you seen a fake Microsoft warning like this recently, or did it pretend to come from another brand you trust? Let us know your thoughts by writing to us at Cyberguy.com.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter. 

    Copyright 2026 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • How to protect a loved one’s identity after death

    [ad_1]

    NEWYou can now listen to Fox News articles!

    When someone you love dies, the to-do list can feel endless. There are legal steps, financial paperwork and emotional weight all happening at once. What many families do not realize is that identity protection rarely makes those lists, even though it should.

    Scammers actively target the identities of people who have died. They rely on delays, data gaps and the assumption that someone else is handling it. Janet from Indiana recently reached out with a question many families quietly worry about but rarely ask.

    My husband just passed away in December. There are lists upon lists of things to do to wrap up his estate, but nothing that tells me how to lock down his identity now that he’s gone so that fraudsters cannot use it. Maybe our government is efficient enough to report to all of the credit bureaus that he is deceased, but I don’t want to bet my financial security on it. We both have our credit frozen with all three agencies, but is there more that I should do? Thank you.

    — Janet in Indiana

    Janet’s instincts are exactly right. The system often does not work as cleanly as people expect.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    MICROSOFT CROSSES PRIVACY LINE FEW EXPECTED

    Scammers often look for recently deceased names because they know systems do not update instantly and families are overwhelmed.   (Kurt “CyberGuy” Knutsson)

    What the government and credit bureaus do and don’t do

    When someone dies, Social Security is usually notified by the funeral home. That step helps, but it does not automatically secure a person’s financial identity.

    Here is what often surprises families:

    • Credit bureaus are not synchronized in real time
    • A death notice does not instantly stop fraud attempts
    • Scammers specifically target recently deceased individuals
    • Gaps between systems create opportunities for misuse

    In short, relying on automation alone leaves room for problems.

    AI DEEPFAKE ROMANCE SCAM STEALS WOMAN’S HOME AND LIFE SAVINGS

    Person typing on computer

    Credit freezes and alerts help, but they do not stop every attempt to misuse personal information after a death.  (Kurt “CyberGuy” Knutsson)

    What you’ve already done right

    Before adding more steps, it matters to acknowledge what Janet already did correctly.

    • Credit freezes with all three bureaus
    • Early awareness of identity risks
    • Taking action before fraud appears

    When speed matters, credit locks — different from freezes — give you instant on/off control. That combination puts someone well ahead of most families.

    Steps to protect a loved one’s identity after death

    Once the immediate paperwork is underway, these practical steps help close the gaps scammers look for. None of them is super complicated, but together they create a much stronger layer of protection.

    1) Add a deceased flag to credit files

    Even with a credit freeze in place, this step adds another layer of protection that lenders see immediately.

    Contact Equifax, Experian and TransUnion and ask them to mark the credit file as deceased. Each bureau may request:

    A copy of the death certificate

    • Proof that you are the surviving spouse or executor

    Once the flag is added, fraudulent applications become much harder to process because lenders are alerted upfront. A credit lock provides the same blocking effect, but with real-time control; this can matter when you’re managing a deceased estate or responding quickly to lender requests.

    2) Monitor identity activity while you manage everything else

    This is where many checklists fall short. Credit freezes and deceased flags help, but identity misuse can still surface in other ways.

    Fraud attempts may appear as:

    • Account takeovers
    • Unauthorized credit inquiries
    • Use of personal data outside traditional credit

    That is why ongoing monitoring still matters.

    Why identity theft protection helps at this stage

    Identity theft protection focuses on identity protection rather than just credit scores, which makes it especially useful after a loss.

    • Monitors for misuse tied to your loved one’s information
    • Sends alerts if something suspicious appears
    • Includes fraud support if action is needed
    • Reduces the burden of constant manual checks

    One of the best parts of my pick for top identity theft service is its all-in-one approach to safeguarding your personal and financial life. It includes identity theft insurance of up to $1 million per adult to cover eligible losses and legal fees, plus 24/7 U.S.-based fraud resolution support with dedicated case managers ready to help restore your identity fast. It also combines three-bureau credit monitoring with an instant credit lock that lets you quickly lock down your Experian file right from the app.

    See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

    3) Secure sensitive documents during estate administration

    Estate administration often requires sharing paperwork, which is where identity leaks can happen.

    Lock down and limit access to:

    • Death certificate copies
    • Social Security numbers
    • Old tax returns
    • Insurance and pension records

    Only share what is required and keep track of where documents go.

    MILLIONS OF AI CHAT MESSAGES EXPOSED IN APP DATA LEAK
     

    Person typing

    A man types on a laptop. (Kurt “CyberGuy” Knutsson)

    4) Watch mail and phone calls for warning signs

    Small signals often reveal fraud attempts early.

    Pay close attention to:

    • Bills or collection notices in their name
    • Credit card or loan offers
    • Bank or government letters you did not expect
    • Calls asking to verify personal information

    If something feels off, pause before responding and verify the source independently.

    Kurt’s key takeaways

    Protecting a loved one’s identity after death is one more responsibility no one prepares you for. It is not about mistrusting the system. It is about protecting yourself during a time when you are already carrying enough. Janet’s question reflects what many families experience quietly. Identity protection does not end when life does, and scammers know that grief creates gaps. Taking a few extra steps now can spare you months or even years of stress later. You are not being overly cautious. You are being careful at a moment when the system does not always move fast enough to keep up with real life.

    If you have handled an estate or are planning ahead, have you taken steps to protect a loved one’s identity after death, or is this something you are just learning about now? Let us know by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com. All rights reserved.  

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • AI deepfake romance scam steals woman’s home and life savings

    [ad_1]

    NEWYou can now listen to Fox News articles!

    A woman named Abigail believed she was in a romantic relationship with a famous actor. The messages felt real. The voice sounded right. The video looked authentic. And the love felt personal. 

    By the time her family realized what was happening, more than $81,000 was gone — and so was the paid-off home she planned to retire in.

    We spoke with Vivian Ruvalcaba on my “Beyond Connected” podcast about what happened to her mother and how quickly the scam unfolded. What began as online messages quietly escalated into financial ruin and the loss of a family home. Vivian is Abigail’s daughter. She is now her mother’s advocate, investigator, chief advocate and protector.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    FROM FRIENDLY TEXT TO FINANCIAL TRAP: THE NEW SCAM TREND

    Vivian Ruvalcaba says a deepfake video made the scam against her mom, Abigail, feel real, using a familiar face and voice to build trust. (Philip Dulian/picture alliance via Getty Images)

    How the scam quietly started

    The scam did not begin with a phone call or a threat. It began with a message. “Facebook is where it started,” Vivian explained. “She was directly messaged by an individual.” That individual claimed to be Steve Burton, a longtime star of “General Hospital.” Abigail watched the show regularly. She knew his face. She knew his voice.

    After a short time, the conversation moved off Facebook. “He then led her to create an account with WhatsApp,” Vivian said. “When I discovered that, and I looked at the messaging, you can see all the manipulation.”

    That shift mattered. This is a major red flag I often warn people about. When a scammer moves a conversation from a public platform like Facebook to an encrypted app like WhatsApp, it is usually deliberate and designed to avoid detection.

    Grooming through secrecy and isolation

    At first, Abigail told no one. “She was very, very secretive,” Vivian said. “She didn’t share any of this with anyone. Not my father. Not me.” 

    That secrecy was not accidental. “She was being groomed not to share this information,” Vivian explained.

    This is a tactic I see over and over again in scams like this. Once a scammer feels they have someone emotionally invested, the next step is to isolate them. They push victims to keep secrets and avoid talking to family, friends or police. When Vivian finally started asking questions, her mother reacted in a way she never had before. “She said, ‘It’s none of your business,’” Vivian said. “That was shocking.”

    The deepfake video that changed everything

    When Vivian threatened to go to the police, her mother finally revealed what had been happening. “That’s when she showed me the AI video,” Vivian said. In the clip, a man who looked and sounded like Steve Burton spoke directly to Abigail and referred to her as “Abigail, my queen.” The message felt personal. It used her name and promised love and reassurance.

    “It wasn’t grainy,” Vivian said. “To the naked eye, you couldn’t tell.” Still, Vivian sensed something was off. “I looked at it, and I knew right away,” she said. “Mom, this is not real. This is AI.”

    Her mother disagreed and argued back. She pointed to the face and the voice. She also believed the phone calls proved it. That is what makes deepfakes so dangerous. When a video looks and sounds real, it can override common sense and even years of trust within a family.

    From gift cards to life savings

    The money flowed slowly at first. A $500 gift card request raised the first alarm. Then, money orders and Zelle payments. What Vivian discovered next still haunts her. “She pulled out a sandwich baggie,” Vivian said. “About 110 gift cards ranging from $25 up to $500.” Those cards were purchased with credit cards. Cash was mailed. Bitcoin was sent. In total, the Los Angeles Police Department (LAPD) tallied the losses at $81,000. And the scam was not finished.

    A couple posing for a picture

    The scam against Abigail moved from social media to encrypted messaging, a common tactic used to avoid detection. (Kurt “CyberGuy” Knutsson)

    When the scammer took her home

    After draining Abigail’s available cash, the scam did not stop. It escalated again. The scammer began pushing her to sell the one asset she still had: her home. “He was pressing her to sell,” Vivian told me. “Because he wanted more money.” The pressure came wrapped in romance. The scammer told Abigail they would buy a beach house together and start a new life. In her mind, this was not a scam. It was a plan for the future. That belief set off a chain reaction.

    How the home sale happened so quickly

    Abigail sold her condo for $350,000, even though similar homes in the area were worth closer to $550,000 at the time. The sale happened quickly. There was no family involvement. Her husband was still living in the home, yet he did not sign the documents. “She just gave away about $200,000 in equity,” Vivian said. “They stole it.”

    What makes this even more troubling is who bought the property. According to Vivian, the buyer was a wholesale real estate company that moved fast and asked very few questions. Messages later reviewed by the family show Abigail actively trying to hide the sale from her husband. In one text exchange, she warned the buyer not to park in the driveway because her husband had access to a Ring camera. That alone should have raised concerns. Instead, the buyers went along with it. “They appeased whatever she asked for,” Vivian said. “They were getting a property she was basically giving away.”

    These buyers were not the original scammers, but they benefited from the pressure the scammer created. The scammer pushed Abigail to sell. The buyers took advantage of the situation and the deeply discounted price. The home was not extra money, it was Abigail’s retirement. It was the only real security she and her husband had after decades of work. By the time Vivian uncovered the sale, Abigail was days away from sending another $70,000 from the proceeds to the scammer. Had that transfer gone through, nearly everything would have been gone.

    This is the part of the story people struggle to process. Modern AI-driven scams are no longer limited to draining bank accounts or gift cards. They now push victims into selling real property, often with opportunistic players waiting on the other side of the deal.

    Why police and lawyers could not stop the damage

    Vivian contacted the police the same day she realized her mother was being scammed. “They assigned an investigator,” she told me. “He was already very aware of the situation and how little they can help.” That reality is difficult for families to hear, but it is common. 

    Many large-scale scams operate overseas. The money moves quickly through gift cards, wire transfers and crypto. By the time victims realize what is happening, the trail is often cold. “Most of these scammers are out of the country,” Vivian said. “No one is being held accountable.”

    When the case shifted from criminal to civil

    Law enforcement documented the losses and opened a case, but there was little they could do to recover the money or stop what had already happened. The deeper damage came from the home sale, which fell into a legal gray area far beyond a typical fraud report. Once the condo was sold, the situation shifted from a criminal scam to a complex civil fight.

    Vivian immediately began searching for legal help. The first attorneys she contacted discouraged her. One told her it could cost more than $150,000 to pursue a case. Another failed to act even after being told about Abigail’s mental illness and history of bipolar disorder. At one point, an eviction attorney testified in court that Vivian never mentioned the romance scam, something she strongly disputes.

    By March, Abigail and her husband were forced out of their home. By October, they were fully evicted and locked out. Both parents are now displaced. Abigail is living with family out of state. Her husband, now in his mid-70s, is still working because the home was his retirement. 

    It was only after reaching out through personal connections that Vivian found an attorney willing to fight. That attorney is now pursuing the case on a contingency basis, meaning the family does not pay unless there is a recovery. The legal argument centers on Abigail’s mental capacity and whether she could legally understand and execute a home sale under the circumstances. The buyers dispute that claim. The outcome will be decided in court.

    This is why stories like this rarely end with a police arrest or quick resolution. Once a scam crosses into real estate and civil law, families are often left to navigate an expensive and exhausting legal system on their own. And by then, the damage has already been done.

    Why shame keeps scams hidden

    Many victims never report scams. Only about 22% contact the FBI. Fewer than 30% reach out to their local police department. Vivian understands why that happens. “She’s ashamed,” Vivian said. “I know she is.” That shame protects scammers. Silence gives them room to move on and target the next victim.

    INSIDE A SCAMMER’S DAY AND HOW THEY TARGET YOU

    A photo of a couple sitting and smiling at the camera

    What started as online messages escalated into gift cards, lost savings and the sale of a family home. (Kurt “CyberGuy” Knutsson)

    Red flags families cannot ignore

    This case reveals warning signs every family needs to recognize early.

    Red flags to watch for

    • Sudden secrecy about finances or online activity
    • Requests for gift cards, cash or crypto
    • Pressure to move conversations to encrypted apps
    • AI videos or voice messages used as proof of identity
    • Emotional manipulation tied to urgency or romance
    • Requests to sell property or move large assets

    I want to be very clear about this. It does not matter how smart you are or how careful you think you are. You can become a victim and not realize it until it is too late.

    Tips to stay safe and protect your family

    These lessons come from both Vivian’s experience and the patterns I see repeatedly in modern scams. Some are emotional. Others are technical. Together, they can help families spot trouble sooner and limit the damage when something feels off.

    1) Watch for platform changes

    Moving a conversation from Facebook to WhatsApp or another encrypted app is not harmless. Scammers do this to avoid moderation and make messages harder to trace or flag.

    2) Question AI proof

    Deepfake videos and cloned voices can look and sound convincing. Never treat a video or voice message as proof of identity, especially when money or property is involved.

    3) Slow down major financial decisions

    Scammers create urgency on purpose. Any request involving large sums, property sales or retirement assets should pause until a trusted third party reviews it.

    4) Never send gift cards, cash or crypto

    Legitimate people do not ask for payment through gift cards or cryptocurrency. These methods are a common scam tactic because they are hard to trace and nearly impossible to recover.

    5) Talk openly as a family

    Silence helps scammers. Regular conversations about finances, online contacts and unusual requests make it easier to spot problems early and step in without shame.

    6) Reduce online exposure with a data removal service

    Scammers research their targets using public databases. They pull names, phone numbers, relatives and property records. Removing that data reduces how easily criminals can build a profile.

    While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    7) Use strong antivirus protection

    Malware links can expose financial accounts without obvious signs. Good antivirus software can block malicious links before they lead to deeper access or data theft.

    The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    8) Protect assets early

    Living trusts and proper estate planning add protection before a crisis hits. They can help prevent rushed property sales and limit who can legally move assets without oversight.

    9) Use conservatorship when capacity is limited

    “Conservatorship is the only way,” Vivian said. “Power of attorney may not be enough.” When a loved one has diminished capacity, a conservatorship adds court oversight and can stop unauthorized financial decisions before serious damage occurs.

    Kurt’s key takeaways

    This scam did not rely on sloppy emails or obvious mistakes. It used emotion, familiarity and AI that looked real. Once trust was built, the damage followed quickly. Money disappeared. Secrecy grew. Pressure increased. The home was sold. What makes this case especially painful is the speed. A few messages led to gift cards. Gift cards turned into life savings. Life savings became the loss of a home built over decades. Most families never expect this to happen. Many do not talk about it until it has already happened. The lesson is clear. Awareness matters more than intelligence. Open conversations matter more than embarrassment. Acting early matters more than trying to undo the damage later. If you want to hear Vivian tell this story in her own words and understand how fast these scams unfold, listen to our full conversation on the “Beyond Connected” podcast.

    If a deepfake video showed up on your parent’s phone tonight, would you know before everything was gone? Let us know by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com.  All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Microsoft crosses privacy line few expected

    [ad_1]

    NEWYou can now listen to Fox News articles!

    For years, we’ve been told that encryption is the gold standard for digital privacy. If data is encrypted, it is supposed to be locked away from hackers, companies and governments alike. That assumption just took a hit. 

    In a federal investigation tied to alleged COVID-19 unemployment fraud in Guam, a U.S. territory where federal law applies, Microsoft confirmed it provided law enforcement with BitLocker recovery keys. Those keys allowed investigators to unlock encrypted data on multiple laptops.

    This is one of the clearest public examples to date of Microsoft providing BitLocker recovery keys to authorities as part of a criminal investigation. While the warrant itself may have been lawful, the implications stretch far beyond one investigation. For everyday Americans, this is a clear signal that “encrypted” does not always mean “inaccessible.”

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    HACKERS ABUSE GOOGLE CLOUD TO SEND TRUSTED PHISHING EMAILS

    In the Guam investigation, Microsoft provided BitLocker recovery keys that allowed law enforcement to unlock encrypted laptops. (David Paul Morris/Bloomberg via Getty Images)

    What happened in the Guam BitLocker case?

    Federal investigators believed three Windows laptops held evidence tied to an alleged scheme involving pandemic unemployment funds. The devices were protected with BitLocker, Microsoft’s built-in disk encryption tool enabled by default on many modern Windows PCs. BitLocker works by scrambling all data on a hard drive so it cannot be read without a recovery key. 

    Users can store that key themselves, but Microsoft also encourages backing it up to a Microsoft account for convenience. In this case, that convenience mattered. When served with a valid search warrant, Microsoft provided the recovery keys to investigators. That allowed full access to the data stored on the devices. Microsoft says it receives roughly 20 such requests per year and can only comply when users have chosen to store their keys in the cloud.

    We reached out to Microsoft for comment, but did not hear back before our deadline.

    How Microsoft was able to unlock encrypted data

    According to John Ackerly, CEO and co-founder of Virtru and a former White House technology advisor, the problem is not encryption itself. The real issue is who controls the keys. He begins by explaining how convenience can quietly shift control. “Microsoft commonly recommends that users back up BitLocker recovery keys to a Microsoft account for convenience. That choice means Microsoft may retain the technical ability to unlock a customer’s device. When a third party holds both encrypted data and the keys required to decrypt it, control is no longer exclusive.”

    Once a provider has the ability to unlock data, that power rarely stays theoretical. “When systems are built so that providers can be compelled to unlock customer data, lawful access becomes a standing feature. It is important to remember that encryption does not distinguish between authorized and unauthorized access. Any system designed to be unlocked on demand will eventually be unlocked by unintended parties.”

    Ackerly then points out that this outcome is not inevitable. Other companies have made different architectural choices. “Other large technology companies have demonstrated that a different approach is possible. Apple has designed systems that limit its own ability to access customer data, even when doing so would ease compliance with government demands. Google offers client-side encryption models that allow users to retain exclusive control of encryption keys. These companies still comply with the law, but when they do not hold the keys, they cannot unlock the data. That is not obstruction. It is a design choice.”

    Finally, he argues that Microsoft still has room to change course. “Microsoft has an opportunity to address this by making customer-controlled keys the default and by designing recovery mechanisms that do not place decryption authority in Microsoft’s hands. True personal data sovereignty requires systems that make compelled access technically impossible, not merely contractually discouraged.”

    In short, Microsoft could comply because it had the technical ability to do so. That single design decision is what turned encrypted data into accessible data.

    “With BitLocker, customers can choose to store their encryption keys locally, in a location inaccessible to Microsoft, or in Microsoft’s consumer cloud services,” a Microsoft spokesperson told CyberGuy in a statement. “We recognize that some customers prefer Microsoft’s cloud storage, so we can help recover their encryption key if needed. While key recovery offers convenience, it also carries a risk of unwanted access, so Microsoft believes customers are in the best position to decide whether to use key escrow and how to manage their keys.”

    WHY CLICKING THE WRONG COPILOT LINK COULD PUT YOUR DATA AT RISK

    New CISA warning: Thanksgiving clickjacking threat in popular browsers

    When companies hold encryption keys, lawful requests can unlock far more data than most people expect. (Kurt “CyberGuy” Knutsson)

    Why this matters for data privacy

    This case has reignited a long-running debate over lawful access versus systemic risk. Ackerly warns that centralized control has a long and troubling history. “We have seen the consequences of this design pattern for more than two decades. From the Equifax breach, which exposed the financial identities of nearly half the U.S. population, to repeated leaks of sensitive communications and health data during the COVID era, the pattern is consistent: centralized systems that retain control over customer data become systemic points of failure. These incidents are not anomalies. They reflect a persistent architectural flaw.”

    When companies hold the keys, they become targets. That includes hackers, foreign governments and legal demands from agencies like the FBI. Once a capability exists, it rarely goes unused.

    How other tech giants handle encryption differently

    Apple has designed systems, such as Advanced Data Protection, where it cannot access certain encrypted user data even when served with government requests. Google offers client-side encryption for some services, primarily in enterprise environments, where encryption keys remain under the customer’s control. These companies still comply with the law, but in those cases, they do not possess the technical means to unlock the data. That distinction matters. As encryption experts often note, you cannot hand over what you do not have.

    What we can do to protect our privacy

    The good news is that personal privacy is not gone. The bad news is that it now requires intention. Small choices matter more than most people realize. Ackerly says the starting point is understanding control. “The main takeaway for everyday users is simple: if you don’t control your encryption keys, you don’t fully control your data.”

    That control begins with knowing where your keys are stored. “The first step is understanding where your encryption keys live. If they’re stored in the cloud with your provider, your data can be accessed without your knowledge.”

    Once keys live outside your control, access becomes possible without your consent. That is why the way data is encrypted matters just as much as whether it is encrypted. “Consumers should look for tools and services that encrypt data before it reaches the cloud — that way, it is impossible for your provider to hand over your data. They don’t have the keys.” Defaults are another hidden risk. Many people never change them. “Users should also look to avoid default settings designed for convenience. Default settings matter, and when convenience is the default, most individuals will unknowingly trade control for ease of use.”

    When encryption is designed so that even the provider cannot access the data, the balance shifts back to the individual. “When data is encrypted in a way that even the provider can’t access, it stays private — even if a third party comes asking. By holding your own encryption keys, you’re eliminating the possibility of the provider sharing your data.” Ackerly says the lesson is simple but often ignored. “The lesson is straightforward: you cannot outsource responsibility for your sensitive data and assume that third parties will always act in your best interest. Encryption only fulfills its purpose when the data owner is the sole party capable of unlocking it.” Privacy still exists. It just no longer comes by default.

    700CREDIT DATA BREACH EXPOSES SSNS OF 5.8M CONSUMERS

    Person holds a phone

    Reviewing default security and backup settings can help you keep control of your private data. (Kurt “CyberGuy” Knutsson)

    Practical steps you can take today

    You do not need to be a security expert to protect your data. A few practical checks can go a long way.

    1) Start by checking where your encryption keys live

    Many people do not realize that their devices quietly back up recovery keys to the cloud. On a Windows PC, sign in to your Microsoft account and look under device security or recovery key settings. Seeing a BitLocker recovery key listed online means it is stored with Microsoft. 

    For other encrypted services, such as Apple iCloud backups or Google Drive, open your account security dashboard and review encryption or recovery options. Focus on settings tied to recovery keys, backup encryption, or account-based access. When those keys are linked to an online account, your provider may be able to access them. The goal is simple. Know whether your keys live with you or with a company.

    2) Avoid cloud-based key backups unless you truly need them

    Cloud backups are designed for convenience, not privacy. If possible, store recovery keys offline. That can mean saving them to a USB drive, printing them and storing them in a safe place, or using encrypted hardware you control. The exact method matters less than who has access. If a company does not have your keys, it cannot be forced to turn them over.

    3) Choose services that encrypt data before it reaches the cloud

    Not all encryption works the same way, even if companies use similar language. Look for services that advertise end-to-end or client-side encryption, such as Signal for messages, or Apple’s Advanced Data Protection option for iCloud backups. These services encrypt your data on your device before it is uploaded, which means the provider cannot read it or unlock it later. Here is a simple rule of thumb. If a service can reset your password and restore all your data without your involvement, it likely holds the encryption keys. That also means it could be forced to hand over access. When encryption happens on your device first, providers cannot unlock your data because they never had the keys to begin with. That design choice blocks third-party access by default.

    4) Review default security settings on every new device

    Default settings usually favor convenience. That can mean easier recovery, faster syncing and weaker privacy. Take five minutes after setup and lock down the basics.

    iPhone: tighten iCloud and account recovery

    Turn on Advanced Data Protection for iCloud (strongest iCloud protection)

    • Open Settings
    • Tap your name
    • Tap iCloud
    • Scroll down and tap Advanced Data Protection
    • Tap Turn On Advanced Data Protection
    • Follow the prompts to set up Account Recovery options, like a Recovery Contact or Recovery Key

    Review iCloud Backup

    • Open Settings
    • Tap your name
    • Tap iCloud
    • Tap iCloud Backup
    • Decide if you want it on or off, based on your privacy comfort level

    Strengthen your Apple ID security

    • Open Settings
    • Tap your name
    • Tap Sign-In & Security
    • Make sure Two-Factor Authentication (2FA) is turned on and review trusted phone numbers and devices
    • Review trusted phone numbers and devices

    Android: lock your Google account and backups

    Review and control device backup

    Settings may vary depending on your Android phone’s manufacturer.

    • Open Settings
    • Tap Google
    • Tap Backup (or All services then Backup)
    • Tap Manage backup
    • Choose what backs up and confirm which Google account stores it

    NEW ANDROID MALWARE CAN EMPTY YOUR BANK ACCOUNT IN SECONDS

    Strengthen your screen lock, since it protects the device itself

    Settings may vary depending on your Android phone’s manufacturer.

    • Open Settings
    • Tap Security or Security & privacy
    • Set a strong PIN or password
    • Turn on biometrics if you want, but keep the PIN strong either way

    Secure your Google account

    Settings may vary depending on your Android phone’s manufacturer.

    • Open Settings
    • Tap Google
    • Tap Manage your Google Account
    • Go to Security
    • Turn on 2-Step Verification and review recent security activity

    Mac: enable FileVault and review iCloud settings

    Turn on FileVault disk encryption

    • Click the Apple menu
    • Select System Settings
    • Click Privacy & Security
    • Scroll down and click FileVault
    • Click Turn On
    • Save your recovery method securely

    Review iCloud syncing

    • Open System Settings
    • Click your name
    • Click iCloud
    • Review what apps and data types sync
    • Turn off anything you do not want stored in the cloud

    Windows PC: check BitLocker and where the recovery key is stored

    Confirm BitLocker status and settings

    • Open Settings
    • Go to Privacy & security
    • Tap Device encryption or BitLocker (wording varies by device)

    Check whether your BitLocker recovery key is stored in your Microsoft account

    • Go to your Microsoft account page
    • Open Devices
    • Select your PC
    • Look for Manage recovery keys or a BitLocker recovery key entry
    • If you see a key listed online, it means the key is stored with Microsoft. That is why Microsoft was able to provide keys in the Guam case.

    If your account can recover everything with a few clicks, a third party might be able to recover it too. Convenience can be helpful, but it can also widen access.

    5) Treat convenience features as privacy tradeoffs

    Every shortcut comes with a cost. Before enabling a feature that promises easy recovery or quick access, pause and ask one question. If I lose control of this account, who else gains access? If the answer includes a company or third party, decide whether the convenience is worth it. 

    These steps are not extreme or technical. They are everyday habits. In a world where lawful access can quietly become routine access, small choices now can protect your privacy later.

    Strengthen protection beyond encryption

    Encryption controls who can access your data, but it does not stop every real-world threat. Once data is exposed, different protections matter.

    Strong antivirus software adds device-level protection

    Strong antivirus software helps block malware, spyware and credential-stealing attacks that can bypass privacy settings altogether. Even encrypted devices are vulnerable if malicious software gains control before encryption comes into play.

    The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com

    An identity theft protection service helps when exposure turns into fraud

    If personal data is accessed, sold, or misused, identity protection services can monitor for suspicious activity, alert you early and help lock down accounts before damage spreads. Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

    See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

    Kurt’s key takeaways

    Microsoft’s decision to comply with the BitLocker warrant may have been legal. That doesn’t make it harmless. This case exposes a hard truth about modern encryption. Privacy depends less on the math and more on how systems are built. When companies hold the keys, the risk falls on the rest of us.

    Do you trust tech companies to protect your encrypted data, or do you think that responsibility should fall entirely on you? Let us know by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2026 CyberGuy.com.  All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link