The post From friendly text to financial trap: the new scam trend appeared first on My Blog.
]]>That’s exactly what happened to John from Alabama.
“I received a text from someone in California inviting me to a BBQ. We’ve been texting, and now she wants me to trade gold through WEEX. Is this safe or a scam? I’m 74, she’s 36.” – John, Huntsville, Alabama
John’s story may sound like a one-off, but it’s part of a growing trend where scammers use personal charm to build trust and then push victims into risky online “investments.”
SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKS
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join myCyberGuy.com newsletter
It only takes one text message to blur the line between connection and con. (Kurt "CyberGuy" Knutsson)
What is WEEX?
WEEX is a cryptocurrency exchange that allows users to trade digital assets, including gold-backed tokens like Tether Gold (XAUT). These aren’t physical gold bars or coins; they’re digital tokens tied to the price of gold and stored on blockchain networks. While WEEX operates as a legitimate platform, scammers often exploit the name of real exchanges to sound credible. They’ll encourage victims to “trade gold” through what seems like an official account but actually directs them to fake sites or wallets designed to steal money.
Why this could be a scam
John’s experience shows several red flags. The conversation began with a friendly invitation, then quickly shifted to a financial pitch. That’s a classic move in online relationship scams. The younger person builds an emotional connection, then uses that trust to promote an “opportunity.” Scammers often promise guaranteed profits or claim they’ll “help you trade” to make the process sound easy.
But the truth is, once you send money or crypto, it’s nearly impossible to get it back. Even if WEEX itself is legitimate, the person encouraging you to use it may not be.
Many scammers use stolen photos, AI-generated profiles or fake identities to build credibility. Once they convince you to send funds, they vanish, often taking your money and personal information with them.
Scammers use friendly conversations to build trust before asking for money. Stay alert. (Kurt "CyberGuy" Knutsson)
How to tell if you’re being targeted
You can spot trouble early by asking simple questions. If someone can’t explain how the investment works or avoid details about how to withdraw your money, that’s a warning sign. Be cautious if they promise fast profits or “zero-risk” returns.
Real investments always involve risk. Watch out for anyone who pressures you to act quickly or says the deal is “private.” Those urgency tactics are designed to keep you from thinking clearly.
Also, look up the company behind the platform. If it’s based overseas, lacks clear business registration or hides its address, your funds may have no legal protection.
WHATSAPP BANS 6.8M SCAM ACCOUNTS, LAUNCHES SAFETY TOOL
Scams often start with small talk, and even a simple “How about golf tomorrow?” can be a trap. (Kurt "CyberGuy" Knutsson)
What you should do now
If you’ve received a text like John’s, pause before replying or transferring anything. These scams move fast, but you can stop them in their tracks by following a few smart steps.
1) Don’t send money or crypto
Never send money, crypto or gift cards to anyone you’ve only met by text. Ask for written proof explaining how the investment works and how withdrawals happen. If the person avoids details or insists you “act now,” that’s a serious warning sign.
2) Ask direct questions
Scammers thrive on vague promises. Ask specific questions about how profits are made, how you’ll access your funds and who regulates the platform. If the answers are unclear or the topic changes, walk away immediately.
3) Research WEEX reviews and complaints
Before you invest a cent, search online for phrases like “WEEX scam” or “WEEX complaints.” See what other users have experienced and whether any regulatory agencies have flagged the platform. Real investors leave detailed feedback; scammers usually don’t.
4) Use a data removal service
Protect your privacy beyond just this scam. Data removal services can erase your personal details from data broker sites that sell your info to marketers and sometimes scammers. The fewer places your data lives online, the harder it is for fraudsters to find and target you again.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice.They aren’t cheap, and neither is your privacy.These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet.By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visitingCyberGuy.com.
Get a free scan to find out if your personal information is already out on the web:CyberGuy.com
5) Use strong antivirus protection
Scammers sometimes send fake links or attachments that can infect your phone or computer. Install and regularly run a strong antivirus software. These tools can block dangerous websites, alert you to phishing attempts and keep your personal data secure.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices atCyberGuy.com
6) Talk to someone you trust
Before investing in anything, share the details with a trusted friend, family member or financial advisor. A second opinion can help you spot inconsistencies or risks you might overlook in the moment. When in doubt, slow down and ask for help.
A friendly “wrong number” text can be the start of a scam. Always think twice before replying. (Kurt "CyberGuy" Knutsson)
How to report a scam
If you believe you’ve been targeted by a WEEX gold scam or any similar text-based investment scheme, take action right away. Start by reporting the scam to the Federal Trade Commission (FTC) at reportfraud.ftc.gov. This helps investigators track new fraud patterns and warn others.
Next, file a complaint with your state attorney general’s office and, if crypto is involved, submit a report through the U.S. Securities and Exchange Commission (SEC) or the Commodity Futures Trading Commission (CFTC).
If you sent money through a bank or payment app, contact your financial institution immediately to try to stop or reverse the transfer.
By reporting what happened, you not only protect yourself but also help stop scammers from reaching other potential victims.
CLICK HERE TO GET THE FOX NEWS APP
Kurt’s key takeaways
These scams prey on emotion. A kind message or casual chat can quickly turn into manipulation. Scammers use friendliness, flattery and false urgency to pull you in, then drain your accounts. Older adults are particularly vulnerable, especially when the scam feels personal. By blending romance with financial advice, these criminals make their victims believe they’re building both trust and wealth. Protect yourself by treating every unexpected text with caution. If the conversation moves toward money, crypto, or gold trading, that’s your cue to stop responding. Keep your devices secure and your private data off public sites where scammers look for new targets.
Have you ever received a text that seemed friendly at first but felt “off” as the chat went on? Let us know by writing to us atCyberGuy.com.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join myCyberGuy.com/Newsletter
Copyright 2025 CyberGuy.com.All rights reserved.
Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
The post From friendly text to financial trap: the new scam trend appeared first on My Blog.
]]>The post Spotify gives parents new power to control what their kids hear on streaming platform appeared first on My Blog.
]]>Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join myCYBERGUY.COM newsletter.
TEENS FACE NEW PG-13 LIMITS ON INSTAGRAM
A safer way for kids to explore music
Spotify’s new managed accounts are built for kids under 13. They offer a music-only experience inside the main Spotify app. Parents can use their Family Plan settings to filter explicit lyrics, block certain artists or songs and hide videos or looping visuals called Canvas. Unlike the limited Spotify Kids app, these accounts exist within the regular Spotify platform. Kids get a familiar interface with features like Discover Weekly and Daylist, but with restrictions that fit their age.
Parents can now guide what their kids listen to while enjoying music together on Spotify. (Spotify)
How managed accounts work
Premium Family subscribers can set up a managed account directly from their Spotify settings. Choose“Add a Member,” then select “Add a listener aged under 13.” Parents control what content plays, while kids build their own playlists and get personalized recommendations based on their listening habits. This separation keeps parents’ Discover Weekly and Wrapped playlists clean from unexpected surprises like a sudden obsession with gaming soundtracks or silly meme songs.
META STRENGTHENS TEEN SAFETY WITH EXPANDED ACCOUNTS
Managed accounts make family streaming safer, simpler and more personalized for young listeners. (Spotify)
Why this matters for parents
For years, parents have struggled to give kids music freedom while keeping explicit content away. This update finally solves that challenge. Managed accounts let parents turn off videos, block podcasts and make sure no age-restricted content slips through. It provides peace of mind for families who love streaming music together.
Kids get their own playlists and recommendations without changing what parents hear. (Spotify)
What this means for you
If you already subscribe to the Premium Family plan, this update adds even more value. You still get six individual accounts, and now you can include a customized child account. Parents can share their favorite songs safely while using filters that protect young listeners. Kids get the freedom to explore new music and create playlists without affecting the main account’s recommendations.
Take my quiz: How safe is your online security?
Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here:Cyberguy.com
Spotify’s new tools give families more control and more ways to connect through music. (Spotify)
CLICK HERE TO GET THE FOX NEWS APP
Kurt’s key takeaways
Spotify’s expansion of managed accounts is a smart move toward safer, family-friendly streaming. It protects young listeners while helping them build their own love for music. With strong parental controls built right into the app, families can enjoy listening together with confidence and ease.
Will you set up a Spotify managed account for your child, or keep family listening under one shared profile? Let us know by writing to us atCyberguy.com.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join myCYBERGUY.COM newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
The post Spotify gives parents new power to control what their kids hear on streaming platform appeared first on My Blog.
]]>The post Delete the fake VPN app stealing Android users' money appeared first on My Blog.
]]>One of the newest threats comes in the form of malicious apps that appear legitimate but can take full control of your device. Security researchers are now warning Android users to delete a fake VPN and streaming app that can allow criminals to take over your phone and drain your bank account.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join myCYBERGUY.COMnewsletter.
How Klopatra infects devices
The malicious VPN and streaming app is called Mobdro Pro IP TV + VPN, and it was recently discovered by researchers at Cleafy. Once you install the app, it drops a malware strain called Klopatra. It’s a new and highly sophisticated Android malware currently being used in active campaigns targeting financial institutions and their customers.
THIS CHROME VPN EXTENSION SECRETLY SPIES ON YOU
Fake VPN apps can hide dangerous malware that steals your data and money. (iStock)
At first glance, the app looks like a free streaming platform offering high-quality channels, which makes it appealing to Android users. Once installed, though, it deploys a banking Trojan and a remote-access tool that give attackers full control over the infected device. With that level of access, criminals can steal your banking credentials and even carry out fraudulent transactions without your knowledge.
The infection chain is carefully planned. It starts with social engineering, tricking you into downloading and installing the app from outside the official Play Store. From there, Klopatra bypasses Android’s built-in protections and reaches deep into the system to gain persistence and control.
HACKERS PUSH FAKE APPS WITH MALWARE IN GOOGLE SEARCHES
The Klopatra Trojan gives hackers full control of infected Android devices. (Kurt "CyberGuy" Knutsson)
Fake VPNs are a growing problem
VPNs are widely promoted as privacy tools that hide your IP address and encrypt internet traffic. Millions rely on them to bypass geographic restrictions, protect sensitive communications or simply browse more securely. Yet not all VPNs are trustworthy. Various studies have proved that popular commercial VPNs have alarming shortcomings. Some use protocols that are not designed to protect privacy, obscure ownership or fail to encrypt traffic properly.
When fake apps like Mobdro are combined with these weaknesses, users are left exposed. Criminals exploit both the popularity of VPNs and the prevalence of pirated streaming services to distribute malware effectively. This growing ecosystem of risky apps underscores how important it is to research, verify and only download software from reputable sources.
SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKS
Stay safe by downloading apps only from trusted sources and keeping your phone updated. (Kurt "Cyberguy" Knutsson)
9 steps you can take to protect yourself
If you suspect that you’ve downloaded a fake app from the internet, there’s no need to panic. The steps below will help you stay protected and keep your data safe.
1) Stick to trusted sources
Only download VPNs, streaming services and apps from Google Play, Apple App Store or the official developer’s website. Avoid links in forums, social media messages or emails promising free content.
2) Check app permissions
Carefully review what access an app requests. If it asks for control over your device, settings or accessibility services unnecessarily, do not install it. Legitimate VPNs rarely require full device control.
3) Use a secure VPN
When choosing a VPN, opt for one with strong privacy policies, transparent ownership and robust encryption. A secure VPN ensures your connection remains private without giving attackers a foothold.
For the best VPN software, see my expert review of the best VPNs for browsing the web privately on yourWindows, Mac, Android & iOS devices atCyberguy.com
4) Install strong antivirus software
A strong antivirus on your device can detect malware and suspicious behavior before damage occurs. These services can scan new downloads and provide ongoing protection.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices atCyberguy.com
5) Monitor your accounts
Banking Trojans target sensitive credentials. Identity monitoring services can alert you if your personal information appears online or is being misused, helping you respond before harm is done. Identity Theft companies can monitor personal information like your Social Security number (SSN), phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
See my tips and best picks on how to protect yourself from identity theft atCyberguy.com
6) Remove the malicious app immediately
If you discover a suspicious app on your Android device, remove it right away.
Settings may vary depending on your Android phone’s manufacturer.
Open SettingsClick Apps and locate the fake app.Tap Uninstall to remove it from your device.If the uninstall option is unavailable, restart your phone in Safe Mode and try again.After removal, run a full antivirus scan to delete any remaining malware components.
7) Keep devices updated
Regular system updates patch security vulnerabilities that malware like Klopatra exploits. Combined with antivirus protection, this significantly reduces the chance of infection.
8) Change passwords and enable 2FA
Once your device is secure, update your login credentials.
Change passwords for banking, email, and Google accounts immediately. Consider using a password manager to generate and store complex passwords. Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/PasswordsTurn on two-factor authentication (2FA) for extra protection.Use an authenticator app instead of text messages for better security.
This step helps protect your accounts if hackers steal your credentials.
9) Report the malicious app
Finally, take steps to protect others and report the threat.
Report the fake app to Google Play Protect or your antivirus provider.If your bank details were exposed, contact your bank’s fraud department immediately.Reporting helps cybersecurity teams track and block similar fake VPNs in the future.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Kurt’s key takeaway
Fake VPNs and streaming apps exploit your trust and the gaps in app verification processes, showing that even tech-savvy individuals can fall victim. While official stores offer a layer of protection, you must remain vigilant, check permissions and rely on reputable security tools. Never download anything from the random links you see on the internet.
Do you think Google is doing enough to prevent malware from entering the Android OS? Let us know by writing to us atCyberguy.com
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join myCYBERGUY.COMnewsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
The post Delete the fake VPN app stealing Android users' money appeared first on My Blog.
]]>The post Examining the next threat from Communist China: Our healthcare system appeared first on My Blog.
]]>In recent years, we have seen growing agreement among lawmakers that the CCP is actively working against the security of the U.S. Whether through coercive trade practices, espionage, military aggression or technology theft, the CCP is intent on undermining American strength.
President Donald Trump has rightly identified our nation’s increased dependence on Chinese companies as a clear threat to national security. In response, he has taken action to rebuild our domestic industrial manufacturing bases. This is especially true in critical security industries like defense, nuclear development, pharmaceutical manufacturing and data center infrastructure.
Chinese President Xi Jinping speaks during his joint press conference with Hungarian Prime Minister Viktor Orban in Budapest, Hungary, May 9, 2024. (Szilard Koszticsak/MTI via AP)
The Trump administration should now look at medical devices.This lesser-known threat to American privacy and security lurks within our hospitals, healthcare facilities and even in the homes of everyday Americans. Used to treat patients, monitor patient health and inform medical decisions made by healthcare professionals, medical devices are critical tools used in the everyday care of our most vulnerable members of society.
CHINA’S MALIGN INFLUENCE TOUCHES EVERY ASPECT OF US LIFE. WE ALL NEED TO HELP STOP THEM
It is no wonder, then, that medical devices made by Chinese companies not only have the potential to take advantage of that intimate access, but have already been shown to exploit those vulnerabilities to gain access to the personal, private data of American patients.
Just this month, it was reported that medical hardware from Shanghai-based United Imaging has been installed in some of the country’s top research labs. In some instances, these labs were even funded by the National Institutes of Health (NIH). Not only has a United Imaging devicebeen usedat a Chinese military hospital, but United Imaging has alsoworked withthe state-runChinese Academy of Sciences. Andaccording to the FBI, the companywas allegedto have bribedemployees working at an NIH-funded lab to back-channel non-public information about their research. One researcher, a Chinese citizen, pleaded guilty to making false statements in financial disclosure forms to the NIH.
Video
Earlier this year, the Food and Drug Administration (FDA) issued a warning about a patient monitor made by Chinese-based company Contec, specifically calling attention to a software backdoor on the device that once connected to the internet “begins gathering patient data, including personally identifiable information (PII) and protected health information (PHI), and exfiltrating (withdrawing) the data outside of the health care delivery environment.”
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) followed up with its own report, saying that the backdoor enabled remote actors to engage in “remote code execution and device modification with the ability to alter its configuration.”
FIVE WAYS AMERICA CAN STOP A NEW COLD WAR WITH CHINA FROM TURNING HOT
Far from being an idle threat, CISA explained that this vulnerability in a machine that monitors and displays critical information like electrocardiograms and blood pressure could result in life-or-death consequences: “This introduces risk to patient safety as a malfunctioning monitor could lead to improper responses to vital signs displayed by the device.”
Medical devices made by Chinese companies have quietly made their way into many hospitals and clinics in the United States, bringing with them hidden risks that are waiting to be abused by the CCP.
Video
First, patient privacy is compromised when unknown actors can access and siphon the most sensitive and confidential data from every patient in America, undermining the very foundation of trust in our healthcare system.
Compounded with the fact that Chinese law compels Chinese companies to cooperate and share information with the CCP and that China prizes big data and is gathering information on individuals around the world, we can be assured that whatever private information is gathered on American patients is not in our national interest.
CLICK HERE FOR MORE FOX NEWS OPINION
Second, we cannot trust that information siphoning will not escalate to more serious tactics that put patient lives at risk. Remote access to medical devices could result in real-world harm to patients if those devices were reconfigured to display false information that then led to unnecessary and harmful medical interventions.
Video
Third, the U.S. healthcare system is becoming too dependent on Chinese companies to run our hospitals. It does not take much of a leap to think about what would happen if the CCP decided to cut off the supply of medical devices. Just like critical minerals, energy or military equipment, depending on Chinese companies for medical devices is a clear threat to American security.
What these threats amount to is that the U.S. can no longer blindly outsource medical devices – some of our most vital and sensitive equipment – to companies that operate at the behest of foreign adversarial governments like the CCP. It is critical that America has a domestic supply chain of medical devices.
CLICK HERE TO GET THE FOX NEWS APP
Now is the time that lawmakers, both at the federal and state level, take this threat seriously and take meaningful steps to reduce the risks posed by these medical devices.
Protecting Americans from threats to their health and security should be an easy, bipartisan win.
CLICK HERE TO READ MORE FROM CHAD WOLF
Chad F. Wolf is the founder and CEO of Wolf Global Advisors and a senior advisor to the Protecting America Initiative. He previously served as the acting secretary of Homeland Security during the first Trump administration.
The post Examining the next threat from Communist China: Our healthcare system appeared first on My Blog.
]]>The post Scammers target retirees with election tricks and fake polling updates ahead of Nov 4 vote appeared first on My Blog.
]]>What many don’t realize is that public voter registration data is one of the biggest tools fraudsters use. With elections coming up on Nov. 4, scammers are already scraping these records and using them to create targeted scams. If you’re a retiree or helping a parent or loved one prepare to vote, here’s how to stay safe.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join myCYBERGUY.COMnewsletter
Why voter records are public and risky
HOW SCAMMERS TARGET YOU EVEN WITHOUT SOCIAL MEDIA
Every state in the U.S. keeps voter registration lists. These include personal details like:
Full nameHome addressPhone number (in some states)Political party affiliationVoting history (whether you voted, not who you voted for).
Scammers are targeting retirees with fake election messages and calls. (Getty Images)
While these lists are meant for transparency, they’re often made available online or sold in bulk. Data brokers scoop them up, combine them with other records and suddenly scammers have a detailed profile of you: your age, address and voting habits. For retirees, this exposure is especially dangerous. Why? Because seniors are less likely to know that this information is floating around, making scams seem more convincing.
You can easily check where your personal information is exposed with a free data exposure scanner.
Get a free scan to find out if your personal information is already out on the web:Cyberguy.com
Scams targeting retirees before Nov. 4
Here are the most common election-season cons fraudsters are already running:
1) Fake “polling place” updates
You might get a call, text or email saying your polling location has changed. Scammers may then direct you to a fake site that asks for your Social Security number or ID details “to confirm eligibility.”
2) “Voter ID update” messages
Since some states require voter ID, scammers will pose as election officials, claiming your ID is “out of date” or that you must upload personal documents. These go straight into the wrong hands.
RETIREES LOSE MILLIONS TO FAKE HOLIDAY CHARITIES AS SCAMMERS EXPLOIT SEASONAL GENEROSITY
3) Donation scams
Criminals set up fake political donation sites with names resembling real campaigns. Retirees who are politically active or generous with causes are prime targets here.
4) Absentee ballot phishing
Scammers know many seniors vote by mail. They’ll send emails offering to “help” with requests or track your ballot while stealing your personal data in the process.
Red flags to watch out for
Public voter data can make it easy for fraudsters to create convincing scams. (CyberGuy.com)
Scammers use clever tricks to make their messages seem urgent and official. Here are the warning signs that should make you pause before responding.
Urgency: “Act now or lose your right to vote.” Scammers use deadlines to scare you.Unusual payment requests: No legitimate election office will ever ask for payment to vote or register.Strange links: If you’re asked to click on a link from a text or email, stop. Always go directly to your state’s official election website instead.Requests for sensitive info: Election officials don’t need your Social Security number or bank account details.
How retirees can stay safe this election season
Protecting yourself doesn’t mean opting out of civic life. It means taking a few smart steps:
1) Reduce your data footprint
This one matters most. The less personal data available about you, the fewer opportunities scammers have to trick you during election season. When they can view your age, address and even your voting history, they can craft messages that sound alarmingly real. The good news is you can take control and limit what’s out there.
Reaching every voter data broker or people-search site on your own is nearly impossible, and most make the process intentionally difficult. That’s why data removal services can help. They automatically send removal requests to hundreds of data-broker sites and keep monitoring to ensure your information doesn’t return. The result is fewer scam calls, fewer phishing emails and far less risk this election season.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice.They aren’t cheap, and neither is your privacy.These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet.By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
REMOVE YOUR DATA TO PROTECT YOUR RETIREMENT FROM SCAMMERS
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visitingCyberguy.com
Get a free scan to find out if your personal information is already out on the web:Cyberguy.com
2) Confirm only through official sources
If you get a message about your polling place, ignore any links and call your local election office directly. Each state also has an official website you can trust.
3) Sign up for ballot tracking
Many states offer secure ballot tracking online. Use only the official election site, not third-party services.
4) Freeze your credit
Since scammers use voter data to impersonate you, a credit freeze stops them from opening new accounts in your name. Retirees who don’t need frequent new credit are especially good candidates for this protection.
Taking steps to remove your personal info online helps keep your vote and data safe. (Kurt "CyberGuy" Knutsson)
5) Be wary of political donation sites
If you want to donate, type the campaign’s official website into your browser instead of clicking a link in an email or social media ad.
Kurt’s key takeaway
Voting is one of the most important rights we have. But this year, scammers will use public voter data to exploit retirees like never before. Don’t let them steal your peace of mind. By spotting the red flags, sticking to official election sources and removing your personal data from the web, you can protect yourself and your vote.
CLICK HERE TO GET THE FOX NEWS APP
Have you or someone you know received a suspicious message about voting or donations? How did you realize or suspect that it was a scam? Let us know by writing to us atCyberguy.com
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join myCYBERGUY.COMnewsletter
Copyright 2025 CyberGuy.com. All rights reserved.
Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
The post Scammers target retirees with election tricks and fake polling updates ahead of Nov 4 vote appeared first on My Blog.
]]>The post Payroll scam hits US universities as phishing wave tricks staff appeared first on My Blog.
]]>Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join myCYBERGUY.COM. newsletter.
SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKS
How does the university payroll scam work
According to Microsoft Threat Intelligence, Storm-2657 primarily targets Workday, a widely used human resources platform, though other payroll and HR software could be at risk as well. The attackers begin with highly convincing phishing emails, carefully crafted to appeal to individual staff members. Some messages warn of a sudden campus illness outbreak, creating a sense of urgency, while others claim that a faculty member is under investigation, prompting recipients to check documents immediately. In some cases, emails impersonate the university president or HR department, sharing “important” updates about compensation and benefits.
Phishing scams are evolving fast, and now universities have become prime targets for payroll theft. (Kurt "CyberGuy" Knutsson)
These emails contain links designed to capture login credentials and multi-factor authentication (MFA) codes in real time using adversary-in-the-middle techniques. Once a staff member enters their information, the attackers can access the account as if they were the legitimate user. After gaining control, the hackers set up inbox rules to delete Workday notifications, so the victims do not see alerts about changes. This stealthy approach allows the attackers to modify payroll profiles, adjust salary payment settings and redirect funds to accounts they control, all without raising immediate suspicion.
COLUMBIA UNIVERSITY DATA BREACH HITS 870,000 PEOPLE
Hackers are exploiting universities at scale
The hackers don’t stop at a single account. Once they control one mailbox, they use it to spread the attack further. Microsoft reports that from just 11 compromised accounts at three universities, Storm-2657 sent phishing emails to nearly 6,000 email addresses at 25 institutions. By using trusted internal accounts, their emails appear more legitimate, increasing the likelihood that recipients will fall for the scam.
To maintain access over time, the attackers sometimes enroll their own phone numbers as MFA devices, either through Workday profiles or through Duo MFA. This gives them persistent access, allowing them to approve further malicious actions without needing to phish again. Combined with inbox rules that hide notifications, this strategy lets them operate undetected for longer periods.
Microsoft emphasizes that these attacks don’t exploit a flaw in Workday itself. Instead, they rely on social engineering, the absence of strong phishing-resistant MFA and careful manipulation of internal systems. In essence, the threat comes from human behavior and insufficient protection, not software bugs.
Hackers lure staff with convincing emails that mimic campus alerts or HR updates and steal login details in real time. (Microsoft)
6 ways to stay safe from payroll and phishing scams
Protecting yourself from payroll and phishing scams isn’t complicated. By taking a few careful steps, you can make it much harder for attackers to gain access to your accounts or personal information.
1) Limit what personal information is online
The more information scammers can find about you, the easier it is to craft convincing phishing messages. Services that remove or monitor personal data online can reduce exposure, making it harder for attackers to trick you with targeted emails.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visitingCyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com
2) Think before you click
Scammers often send emails that look like they come from your HR department or university leadership, warning about payroll, benefits or urgent issues. Don’t click links or download attachments unless you are 100% sure they are legitimate. Even small mistakes can give attackers access to your accounts.
The best way to safeguard yourself from malicious links is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices atCyberguy.com.
Researchers have discovered that since March 2025, a hacking group known as Storm-2657 has been running “pirate payroll” attacks, using phishing tactics to gain access to payroll accounts. (Javi Sanz/Getty Images)
3) Verify directly with the source
If an email mentions salary changes or requires action, call or email the HR office or the person directly, using contact information you already know. Phishing emails are designed to create panic and rush decisions, so taking a moment to verify can stop attackers in their tracks.
4) Use strong, unique passwords
Never reuse passwords across multiple accounts. Scammers often try to use credentials stolen from other breaches. A password manager can help you generate strong passwords and store them securely, so you don’t have to remember dozens of different combinations.
Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords, and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2025 atCyberguy.com.
5) Enable two-factor authentication (2FA)
Add an extra layer of security by enabling2FA on all accounts that support it. This means even if someone steals your password, they still can’t log in without a second verification step, such as a code sent to your phone.
6) Regularly check financial and payroll accounts
Even if you follow all precautions, it’s smart to monitor your accounts for any unusual activity. Catching unauthorized transactions quickly can prevent bigger losses and alert you to potential scams before they escalate.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Hackers will reroute payments after gaining access to users’ login information. (Kurt "CyberGuy" Knutsson)
Kurt’s key takeaway
The Storm-2657 attacks show that cybercriminals are targeting trust, not software. Universities are appealing because payroll systems handle money directly, and staff can be manipulated through well-crafted phishing. The scale and sophistication of these attacks highlight how vulnerable even well-established institutions can be to financially motivated threat actors.
How often do you check your payroll or bank accounts for unusual activity? Let us know by writing to us atCyberguy.com.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join myCYBERGUY.COM. newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
The post Payroll scam hits US universities as phishing wave tricks staff appeared first on My Blog.
]]>The post Teen sues AI tool maker over fake nude images appeared first on My Blog.
]]>The case has drawn national attention because it shows how AI can invade privacy in harmful ways. The lawsuit was filed to protect students and teens who share photos online and to show how easily AI tools can exploit their images.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join myCYBERGUY.COM newsletter.
LEAKED META DOCUMENTS SHOW HOW AI CHATBOTS HANDLE CHILD EXPLOITATION
How the fake nude images were created and shared
When she was 14, the plaintiff posted a few photos of herself on social media. A male classmate used an AI tool called ClothOff to remove her clothing in one of those pictures. The altered photo kept her face, making it look real.
The fake image quickly spread through group chats and social media. Now 17, she is suing AI/Robotics Venture Strategy 3 Ltd., the company that operates ClothOff. A Yale Law School professor, several students and a trial attorney filed the case on her behalf.
A New Jersey teen is suing the creators of an AI tool that made a fake nude image of her. (iStock)
The suit asks the court to delete all fake images and stop the company from using them to train AI models. It also seeks to remove the tool from the internet and provide financial compensation for emotional harm and loss of privacy.
The legal fight against deepfake abuse
States across the U.S. are responding to the rise of AI-generated sexual content. More than 45 states have passed or proposed laws to make deepfakes without consent a crime. In New Jersey, creating or sharing deceptive AI media can lead to prison time and fines.
At the federal level, the Take It Down Act requires companies to remove nonconsensual images within 48 hours after a valid request. Despite new laws, prosecutors still face challenges when developers live overseas or operate through hidden platforms.
APPARENT AI MISTAKES FORCE TWO JUDGES TO RETRACT SEPARATE RULINGS
The lawsuit aims to stop the spread of deepfake “clothes-removal” apps and protect victims’ privacy. (iStock)
Why legal experts say this case could set a national precedent
Experts believe this case could reshape how courts view AI liability. Judges must decide whether AI developers are responsible when people misuse their tools. They also need to consider whether the software itself can be an instrument of harm.
The lawsuit highlights another question: How can victims prove damage when no physical act occurred, but the harm feels real? The outcome may define how future deepfake victims seek justice.
Is ClothOff still available?
Reports indicate that ClothOff may no longer be accessible in some countries, such as the United Kingdom, where it was blocked after public backlash. However, users in other regions, including the U.S., still appear able to reach the company’s web platform, which continues to advertise tools that “remove clothes from photos.”
On its official website, the company includes a short disclaimer addressing the ethics of its technology. It states, “Is it ethical to use AI generators to create images? Using AI to create ‘deepnude’ style images raises ethical considerations. We encourage users to approach this with an understanding of responsibility and respect for others’ privacy, ensuring that the use of undress app is done with full awareness of ethical implications.”
Whether fully operational or partly restricted, ClothOff’s ongoing presence online continues to raise serious legal and moral questions about how far AI developers should go in allowing such image-manipulation tools to exist.
CLICK HERE TO GET THE FOX NEWS APP
This case could set a national precedent for holding AI companies accountable for misuse of their tools. (Kurt "CyberGuy" Knutsson)
Why this AI lawsuit matters for everyone online
The ability to make fake nude images from a simple photo threatens anyone with an online presence. Teens face special risks because AI tools are easy to use and share. The lawsuit draws attention to the emotional harm and humiliation caused by such images.
Parents and educators worry about how quickly this technology spreads through schools. Lawmakers are under pressure to modernize privacy laws. Companies that host or enable these tools must now consider stronger safeguards and faster takedown systems.
What this means for you
If you become a target of an AI-generated image, act quickly. Save screenshots, links and dates before the content disappears. Request immediate removal from websites that host the image. Seek legal help to understand your rights under state and federal law.
Parents should discuss digital safety openly. Even innocent photos can be misused. Knowing how AI works helps teens stay alert and make safer online choices. You can also demand stricter AI rules that prioritize consent and accountability.
Take my quiz: How safe is your online security?
Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here:Cyberguy.com.
Kurt’s key takeaways
This lawsuit is not only about one teenager. It represents a turning point in how courts handle digital abuse. The case challenges the idea that AI tools are neutral and asks whether their creators share responsibility for harm. We must decide how to balance innovation with human rights. The court’s ruling could influence how future AI laws evolve and how victims seek justice.
If an AI tool creates an image that destroys someone’s reputation, should the company that made it face the same punishment as the person who shared it? Let us know by writing to us atCyberguy.com.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join myCYBERGUY.COMnewsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.
The post Teen sues AI tool maker over fake nude images appeared first on My Blog.
]]>