Generally, iPhones are considered more secure than Android devices. 

Apple’s closed ecosystem and strict App Store policies limit the risk of malware, and its centralized software updates ensure better security. In contrast, Android’s openness allows users to install apps from various sources, and updates are often rolled out at different times, making it more vulnerable to attacks. 

However, iPhones aren’t immune to security flaws. Hackers occasionally find ways to exploit them, as seen in Apple’s latest advisory. The company recently discovered that a vulnerability in iOS had been exploited for over a year. While a fix has now been released, reports suggest that hackers may have already targeted high-value individuals.

GET SECURITY ALERTS, EXPERT TIPS — SIGN UP FOR KURT’S NEWSLETTER — THE CYBERGUY REPORT HERE

Apple has uncovered hackers exploiting a vulnerability in iOS that appears to have been lingering for more than a year. The vulnerability is a "zero-day" flaw, meaning criminals may have already exploited it, according to the latest security advisory from the company. Zero-day flaws like this are especially dangerous because they are exploited before developers can issue fixes. Apple confirmed this marks its first zero-day patch of 2025. The vulnerability affects iPhones dating back to 2018’s XS model, as well as newer iPads, Macs, and even the Vision Pro headset.

The vulnerability, tracked as CVE-2025-24085, resides in Apple’s Core Media framework, a software layer responsible for processing multimedia files. A "use after free" memory corruption error enabled hackers to manipulate the system into executing unstable code, granting them elevated privileges to bypass security protocols. Apple’s advisory suggests hackers weaponized the flaw through malicious apps disguised as legitimate media players. These apps likely abused the Core Media framework by triggering corrupted files, enabling attackers to infiltrate devices.

The attacks reportedly targeted iOS versions predating 17.2, released in December 2023, meaning the vulnerability may have been active since late 2022. Security experts speculate that hackers focused on high-value individuals — such as activists, executives or journalists — to avoid detection. The prolonged stealth of the campaign underscores the challenges of identifying sophisticated, narrowly tailored exploits.

This underscores the critical need for you to update your devices to iOS 17.2 or later, as these versions include essential fixes to safeguard against this actively exploited vulnerability.

HOW TO PROTECT YOUR IPHONE & IPAD FROM MALWARE

In response, Apple has released fixes across its ecosystem, including iOS 18.3, macOS Sequoia, watchOS, tvOS and VisionOS. You should update your devices as soon as possible to stay protected. To install the update on your iPhone or iPad:

Pro Tip: I recommend you click Update Now and also turn on Automatic Updates to stay covered in the future.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

While Apple has patched this issue, it’s a reminder that staying on top of updates is key. Hackers are always looking for security gaps, so keeping your software up to date is one of the best ways to stay safe.

SCAMMERS FOUND A SNEAKY WAY TO BYPASS YOUR IPHONE'S SAFETY FEATURES

Protecting your iPhone requires proactive security measures. By following these seven essential steps, you can significantly reduce the risk of cyber threats and keep your personal information secure.

1. Keep your iPhone updated: I can’t say this enough. Updating your iPhone regularly is one of the most effective ways to protect it from security threats. Apple frequently releases updates that fix vulnerabilities, including critical zero-day flaws. 

2. Download apps only from the App Store: To minimize the risk of installing malware, only download apps from the official App Store. Apple’s strict app review process helps prevent malicious apps from being published, but some threats can still slip through. Always verify app details, check reviews and be cautious about app permissions before installation.

3. Enable lockdown mode for extra protection: For those of you who may be at higher risk, such as journalists or executives, Lockdown Mode provides an additional layer of security. This feature limits certain device functionalities to prevent sophisticated cyberattacks. It can be turned on via Settings > Privacy & Security > Lockdown Mode and is especially useful for those concerned about targeted threats.

4. Enable message filtering: Use your device's built-in filtering options to sort messages from unknown senders. This feature allows you to automatically sort messages from unknown senders, easily filter unread messages and manage your message inbox more efficiently. Here are steps:

GET FOX BUSINESS ON THE GO BY CLICKING HERE

5. Stay cautious of phishing attacks and install strong antivirus software: Phishing remains one of the most common tactics used by hackers. Be cautious when receiving unsolicited messages or emails on your iPhone, especially those with suspicious links or attachments. Always verify the sender before opening anything. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

6. Review your security and privacy settings: Regularly reviewing your iPhone’s security settings can help you maintain strong protection. You should also review app permissions in Settings > Privacy & Security to restrict access to sensitive data, such as location or contacts. Enable Face ID or Touch ID for secure access and turn on two-factor authentication (2FA) for Apple ID and other accounts. 2FA adds an extra layer of security to your accounts by requiring a second form of verification, such as a text message or authentication app, in addition to your password. This significantly reduces the risk of unauthorized access, even if your password is compromised.

7. Invest in personal data removal services: By reducing your online footprint, you make it harder for cybercriminals to obtain your contact information, potentially preventing them from sending you deceptive phishing texts and emails in the first place. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.

This iOS vulnerability is a serious reminder of the importance of staying up to date with software updates. If you’re using an iPhone from 2018 or later, make sure you’ve updated to iOS 17.2 or later as soon as possible. Hackers exploited a hidden flaw for over a year, using fake media apps to gain access to devices. While Apple has now patched the issue, the fact that it remained undetected for so long is concerning. 

Do you think companies like Apple are doing enough to protect you from cyber threats?  Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

Almost everything you do online asks for your email. If you have been using the same one for a while, chances are hundreds or even thousands of services have it. They send promotional messages, social media alerts, newsletters and more, turning your inbox into complete chaos. You can tame this madness using an email alias.

An email alias helps declutter your inbox by organizing emails based on their purpose. For example, you can create specific aliases for shopping, newsletters or work and set up filters to sort these messages into separate folders automatically. 

Aliases also help manage spam. If an alias starts receiving too many unwanted messages, you can disable it without affecting your main email.

Let’s dive into how to create an email alias on different platforms, including Gmail, Outlook and iCloud. 

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

Gmail doesn’t allow you to create a completely separate alias, but it offers workarounds using "+ addressing" or by adding dots to your existing email address. However, these methods don’t prevent an unscrupulous sender from seeing your primary address, so exercise caution when using them with untrusted correspondents. Follow the steps below to get started.

Use your existing Gmail address and add a "+" followed by any keyword before "@gmail.com."

Example: If your email is yourname@gmail.com, you can use:

No additional setup is needed, just start using this alias when signing up for services or sharing your email.

Gmail ignores dots (.) in email addresses, so you can create variations of your email:

Example: If your email is yourname@gmail.com, you can use:

All variations will deliver emails to your main inbox automatically.

MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC

Outlook.com allows you to create additional email addresses (aliases) that are linked to your primary account. Emails sent to an alias will arrive in your primary inbox, and you can send messages using the alias as well.

If your primary email is johnsmith@outlook.com, you can create an alias like john.smith123@outlook.com. Emails sent to john.smith123@outlook.com will still go to johnsmith@outlook.com, but you can choose to send emails using either address.

Steps to create an alias:

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

Once added, you can send emails using your alias by selecting it in the From field when composing a new message.

Important limitations to note:

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET

Apple allows you to create up to three email aliases through iCloud. These aliases can be used for specific purposes, helping you manage your inbox effectively. Here’s how to create one:

It's important to note that you can still create up to three email aliases through iCloud. Remember that while these aliases provide some flexibility, they do not create separate Apple IDs or completely hide your primary iCloud email address.

BEWARE OF ENCRYPTED PDFS AS THE LATEST TRICK TO DELIVER MALWARE TO YOU

While many email providers offer basic alias functionality, most have significant limitations. Gmail's "+" addressing and dot tricks, Outlook's linked aliases and Apple's iCloud aliases all provide some flexibility, but they often fall short of true privacy protection.

For those of you seeking comprehensive email privacy and robust alias management, my No. 1 pick for private and secure email platforms contains no ads, no tracking and powerful privacy features like password-protected email and unlimited disposable email addresses. See my review of the best secure and private email services here.

Protecting your inbox from scammers requires a combination of smart practices and proactive tools. Using email aliases is an effective first step. By creating specific aliases for different activities, such as shopping, subscriptions or work, you can track where spam is coming from and deactivate problematic aliases as needed. Below are some other steps to take.

1. Avoid sharing your primary email address publicly on forums, social media or other platforms to minimize exposure. Most email providers offer robust spam filters, so ensure they are enabled and customize them as needed

GET FOX BUSINESS ON THE GO BY CLICKING HERE

2. Invest in personal data removal services. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.

3. Enable two-factor authentication on all your email accounts to add an extra layer of security.

4. Be cautious of suspicious links and attachments. Never click on links or download attachments from unknown senders, as these could be phishing attempts.

5. Use strong antivirus software to protect against potential malware that might come through spam emails. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

6. Regularly update your email password and make it strong and unique, avoiding common words or easily guessable combinations. Consider using a password manager to generate and store complex passwords.

These steps will provide a more comprehensive approach to protecting your inbox from scammers and reducing unwanted emails.

SUBSCRIBE TO KURT’S YOUTUBE CHANNEL FOR QUICK VIDEO TIPS ON HOW TO WORK ALL OF YOUR TECH DEVICES

Taking charge of your inbox doesn’t have to be overwhelming. By implementing the tips and tools mentioned above, you’ll create a more secure, efficient and manageable email experience. Whether you’re battling spam or organizing your digital life, email aliases and secure services are great things to put into place.

Which email platform do you use most often, and how do you organize your messages there? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

UnitedHealth’s Change Healthcare unit suffered a data breach in February 2024, the news of which surfaced Feb. 21. 

Initially reported to have affected around 100 million individuals, the U.S. health insurance giant has now revealed that the actual number is significantly higher: 190 million. This makes it the largest breach of medical data in U.S. history, affecting nearly half the country’s population. 

A breach of this magnitude can have devastating consequences for the American people as malicious actors could exploit the data for a range of attacks if it finds its way to the dark web.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

UnitedHealth confirmed on Friday, Jan. 24, 2025, that the ransomware attack on its Change Healthcare unit affected approximately 190 million people in the United States. The company had previously estimated the number of affected individuals to be around 100 million in its preliminary analysis filed with the Office for Civil Rights, a division of the U.S. Department of Health and Human Services that investigates data breaches.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

UnitedHealth stated that the majority of those impacted have already been notified, either directly or through substitute notice. The final tally of affected individuals will be confirmed and submitted to the Office for Civil Rights at a later date.

The company tells CyberGuy it is "not aware of any misuse of individuals’ information as a result of this incident and has not seen electronic medical record databases appear in the data during the analysis." However, UnitedHealth did not disclose when it became aware of the additional 90 million victims, how the revised figure was determined or what changes led to the updated number.

THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION

The cyberattack on Change Healthcare in February caused widespread disruptions across the U.S. healthcare sector, as the company took its systems offline to contain the breach. This shutdown impacted critical services such as claims processing, payments and data sharing, which many healthcare providers rely on.

The stolen data varied by individual but included a broad range of personal and sensitive information, such as names, addresses, dates of birth, phone numbers, email addresses and government ID numbers, including Social Security, driver’s license and passport details.

Plus, hackers may have accessed health-related information, including diagnoses, medications, test results, imaging records, care and treatment plans, and health insurance details. Financial and banking information tied to claims and payment data was also reportedly compromised.

The breach was the result of a ransomware attack carried out by ALPHV/BlackCat, a Russian-speaking ransomware and extortion group. The attack, a form of malware intrusion, locks victims out of their data unless a ransom is paid. ALPHV/BlackCat later took credit for the attack.

During a House hearing in April, Change Healthcare admitted that the breach was made possible due to inadequate security measures, specifically the absence of two-factor authentication to protect its systems.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

FROM TIKTOK TO TROUBLE: HOW YOUR ONLINE DATA CAN BE WEAPONIZED AGAINST YOU

1. Remove your personal information from the internet: The breach has exposed sensitive personal data, making it essential to reduce your online footprint. While no service can guarantee complete data removal, a reputable data removal service can significantly limit your exposure. These services systematically monitor and erase your personal information from numerous websites and data brokers. Check out my top picks for data removal services here.

2. Be wary of mailbox communications: With addresses among the compromised data, scammers may exploit this breach to send fraudulent letters. Be aware of mail claiming missed deliveries, account suspensions or security alerts. Always verify the authenticity of such communications before responding or taking action.

3. Be cautious of phishing attempts and use strong antivirus software: Scammers may use your compromised email or phone number to target you with phishing attacks. Be wary of messages asking for personal information or containing suspicious links. To protect yourself, ensure strong antivirus software is installed on all your devices. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

4. Monitor your accounts: Given the scope of this breach, regular monitoring of your bank accounts, credit card statements and other financial accounts is critical. Look for unauthorized transactions or suspicious activity and immediately report any issues to your bank or credit card provider.

5. Recognize and report a Social Security scam: If your Social Security number is exposed, you could become a target for related scams. Official communication regarding Social Security issues usually comes via mail, not phone calls or emails. Learn more about spotting and reporting scams by visiting the Social Security Administration’s scam information page.

6. Invest in identity theft protection: Data breaches happen every day, and most never make the headlines, but with an identity theft protection service, you’ll be notified if and when you are affected. Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.

MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC

It’s surprising that a company of UnitedHealth’s scale failed to implement even basic cybersecurity measures when handling customer data. A breach affecting 190 million people – nearly half of the U.S. population – is staggering, leaving almost anyone at risk of becoming a target for hackers. While the company is still assessing the full extent of the breach, you can take precautions now by being cautious with any unknown links or unsolicited calls. Bad actors may use a variety of tactics to cause harm.

Do you think these companies are doing enough to protect your data, and is the government doing enough to catch those behind cyberattacks? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

A sophisticated phishing campaign exploiting Google Calendar has been uncovered by Check Point Software Technologies, raising alarms among cybersecurity experts. 

Cybercriminals are sending fake meeting invitations that appear legitimate, redirecting victims to phishing sites and mimicking Google's platforms to steal sensitive information. 

This emerging threat is particularly concerning given the widespread use of Google Calendar, which serves more than 500 million users globally in 41 languages. Researchers have identified nearly 4,000 phishing attempts in a matter of weeks, impersonating more than 300 reputable brands.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

Hackers leverage the trust in Google's services to carry out their attacks. Victims receive seemingly authentic meeting invites via Google Calendar. Upon clicking links within these invites, they are taken to fake web pages that prompt them to input personal data. Once compromised, this information can be used for identity theft, financial fraud and unauthorized access to other accounts. Security experts warn that attackers are now using AI to craft highly convincing fake invitations, making it even harder to spot the fraud. Reacting to the findings from Check Point, a spokesperson for Google said:

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

"We recommend users enable the 'Only If The Sender Is Known' setting in Google Calendar. This setting helps defend against this type of phishing by alerting the user when they receive an invitation from someone not in their contact list and/or they have not interacted with from their email address in the past."

ASK KURT: HOW TO NAVIGATE GOOGLE’S PRIVACY SETTINGS

Google has introduced the "known senders" feature in Google Calendar to combat sophisticated phishing attempts. This setting helps you filter out potentially malicious calendar invites. Here's how to enable it:

This ensures that only events from contacts, your organization or previous interactions are automatically added to your calendar.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

HOW ONE MAN GOT SCAMMED IN SECONDS USING GOOGLE

To further protect yourself from phishing scams, follow these steps.

Scrutinize unexpected invites carefully: Examine the sender's details, including their name, domain and email address, for any inconsistencies or signs of spoofing.

Avoid clicking suspicious links or downloading attachments from unknown sources: Threat actors often embed malicious links in calendar invites that can lead to phishing websites designed to steal your personal information.

Use strong antivirus software: This provides an additional defense mechanism against malware and can help detect potential phishing attempts before they cause damage. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

Enable two-factor authentication (2FA) for your Gmail account: 2FA adds an extra layer of security that can prevent unauthorized access, even if your credentials are compromised.

Keep your security settings up to date: Regularly review and adjust your calendar and email settings to protect against evolving phishing tactics.

HOW A WRONG GOOGLE SEARCH CAN COMPROMISE YOUR DATA AND BRING LAW ENFORCEMENT CALLING

As phishing tactics evolve, cybercriminals are exploiting trusted platforms like Google Calendar to bypass traditional security measures. This underscores the importance of user vigilance and proactive security practices. By enabling the "known senders" setting and implementing additional security measures, you can significantly reduce the risk of falling victim to calendar-based phishing scams.

What digital security challenges have you encountered recently? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

A new scam has come to light targeting residents across the United States with text messages that pretend to be from toll road operators. For many who receive these messages, it’s an easy and expensive trap to fall into.

The scam begins when people receive a message claiming they have unpaid tolls and may be charged fines. Scammers then ask for card details and a one-time password sent via SMS to steal their money. Security researchers believe that Chinese smishing groups are behind this scam, selling SMS-based phishing kits to thousands of scammers.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

Enter the giveaway by signing up for my free newsletter.

As reported by KrebsOnSecurity, the scam begins with a text message claiming to be from a toll road operator, such as E-ZPass or SunPass. The message warns about unpaid tolls and the possibility of fines, forcing recipients to act quickly. Victims are directed to a fake website mimicking the toll operator’s site, where they are asked to provide sensitive information, including payment card details and one-time passwords. 

Security researchers have traced the scam to Chinese smishing groups known for creating and selling sophisticated SMS phishing kits. One such kit, "Lighthouse," makes it easy for scammers to spoof toll road operators in multiple states. These kits are designed to trick users into sharing financial information, which is then used to commit fraud. 

Reports of these phishing attacks have surfaced across the U.S., targeting users of toll systems like EZDriveMA in Massachusetts, SunPass in Florida and the North Texas Toll Authority in Texas. Similar scams have been reported in states including California, Colorado, Connecticut, Minnesota and Washington. The phishing pages are mobile-optimized and won’t load on non-mobile devices, making them even more deceptive.

MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC

Recent advancements in phishing kits include better deliverability through integration with Apple iMessage and Android’s RCS technology, bypassing traditional SMS spam filters. These methods increase the likelihood of victims receiving and engaging with fraudulent messages. The phishing sites are operated dynamically in real time by criminals, making them harder to detect and shut down. Even individuals who don’t own a vehicle have reported receiving these messages, indicating random targeting.

THAT APPLE ID DISABLED MESSAGE? IT'S A DANGEROUS SCAM

By staying vigilant and following the steps below, you can protect yourself from falling victim to toll scams. 

1) Verify directly with toll operators: If you receive a message about unpaid tolls or fines, do not click on any links. Instead, visit the official website of your toll operator or contact their customer service directly to verify the claim.

2) Install strong antivirus software: The best way to safeguard yourself from malicious links is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

3) Do not share personal information: Never provide sensitive details like payment card information, Social Security numbers or one-time passwords via text or unverified websites. Legitimate toll operators will not request such information through SMS.

4) Enable two-factor authentication (2FA): Use 2FA for your accounts whenever possible. This adds an extra layer of protection by requiring two forms of verification, reducing the risk of unauthorized access even if some details are compromised.

5) Be wary of urgency in messages: Scammers often create a sense of urgency, claiming immediate action is required to avoid penalties. Take a moment to assess the situation and verify the legitimacy of the message through official channels.

6) Report suspicious messages: If you suspect a phishing attempt, report it to the Federal Trade Commission or the FBI's Internet Crime Complaint Center. Include details like the sender’s phone number and any links in the message. Additionally, inform your mobile carrier to help block similar scams.

7) Use a personal data removal service: Employ a reputable data removal service to reduce your online footprint and minimize the risk of scammers obtaining your personal information. These services can help remove your data from various data broker sites, making it harder for scammers to target you with personalized scams. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET

It’s deeply concerning how these scams are becoming increasingly sophisticated and widespread. It’s no longer just about random phishing attempts. These are carefully crafted schemes designed to exploit our trust in systems we rely on daily. The fact that scammers can impersonate toll road operators so convincingly is alarming, and it shows how vulnerable we are to such attacks. It frustrates me to think of how many people may fall victim to these tactics, losing their hard-earned money.

Have you recently received a suspicious text message claiming to be from a toll road operator or any other service? How did you react? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.

Did you know that identity theft happens every 22 seconds? This means that, by the time you finish reading this sentence, someone has likely had their identity stolen. At best, identity theft will steal away your time and patience. But more often, identity theft leads to severe consequences, like losing control over your financial accounts, having your credit score affected or even losing lifelong savings.

However, you don't have to be a statistic. By understanding how identity thieves operate and implementing smart protection strategies, you can make your personal data a fortress that's too challenging for cybercriminals to breach. Drawing from the Federal Trade Commission's (FTC) latest Identity Theft Awareness Week insights, I'll walk you through expert-backed strategies to shield your most valuable asset: your identity.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

Enter the giveaway by signing up for my free newsletter.

With so much of our lives having moved online, identity thieves are having an easier time than ever. Your most important accounts – banking, credit, Social Security – are all digital. Thieves don’t need to know much about you to steal your identity, just a few pieces of personal information can be enough. According to the Bureau of Justice Statistics, 24 million Americans reported identity theft in the past 12 months. In their lifetime, 1 in 3 Americans (more than 110 million people) have experienced identity theft. Here’s the part many people don’t realize: You might have already been a target. Maybe your identity was stolen, and the thieves failed, or maybe your good online habits saved you without you even knowing, which brings us to the next lesson: prevention.

THINK YOU'RE SAFE? IDENTITY THEFT COULD WIPE OUT YOUR ENTIRE LIFE’S SAVINGS

You don’t need to spend a fortune to guard against identity theft. While professional services can be helpful, most of what you need comes down to better habits and awareness. Here are some simple steps you can take today:

1) Check your accounts regularly: Review your bank, credit card and Social Security accounts for transactions you didn’t make, failed login attempts and password reset requests you didn’t initiate.

2) Keep an eye on your mail: Look for letters regarding accounts you didn’t open, notices of data breaches and transaction summaries that don’t match your records.

3) Monitor your email inbox: Be alert for password reset emails you didn’t request, confirmation of new accounts you didn’t open, receipts for purchases you didn’t make.

4) Use two-factor authentication (2FA): 2FA adds extra layers of security to your accounts. Even if a thief has your password, they won’t be able to log in without a second step, like a code sent via text message or app-based verification. While logging in might take an extra moment, it’s worth it; 2FA dramatically increases account security.

5) Check your credit report annually: Visit AnnualCreditReport.com to get your free credit report once a year. Use it to spot suspicious activity early. If you see something unusual, take action right away.

6) Use strong passwords: Use complex passwords and a password manager to secure your online accounts. Strong passwords are your first line of defense against cyber threats.

7) Stop oversharing: Limit the personal information you share on social media and other platforms. It’s a treasure trove for cybercriminals who use it to craft convincing fraud campaigns targeted specifically at you.

10 SIGNS YOUR IDENTITY HAS BEEN COMPROMISED

Nearly half of Americans don’t know how to respond if they fall victim to identity theft. Acting quickly can make a huge difference. Here’s what to do:

1) Contact the affected institution: Contact the company immediately if you notice something unusual, like a suspicious charge or an unfamiliar account. They’ll guide you through securing your account.

2) Change your passwords: Update the password for the affected account and any others using the same credentials. Use strong, unique passwords for each account to avoid further risks.

3) Report the theft to the FTC: Visit IdentityTheft.gov to report identity theft and get personalized recovery steps.

4) Use an identity theft protection service: Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

One of the best parts of using some services is that they might include identity theft insurance of up to $1 million to cover losses and legal fees and a white-glove fraud resolution team where a U.S.-based case manager helps you recover any losses. See my tips and best picks on how to protect yourself from identity theft.

Data breaches often start with personal information that’s readily available online. People search sites and data brokers collect and sell this information, including your name, address, phone number and more. Can you get your data removed? Yes, but it’s tricky. These companies don’t make it easy, and managing removal requests for hundreds of sites can be overwhelming. 

Instead, consider using a personal data removal service. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.

CELLPHONE NIGHTMARE LEADS TO PORTED NUMBERS, IDENTITY THEFT, FIGHT FOR RECOVERY

Look, identity theft is scary, but you're not helpless. By staying smart and proactive, you can dramatically reduce your risks. Think of protecting your identity like locking your front door: It's just good common sense in today's digital world. At the end of the day, a little awareness goes a long way, and you've already taken the first step by reading this article. Now, take what you've learned and apply it to keep you safe from cybercriminals.

What situation have you found yourself in where you felt vulnerable to identity theft or needed help protecting your personal information? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.

In an alarming development, cybercriminals have devised a new method to circumvent Apple's built-in phishing protection for iMessage, potentially exposing you to malicious links and scams. This sophisticated tactic exploits a security feature designed to protect you, turning it into a vulnerability that could lead to significant personal and financial risks.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

Enter the giveaway by signing up for my free newsletter.

Apple's iMessage automatically disables links in messages from unknown senders as a security measure. However, cybercriminals have found a way to exploit this protection. By instructing you to reply to the message, often with a simple "Y," the attackers can re-enable previously disabled links. This seemingly innocuous action not only activates the links but also signals to the scammers that they've found an engaged target for future attacks.

HOW TO PROTECT YOUR IPHONE & IPAD FROM MALWARE

Apple defines social engineering as a targeted attack that employs impersonation, deception, and manipulation to gain access to personal data. Scammers often pose as representatives of trusted companies, using sophisticated tactics to persuade individuals to disclose sensitive information, such as passwords and financial details. Here are some of those sneaky tactics:

The messages typically end with instructions like: "(Please reply Y, then exit the SMS, re-open the SMS activation link, or copy the link to open in Safari)."

THE ONE SIMPLE TRICK TO HELP KEEP OUT CYBER CREEPS ON IPHONE

This new tactic is part of a broader trend of smishing (SMS phishing) attacks targeting mobile users. With the increasing reliance on smartphones for various activities, including financial transactions and personal communications, these attacks pose a significant threat to users' security and privacy.

DOES MY IPHONE NEED ANTIVIRUS PROTECTION?

To safeguard against these sophisticated phishing attempts, consider the following steps.

1) Never reply to suspicious messages: Avoid responding to texts from unknown senders, especially those asking you to reply to activate links. Additionally, make sure to delete suspicious text messages and block the sender to prevent further attempts. Since the sender is not in your contact list, you can click Report Junk at the bottom of the text. Then click Delete and Report Junk. This will report the conversation as junk by sending it to your wireless carrier and Apple using your phone number.

2) Verify sender identity: Contact organizations directly through official channels if you're unsure about a message's legitimacy.

3) Be skeptical of urgency: Scammers often use urgent language to prompt quick, thoughtless actions.

4) Enable message filtering: Use your device's built-in filtering options to sort messages from unknown senders. Here are the steps:

This feature allows you to automatically sort messages from unknown senders, easily filter unread messages and manage your message inbox more efficiently.

5) Use two-factor authentication (2FA): 2FA adds an extra layer of security to your accounts by requiring a second form of verification, such as a text message or authentication app, in addition to your password. This significantly reduces the risk of unauthorized access, even if your password is compromised.

6) Have strong antivirus software: The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

7) Invest in personal data removal services: By reducing your online footprint, you make it harder for cybercriminals to obtain your contact information, potentially preventing them from sending you these deceptive iMessage phishing texts in the first place. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.

If you suspect you've fallen victim to a smishing attack:

One of the best parts of some identity theft protection services is that they have identity theft insurance of up to $1 million to cover losses and legal fees and a white-glove fraud resolution team where a U.S.-based case manager helps you recover any losses. See my tips and best picks on how to protect yourself from identity theft.

This latest trick targeting iMessage users serves as a reminder that even seemingly secure systems can be vulnerable to social engineering. By remaining cautious and following best practices for digital security, you can significantly reduce your risk of falling victim to these sophisticated phishing attempts.

What other cybersecurity challenges have you encountered with your mobile devices, and what questions do you have for us? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.

Nowadays, almost every app you download asks for location permissions, meaning it wants to track where you are and your movements. For an app like Google Maps, requesting location access makes perfect sense. It's also reasonable for apps like Uber or DoorDash, which rely on location for their services. 

However, many apps that have nothing to do with location still ask for it, and we often grant these permissions without thinking twice. When you give an app access to your location, that data is stored and, in some cases, might even be sold. According to Texas Attorney General Ken Paxton, this practice is not uncommon. 

A recent lawsuit filed by Paxton alleges that the insurance company Allstate collected and sold the location data of 45 million Americans' smartphones.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

In a press release, Paxton announced that he had sued Allstate and its subsidiary, Arity, for unlawfully collecting, using and selling data about the location and movements of Texans' cellphones. The data was gathered through secretly embedded software in mobile apps, such as Life360. "Allstate and other insurers then used the covertly obtained data to justify raising Texans’ insurance rates," the press release stated.

The insurance provider allegedly collected trillions of miles' worth of location data from more than 45 million Americans nationwide. The data was reportedly used to build the "world’s largest driving behavior database." When customers sought a quote or renewed their coverage, Allstate and other insurance companies allegedly used the database to justify raising car insurance premiums.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

Paxton claims the actions violated the Texas Data Privacy and Security Act. The lawsuit alleges customers were not clearly informed their data was being collected and did not consent to the practice.

"Our investigation revealed that Allstate and Arity paid mobile apps millions of dollars to install Allstate’s tracking software," said Paxton. "The personal data of millions of Americans was sold to insurance companies without their knowledge or consent in violation of the law. Texans deserve better and we will hold all these companies accountable."

We reached out to Allstate and Arity for comments. A rep for the Allstate Corporation provided CyberGuy with this statement: "Arity helps consumers get the most accurate auto insurance price after they consent in a simple and transparent way that fully complies with all laws and regulations."

MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC

Car manufacturers have also been accused of selling similar data to insurance companies. Last year, Paxton sued General Motors for allegedly collecting and selling the private driving data of more than 1.5 million Texans to insurance companies without their knowledge or consent. In addition to insurance companies, data brokers are frequent buyers of customer data. Critics say these brokers fail to adequately protect the information, leaving it vulnerable to hackers. Earlier this month, hackers claimed to have breached Gravy Analytics, a major location data broker and the parent company of Venntel, which is known for selling smartphone location data to U.S. government agencies.

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET

1. Avoid installing the insurance company’s app: Many insurance companies encourage users to download their apps to "simplify" claims, payments or policy management. However, these apps often collect and track your location data under the guise of improving their services. If the app is not absolutely essential, manage your account through the company’s website or contact customer service directly instead.

2. Don’t give location permissions unnecessarily: When an app requests location access, ask yourself whether it genuinely needs this information to function. For example, a weather app may need approximate location data, but a flashlight app does not.  Always choose "Deny" or "Allow only while using the app" unless absolutely necessary. Most modern devices also allow you to provide an approximate location rather than a precise one, which is a safer option when location access is unavoidable.

3. Review and manage app permissions regularly: Over time, you may forget which apps have been granted permissions. Regularly go through your device’s app settings to check and adjust permissions. On most devices, you can access this under settings > privacy > app permissions (specific steps vary by operating system). Revoke access for any apps that don’t need it or seem suspicious.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

4. Turn off location services when not in use: Keep location services off when you don’t need them. This reduces the chances of apps or devices tracking you passively in the background. For tasks like mapping or food delivery, turn location services on temporarily, then turn them off when you’re done. For added security, avoid connecting to public Wi-Fi networks, which can also be used to track your location indirectly.

5. Use privacy-focused tools and apps: Invest in tools designed to safeguard your privacy. Virtual private networks (VPNs) can mask your location online and prevent unwanted tracking while browsing.  VPNs will also protect you from those who want to track and identify your potential location and the websites that you visit. For best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices

BEWARE OF ENCRYPTED PDFS AS THE LATEST TRICK TO DELIVER MALWARE TO YOU

If Allstate is indeed unlawfully collecting and selling people’s location data, Attorney General Paxton is right to hold them accountable by filing a lawsuit. In an era where cybercriminals exploit every opportunity to scam individuals, companies that fail to protect customer data are unacceptable and should face consequences. Data has become the new oil, and everyone seems eager to exploit it — often at the expense of ordinary people. Businesses that prioritize profits over privacy erode trust and put consumers at risk, making it crucial to enforce strict accountability for such practices.

Do you think companies like Allstate should be required to make their data practices crystal clear to customers? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

If your healthcare data hasn't been breached in 2024, then you either don't know it yet or should consider yourself very lucky. 

That's because 2024 was a nightmare year for healthcare institutions and patients in the U.S. A total of 184,111,469 records were breached. That's 53% of the 2024 population of the United States. 

This staggering figure represents a significant increase from previous years, setting a new and alarming record in healthcare data breaches. 

The healthcare sector faced unprecedented challenges in cybersecurity, with attacks becoming more frequent, sophisticated and damaging than ever before.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

Being admitted to a hospital is stressful enough. It caused additional stress for the 100 million clients of Change Healthcare, whose data was exposed following a breach orchestrated by the BlackCat ransomware group. Not only did the breach expose sensitive health information, but it also caused widespread disruptions in claims processing. Patients and providers across the country faced chaos as the breach impacted their ability to access and pay for healthcare services.

The second significant breach occurred at Kaiser Foundation Health Plan, where the personal data of 13.4 million individuals was compromised. This breach involved unauthorized access and the use of tracking technologies that transmitted user interactions to third parties. 

HACKERS CLAIM MASSIVE BREACH OF COMPANY THAT TRACKS AND SELLS AMERICANS' LOCATION DATA

You’ll receive a notification letter, although be aware that it may take months before it reaches you (as was the case for victims of the Ascension Health data breach). The consequences are real and can be very painful. Medical identity theft directly affects patients' health and safety. It happens when criminals use stolen personal health information to obtain medical services or medications under another person’s name. It can result in incorrect medical records being created that can include inaccurate diagnoses, allergies or treatments. 

And as you may have guessed, it can also result in financial repercussions, such as patients getting fraudulent claims and bills for services they did not receive. Resolving these issues with insurers and healthcare providers takes time and mental strength. And you’re probably not in a hurry to see your breached healthcare provider ever again. That’s normal. A study has shown that up to 54% of patients consider switching providers after a data breach.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

ARE DATA BROKERS ENDANGERING YOUR RETIREMENT SECURITY?

Sensitive health information can easily be combined with personal identifiers from data brokers, creating comprehensive profiles that criminals can exploit. As a reminder, data brokers are companies that specialize in collecting, processing and selling personal information from various sources, including public records, online activities and social media. 

They aggregate this data to create detailed consumer profiles that can be sold to marketers, insurance companies and other entities for various purposes. The more detailed the profile, the higher the chance of identity theft and potential discrimination in employment and insurance. Employers might make hiring decisions based on perceived health risks, while insurers could deny coverage or increase premiums.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION

You can’t prevent a data breach, but you can minimize its consequences by reducing your digital footprint overall.

1. Set your social media to private: Restrict access to your personal information and limit what strangers can see about your life and potentially your health status. Ensure your privacy settings are robust and regularly updated to prevent unauthorized data collection.

2. Remove your personal data from data brokers’ databases: Either by searching for your name on people search sites and requesting removals, one by one, or by using a data removal service. Data removal services automate data removal for you and let you track where exactly your data has been found and whether it was removed, not only on people search sites, which are public data brokers, but also on hidden, private databases where you can’t look yourself up (and these are the worst).

Once your data is removed, data removal services monitor data brokers for your data and remove it again as needed (because it has a tendency to be re-listed after a while). This way, you prevent data broker companies from compiling a full profile on you and selling it to the first bidder, whether that’s a hacker, a marketing agency or an insurance company. Check out my top picks for data removal services here.

3. Delete all unused apps on your phone: Unused applications can be hidden gateways for data leakage and potential security vulnerabilities. Regularly audit and remove apps that you no longer use or need.

4. Check the permissions of the ones you want to keep: Review each app's access to your personal data, location and device features to ensure you're not inadvertently sharing more information than necessary. Be particularly cautious with health and fitness tracking applications.

5. Use a VPN (virtual private network) when browsing: Encrypt your online activities and mask your digital location to add an extra layer of anonymity and protection. A reliable VPN can help shield your personal information from potential interceptors and data miners. For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices.

The reality of healthcare data breaches is daunting, but it’s not entirely out of your control. While you can’t prevent breaches from happening, you can take steps to minimize the risks and protect your personal information. Think of it as adding locks to your digital doors: set your social media to private, use a VPN and clean up unused apps. Remember, the less information you leave out there, the harder it is for bad actors to exploit it. Stay vigilant and don’t let your data become someone else’s advantage.

How do you feel about the growing risks to your personal information, and what steps have you taken to protect your data? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

The unveiling of the Skyrider X1, which claims to be the "world’s first amphibious flying passenger motorcycle," has certainly stirred up excitement. 

This innovative vehicle promises to change how we think about personal mobility by combining land and air travel in one sleek design.

Developed by Rictor, a sub-brand of the Chinese company Kuickwheel, the Skyrider X1 marks a big progression from Rictor's previous product, the K1 e-bike. Transitioning from an electric bicycle to a flying motorcycle is no small feat, and it shows Rictor's ambition to push the boundaries of eco-friendly and energy-efficient transportation.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

The Skyrider X1 features amphibious functionality, allowing it to operate on both land and water, although some skeptics are curious about how well it will perform in real-world conditions. This vehicle can reach speeds of up to 62 mph (100 km/h) and offers flight times of around 25 minutes for the base model with a 10.5-kWh battery. The premium version, equipped with a 21-kWh battery, boasts up to 40 minutes of flight time.

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET 

Made from lightweight carbon fiber composites and aviation-grade aluminum, the Skyrider X1 balances durability with flight capability. It also incorporates smart technology that includes automatic route planning to determine optimal flight paths based on your destination and real-time adaptability that adjusts altitude, speed and direction according to weather conditions.

CHINESE AUTO GIANT WANTS TO MAKE FLYING CARS YOUR NEXT COMMUTE OPTION

Safety is a top priority for Rictor in the design of the Skyrider X1. The vehicle includes triple-redundant flight control systems that ensure safe operation even if an engine fails. Additionally, it features an integrated emergency parachute for added peace of mind.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

AN ELECTRIC AIRCRAFT THE MILITARY HAS ITS EYES ON CAN TAKE OFF WITH ONLY 150 FEET OF RUNWAY

With an expected price tag of around $60,000, the Skyrider X1 aims to make personal air travel more accessible compared to other eVTOL options. By blending performance with affordability, Rictor hopes to bring flying within reach for more people.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

As cities grow and traffic congestion worsens, innovative solutions like the Skyrider X1 could become essential. This vehicle not only aims to ease urban travel but also promotes sustainable options in personal transportation. With advancements in battery technology and autonomous systems, eVTOL vehicles may soon transform how we navigate our environments.

SUBSCRIBE TO KURT’S YOUTUBE CHANNEL FOR QUICK VIDEO TIPS ON HOW TO WORK ALL OF YOUR TECH DEVICES

The Skyrider X1 is a glimpse into a future where flying could actually be part of our everyday lives. Imagine zipping through the skies instead of sitting in traffic. It sounds pretty cool, right? However, there are still some big questions to tackle about how this will all work in practice. We need to think about safety and whether it can really handle the demands of real-world travel. So, while the idea of flying motorcycles is exciting, we’ll have to wait and see how they fit into real-world scenarios.

So, what do you think? Would you be ready to hop on a flying motorcycle like the Skyrider X1? Let us know what you think by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

The White House has unveiled a groundbreaking initiative to enhance the security of internet-connected devices in American homes. 

The U.S. Cyber Trust Mark, a new cybersecurity safety label, is set to appear on smart products sold in the United States later this year. 

This program aims to help you make informed decisions about the safety of the smart devices you bring into your home.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

The U.S. Cyber Trust Mark is a label designed for consumer smart devices, including home security cameras, TVs, internet-connected appliances, fitness trackers, climate control systems and baby monitors. This mark signals that a device meets a set of security features approved by the National Institute of Standards and Technology (NIST).

Vendors can label their products with the Cyber Trust Mark logo if they meet NIST's cybersecurity criteria. These criteria include:

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

Consumers will be able to scan a QR code next to the Cyber Trust Mark label to access additional security information. This information includes:

ARE DATA BROKERS ENDANGERING YOUR RETIREMENT SECURITY?

There is a growing concern about cybercriminals remotely hacking into home security systems and malicious actors tapping into insecure home cameras. With the average U.S. household having 21 connected devices, according to a Deloitte study, the threat of cyberattacks is increasingly significant.

BEWARE OF THESE DOORBELL CAMERAS THAT COULD BE COMPROMISED BY CYBERCRIMINALS

The program is set to launch in 2025. Companies will soon be able to submit their products for testing to earn the label, and major retailers like Best Buy and Amazon have committed to highlighting labeled products. The program has garnered support from major electronics, appliance and consumer product makers, including Amazon, Google, Best Buy, LG Electronics U.S.A., Logitech and Samsung Electronics.

While the U.S. Cyber Trust Mark aims to cover a wide range of smart home gadgets, not everything in your tech arsenal will be sporting this new seal of approval. Here's a rundown of what's left out:

GET FOX BUSINESS ON THE GO BY CLICKING HERE

And here's a surprise: Your trusty personal computer, smartphone and router won't be getting the Cyber Trust Mark either, at least not yet. The program is kicking off with wireless consumer IoT products, but who knows? It might grow to include more devices down the road. For now, NIST is cooking up some cybersecurity rules for those consumer-grade routers we all rely on.

So, while you might not see the Cyber Trust Mark on everything in your tech toolkit, it's a solid start in making our connected homes a bit safer from digital ne'er-do-wells.

SUBSCRIBE TO KURT’S YOUTUBE CHANNEL FOR QUICK VIDEO TIPS ON HOW TO WORK ALL OF YOUR TECH DEVICES

HACKED CHROME EXTENSIONS PUT 2.6 MILLION USERS AT RISK OF DATA LEAK

The U.S. Cyber Trust Mark is a game-changer for you and me as consumers in our hyper-connected world. Let's face it: Understanding device security can be a headache. But this program cuts through the tech jargon, giving us clear, easy-to-grasp info about the gadgets we're considering bringing into our homes.

How do you think the U.S. Cyber Trust Mark will impact your future purchasing decisions for smart home devices? Will you actively look for this label when shopping for new gadgets? Let us know what you think by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

We recently received an email from Sylvia, who just got a new laptop that has significantly less space than her old laptop. She emailed us wondering how to store photos and videos on a computer with only 82GB of storage space:

"The newer laptop does not have as much storage space (indicates 82.1 GB free of 225GB) as the old one (indicates 322 GB free of 446 GB). What is the best way to store my photos and videos to free up space on the new laptop?"

Great question, Sylvia. This is a common issue for anyone who has purchased a lightweight laptop such as a Chromebook or Windows-based ultrabook. Fortunately, there are a few easy ways to store files off your hard drive.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

Enter the giveaway by signing up for my free newsletter.

82 GB should be more than enough for basic tasks like web browsing, using office applications or streaming video. However, if you plan to store large files such as high-resolution photos, videos or games, or if you’re using software that requires a lot of space, 82GB might fill up quickly. Here’s a rough breakdown of how much space different types of files typically take:

It's also important to leave enough space on your computer for the operating system to run smoothly. As a rule, keep at least 10%-15% of your hard drive free to prevent application slowdowns. An external hard drive is an excellent option for storing photos and videos to free up space on your new laptop. Another great way to save space is by storing your photos in cloud storage. Whether it’s a hard drive or cloud space, having a backup is a good idea.

As you can see from the breakdown above, photos and videos can take up a significant amount of storage space on your laptop. If you are a photographer who deals with RAW images, this amount could be even higher, as with video professionals who work with 4K content.

Even if you're not a video professional or photographer, having a lot of home videos and photographs can take up a lot of space. You will need a secondary storage solution with less than 100GB of space left. Here are a few options you might consider.

BEST LAPTOPS FOR 2025

An external hard drive is one of the most practical and reliable solutions for expanding your laptop's storage capacity, especially if you have many media files like photos, videos or other data-intensive content. These portable storage devices connect to your computer via USB (and increasingly via USB-C for faster transfer speeds), offering the flexibility of storing and backing up massive amounts of data without consuming your laptop's internal space.

There are two main types of external hard drives: HDD (hard disk drive) and SSD (solid state drive). HDDs are typically more affordable and come in larger capacities (up to several terabytes), making them an excellent option for those needing vast storage space on a budget. However, their mechanical components make them slightly slower in data transfer speeds and more prone to physical damage.

SSDs, on the other hand, are faster, more durable and lighter, though they tend to be more expensive per gigabyte of storage than HDDs. SSDs are ideal if you frequently transfer large files, work with high-resolution media like 4K videos or require speedy access to your data. They are also less prone to damage from drops or movement, which makes them perfect for on-the-go use.

External hard drives come in various sizes, from modest capacities like 256GB to massive options exceeding 10TB. The amount of storage you need will depend on the types of files you’re dealing with. For example, a 1TB drive can store over 200,000 high-resolution images if you need space for photos. A larger capacity drive might be necessary for video files, especially HD or 4K, as these files can easily consume tens or even hundreds of gigabytes.

BEST DESKTOPS COMPUTERS FOR 2025

One key advantage of external hard drives is their portability. Compact and easy to carry, they provide an excellent solution for photographers, videographers or anyone needing access to large files while moving. Some models are designed to be ultra-durable, with rugged, shockproof and waterproof features, ideal for outdoor and travel use.

Many professionals label and organize their drives by project or period, allowing for easy archiving and retrieval. As mentioned earlier, a simple organizational system, such as labeling your drives with the dates or types of content they contain, can help keep your data structured and easily accessible. This is especially important when you accumulate multiple drives over time. See Kurt's picks for the best external hard drives here.

Cloud storage services like Google Drive, Dropbox and Microsoft OneDrive offer convenient, flexible options for storing large files without consuming your laptop's limited space. These services allow you to securely store your photos, videos and documents in the cloud, freeing up valuable storage on your device. One significant advantage of cloud storage is accessing files from any device with an internet connection, whether on your phone, tablet or another computer.

Most cloud services provide a certain amount of free storage (typically between 2GB and 15GB) before upgrading to a paid plan. For instance, Google Drive offers 15GB of free storage shared across Google services, while Dropbox provides 2GB for free with options to upgrade for more space. OneDrive provides 5GB for free, but Microsoft users can get additional storage through Office 365 subscriptions, granting access to the Microsoft Office suite.

Additionally, cloud storage services come with features like automatic syncing and backup, making it easier to organize and safeguard your files. This can be particularly helpful for large photo and video libraries, which can be set to upload automatically from your phone or computer. With features like file versioning and collaboration tools, cloud platforms offer more than just storage. They enhance productivity and allow seamless file sharing with friends, family or colleagues.

Finally, many cloud storage providers offer encryption and other security measures to protect your files for added peace of mind. However, it would always be best to take extra precautions, such as enabling two-factor authentication and using strong, unique passwords, to ensure your data is safe. Kurt's favorite cloud services can be seen here.

iCloud offers 5GB of free storage to all users, which is sufficient for basic services like iCloud Keychain, testing other features and storing some files. However, for users who need more storage, iCloud+ subscriptions are available. These plans include:

iCloud is tightly integrated with Apple devices, making it highly convenient for Apple users. Files stored on the desktop and in documents folders on Macs are automatically synced to iCloud Drive, which is especially useful for devices with limited storage space like the MacBook Air. iCloud Drive can also be accessed from Windows machines through a dedicated file folder and files can be managed via icloud.com.

iCloud provides robust automatic syncing and backup features. iCloud Backup automatically backs up important data on iPhones and iPads when connected to power and Wi-Fi, ensuring that your device's data is always up to date. This backup can be used to restore your device or set up a new one seamlessly.

iCloud uses 128-bit AES encryption to secure all files. Additionally, iCloud+ subscriptions include advanced privacy features such as iCloud Private Relay, which protects your browsing history and identity, Hide My Email, which generates random email addresses, and Custom Email Domains for personalized email addresses.

While iCloud is highly user-friendly for Apple users, it can be less reliable and glitchy for non-Apple users. Collaboration is limited to Apple users, but files can be shared and accessed across different Apple devices using the Files app on iOS and iPadOS, the Finder on Mac or File Explorer on Windows PCs.

BEST ANTIVIRUS FOR MAC, PC, IPHONES AND ANDROIDS - CYBERGUY PICKS

When storing your photos, videos and other important files, it's crucial to prioritize data security. Here are some essential steps to protect yourself and your valuable information.

1) Use strong passwords: Create unique, complex passwords for all your accounts and devices. Consider using a password manager to generate and store secure passwords.

2) Enable encryption: Encrypt your external hard drives and cloud storage accounts to add an extra layer of protection to your data.

3) Implement two-factor authentication (2FA): Enable 2FA on all accounts that offer this feature, especially for cloud storage services.

4) Install and maintain strong antivirus software: Use a strong antivirus program and keep it updated to protect against malware and other security threats. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

5) Regularly update your operating system and applications: Keep your devices and software up to date to ensure you have the latest security patches.

6) Be cautious with public Wi-Fi: Avoid accessing sensitive information when connected to public networks or use a VPN for added security. Using a VPN (virtual private network) service can enhance your privacy by encrypting your internet traffic, making it harder for hackers and third parties to intercept your data, especially on public Wi-Fi. A VPN masks your IP address, helping to obscure your location and online activity. While VPNs don’t directly prevent phishing emails, they reduce the exposure of your browsing habits to trackers that may use this data maliciously. With a VPN, you can securely access your email accounts from anywhere, even in areas with restrictive internet policies. For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices.

7) Back up your data regularly: Create multiple backups of your important files, including at least one offline copy.

8) Use secure file transfer methods: When sharing files, use encrypted transfer methods or password-protected links.

By following these steps, you can significantly enhance the security of your data and protect yourself from potential cyber threats.

SUBSCRIBE TO KURT’S YOUTUBE CHANNEL FOR QUICK VIDEO TIPS ON HOW TO WORK ALL OF YOUR TECH DEVICES

Managing storage on a laptop with limited space requires thoughtful planning, especially when dealing with large files like photos and videos. While 82GB may be sufficient for basic tasks, media files can quickly add up. By leveraging external hard drives or cloud storage services, you can keep your laptop running efficiently while ensuring that your important files are safely stored and accessible. Whether you opt for physical or cloud-based solutions, remember to prioritize data security using strong passwords and encryption where necessary. With the right strategy, you can make the most of your laptop's storage without sacrificing performance or losing precious memories.

Do you have a way of storing photos and videos that we didn't mention? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.

Robocalls can be a real headache, no matter what type of phone you use. If you’re like many people who prefer the simplicity of a flip phone, you might be wondering how to tackle this issue. 

Donna reached out to us with a simple but great question, asking, "Is there a way to eliminate robocalls from a flip phone?"

We've reported extensively on how to stop spam calls from coming to your smartphone, but what if you don't like using a smartphone and prefer a flip phone? While flip phones are generally harder to block spam calls from, it's not impossible, but it's not as easy as dealing with robocalls on your smartphone.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

Dealing with robocalls on a flip phone can be challenging, but you can take a few steps to minimize them. You'll have to make some phone calls, so it won't be as simple as blocking spam callers on a smartphone. But if you're willing to place a few phone calls and do some extra work, you can live happily without spam calls on your flip phone. Here are the steps you can take:

1. Avoid answering unknown numbers: If you don’t recognize the number, let it go to voicemail. Legitimate callers will leave a message.

2. Be cautious with your number: Be mindful of where you share your phone number to reduce the chances of it being added to robocall lists.

3. Register on the Do Not Call List: Register your phone number on the National Do Not Call Registry. This can help reduce the number of legitimate telemarketing calls you receive. You can register a phone number with the National Do Not Call Registry online at donotcall.gov or by calling 1-888-382-1222 from the phone you want to be registered with the Do Not Call Registry.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

AN ALARMING SPIKE IN SCAM CALLS COMING FROM ROBOCALLS

4. Contact your carrier: Many carriers offer call-blocking services. Contact your carrier (e.g., Verizon, AT&T, T-Mobile) and ask if they provide robocall-blocking features for flip phones. Many carriers do, but it depends on the brand of flip phone you have and which carrier you have.

5. Manual call blocking: If your flip phone has the option, you can manually block specific numbers. Check your phone’s user manual for instructions on how to do this. While this feature is common with all smartphones, many newer flip phones can also manually block callers, but, as we mentioned, you'll need to check your instruction manual.

END OF ANNOYING ROBOCALLS? FTC CRACKS DOWN ON DECEPTIVE PRACTICES

6. Report robocalls to the FTC: Report unwanted calls to the Federal Trade Commission (FTC). This helps authorities track and take action against robocalls. While this method doesn't block robocalls from calling your flip phone, it does help the FTC locate robocalls and prevent them from calling. It's a good way to help the FTC fight back against robo-spam callers. Here's what you need to do to report a robocall to the FTC:

7. Consider using a data removal service: Regrettably, there is a high probability that your phone number is readily available on many lists sold by data brokers to hundreds of people search websites.  However, removing it from the web can reduce the likelihood of spammers and telemarketers obtaining your number and contacting you.

While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here. 

Robocalls can be a real nuisance, especially for flip phone users. To tackle this issue, consider registering your number on the National Do Not Call List and avoid answering unknown numbers. Additionally, check with your carrier for any call-blocking services it may offer. With a few proactive steps, you can significantly reduce those pesky interruptions.

What do you find most frustrating about robocalls, and how do you typically handle them? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter 

Ask Kurt a question or let us know what stories you'd like us to cover

Follow Kurt on his social channels

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com.  All rights reserved.

The job market hasn’t been great in the last few years, especially in tech, leaving a lot of people actively looking for jobs. 

Scammers are taking advantage of this. They have come up with a new trick where they pretend to be recruiters to spread crypto miners on people’s devices. 

It starts with an email inviting the person to schedule an interview for a job. But when they click the link, it installs a malicious app that secretly mines cryptocurrency. This app hijacks your PC’s resources, like the CPU and GPU, which slows down its performance significantly.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

This malicious campaign begins with an email that tricks victims into thinking it is part of a recruitment process, as reported by Dark Reading. In most cases, these emails are pretending to be from recruiters at the cybersecurity company CrowdStrike.

The fraudulent email contains a link claiming to take the recipient to a site where they can schedule an interview. However, in reality, it redirects the victim to a malicious website that offers a download for a supposed "CRM application."

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

The site provides download options for both Windows and macOS. Regardless of which option the victim selects, the download will be a Windows executable written in Rust. This executable then downloads the XMRig cryptominer.

The executable performs several environmental checks to analyze the device and avoid detection. It scans running processes, checks the CPU and more. If the device passes these checks, the executable will display a fake error message while secretly downloading additional payloads needed to run the XMRig miner.

HERE’S WHAT RUTHLESS HACKERS STOLE FROM 110 MILLION AT&T CUSTOMERS

A cryptomining app can significantly impact your PC’s performance. Once installed, it hijacks your computer's resources, including the CPU and GPU, to secretly mine cryptocurrency. This process requires a lot of computational power, which can cause your system to slow down drastically. You might notice your computer becoming unresponsive, running hotter than usual, or consuming more power. 

In some cases, prolonged use of cryptominers can also lead to hardware damage due to the increased strain on your components. Additionally, these miners often run in the background without your knowledge, making it harder to detect the issue until the damage is already done.

CrowdStrike is aware of the scam and advises individuals to stay vigilant. "This campaign highlights the importance of vigilance against phishing scams, particularly those targeting job seekers. Individuals in the recruitment process should verify the authenticity of CrowdStrike communications and avoid downloading unsolicited files," the company said in a blog post. 

"Organizations can reduce the risk of such attacks by educating employees on phishing tactics, monitoring for suspicious network traffic and employing endpoint protection solutions to detect and block malicious activity."

GET FOX BUSINESS ON THE GO BY CLICKING HERE

BEWARE OF ENCRYPTED PDFS AS THE LATEST TRICK TO DELIVER MALWARE TO YOU

1. Check if you applied for the job: If you receive an unsolicited interview invitation, think back to whether you actually applied for that job or company. Scammers often target jobseekers randomly, hoping someone takes the bait. If you didn't apply, it's likely a scam. Always confirm directly with the company before proceeding.

2. Verify recruiter credentials: Always double-check the recruiter’s details before responding to an email or clicking any links. Verify their email address, LinkedIn profile and company association. Legitimate companies will use official email domains, not free services like Gmail or Yahoo.

3. Avoid downloading unsolicited files: Be cautious of emails asking you to download any files or applications. Legitimate recruitment processes rarely require you to install software. If unsure, contact the company directly to confirm the request.

4. Inspect links before clicking: Hover over any links in the email to see their actual URL. Scammers often use URLs that mimic legitimate sites but have subtle differences. If a link looks suspicious, avoid clicking on it.

5. Use strong antivirus software: Use strong antivirus or endpoint protection software to detect and block malicious downloads. Regularly update your security tools to ensure they can handle new threats effectively.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

WHAT TO DO IF YOUR BANK ACCOUNT IS HACKED

Cybercriminals always manage to come up with new ways to exploit people. While this particular scam is more focused on using your computer’s resources than stealing data, it is still very dangerous. It shows that if a hacker can easily install software on your PC, they can also go ahead and steal your financial information and other personal data. Always verify the emails you receive, and try not to download anything you don’t trust.

Have you ever received a suspicious email that looked like a job offer? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

Let's talk about something that's been popping up in inboxes lately — those sneaky "Your Apple ID has been disabled" emails. 

Like many people who've reached out to us, you might have gotten one that looks pretty legit, saying something like, "Your Apple ID has been temporarily disabled. Verify your Apple ID Information." 

Spoiler alert: It's most likely a scam, and we're going to break down why.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

So, here's how these tricksters operate. You get an email that looks totally legit with an Apple logo and creates a sense of urgency, claiming your Apple ID is in trouble. They'll say something like, "If you do not verify your account within 48 hours, it will be permanently locked." Yikes, right? That's exactly what they want you to think. So, you'll "Click the button below to verify as soon as possible." They want you to click where it says, "Go to Apple ID."

Once you do that, you're directed to a fake Apple website designed to look almost identical to the real one. This fraudulent site prompts you to enter your username, password and other sensitive information, which the scammers can then use to access your Apple account and potentially steal your personal data or make unauthorized purchases.

NEW CYBERATTACK TARGETS IPHONE AND APPLE IDS: HERE’S HOW TO STAY SAFE

Urgent language: They're trying to scare you into acting without thinking. Classic scammer move.

Vague claims: "Missing or invalid information"? That's purposely unclear to make you doubt yourself.

Threats of lockout: Nothing like a good threat to get your heart racing, huh?

Terms of service talk: They throw this in to sound official, but it's just smoke and mirrors.

Grammar goofs: Real Apple emails are polished. Scammers? Not so much.

Fishy sender address: Always check if it's actually from @apple.com (spoiler: it's probably not). Any legitimate email from Apple will come from a domain ending in "@email.apple.com. As you can see from the scam email below, it's from a fake email: mfrasier@wavecable.com, not Apple.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

HOW TO SECURELY LOCK YOUR IPHONE AND IPAD FROM PRYING EYES

You might wonder, "Why are these scammers so obsessed with Apple IDs?" Well, there are a few reasons:

 5 THINGS TO DO FIRST IF YOU GOT A NEW MAC

To keep scammers at bay and secure your Apple ID, follow these comprehensive steps:

1. Enable Two-Factor Authentication (2FA): This crucial security feature adds an extra layer of protection to your Apple ID. Set it up by going to Settings > [your name] > Sign-In & Security on your iPhone or iPad, or Apple menu> System Settings > [your name] > Sign-In & Security on your Mac.

2. Use strong passcodes: Opt for alphanumeric passcodes instead of simple PINs. When in public, use biometrics (Face ID or Touch ID) and be cautious when entering your passcode.

3. Enable Stolen Device Protection: If you're using iOS 17.3 or later, turn on this feature for additional security against theft.

4. Keep software updated: Regularly update your operating system and apps to ensure you have the latest security patches.

5. Don’t click on suspicious links, use strong antivirus software: If the email asks you to click a link, don’t do it right away. Hover over the link to see the actual URL. If it doesn’t look like an official Apple website (or any site you trust), don’t click it.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

6. Use a password manager: Generate and store strong, unique passwords for all your accounts by using a password manager.

7. Enable Find My: Turn on Find My iPhone to help locate your device if it's lost or stolen.

8. Use a personal data removal service: Consider using a service that finds and removes your personal information from data broker sites. These services can help reduce your digital footprint, making it harder for scammers to obtain your data to target you in the first place. Look for a service that offers automated removals from hundreds of data aggregators and provides detailed verification of removals.

While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here. 

9. Don’t click on suspicious links: If the email asks you to click a link, don’t do it right away. Hover over the link to see the actual URL. If it doesn’t look like an official Apple website (or any site you trust), don’t click it.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

TOP PHONE CHARGING CABLES THAT WILL SUPERCHARGE YOUR APPLE DEVICES

Apple will never email you asking for your password or threaten to lock your account. If there's a real issue, you'll usually get a notification on your trusted device or be asked to sign in to your Apple ID account page directly. Remember, Apple will never ask for your password via email, phone or text message. Always access your account through official Apple websites or apps.

These scammers are getting craftier, but with a bit of know-how and caution, you can keep your Apple ID (and all the good stuff connected to it) safe and sound. Remember, if something feels fishy, trust your gut. When in doubt, go straight to Apple's official website or give their support team a call. Keep your digital life secure, and don't let those scammers take a bite out of your Apple.

Have you ever fallen victim to a digital scam, and what steps did you take to protect yourself afterward? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

If you suspect your PC has a virus, it's important to act quickly to remove it and protect your data. 

Keep reading to discover the key warning signs and the steps you can take to address the issue.

There are several red flags that could signal your computer may have a virus. One of the most common is if your computer starts running unusually slow. 

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

Another warning sign is the appearance of unfamiliar apps or programs that you don’t remember installing. Additionally, if your usual programs start crashing frequently or behaving oddly, it’s a cause for concern. 

Finally, an overheating computer is a good reason to start investigating further.

WINDOW USERS ARE BEING TRICKED BY SNEAKY MALWARE SCHEME

Realizing you have a virus can be scary, but there’s no need to panic. Here’s what to do next.

1. Disconnect from the internet:

2. Enter safe mode:

3. Run a virus scan:

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

4. Delete or quarantine infected files:

5. Clear temporary files:

6. Reset browser settings:

7. Check Startup Programs

8. Update your software:

9. Backup your data:

HOW TO REMOVE MALWARE ON A PC

Here’s how to be proactive about protecting your PC from viruses down the road. 

Use safe browsing practices: Avoid clicking on suspicious links or downloading files from untrusted sources.

Enable firewall: Make sure your firewall is enabled to block unauthorized access to your computer.

Download apps and software from trusted sites only: Check the number of downloads, as more suggests greater reliability. 

Use a secure VPN connection: Mask your IP address with a trusted VPN (virtual private network) service to secure your online activity. Many sites can read your IP address and, depending on their privacy settings, may display the city from which you are corresponding. A VPN will disguise your IP address to show an alternate location. For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

SUBSCRIBE TO KURT’S YOUTUBE CHANNEL FOR QUICK VIDEO TIPS ON HOW TO WORK ALL OF YOUR TECH DEVICES

By following these steps, you can effectively remove a virus from your PC and protect your data. Staying vigilant and practicing good cybersecurity habits will help safeguard your system from future threats.

What other PC issues would you like help with? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

Apple’s Macs are generally considered more secure than Windows PCs, but they are not immune to hackers. Numerous incidents demonstrate that Macs are not impenetrable, and a new one has recently been added to the list. Security researchers have discovered a new variant of stealer malware that targets browser credentials, cryptocurrency wallets and other personal data. I reported on this malware in 2024 as well. Previously, it relied on macOS browser extensions to steal data. Now, it uses phishing websites and fake GitHub repositories to target Macs, which have a user base of 100 million people.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

Enter the giveaway by signing up for my free newsletter.

Cybersecurity company Check Point has discovered a new variant of info-stealer malware, BanShee. Elastic Security Labs first highlighted this malware in mid-2024, noting that it operates as malware-as-a-service, a business model in which cybercriminals provide access to malicious software and related infrastructure for a fee. At that time, it was available for as much as $3,000 per month.

Check Point says this malware evolved in September after being exposed. This time, its developers had "stolen" a string encryption algorithm from Apple’s own XProtect antivirus engine, which replaced the plain text strings used in the original version. Since antivirus programs expect to see this kind of encryption from Apple’s legitimate security tools, they weren’t flagged as suspicious, allowing the BanShee to remain undetected and quietly steal data from targeted devices.

4.3 MILLION AMERICANS EXPOSED IN MASSIVE HEALTH SAVINGS ACCOUNT DATA BREACH

BanShee Stealer is a prime example of how advanced malware has become. Once it’s on a system, it gets straight to work stealing all kinds of sensitive information. It goes after data from browsers like Chrome, Brave, Edge and Vivaldi, as well as cryptocurrency wallet extensions. It even takes advantage of two-factor authentication (2FA) extensions to grab credentials. On top of that, it collects details about the device’s software and hardware, as well as the external IP address.

The Mac malware also tricks users with fake pop-ups that look like real system prompts, tricking victims into entering their macOS passwords. Once it has gathered the stolen information, BanShee exfiltrates it to command-and-control servers, using encrypted and encoded files to ensure the data remains secure.

The malware’s creators used GitHub repositories to spread BanShee. They set up fake repositories that looked like they hosted popular software, complete with stars and reviews, to seem trustworthy. These campaigns didn’t just target macOS users with BanShee. They also hit Windows users with a different malware called Lumma Stealer. Over three waves, the attackers used these fake repositories to trick people into downloading their malicious files.

MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC

Follow these essential tips to safeguard your Mac from the latest malware threats, including the notorious BanShee Stealer.

1) Have strong antivirus software: The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

2) Be cautious with downloads and links: Only download software from reputable sources such as the Mac App Store or official websites of trusted developers. Be wary of unsolicited emails or messages prompting you to download or install updates, especially if they contain links. Phishing attempts often disguise themselves as legitimate update notifications or urgent messages.

3) Keep your software updated: Ensure that both macOS and all installed applications are up to date. Apple frequently releases security patches and updates that address vulnerabilities. Enable automatic updates for macOS and your apps to stay protected without having to manually check for updates. If you need more help, see my guide on keeping all your devices updated.

4) Use strong and unique passwords: To protect your Mac from malware, it’s also crucial to use strong, unique passwords for all your accounts and devices. Avoid reusing passwords across different sites or services. A password manager can be incredibly helpful here; it generates and stores complex passwords for you, making them difficult for hackers to crack.

It also keeps track of all your passwords in one place and automatically fills them in when you log into accounts, so you don’t have to remember them yourself. By reducing the number of passwords you need to recall, you’re less likely to reuse them, which lowers the risk of security breaches. Get more details about my best expert-reviewed password managers of 2025 here.

5) Use two-factor authentication (2FA): Enable 2FA for your important accounts, including your Apple ID, email and any financial services. This adds an extra step to the login process, making it harder for attackers to gain access even if they have your password.

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET

No device is immune to cyberattacks when a human operator is involved. Take the BanShee Stealer, for example. It managed to target Macs not due to weak cybersecurity measures by Apple but because it successfully tricked users into installing it and granting the required permissions. Most breaches, hacks and other cyberattacks stem from human error. This highlights the importance of maintaining basic cybersecurity hygiene. It's crucial to know what you’re downloading, ensure it’s from a trusted source and carefully review the permissions you grant to any online service or application.

When downloading new software, how do you determine if it’s safe to install? Do you rely on app store ratings, reviews or something else? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.

When we talk about data privacy, tech giants like Google and Facebook are often blamed for using personal data to show ads and recommendations. Less discussed are the businesses whose entire business model revolves around collecting your data and selling it to other companies and governments. These companies often operate in legal gray areas, with the consent required to collect user data buried deep in the fine print.

What’s even more concerning is that these data brokers fail to adequately protect the data they collect. Last year, National Public Data made headlines for failing to secure 2.7 billion records of individuals whose data it had harvested. Now, hackers have reportedly stolen data from Gravy Analytics, the parent company of Venntel, which has sold vast amounts of smartphone location data to the U.S. government.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

Enter the giveaway by signing up for my free newsletter.

Hackers claim to have breached Gravy Analytics, a major location data broker and parent company of Venntel, a firm known for selling smartphone location data to U.S. government agencies. The compromise is massive, including sensitive location data that tracks precise smartphone movements, customer information and even internal infrastructure, according to a 404 Media report.

The hackers are threatening to make the stolen data public. The files contain precise latitude and longitude coordinates of the phone and the time at which the phone was there. Some even indicate what country the data has been collected from.

Hackers have claimed access to Gravy's systems since 2018. If true, this represents a serious security lapse on the company’s part. It is baffling how companies that collect and sell user data (a practice that arguably shouldn’t be allowed in the first place) failed to protect it from being leaked.

404 Media also suggests that the hackers gained deep access to the company’s infrastructure, including Amazon S3 buckets and server root access. The exposed customer list reportedly includes major companies like Uber, Apple and Equifax as well as government contractors like Babel Street.

HERE’S WHAT RUTHLESS HACKERS STOLE FROM 110 MILLION AT&T CUSTOMERS

This data breach highlights the serious security flaws in the location data industry. Companies like Gravy Analytics and Venntel have been profiting from collecting and selling sensitive location data, often without proper user consent. They've prioritized profit over security, and now the privacy of millions is at risk. This data could end up on black markets, endangering individuals, especially those in vulnerable situations, by making them targets for harassment or worse.

The FTC's recent crackdown on Gravy, announced in December, underscores their negligence. The proposed order will prohibit these companies from selling or using location data, except in specific cases like national security or law enforcement. The implications are worrying. Sensitive locations like schools and workplaces could become easy targets for those with malicious intent.

BEWARE OF ENCRYPTED PDFs AS THE LATEST TRICK TO DELIVER MALWARE TO YOU

The Gravy Analytics breach serves as a sobering reminder of the vulnerabilities in the digital age. While it’s impossible to control how every company handles data, you can take steps to minimize your exposure and protect your privacy. Here are five actionable tips to stay safe.

1) Limit app permissions: Many apps request access to location data, contacts and more, even when it's not necessary for their functionality. Regularly review the permissions for apps on your smartphone and revoke access to anything that feels excessive. For instance, a weather app doesn’t need access to your microphone or camera.

2) Use a VPN: Virtual private networks (VPNs) can mask your IP address and encrypt your internet activity, making it harder for data brokers and hackers to track your online behavior. A good VPN adds an extra layer of security, especially when using public Wi-Fi networks. For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices.

3) Opt out of data sharing where possible: Some companies allow you to opt out of having your data collected or shared. Services like Your Ad Choices and privacy settings within platforms like Google can help you reduce the amount of data collected. Check for opt-out options with any apps or services you use frequently.

4) Avoid free apps that monetize data: Free apps often generate revenue by selling user data. Instead, consider paid versions of apps that explicitly prioritize privacy. Research the company behind the app to understand its data handling policies before downloading.

5) Invest in data removal services: Data removal services can help you regain some control over your personal information by identifying and removing it from people-search websites, data broker platforms and other online databases. Check out my top picks for data removal services here.

WHAT TO DO IF YOUR BANK ACCOUNT IS HACKED

Companies that collect and sell user data pose a significant threat to privacy, and when they fail to protect this data, it often ends up in the hands of even worse actors. Cybercriminals, and even some governments, can exploit this information to target individuals. It is crucial to implement stringent repercussions for these companies when they fail in their duty to safeguard user data. A mere slap on the wrist is not enough. We need real accountability to deter negligence and protect individual privacy rights.

Should companies face stronger penalties for failing to protect personal data? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.

Apple announces new iPhones every year, and I often wonder if that's truly necessary. A launch every two years seems more reasonable, especially since the new iPhones are often only marginally better than the ones released the year before. This has been the case since the iPhone 12. 

However, in 2024, Apple introduced a range of interesting features with the iPhone 16. While these features don’t necessarily justify an upgrade if you already own the iPhone 15 or even the iPhone 14, they make the iPhone 16 a worthy purchase if you’re using an older model or an Android phone.

If you've already made the purchase, or if you've bought another iPhone, here are the first things you should do and try when you fire up your new phone. (First things to do if you got a new Android)

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

Enter the giveaway by signing up for my free newsletter.

First things first, let's update your software to iOS 18.2 or later:

HOW TO PROTECT YOUR IPHONE, IPAD FROM MALWARE

To add a passcode or biometric authentication to your new iPhone after updating to iOS 18.2 or later, follow these steps:

For Face ID:

IS IT TIME FOR ME TO UPGRADE TO NEW IPHONE?

Create or sign in to Apple ID:

Enable iCloud:

MUST TURN-OFF PRIVACY SETTINGS ON YOUR IPHONE

Customize Display:

Customize sound preferences:

Manage Privacy Settings:

By default in iOS 18, you get flashlight and camera shortcuts on the lock screen, but now you can finally customize them. 

Here's how to enable Family Sharing on your iPhone:

There are millions of apps available, such as Apple Maps, Google Maps and even apps to plan a party in the App Store. To download useful apps on your new iPhone, follow these straightforward steps:

Having a strong spam filter on your iPhone is beneficial to protect yourself from unwanted text messages and scams. But beware that this may also filter out some legitimate messages from people who are not in your contacts list.

On all iPhone 16 models, you can use Camera Control with visual intelligence to quickly learn more about the stuff around you. Just press and hold the Camera Control, which is a new button on the right side of the device, and you can do things like look up info about a restaurant or business, translate text, get a summary, have it read out loud and more.

You can even use it to find details about a business, like its hours, services and contact info. Depending on the place, you might also be able to check reviews, make a reservation or order for delivery.

To use this feature, point your iPhone camera at the business in front of you, then press and hold the Camera Control. Next, either tap the Camera Control again or select the business name at the top of the screen. Depending on the business, you can:

HOW TO SCHEDULE FREE SESSION WITH APPLE SUPPORT

Apple made several changes to the iPhones with its iOS 18 update, including updates to the Journal app. You don’t need the latest iPhone 16 to try the app’s mindfulness option for journal entries; any iPhone with iOS 18 will do. When you open the Journal app, tap the icon that looks like a tiny tree, and you’ll be able to log your mood for each day and see how it changes over time.

The Action Button is part of the iOS 17 operating system for the iPhone 15 series and continues into iOS 18 for the iPhone 16 series. This customizable side button lets you choose a specific function to perform when pressed, such as turning on silent mode, focus, camera, flashlight, voice memo, recognize music, translate, magnifier, controls, shortcut and accessibility, depending on your settings. Essentially, it acts as a quick access key for a chosen action. Here are the steps to customize the Action button on supported iPhone models:

I always stress the importance of using a password manager to store your passwords. Let’s be honest, we all have a ton of apps and services that require an account and password. If you use the same password everywhere, you risk having your important info stolen by cybercriminals. But it’s also impossible to come up with a unique password for every app and remember them all. 

Password managers make life easier by storing your passwords and filling them in when you log into apps. But they usually charge a monthly or yearly fee. That’s where Apple’s Passwords app comes in. It works just like a password manager but without the extra cost. Open the app from the App Library, and it’ll keep your login details encrypted and synced across all your devices.

While Apple's new Passwords app in iOS 18 offers a convenient and cost-free solution for password management, it's important to consider its limitations. These include its exclusivity to the Apple ecosystem, lack of compatibility with Android or Linux devices and limited functionality outside of Safari and Apple apps. For those seeking a more comprehensive password management solution that works across various browsers and apps, check out my best expert-reviewed password managers of 2025 here.

Apple introduced Apple Intelligence for iPhone 15 Pro and newer models running iOS 18.2, bringing a range of AI tools and ChatGPT support. ChatGPT is now built into various parts of iOS, and if you have an iPhone 15 Pro or above, you can take full advantage of this integration.

You can use Apple's enhanced Writing Tools to access ChatGPT directly in apps like Notes, Mail and any other text input field. Whether you need help spicing up your notes or generating complex programming scripts, ChatGPT is up for the task. Here's how to get started; you’ll need to enable ChatGPT integration. 

Antivirus software can help protect your new iPhone from malware, phishing and other threats. The best way to protect yourself from having your data breached is to install antivirus protection on all your devices. Having strong antivirus software on your devices will alert you of any known malware that is targeting you, warn you against clicking on any known malicious links in phishing emails and ultimately help protect you from being hacked. Get my picks for the best 2025 antivirus protection winners for your iPhone, Mac, Windows and Android devices.

Making data backups a regular part of your iPhone maintenance is crucial. This way, you can protect yourself against uncertainties. Whether it's a hardware malfunction or a security breach, having a recent backup will let you recover quickly.

SUBSCRIBE TO KURT’S YOUTUBE CHANNEL FOR QUICK VIDEO TIPS ON HOW TO WORK ALL OF YOUR TECH DEVICES

When you get your new iPhone, there are several essential steps to take to ensure you're getting the most out of your device. Start by updating to iOS 18.2 or later to access the latest features. Next, security measures like a passcode or biometric authentication should be set up for added protection. Personalize your settings by customizing your display and sound preferences, and don’t forget to enable Family Sharing if you want to connect with loved ones. Also, explore the App Store to download useful apps. Additionally, make sure to give the Action Button a test run for quick access to your favorite functions. With these tips, you'll be well on your way to maximizing your new iPhone's capabilities.

How do you feel about the annual iPhone releases? Do you think they provide enough value each year? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.