memoment editorial

NEWYou can now listen to Fox News articles!
Phishing scams target every kind of institution, whether it’s a hospital, a big tech firm or even a fast-food chain. Educational institutions aren’t an exception, especially in 2025, when attackers are actively directing their efforts toward them. Universities across the U.S. are facing a new type of cybercrime where attackers are targeting staff to hijack salary payments. Researchers have discovered that since March 2025, a hacking group known as Storm-2657 has been running “pirate payroll” attacks, using phishing tactics to gain access to payroll accounts. Let’s talk more about this attack and how you can stay safe.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM. newsletter.SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKSHow does the university payroll scam workAccording to Microsoft Threat Intelligence, Storm-2657 primarily targets Workday, a widely used human resources platform, though other payroll and HR software could be at risk as well. The attackers begin with highly convincing phishing emails, carefully crafted to appeal to individual staff members. Some messages warn of a sudden campus illness outbreak, creating a sense of urgency, while others claim that a faculty member is under investigation, prompting recipients to check documents immediately. In some cases, emails impersonate the university president or HR department, sharing “important” updates about compensation and benefits. Phishing scams are evolving fast and now universities have become prime targets for payroll theft. (Kurt “CyberGuy” Knutsson)These emails contain links designed to capture login credentials and multi-factor authentication (MFA) codes in real time using adversary-in-the-middle techniques. Once a staff member enters their information, the attackers can access the account as if they were the legitimate user. After gaining control, the hackers set up inbox rules to delete Workday notifications, so the victims do not see alerts about changes. This stealthy approach allows the attackers to modify payroll profiles, adjust salary payment settings and redirect funds to accounts they control, all without raising immediate suspicion.COLUMBIA UNIVERSITY DATA BREACH HITS 870,000 PEOPLEHackers are exploiting universities at scaleThe hackers don’t stop at a single account. Once they control one mailbox, they use it to spread the attack further. Microsoft reports that from just 11 compromised accounts at three universities, Storm-2657 sent phishing emails to nearly 6,000 email addresses at 25 institutions. By using trusted internal accounts, their emails appear more legitimate, increasing the likelihood that recipients will fall for the scam.To maintain access over time, the attackers sometimes enroll their own phone numbers as MFA devices, either through Workday profiles or through Duo MFA. This gives them persistent access, allowing them to approve further malicious actions without needing to phish again. Combined with inbox rules that hide notifications, this strategy lets them operate undetected for longer periods.Microsoft emphasizes that these attacks don’t exploit a flaw in Workday itself. Instead, they rely on social engineering, the absence of strong phishing-resistant MFA and careful manipulation of internal systems. In essence, the threat comes from human behavior and insufficient protection, not software bugs. Hackers lure staff with convincing emails that mimic campus alerts or HR updates and steal login details in real time.  (Microsoft)6 ways to stay safe from payroll and phishing scamsProtecting yourself from payroll and phishing scams isn’t complicated. By taking a few careful steps, you can make it much harder for attackers to gain access to your accounts or personal information.1) Limit what personal information is onlineThe more information scammers can find about you, the easier it is to craft convincing phishing messages. Services that remove or monitor personal data online can reduce exposure, making it harder for attackers to trick you with targeted emails.While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.Get a free scan to find out if your personal information is already out on the web: Cyberguy.com2) Think before you clickScammers often send emails that look like they come from your HR department or university leadership, warning about payroll, benefits or urgent issues. Don’t click links or download attachments unless you are 100% sure they are legitimate. Even small mistakes can give attackers access to your accounts.The best way to safeguard yourself from malicious links is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com. Researchers have discovered that since March 2025, a hacking group known as Storm-2657 has been running “pirate payroll” attacks, using phishing tactics to gain access to payroll accounts. (Javi Sanz/Getty Images)3) Verify directly with the sourceIf an email mentions salary changes or requires action, call or email the HR office or the person directly using contact information you already know. Phishing emails are designed to create panic and rush decisions, so taking a moment to verify can stop attackers in their tracks.4) Use strong, unique passwordsNever reuse passwords across multiple accounts. Scammers often try to use credentials stolen from other breaches. A password manager can help you generate strong passwords and store them securely, so you don’t have to remember dozens of different combinations.Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.5) Enable two-factor authentication (2FA)Add an extra layer of security by enabling 2FA on all accounts that support it. This means even if someone steals your password, they still can’t log in without a second verification step, such as a code sent to your phone.6) Regularly check financial and payroll accountsEven if you follow all precautions, it’s smart to monitor your accounts for any unusual activity. Catching unauthorized transactions quickly can prevent bigger losses and alert you to potential scams before they escalate.CLICK HERE TO DOWNLOAD THE FOX NEWS APP Hackers will reroute payments after gaining access to users’ login information. (Kurt “CyberGuy” Knutsson)Kurt’s key takeawayThe Storm-2657 attacks show that cybercriminals are targeting trust, not software. Universities are appealing because payroll systems handle money directly, and staff can be manipulated through well-crafted phishing. The scale and sophistication of these attacks highlight how vulnerable even well-established institutions can be to financially motivated threat actors.How often do you check your payroll or bank accounts for unusual activity? Let us know by writing to us at Cyberguy.com.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM. newsletter.   Copyright 2025 CyberGuy.com.  All rights reserved.

NEWYou can now listen to Fox News articles!
Astronomers have reportedly discovered a skyscraper-sized asteroid moving through our solar system at a near record-breaking pace.The asteroid, named 2025 SC79, circles the sun once every 128 days, making it the second-fastest known asteroid orbiting in the solar system.It was first observed by Carnegie Science astronomer Scott S. Sheppard Sept. 27, according to a statement from Carnegie Science.UFO MANIA GRIPS SMALL TOWN AFTER MYSTERIOUS GLOWING OBJECT SIGHTING GOES VIRAL A skyscraper-size asteroid, named 2025 SC79, was discovered in September, hidden in the sun’s glare. (Carnegie Science)The asteroid is the second known object with an orbit inside Venus, the statement said. It crosses Mercury’s orbit during its 128-day trip around the sun.”Many of the solar system’s asteroids inhabit one of two belts of space rocks, but perturbations can send objects careening into closer orbits where they can be more challenging to spot,” Sheppard said. “Understanding how they arrived at these locations can help us protect our planet and also help us learn more about solar system history.”The celestial body is now traveling behind the sun and will be invisible to telescopes for several months.HARVARD PHYSICIST SAYS MYSTERIOUS INTERSTELLAR OBJECT COULD BE NUCLEAR-POWERED SPACESHIPSheppard’s search for so-called “twilight” asteroids helps identify objects that could pose a risk of crashing into Earth, the statement said.The work, which is partially funded by NASA, uses the Dark Energy Camera on the National Science Foundation’s Blanco 4-meter telescope to look for “planet killer” asteroids in the glare of the sun that could pose a danger to Earth.The NSF’s Gemini telescope and Carnegie Science’s Magellan telescopes were used to confirm the sighting of 2025 SC79, Carnegie Science said. The fastest known asteroid was also discovered by Sheppard, who studies solar system objects including moons, dwarf planets and asteroids. and his colleagues in 2021.CLICK HERE TO GET THE FOX NEWS APPThat one takes 133 days to orbit the sun.

NEWYou can now listen to Fox News articles!
More than 1 million patients have been affected by a data breach involving SimonMed Imaging, one of the country’s largest outpatient radiology and medical imaging providers. The breach came to light after a cyberattack compromised sensitive patient data, with reports indicating that ransomware operators may have been behind the incident. What makes this case particularly concerning is the scale of the attack and the type of information stolen, which could easily be misused for financial or identity fraud.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.What happened at SimonMed ImagingIn January 2025, SimonMed Imaging was alerted by one of its vendors about a potential security incident. The following day, the company noticed suspicious activity on its own network. The company says in response, it reset passwords, enforced two-factor authentication and tightened endpoint security while cutting off third-party vendor access.Unfortunately, the attackers had already gained access. Between Jan. 21 and Feb. 5, 2025, cybercriminals exfiltrated sensitive data belonging to around 1.2 million individuals. The Medusa ransomware group later claimed responsibility, alleging they had stolen more than 200 GB of data, including patient IDs, financial records and medical scans.DISCORD CONFIRMS VENDOR BREACH EXPOSED USER IDS IN RANSOM PLOT SimonMed Imaging discovered suspicious network activity in January 2025, prompting an immediate security response and system lockdown. (Kurt “CyberGuy” Knutsson)The attackers reportedly demanded 1 million dollars to delete the stolen files, or 10,000 dollars per day to delay publishing. SimonMed was later removed from the Medusa leak site, which could suggest a ransom payment, although the company has not confirmed this. In the aftermath, SimonMed brought in cybersecurity experts to investigate and has offered complimentary credit monitoring services to affected individuals.COLUMBIA UNIVERSITY DATA BREACH HITS 870,000 PEOPLE Hackers linked to the Medusa ransomware group stole data from 1.2 million patients, including IDs, financial details and medical scans. (Kurt “CyberGuy” Knutsson)What data got exposed in the SimonMed breachWhile SimonMed’s official filing described the exposed data as names and other data elements, the ransomware group’s claims suggest a much broader leak. According to the attackers, the stolen dataset included identity documents, payment details, medical reports, account balances and raw imaging scans (via BleepingComputer).Such information is extremely valuable on dark web marketplaces. Identity details and medical records are often sold in bulk to fraud operators who use them to commit financial scams, insurance fraud, or obtain prescription drugs. Medical breaches are harder to recover from because you cannot reset or replace a medical history or a government ID scan the same way you can change a password.We reached out to SimonMed for comment, but did not hear back before our deadline.DELIVERY GIANT’S DATA BREACH EXPOSES 40,000 PERSONAL RECORDS After the breach, SimonMed hired cybersecurity experts, tightened defenses and offered free credit monitoring to affected individuals.  (Kurt “CyberGuy” Knutsson)7 steps you can take to stay protectedEven though the company is offering free credit monitoring, leaked data often circulates long after an incident is closed publicly. That is why it is important to take additional precautions on your end to reduce the long-term impact of this breach and future-proof your personal security.1) Use a data removal servicePeople-search sites collect personal records and make them publicly accessible. Data removal services handle outreach and removals on your behalf, which reduces your exposed footprint online. With less information easily available, it becomes harder for attackers to assemble a complete identity profile for scams.While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.NEARLY A MILLION PATIENTS HIT BY DAVITA DIALYSIS RANSOMWARE ATTACK2) Change your passwords and use a password managerIf you have ever interacted with SimonMed or any related platform, change your passwords immediately. Avoid reusing old passwords across different accounts. A password manager helps generate strong credentials and stores them securely so you do not have to remember them manually. This reduces the risk of one breach affecting multiple accounts.Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.3) Turn on two-factor authentication everywhereEnabling 2FA adds an important layer of verification to your accounts. Even if someone gets hold of your password, they will not be able to log in without the code delivered to your phone or app. It is one of the simplest and most effective security upgrades you can make.4) Install a strong antivirusModern malware includes remote access tools and silent monitoring modules that can stay hidden before launching an attack. Strong antivirus software can detect unusual behavior, protect against ransomware and alert you in real time if something attempts to access your data without permission. This is no longer just about traditional virus protection but active threat monitoring.The best way to safeguard yourself from malicious links that install malware and potentially access your private information is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.5) Monitor your financial and medical statementsRegularly review your bank statements, insurance records and medical billing activity. Cybercriminals often test stolen information with small, easily overlooked transactions before moving to larger fraud attempts. Catching and reporting these early can prevent a much bigger loss.6) Consider an identity theft protection planBecause breaches involving medical providers often expose sensitive identifiers, an identity protection service can be useful. These services scan dark web listings, alert you when your information appears in leaked databases and assist with recovery if fraud occurs. Some plans include legal support and help with credit restoration.Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.7) Stay informed and cautiousAfter a major breach, attackers often launch phishing campaigns that reference the affected company to appear legitimate. Be skeptical of emails or texts mentioning SimonMed or credit monitoring, especially if they request payment or personal verification. Staying aware of current scams and keeping your software updated adds a strong layer of defense.CLICK HERE TO GET THE FOX NEWS APPKurt’s key takeawayThe SimonMed Imaging breach is another reminder that cyberattacks on healthcare providers are becoming more frequent and far more invasive. Once data is taken, it can circulate indefinitely across criminal networks. Taking protective steps early, including monitoring your identity and reducing your exposed data online, can help you stay ahead of potential misuse.Do you think healthcare providers are doing enough to protect your personal and medical data? Let us know by writing to us at Cyberguy.comSign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.Copyright 2025 CyberGuy.com.  All rights reserved.  

NEWYou can now listen to Fox News articles!
Spotify is rolling out a major update for parents who want more control over what their children listen to. Managed accounts, first tested in select countries, are now expanding to the United States, the United Kingdom, Canada, Australia, Germany, France and the Netherlands. These accounts create a safer and more personalized way for young listeners to enjoy music while parents stay in control of what plays.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.TEENS FACE NEW PG-13 LIMITS ON INSTAGRAMA safer way for kids to explore musicSpotify’s new managed accounts are built for kids under 13. They offer a music-only experience inside the main Spotify app. Parents can use their Family Plan settings to filter explicit lyrics, block certain artists or songs and hide videos or looping visuals called Canvas. Unlike the limited Spotify Kids app, these accounts exist within the regular Spotify platform. Kids get a familiar interface with features like Discover Weekly and Daylist, but with restrictions that fit their age. Parents can now guide what their kids listen to while enjoying music together on Spotify. (Spotify)How managed accounts workPremium Family subscribers can set up a managed account directly from their Spotify settings. Choose “Add a Member,” then select “Add a listener aged under 13.” Parents control what content plays, while kids build their own playlists and get personalized recommendations based on their listening habits. This separation keeps parents’ Discover Weekly and Wrapped playlists clean from unexpected surprises like a sudden obsession with gaming soundtracks or silly meme songs.META STRENGTHENS TEEN SAFETY WITH EXPANDED ACCOUNTS Managed accounts make family streaming safer, simpler and more personalized for young listeners. (Spotify)Why this matters for parentsFor years, parents have struggled to give kids music freedom while keeping explicit content away. This update finally solves that challenge. Managed accounts let parents turn off videos, block podcasts and make sure no age-restricted content slips through. It provides peace of mind for families who love streaming music together. Kids get their own playlists and recommendations without changing what parents hear. (Spotify)What this means for youIf you already subscribe to the Premium Family plan, this update adds even more value. You still get six individual accounts, and now you can include a customized child account. Parents can share their favorite songs safely while using filters that protect young listeners. Kids get the freedom to explore new music and create playlists without affecting the main account’s recommendations.Take my quiz: How safe is your online security?Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com  Spotify’s new tools give families more control and more ways to connect through music. (Spotify)CLICK HERE TO GET THE FOX NEWS APPKurt’s key takeawaysSpotify’s expansion of managed accounts is a smart move toward safer, family-friendly streaming. It protects young listeners while helping them build their own love for music. With strong parental controls built right into the app, families can enjoy listening together with confidence and ease.Will you set up a Spotify managed account for your child, or keep family listening under one shared profile? Let us know by writing to us at Cyberguy.com.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.Copyright 2025 CyberGuy.com.  All rights reserved.  

NEWYou can now listen to Fox News articles!
It starts with something small, a text that feels oddly familiar. Maybe it says, “Hey, how are you?” or “Are you coming to the BBQ?” Before you know it, you’re in a friendly back-and-forth with someone who seems genuine. But soon, that casual conversation takes a sharp turn toward money.That’s exactly what happened to John from Alabama.”I received a text from someone in California inviting me to a BBQ. We’ve been texting, and now she wants me to trade gold through WEEX. Is this safe or a scam? I’m 74, she’s 36.” – John, Huntsville, AlabamaJohn’s story may sound like a one-off, but it’s part of a growing trend where scammers use personal charm to build trust and then push victims into risky online “investments.”SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKSSign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter It only takes one text message to blur the line between connection and con. (Kurt “CyberGuy” Knutsson)What is WEEX?WEEX is a cryptocurrency exchange that allows users to trade digital assets, including gold-backed tokens like Tether Gold (XAUT). These aren’t physical gold bars or coins; they’re digital tokens tied to the price of gold and stored on blockchain networks. While WEEX operates as a legitimate platform, scammers often exploit the name of real exchanges to sound credible. They’ll encourage victims to “trade gold” through what seems like an official account but actually directs them to fake sites or wallets designed to steal money.Why this could be a scamJohn’s experience shows several red flags. The conversation began with a friendly invitation, then quickly shifted to a financial pitch. That’s a classic move in online relationship scams. The younger person builds an emotional connection, then uses that trust to promote an “opportunity.” Scammers often promise guaranteed profits or claim they’ll “help you trade” to make the process sound easy.But the truth is, once you send money or crypto, it’s nearly impossible to get it back. Even if WEEX itself is legitimate, the person encouraging you to use it may not be.Many scammers use stolen photos, AI-generated profiles or fake identities to build credibility. Once they convince you to send funds, they vanish, often taking your money and personal information with them. Scammers use friendly conversations to build trust before asking for money. Stay alert. (Kurt “CyberGuy” Knutsson)How to tell if you’re being targetedYou can spot trouble early by asking simple questions. If someone can’t explain how the investment works or avoid details about how to withdraw your money, that’s a warning sign. Be cautious if they promise fast profits or “zero-risk” returns.Real investments always involve risk. Watch out for anyone who pressures you to act quickly or says the deal is “private.” Those urgency tactics are designed to keep you from thinking clearly.Also, look up the company behind the platform. If it’s based overseas, lacks clear business registration or hides its address, your funds may have no legal protection.WHATSAPP BANS 6.8M SCAM ACCOUNTS, LAUNCHES SAFETY TOOL Scams often start with small talk, and even a simple “How about golf tomorrow?” can be a trap. (Kurt “CyberGuy” Knutsson)What you should do nowIf you’ve received a text like John’s, pause before replying or transferring anything. These scams move fast, but you can stop them in their tracks by following a few smart steps.1) Don’t send money or cryptoNever send money, crypto or gift cards to anyone you’ve only met by text. Ask for written proof explaining how the investment works and how withdrawals happen. If the person avoids details or insists you “act now,” that’s a serious warning sign.2) Ask direct questionsScammers thrive on vague promises. Ask specific questions about how profits are made, how you’ll access your funds and who regulates the platform. If the answers are unclear or the topic changes, walk away immediately.3) Research WEEX reviews and complaintsBefore you invest a cent, search online for phrases like “WEEX scam” or “WEEX complaints.” See what other users have experienced and whether any regulatory agencies have flagged the platform. Real investors leave detailed feedback; scammers usually don’t.4) Use a data removal serviceProtect your privacy beyond just this scam. Data removal services can erase your personal details from data broker sites that sell your info to marketers and sometimes scammers. The fewer places your data lives online, the harder it is for fraudsters to find and target you again.While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.Get a free scan to find out if your personal information is already out on the web: CyberGuy.com5) Use strong antivirus protectionScammers sometimes send fake links or attachments that can infect your phone or computer. Install and regularly run a strong antivirus software. These tools can block dangerous websites, alert you to phishing attempts and keep your personal data secure.The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com6) Talk to someone you trustBefore investing in anything, share the details with a trusted friend, family member or financial advisor. A second opinion can help you spot inconsistencies or risks you might overlook in the moment. When in doubt, slow down and ask for help. A friendly “wrong number” text can be the start of a scam. Always think twice before replying. (Kurt “CyberGuy” Knutsson)How to report a scamIf you believe you’ve been targeted by a WEEX gold scam or any similar text-based investment scheme, take action right away. Start by reporting the scam to the Federal Trade Commission (FTC) at reportfraud.ftc.gov. This helps investigators track new fraud patterns and warn others.Next, file a complaint with your state attorney general’s office and, if crypto is involved, submit a report through the U.S. Securities and Exchange Commission (SEC) or the Commodity Futures Trading Commission (CFTC). If you sent money through a bank or payment app, contact your financial institution immediately to try to stop or reverse the transfer. By reporting what happened, you not only protect yourself but also help stop scammers from reaching other potential victims.CLICK HERE TO GET THE FOX NEWS APPKurt’s key takeawaysThese scams prey on emotion. A kind message or casual chat can quickly turn into manipulation. Scammers use friendliness, flattery and false urgency to pull you in, then drain your accounts. Older adults are particularly vulnerable, especially when the scam feels personal. By blending romance with financial advice, these criminals make their victims believe they’re building both trust and wealth. Protect yourself by treating every unexpected text with caution. If the conversation moves toward money, crypto, or gold trading, that’s your cue to stop responding. Keep your devices secure and your private data off public sites where scammers look for new targets.Have you ever received a text that seemed friendly at first but felt “off” as the chat went on? Let us know by writing to us at CyberGuy.com.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/NewsletterCopyright 2025 CyberGuy.com.  All rights reserved.

NEWYou can now listen to Fox News articles!
One day, we might see glowing cities of glass scattered across the Moon’s surface, shining softly under Earth’s light. NASA is teaming up with Skyeports, a California-based company, to explore how lunar dust could be turned into massive glass spheres strong enough to live in. These futuristic, transparent habitats could become the first real homes for astronauts on the Moon.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.INSIDE NASA’S FAST-TRACK PLANS FOR LUNAR NUCLEAR POWER AND NEW SPACE STATIONS TO OUTPACE GLOBAL RIVALS Skyeports’ vision begins with melting lunar dust in microwave furnaces to create durable glass. (Skyeports)Turning moon dust into homesSkyeports has developed a way to transform lunar dust, known as regolith, into durable glass that can be shaped into massive spheres. Using a microwave furnace, the regolith melts and expands like a bubble before cooling into a hard, transparent shell. These spheres could one day serve as living and working spaces for astronauts.The innovation lies in building directly on the Moon using local materials. No costly shipments from Earth are required. The same pipes used to blow the molten glass will become entrances, while 3D printers inside the spheres will create furniture and fittings using lunar materials.SPACE STARTUP UNVEILS 1-HOUR ORBITAL DELIVERY SYSTEM The spherical glass design evenly spreads pressure, forming strong, transparent habitats that can withstand micrometeorites and extreme lunar conditions. (Skyeports)Self-healing and solar-powered livingThe planned glass spheres go far beyond simple shelters. They are designed as self-sustaining ecosystems. The glass can repair small cracks caused by micrometeorites or moonquakes, and built-in solar panels will allow each habitat to generate its own energy.Inside, temperature layers could create condensation to support plant growth. This would produce oxygen, water and food, making each sphere a self-contained life-support system.The science behind the glass sphere designThe spherical shape is more than a design choice. It evenly distributes pressure, giving the structure incredible strength. By adding elements like titanium, magnesium and calcium, the glass becomes even tougher and stronger than steel.Dr. Martin Bermudez, CEO of Skyeports, shared that current prototypes are only a few inches wide, but future spheres could stretch up to 1,640 feet across. His long-term vision is a network of glass cities connected by transparent bridges across the lunar landscape.CLICK HERE TO GET THE FOX NEWS APP NASA’s Innovative Advanced Concepts program supports this research as part of its push to prepare for long-term human life on the Moon under the Artemis mission. (Skyeports)Future plans to test glass sphere habitats on the moonThis concept is part of NASA’s Innovative Advanced Concepts program, which funds forward-thinking projects that could transform future missions. With the Artemis program aiming to return humans to the Moon soon, finding safe and sustainable habitats is a top priority.The Skyeports team plans to test the glassblowing technique in a thermal vacuum chamber, followed by parabolic flight experiments that simulate microgravity. Future trials are scheduled aboard the International Space Station to see how the process performs in real space conditions. If all goes well, tests on the lunar surface could happen within the next few years. What this means for youThe idea behind these lunar glass spheres reaches far beyond space exploration. It represents a new approach to sustainable design, one that could reshape how we build on Earth. The same techniques could lead to eco-friendly, energy-efficient buildings for our own planet’s future. If these glass structures can protect astronauts from extreme lunar conditions, they might inspire a new generation of sustainable architecture here at home.Take my quiz: How safe is your online security?Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my quiz here: Cyberguy.com Kurt’s key takeawaysNASA’s partnership with Skyeports feels like the start of something big. It shows that life beyond Earth is moving from imagination to reality. The mix of science, design, and creativity behind these glass habitats could be the first real step toward building lasting communities on the Moon. Humanity is learning how to move from exploring space to actually living there.Would you choose to live in a glass city on the Moon if you had the chance? Let us know by writing to us at Cyberguy.comSign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.   Copyright 2025 CyberGuy.com. All rights reserved.

NEWYou can now listen to Fox News articles!
Malware targeting Android devices has grown increasingly sophisticated. From fake banking apps to phishing campaigns, attackers are finding new ways to trick you into giving up sensitive data.One of the newest threats comes in the form of malicious apps that appear legitimate but can take full control of your device. Security researchers are now warning Android users to delete a fake VPN and streaming app that can allow criminals to take over your phone and drain your bank account.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.How Klopatra infects devicesThe malicious VPN and streaming app is called Mobdro Pro IP TV + VPN, and it was recently discovered by researchers at Cleafy. Once you install the app, it drops a malware strain called Klopatra. It’s a new and highly sophisticated Android malware currently being used in active campaigns targeting financial institutions and their customers.THIS CHROME VPN EXTENSION SECRETLY SPIES ON YOU Fake VPN apps can hide dangerous malware that steals your data and money. (iStock)At first glance, the app looks like a free streaming platform offering high-quality channels, which makes it appealing to Android users. Once installed, though, it deploys a banking Trojan and a remote-access tool that give attackers full control over the infected device. With that level of access, criminals can steal your banking credentials and even carry out fraudulent transactions without your knowledge.The infection chain is carefully planned. It starts with social engineering, tricking you into downloading and installing the app from outside the official Play Store. From there, Klopatra bypasses Android’s built-in protections and reaches deep into the system to gain persistence and control.HACKERS PUSH FAKE APPS WITH MALWARE IN GOOGLE SEARCHES The Klopatra Trojan gives hackers full control of infected Android devices. (Kurt “CyberGuy” Knutsson)Fake VPNs are a growing problemVPNs are widely promoted as privacy tools that hide your IP address and encrypt internet traffic. Millions rely on them to bypass geographic restrictions, protect sensitive communications or simply browse more securely. Yet not all VPNs are trustworthy. Various studies have proved that popular commercial VPNs have alarming shortcomings. Some use protocols that are not designed to protect privacy, obscure ownership or fail to encrypt traffic properly.When fake apps like Mobdro are combined with these weaknesses, users are left exposed. Criminals exploit both the popularity of VPNs and the prevalence of pirated streaming services to distribute malware effectively. This growing ecosystem of risky apps underscores how important it is to research, verify and only download software from reputable sources.SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKS Stay safe by downloading apps only from trusted sources and keeping your phone updated. (Kurt “Cyberguy” Knutsson)9 steps you can take to protect yourselfIf you suspect that you’ve downloaded a fake app from the internet, there’s no need to panic. The steps below will help you stay protected and keep your data safe.1) Stick to trusted sourcesOnly download VPNs, streaming services and apps from Google Play, Apple App Store or the official developer’s website. Avoid links in forums, social media messages or emails promising free content.2) Check app permissionsCarefully review what access an app requests. If it asks for control over your device, settings or accessibility services unnecessarily, do not install it. Legitimate VPNs rarely require full device control.3) Use a secure VPNWhen choosing a VPN, opt for one with strong privacy policies, transparent ownership and robust encryption. A secure VPN ensures your connection remains private without giving attackers a foothold.For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android & iOS devices at Cyberguy.com4) Install strong antivirus softwareA strong antivirus on your device can detect malware and suspicious behavior before damage occurs. These services can scan new downloads and provide ongoing protection.The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com5) Monitor your accountsBanking Trojans target sensitive credentials. Identity monitoring services can alert you if your personal information appears online or is being misused, helping you respond before harm is done. Identity Theft companies can monitor personal information like your Social Security number (SSN), phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com6) Remove the malicious app immediatelyIf you discover a suspicious app on your Android device, remove it right away.Settings may vary depending on your Android phone’s manufacturer. Open SettingsClick Apps and locate the fake app.Tap Uninstall to remove it from your device.If the uninstall option is unavailable, restart your phone in Safe Mode and try again.After removal, run a full antivirus scan to delete any remaining malware components.7) Keep devices updatedRegular system updates patch security vulnerabilities that malware like Klopatra exploits. Combined with antivirus protection, this significantly reduces the chance of infection.8) Change passwords and enable 2FAOnce your device is secure, update your login credentials.Change passwords for banking, email, and Google accounts immediately. Consider using a password manager to generate and store complex passwords. Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/PasswordsTurn on two-factor authentication (2FA) for extra protection.Use an authenticator app instead of text messages for better security.This step helps protect your accounts if hackers steal your credentials. 9) Report the malicious appFinally, take steps to protect others and report the threat.Report the fake app to Google Play Protect or your antivirus provider.If your bank details were exposed, contact your bank’s fraud department immediately.Reporting helps cybersecurity teams track and block similar fake VPNs in the future.CLICK HERE TO DOWNLOAD THE FOX NEWS APPKurt’s key takeawayFake VPNs and streaming apps exploit your trust and the gaps in app verification processes, showing that even tech-savvy individuals can fall victim. While official stores offer a layer of protection, you must remain vigilant, check permissions and rely on reputable security tools. Never download anything from the random links you see on the internet.Do you think Google is doing enough to prevent malware from entering the Android OS? Let us know by writing to us at Cyberguy.comSign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.Copyright 2025 CyberGuy.com.  All rights reserved.

Key Takeaways: 1. Police departments in the US and Canada are increasingly using virtual reality training to help officers make quick decisions in high-pressure situations. 2. The technology, provided by Axon, is being used by over 1,500 police agencies and offers scenarios including de-escalation and Taser use. 3. The use of virtual reality training has