Fancy Bear Turns Your Router Into a Spy

Most people think of their router as that little box in the corner that makes the internet work. Set it and forget it. Unfortunately, Russian state-sponsored hackers see it a bit differently. Security agencies recently warned that the notorious hacking group Fancy Bear has been compromising vulnerable TP-Link routers and quietly turning them into surveillance tools. By hijacking router settings, the attackers can redirect internet traffic, steal login credentials, and spy on online activity without victims ever realizing it. The good news? A few simple security steps can make your router a much harder target. READ FULL STORY

Email Warnings No Longer Guarantee Messages Are From Within

You may have seen this warning, or something like it, at the end of email messages: “CAUTION: This email originated from outside of the organization.” Such an alert intends to let you know that the message you are receiving is not coming from a colleague with an email address from within your organization. It’s supposed to serve as a warning that something in the message just may be trying to phish you. Now, those rascally rabbit cybercriminals have figured out a way to get rid of it. READ FULL STORY

Fake Claude AI Chats and Google Ads Are Now Delivering Malware

Searching Google for a Claude AI download on your Mac could now land you in the middle of a malware trap that looks surprisingly legitimate. Security researchers are warning that attackers are abusing Google Ads and even real shared Claude AI chats to trick macOS users into running dangerous Terminal commands. Victims often remain on legitimate-looking Claude pages while being guided through fake setup instructions that quietly install malware capable of stealing passwords, browser sessions, crypto wallets, and sensitive Mac Keychain data. READ FULL STORY

World Cup Fever is in the Air—Watch for Soccer-Related Scams

The FIFA World Cup attracts billions of fans around the globe, but it also attracts cybercriminals looking to score against unsuspecting victims. From counterfeit tickets and fake streaming sites to fraudulent travel packages and phishing emails, scammers use the excitement surrounding the tournament to steal money, personal information, and account credentials. Before you buy tickets, book travel, or stream a match, learn the most common. World Cup scams and the simple steps that can help keep you from becoming the next victim. READ FULL STORY

Medicare Phone Scams Circulating Now

Senior citizens and others on Medicare are an ongoing target for scammers. However, some Medicare scams spike at various points during the year, like other types of scams such as tax-related ones. Phone scams abound during peak “attention” time, such as the Medicare open enrollment period (OEP) with the goal of stealing PII for financial and other identity crimes. Those on Medicare and the people who care for them need to know how these OEP scams happen and how to avoid them. READ FULL STORY

Watch Out for Juneteenth-Themed Scams This Holiday

As Juneteenth celebrations take place across the country, cybercriminals are taking advantage of the holiday's growing visibility. Security experts are warning consumers to be cautious of phishing emails, text messages, and social media posts that use Juneteenth-related themes to steal personal information, passwords, or financial data. Scammers often capitalize on holidays and major events because people are more likely to trust messages that appear connected to community celebrations, special promotions, or charitable causes. Juneteenth is no exception. READ FULL STORY

Understanding Multi-Factor Authentication

We all know that passwords alone just don’t cut it anymore. Between data breaches, phishing attacks, and password reuse, relying on a single password to protect your most valuable accounts is like locking your front door but leaving the windows wide open. That’s where multi-factor authentication (MFA) comes in. It adds extra layers of protection to your online accounts. While many companies are implementing passkeys, not all of them have it available. So, MFA is the next best way to protect your accounts, MFA makes it so that even if your password falls into the wrong hands, no one can get in without passing additional verification steps. READ FULL STORY

A Single Slip Unlocked 900,000 Records From Identity Protection Company

It didn’t take malware, zero-days, or Hollywood-style hacking rigs. Just one convincing voice on the phone. In a breach that feels less like a cyberattack and more like a con artist’s magic trick, identity protection firm Aura lost control of roughly 900,000 records after an employee was duped into opening the digital front door. The incident is a stark reminder that even the strongest security systems can crumble when human trust is weaponized. READ FULL STORY

Users Get Tricked Into Falsely Updating Google Services

The TrickMo Android banking trojan has re-emerged in a new form, disguised as a fake Google Chrome app for Android. Once installed, this malicious app prompts users to update Google Play Services, tricking them into downloading TrickMo under the guise of "Google Services." By doing so, it gains access to critical permissions, including those for the device's accessibility settings, which it then exploits to perform various malicious activities. READ FULL STORY

Are You A Money Mule? What You Need To Know

Criminals of all kinds traffic in stolen money and need middlemen to relocate the funds. From romance scams to phishing attacks and more, there’s plenty of fraudsters with hijacked money needing laundering—and that’s where money mules come in handy. Unfortunately, sometimes those people are unaware of what they are doing, but that doesn’t mean they can’t be punished for it. Check out the red flags of avoiding becoming a money mule—and a criminal. READ FULL STORY

Ways To See If Your Data Has Been Stolen

With all the data breaches, whether by intrusion or accident lately, it’s likely your information was exposed somehow to someone you didn’t intend. After all, the marketing company Exactis, exposed hundreds of traits on us in 350 million records. Yahoo let out email addresses and passwords on billions of people, and of course who can forget the massive breach of Equifax just last year. There is a lot of information that gets leaked on us and the more the bad actors have on us, the more targeted their phishing campaigns can be. Checking on whether or not your data is available in the underground can help you mitigate any fraud or identity theft. READ FULL STORY

Account Takeover Fraud Steals Your Identity, Money, And More

With a significant swell in the number of those working from home, come the most historic levels of hacking the world has ever seen. Account takeover (ATO) fraud attacks have been growing yearly, accounting for much of the identity fraud-based financial losses to consumers and businesses. ATO fraud can lead to empty bank accounts and damaged reputations, and those recovering from an attack find it’s an expensive, time consuming, and frustrating task. READ FULL STORY