📬 Ransomware by snail mail? It’s happening. Cybercriminals are now sending ransom demands through postal mail. The letters warn folks that their networks have been compromised and sensitive info stolen. The price to keep it private? $250,000 to $350,000 in bitcoin, due in 10 days. And because they’re oh-so-considerate, they include a QR code so you can send the crypto right to their wallet.
Selling your car? Do this first
© Iuliia Lisitsyna | Dreamstime.com
New cars are computers on wheels, tracking just as much about you as your phone does. Before you sell your car or return a lease, you need to take the time to wipe all that data.
Otherwise, you’re handing over a digital diary of your life to anyone who knows where to look. Your car tracks where you’ve been, how fast you got there, your contacts and text messages and what radio stations you listen to most. Don’t let that info go along for the ride!
🚗 It starts when you leave the lot
Almost every new vehicle connects to the internet. Even worse, they’re notoriously bad when it comes to keeping your data safe and private.
Most folks don’t know newer cars have privacy settings. They’re just very well hidden. Privacy points: Don’t bother with your carmaker’s app if it’s not a must.
Check the policies: When you’re buying a car, kick the tires, check the mileage, look for flaws in the paint … but also read through the privacy policy to see what’s at stake. If you can’t be bothered, tools like Privacy Analyzer from security.org can help. Put in a URL and it’ll flag anything especially concerning.
Opt out … and out and out: When setting up your car’s software, you’ll get hit with a bunch of questions. Don’t feel like you have to say yes to everything. If you don’t like or understand something, skip it. Just know that you might lose out on certain features. That’s how they get ya.
Take the third-party route: Using Android Auto or Apple CarPlay from your phone rather than your vehicle’s software can limit the data carmakers get. Google and Apple collect a ton of data, too, but at least it stays with your phone and isn’t too hard to delete.
✌️ When it’s time to say goodbye …
It’s up to you to delete your data. If you’re using your car’s connected app on your phone, that’s a good place to start. In the settings, look for options to wipe your account.
Then do this: Privacy4Cars has a free iOS and Android app. With it, you can wipe out your phone book, call logs, text messages, navigation history, home address, garage door codes, passwords, biometrics and vehicle credentials.
File a privacy request: In some states, car manufacturers are obliged to tell you about the data they have on you and how you can wipe it. The EFF has a good guide with links here. It’s worth a few emails to know that you’re not leaving a trail of data behind.
Think your browser’s password manager is safe? Think again.
© Gmm2000 | Dreamstime.com
It’s so easy to click and save your passwords right to Chrome, Edge, Safari or any other browser. Have you ever stopped to think about just how bad an idea it is to do this? Anyone with access to your browser can jump right into any one of your accounts. Yup, even your banking and investment accounts are up for grabs.
$21 million
Stolen from victims of a grandparent scam ring. Good news: Police caught the bad guys. Scammers called, pretending to be a teenager or adult grandkid who was in a car crash, arrested and needed money for bail.
True or false: You need antivirus protection for your phone
Photo 59825802 © Georgejmclittle | Dreamstime.com
I wrote about tech myths recently and missed a big one: “Phones can’t get viruses.”
Of course they can! Your phone is basically a mini-computer and a prime target for hackers. Let’s break down how these threats work and where they come from.
1 million+ infected with malware: You know those cheap Android-based streaming boxes, tablets or used car infotainment systems? Bad news. They’re being used as a botnet by the Badbox 2.0 hacking group. The top targets are TV boxes with the generic names “TV98” and “X96.” Don’t risk it to save a few bucks.
🚨 YouTube creators, don’t fall for this: Scammers are using an AI video of CEO Neal Mohan to trick you into giving up sensitive info. They’ll send it privately, claiming YouTube is changing its monetization policy. It’s your credentials they’re after. Reminder: YouTube will never contact you or share updates through a private video.
🚨 Word of the day: Info-stealer. Malware that sneaks in and grabs your personal data, especially credit and debit card details. Over 26 million devices were hit, with 2 million bank cards stolen and for sale on the Dark Web. Watch for small charges on your statements because that’s how hackers test if your card is still good.
📱 Ring, ring, it’s not IT: If you get a call from your help desk or IT asking for a password reset, check if it’s legit. Scammers are getting good at tricking people over the phone to sneak into their systems. CrowdStrike found voice vishing scams (that’s voice phishing) jumped 442% last year.
💪🇺🇸 The only easy day was yesterday: Special ops commanders went to DC to explain that America’s military tech, especially AI, machine learning, autonomous weapons and cyber warfare, is way behind our adversaries. China and Russia are investing heavily in AI-driven battlefield awareness, drone swarms and cyber capabilities. We have to do the same.
💸 Avast sold your data: If you bought the antivirus software between Aug. 2014 and Jan. 2020, you might be entitled to a cut of a $16.5 million settlement. Watch your inbox for a claim ID, then fill out the settlement claim form by June 5. I use this antivirus.
🇨🇳 Communist China’s at it again: Now, China’s sending hackers after Microsoft 365 accounts, mostly in the financial services and insurance biz. Their method of choice is password spraying, aka attempting to log in to accounts with all the most common, weakest passwords. This is your friendly reminder to use a complex password for every single account.
Don’t look up: Chinese scientists built a surveillance camera that can see your face from space. In a ground test, it locked onto a target 62 miles away and picked up tiny details with scary accuracy. It’s supposedly “100 times” better than today’s top spy cameras and lens-based telescopes.
🚨 PayPal alert: A new phishing email from “service@paypal.com” claiming a new address was added to your account is making the rounds. It says you bought a MacBook M4 or another pricey item. They’re trying to scare you to call the number in the email. Don’t.
Do you bank on your phone? What about checking email and shopping? If you said “yes” to any of those, you’re a target. A keylogger captures everything you type, including your account numbers and passwords. Encrypt your keystrokes with EndpointLock. Hit this link for 10% off.
📅 Don’t RSVP: If you get a random Google Calendar invite, don’t click on any links. Scammers are tricking folks with Gmail accounts into sharing their personal info through a fake support page. Legit invites come from calendar-notification@google.com. Report phishing: Hit the three-dot icon in the right-hand corner.
💸 An older adult lost a whopping $2.09 million in a gold bar scam: But she’s getting 40% back. Morgan Stanley has to pay her $843K for failing to follow industry standards. Banks are supposed to flag big withdrawals and check with a trusted contact first. They didn’t.
💰 Armed rideshares are popping up everywhere: The new Protector app (iPhone only) lets you book armed guards and Escalades to chauffeur you around for $200 an hour. Think Uber, but with active or retired law enforcement and military officers behind the wheel. BlackWolf hires military and law enforcement too.
Craigslist scam: The guy listed a luxury Palm Beach apartment for $950/month (red flag because it actually costs $5,200/month), and a couple took the bait. The scammer gave them a tour and handed over the keys so it seemed legit. Turns out the real owner had left them in the door for a handyman. Argh.