The phone scam evolution: This is frightening. A cybersecurity firm built a real-time voice deepfake, meaning someone can sound like you on a call instantly. Cheap laptop, open-source tools, done. They tested it, and people fell for it almost every time. So when your “boss” calls asking for gift cards, maybe call back first. You should take a sec and check it out.
Ransomware hackers upped the game, and it’s personal
Bing Image Creator
If you read one thing today, let it be this, because the rules of ransomware have officially changed, and not in a “Yay, innovation!” kind of way.
For years, the scam was simple: Hackers locked up your computer, holding your files hostage and demanding a ransom in Bitcoin for a promise to give your data back.
But people and companies started getting wise and saying, “No thanks, we’ve got backups. Go pound sand.”
So the crooks got meaner. Like, Real Housewives reunion-level mean. They’re stealing your files before you even know they’re there and threatening to dump them online for the world to see.
I’m not talking about boring spreadsheets or a few tax forms.
They’re after your deepest, most private secrets, such as all your emails, your medical records, browsing history, AI chatbot sessions, the videos you never meant to share or the ones you would not want anyone to know you ever watched, the contracts, the texts, the photos. Anything they can use to humiliate you or wreck your reputation.
💣 The shame game
Some criminals run their own public leak sites, where they post stolen data as a warning. Pay up, or everyone you know will see exactly what we’ve got on you. That includes all your personal and business contacts because they have those, too.
Say you still don’t pay up. Then, they take it up a notch. They dump it all on the dark web where there is no way you can buy it back.
This isn’t about locking you out and collecting a few hundred in Bitcoin anymore. It’s about dragging your life into the light.
Embarrassment. Blackmail. Legal trouble. They want to destroy you. And the only way to avoid it all is to make yourself a too hard a target.
💡 How to stay ahead of them
AI is taking these jobs and creating these jobs
© Dzmitry Auramchik | Dreamstime.com
You’ve probably seen the headlines: “AI is coming for all our jobs.” But instead of you panicking, I did the hard work for you. I tracked down the 290-page Future of Jobs Report 2025 from the World Economic Forum and actually read it.
Space leak: Researchers from UC San Diego and Maryland snagged T-Mobile calls, texts and even military comms, all from unencrypted satellites. Literally anyone with $800 and a rooftop dish could’ve done it. Companies assumed “no one would look up.” Which, frankly, explains a lot about our cybersecurity situation. Somewhere, aliens are listening to your spam texts.
Think your browser’s password manager is safe? Think again.
© Gmm2000 | Dreamstime.com
It’s so easy to click and save your passwords right to Chrome, Edge, Safari or any other browser. Have you ever stopped to think about just how bad an idea it is to do this? Anyone with access to your browser can jump right into any one of your accounts. Yup, even your banking and investment accounts are up for grabs.
🏕️ From campfires to code fires: Scouting America (yep, the rebranded Boy Scouts) launched AI and cybersecurity badges. Scouts learn about deepfakes, algorithmic bias and how to train (not just talk to) chatbots. The cybersecurity badge teaches password safety, phishing defense and digital citizenship. Forget tying knots. “Be prepared” now means knowing how to spot fake news and fake faces.
6 signs your vacation rental is a scam
© Mark Winfrey | Dreamstime.com
It’s that time of year when so many of us are planning vacations and booking a rental. Sadly, scammers are very aware of that, and they’re always changing their tricks to fool people out of their money, rentals — or worse.
Bamboozling Gemini: At Black Hat (cybersecurity event), researchers showed how Google’s AI Gemini can be hijacked with a single calendar invite. One hidden prompt, and boom, Gemini starts spewing lies, deleting meetings or opening your windows via Google Home. It’s like a robbery, but your AI assistant is opening the front door.
Have mandatory cybersecurity classes at work? New research from Purdue found anti-phishing training may make workers worse at spotting scams. Turns out, binge-watching security videos doesn’t build instincts, it builds false confidence. One group even clicked more after “interactive” training. That’s right: Your IT team’s monthly guilt-trap quiz might be actively hurting.
🛠️ Hacker turned pitch guy: A Missouri man hacked a gym, dropped his membership to $1 and emailed the owner, offering “cybersecurity consulting” after proving he broke in. He also posted their camera feed on social. Not the sharpest guy. He now has plenty of time to work out in prison.
Don’t trust pop-ups: A Florida man got a message on his laptop that looked like it came from a cybersecurity company he uses. Then scammers called and said someone took out a gambling loan in his name. The fix? Deposit $38K through a Bitcoin ATM. Yeah, they got him. If someone phones demanding crypto, hang up.
20,000 corporate employees
Were tested to see if cybersecurity training helps them avoid phishing scams. The result? Their failure rate was only 1.7% lower than people with no training at all. Blame the materials or the teaching, but the real fix is auto-detecting software (paywall link). Send this stat to your boss before they book another mandatory workshop.
Over 50%
Of internet traffic now comes from bots. You can thank AI tools like ChatGPT and Google Gemini for making it way easier to build them. The bad news? Hackers are using that same tech to pump out malicious bots that spam, scam and take down websites. Cybersecurity’s not optional anymore, folks.
The Pentagon cut $5.1B in contracts: Deloitte, Booz Allen, Accenture … you may be seated. The government’s slashing spending on outside consultants. Why? They finally realized those agreements are unnecessary, and the work can be done in-house. The extra cash will now be redirected to hypersonic weapons, AI and cybersecurity. So basically: fewer spreadsheets, more lasers.
🎣 Gone phishing: I’ve done this with my team. It’s just smart. More companies are phishing their own employees to see how easily they fall for scams. Some are scary, like fake Ebola outbreaks, and others are just plain mean, like a “lost puppy” in the parking lot (paywall link). A weak link can cost you your entire company, so you need to know who needs cybersecurity training.
“What was that link?” I only work with brands I trust to keep you secure. Hit this page to see the five must-have tools I recommend to keep your cybersecurity locked up tight.
In security, we trust: DeepSeek’s cybersecurity team left a database wide open, exposing chat histories, API keys, backend details — you name it. And don’t forget their servers are based in China, meaning the communist government is peeking in. Here are my tips to use it safely, if you must.
So embarrassing: You don’t want your coworker asking why you googled “Can my plants hear me crying?” Lock your Mac’s screen quickly with Ctrl + Cmd + Q (Windows key + L in Windows). Be smart about cybersecurity and get in the habit of doing this every time you walk away.
❗ Lock down your cybersecurity: I work with brands I trust to keep you secure. Hit this page to see the five must-have tools I recommend.
🔐 5 tools to lock down your cybersecurity: I work with brands I trust to keep you secure. Hit this page to see the tools I recommend.