Do you cry at rom-coms? Your LG TV will soon know. Plus: Why Netflix is still #1, a man sues Apple for $5 million after his phone got stolen, and how to keep hackers out of your home security cam. All that and more!
Hackers love your zombie accounts
ChatGPT
How many online accounts have you made over the years? 50? 100? More? That’s enough to fill a digital graveyard.
A new study shows that 25% of all online accounts are never used again, but they don’t just disappear. They sit there, wide open, with your email address and password attached. These forgotten logins are called “zombie accounts,” and hackers love them.
Why? Because most people reuse passwords or use easy-to-crack ones. And those old accounts? They’re missing security updates, have no two-factor authentication, and usually are linked to your main email address.
💥 Easy takeover
Here’s the scary part: Hackers use a method called credential stuffing. It’s lazy but effective. Basically, bots test your old usernames and passwords across thousands of popular sites: Gmail, Netflix, Amazon, even your bank.
If they hit a match (and they often do), you’re toast. They can steal your identity, drain your accounts or hold your data for ransom.
What’s worse? These attacks happen 24/7, using bots that can test thousands of logins per second. One weak link, one zombie account and they’re in.
Great, now they’re logging into your PayPal while you’re still trying to remember if it’s passwordDog! or Dogpassword!
You can go through all your accounts one by one to kill off those you don’t use, but that’s a hassle and you won’t do it.
🚫 Passwords in your browser
Think your browser’s built-in password manager will save you? Nope. It’s lame, really.
If someone gains access to your device even for a minute in person or via malware, they can unlock all your saved logins in Chrome, Safari or Edge with little effort. Worse, your browser won’t warn you if your passwords have been leaked online or on the dark web.
How I stopped scammers cold
ChatGPT
“Kim, Lifelock has gotten so expensive. Do I even need it?” — Matt in Texas
I’ve been hearing this a lot, Matt. I agree, LifeLock is pricey. My bill was $239.88 a year. Now, I’m paying $62.64 a year, that’s a 74% savings! More about that later.
🧨 Fission accomplished: This is bad. Communist China hackers used a SharePoint flaw to target 400+ orgs, including the U.S. nuke agency (NNSA). Microsoft says the exploit hit agencies in the U.S., EU, Middle East and more. They say no classified files were stolen since the backdoor’s been open since July 7. Yea, right.
Protect your data! I trust TotalAV to guard against viruses, ransomware and hackers in real time. It’s powerful, simple and just $19 for the first year. Stay safe online with TotalAV today.
Hackers trick Gmail’s AI summaries
Gmail’s Gemini AI shows quick bullet-point summaries at the top of your emails, but scammers can slip in fake warnings using hidden text.
Don't get juice jacked
Want to use a public USB port? Plugging in could let hackers steal your data or infect your phone.
Hackers don’t need your permission, just one weak link or data breach, and your identity is theirs. I don’t take chances. I use NordProtect to stay one step ahead. Full protection, 65% off right now. Don’t wait.
Hackers can stop trains with a $300 device — July 19th, Hour 3
A small, cheap tool lets anyone control train brakes remotely. Tesla’s new robotaxi zone looks … suspicious. Plus, scammers using fake news videos to steal your cash, purple streetlights messing with your eyes, and Florida’s next-gen 911 system.
Hackers love when you do this
Still getting security codes via text? Hackers can steal them in seconds.
🚨 Don’t trust every AI summary in Gmail: Heads up! Scammers are getting smarter and sneakier. Some are now hiding dangerous messages in white text on a white background, like “Your password was compromised, call this number.” You won’t see it with your eyes, but Gmail’s Gemini AI does and it might include that hidden message in the email’s summary, making it sound like a real warning from Google. The takeaway? Always double-check emails yourself before clicking or calling anything. AI is helpful, but it’s not perfect and hackers know how to work around it.
🍟 McHack at McHire: McDonald’s AI job portal leaked data from 64 million applications. Why? Because the login was basically “admin / 123456.” Hackers didn’t need skills (paywall link), just fingers. Names, emails, phone numbers … all up for grabs. The site was built by Paradox.ai, which now has a new definition of “paradox.”
🚨 Fake sites on Google: Hackers are poisoning search results, getting fake websites to rank at the top. This time it’s for legit-looking Windows tools. Download them, and you’ll end up with nasty malware. Tip: Type in the official site directly, and always use real-time solid antivirus protection on your computers and phone. My pick is TotalAV.
AT&T’s new Account Lock feature: Finally, a way to stop SIM-swapping attacks. That’s when hackers transfer your number to their own SIM to steal 2FA codes. To turn it on, open the myAT&T app and go to Services > Mobile Security > Wireless Account Lock.
Your TV hacked by China? — July 5th, Hour 2
That cheap TV streaming box could open the door to Chinese hackers. Plus, Google’s AI-only search mode and a modern Monopoly makeover. I also talk to Michael from Texas. He survived a plane crash in Kentucky and used an old cell phone to call 911.
🖨️ Oh, Brother! Millions of Brother printers have default passwords that hackers can reverse-engineer using the serial number. Brother can’t fully fix it via firmware. For the love of toner, change the admin password so your printer doesn’t get hacked.
Protect your data! I trust TotalAV to guard against viruses, ransomware and hackers in real time. It’s powerful, simple and just $19 for the first year. Stay safe online with TotalAV today.
Wi-Fi master: Angry IP Scanner keeps track of everything connected to your network. It scans for IP addresses and other information about the devices connected. It helps troubleshoot tech issues and catch hackers or moochers since it pinpoints unknown or suspicious devices.
🪞 Deepfake boss attack: A crypto employee thought they were on a Zoom call with their company’s C-suite. Turns out it was North Korean hackers deepfaking the entire leadership team. That “Zoom extension” they asked you to download? Straight malware on macOS. Someone out there is cosplaying your manager to steal your crypto and mess with your M1 chip.
📞 Hackers love call centers: They’re bribing low-paid call center workers to bypass security (paywall link) and loot crypto wallets. Coinbase alone may be out $400 million. All it took was screenshots, Chrome bugs and $2,500 Venmo bribes.