Crypto-stealing selfie snatcher: Your camera roll might be your crypto wallet’s worst enemy. “SparkKitty” malware snuck into both Google and Apple app stores, scanned your photos and stole any crypto recovery phrases it found. Remember, never screenshot your seed phrase, and maybe don’t store your financial life next to brunch pics.
Scam in the skies
ChatGPT
I am hearing more and more reports about a certain travel scam that is not making the tech sites or mainstream news.
A “travel agent” or travel site selling fake plane tickets. You pay real cash for a flight that doesn’t actually exist, like booking a table at a restaurant that burned down in 2006.
Let’s break this down so you don’t accidentally vacation your identity into a black hole.
🚩 Sneaky setup
You search for tickets online or reply to a scam email. Overwhelmed by all the travel sites and apps, you choose what seems like a trustworthy source with awesome prices.
Maybe you end up emailing, chatting or talking to someone who promises they can get you a great rate on a ticket. So you hand over your name, phone number and payment details.
Using your information, they book what you think is a confirmed seat and say you’re good to go. You, the savvy shopper, go to the airline’s website and enter the flight information. Sweet, there’s your seat. You pat yourself on the back for saving money and consider your travel booked.
🥶 Two weeks later…
You try to check in for your flight. Except … you can’t. There’s no ticket. Never was. Turns out these crooks just made a seat reservation — they never paid for an actual ticket.
And now? You’re not going to Cabo. You’re going to Rage Town. Population: You.
Hopefully, you find this out long before you’re standing at an airport customer service counter, suitcase in hand! Either way, you’re out the money and the airline ticket.
😡 Outsmarting human malware
57%
Of all spam emails in the world come from the U.S. We’ve got loads of data centers, which makes it difficult to enforce regulations properly. This isn’t just inbox clutter, either; 67% of those messages contain phishing or malware links. You could say we’re the outbreak monkey of the internet.
🛡️ App armor: Fake Google Play Store links are out there. One wrong tap and you’ve downloaded an app full of malware. Turning on Improve harmful app detection lets Google scan shady apps for a safety check. Open the app, tap your profile icon (top right) > Play Protect > Settings > toggle it on.
🪞 Deepfake boss attack: A crypto employee thought they were on a Zoom call with their company’s C-suite. Turns out it was North Korean hackers deepfaking the entire leadership team. That “Zoom extension” they asked you to download? Straight malware on macOS. Someone out there is cosplaying your manager to steal your crypto and mess with your M1 chip.
🚨 Fake CAPTCHAs: You know those little tests that ask you to prove you’re not a robot? Scammers are planting fake ones on sketchy sites (like free movie pages) that ask you to press keys or download software. Some even redirect you to a browser extension or tell you to run a command. Plot twist: It’s malware.
🛡️ 1 billion malware threats: 1 simple fix. Antivirus software protects your devices from viruses, ransomware and more before they can do any harm. Cover five devices for just $19 for the first year. That’s less than a trip to the movies.
Think before you “unsubscribe”: That little link at the bottom of emails might clean up your inbox or land you on a fake site. Scammers use it to steal passwords or install malware (paywall link). Play it safe: Hit the unsubscribe button at the top, like in Gmail, or mark it as spam and delete.
🕳️ Fake links, real damage: Watch out. Cyber creeps are shoving malware-laced links into cloned Google Calendar invites and Meet links. Fix? Turn on “Known Senders” in Calendar and trust no “tech support” that sounds like it’s from a gas station payphone.
🍪 93.7 billion cookies for sale: And nope, not the Girl Scouts kind. Hackers are selling browser cookies on the dark web, so they can access your accounts with no login needed. How’d they get them? Infostealer malware from shady downloads. Be careful what you click.
Too good to be true: Hackers are tricking people into downloading “premium AI tools” that are actually malware. Some freeze your PC. Others steal logins. One claims it’s helping humanitarian causes. Classic hacker gaslight. If an AI app offers unicorn features for free, it’s probably there to eat your bank account.
🚨 Don’t fall for it: Scammers are posting AI videos on TikTok promising free versions of Microsoft Office and Spotify. All you had to do? Run a short line of code. Plot twist: It installed malware that could steal your passwords and credit card info. And with no links involved, it was harder to detect.
Fake AI video generators: Hackers have a new trick: websites that promise to turn your images into videos. But once you upload a file, they send back a ZIP named something like “VideoDreamMachineAI.mp4.exe.” The twist? It’s actually malware that steals your personal info. Watch out for them in Facebook groups especially.
⚠️ Using a Cisco Linksys router? Check the model number. The FBI says tons are vulnerable to attacks. They don’t get security updates anymore, which makes them easy targets. Hackers install malware and turn them into botnets for cyberattacks or worse. The fix? Replace it. Here’s one that’s 18% off.
We may earn a commission from purchases, but our recommendations are always objective.
🚨 Windows alert: New password-stealing malware is spreading fast. It shows a fake “I Am Not A Robot” CAPTCHA and tells you to open the Windows Run box and type a command. Huge red flag. No legit site will ever ask you to do that. If it pops up, close the page immediately. And yes, real-time protection helps. I use TotalAV.
23%
That’s how many HTML attachments are malicious. They usually show up in your inbox with names like “invoice.html,” and when you click, they redirect you to phishing websites. That’s where scammers steal your info or drop malware on your device. Moral of the story? Stay sharp and use real-time protection. My pick is TotalAV, just $19 a year.
⚠️ Hackers are changing tactics: Talk to your IT department about this. And if you are the IT department, pay attention. New research shows 30% of cyberattacks are suddenly now coming through network edge devices. That means instead of using flashy malware or phishing email, they’re slipping in through VPNs, firewalls and routers. How? People keep using outdated gear and weak passwords and skipping security updates. Stop that now.
🚨 Don’t fall for this Zoom scam: Hackers are tricking people into installing malware. It starts with a fake podcast or interview invite. They ask you to share your screen. Then they request remote access but change their display name to “Zoom” so it looks like the app. Click Approve, and they’re in! Tip: Disable remote control in your settings.
Using Windows 11? Last week’s update added a weird empty folder called “inetpub” that popped up on the system drive. If you thought it was useless and deleted it, think again. It’s not malware. It’s just Windows being Windows. It’s tied to a security fix. To bring it back: Go to Control Panel > Programs > Programs and Features > Turn Windows features on or off > check Internet Information Services > hit OK.