Latest news with #CyberGuy
Fox News
a day ago
- Fox News
What to do if you get a password reset email you didn't ask for
You're checking your inbox or scrolling through your phone when something catches your attention. It's a message about a password reset, but you never asked for one. It might have arrived by email, text message or even through an authenticator app. It looks legitimate, and it could be from a service you actually use. Still, something feels off. Unrequested password reset messages are often an early warning sign that someone may be trying to access your account. In some cases, the alert is real. In others, it's a fake message designed to trick you into clicking a malicious link. Either way, it means your personal information may be at risk, and it's important to act quickly. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide — free when you join. There are a few reasons this might happen: In some cases, the message is legitimate, as seen in the email below, but the request didn't come from you. That is often a sign your login details are already in someone else's hands. Unsolicited password reset alerts can take several forms, each with signs of potential fraud or hacking: No matter how the alert appears, the goal is the same. Either someone is trying to trick you into handing over your credentials, or they already have your password and are trying to finish the job. If you receive a password reset alert you didn't request, treat it as a warning. Whether the message is legitimate or not, acting quickly can help prevent unauthorized access and stop an attack in progress. Here are the steps you should take right away. 1. Don't click on anything in the message: If the alert came through email or text, avoid clicking any links. Instead, go directly to the official site or app to check your account. If the request was real, there will usually be a notification inside your account. 2. Check for suspicious login activity: Most accounts have a way to view your recent logins. Look for suspicious activity like unfamiliar devices, strange locations or logins you don't recognize. A login from a location you have never been to could be a sign of a breach. 3. Change your password: Even if nothing looks wrong, it's a good idea to reset your password. Choose one that is long, complex and unique. Avoid reusing passwords across different accounts. Consider using a password manager to generate and store complex passwords. Get more details about my best expert-reviewed Password Managers of 2025 here. 4. Scan your device for threats: If someone got access to your password, there is a chance your device is compromised. Use strong antivirus software to scan for keyloggers or spyware. 5. Report the incident: If the alert came from a suspicious message, report it. In Gmail, tap the three-dot menu and select Report phishing. For other services, use the official website to flag unauthorized activity. You can also file a report at the FBI's Internet Crime Complaint Center if you suspect a scam. You can take a few steps to try to reduce the number of emails you receive requesting a password reset. 1. Double-check your username and password. When accessing your account, you may have a typo in your login information. Should you repeatedly attempt to access your account with this error, the company that holds the account may believe a hacking attempt is occurring, triggering an automatic reset. If your web browser automatically populates your username and password for you, make sure this information is free of typos. 2. Remove unauthorized devices. Some accounts maintain a list of devices authorized to use your account. If a hacker manages to gain some of your personal information, it may be able to add one of his devices to your authorized list, triggering account login errors as he tries to hack your password. Check the list of authorized devices and remove any items you don't recognize. The process varies, depending on the type of account. We'll cover steps for Microsoft, Gmail, Yahoo and AOL. Microsoft Gmail: Yahoo: AOL: Remember to regularly check your account settings and authorized devices to ensure the security of your accounts. If you suspect any unauthorized access, it's also a good idea to change your passwords and review your account recovery options. 3. Sort such messages to spam. If you'd prefer to simply not see these kinds of email messages, set up your email client to sort messages like this to a spam folder. (Because many of them are spam, some email clients do this automatically.) Should you ever legitimately request a password reset, though, you'll need to remember to look in the spam folder for the message. 4. Use a static IP address. Some accounts attempt to recognize your device through your IP address. If you have a dynamic IP address, your IP address changes constantly, meaning the account may not recognize your device, triggering the reset message. This often occurs because you are using a VPN. See if your VPN allows you to use a static IP address. Even if this was a one-time scare, it is important to tighten your overall security. Here are a few simple habits that go a long way: 1. Use strong and unique passwords: Use a password manager to create secure, one-of-a-kind passwords for each account. Get more details about my best expert-reviewed Password Managers of 2025 here. 2. Consider using a personal data removal service: If you're receiving password reset emails from accounts you don't remember signing up for, or from multiple services, there's a good chance your personal information is exposed on data broker sites. These companies collect and sell your data, including your email, phone number, home address and even login information from old accounts. Using a reputable data removal service can help you automatically identify and request the removal of your personal data from these sites. This reduces your risk of identity theft, credential stuffing, phishing and spam. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren't cheap — and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It's what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here. Get a free scan to find out if your personal information is already out on the web 3. Turn on two-factor authentication (2FA): Enabling 2FA is one of the most effective ways to stop unauthorized access, even if someone has your password. When 2FA is active, anyone trying to log in must also complete a second verification step, usually through an app on your phone. If an attacker triggers a login attempt, you will receive a prompt to approve or deny it. This gives you the power to block the attempt in real time and confirms that 2FA is working as intended. 4. Install strong antivirus software: Install strong antivirus software to catch malware before it causes harm. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 5. Review your account settings: Make sure your recovery phone number and email are current. Remove any outdated or unused backup methods. 6. Keep your software up to date: Keep your device software and apps up to date to patch security vulnerabilities that attackers often exploit. 7. Use a VPN to protect your online activity: Avoid public Wi-Fi or use a VPN to protect your information when browsing on unsecured networks. Consider using a VPN to protect against hackers snooping on your device as well. VPNs will protect you from those who want to track and identify your potential location and the websites that you visit. For best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices It's easy to brush off an unexpected password reset message, especially if nothing else seems out of place. But these alerts are often the digital equivalent of a knock at the door when you weren't expecting anyone. Whether it's a hacker probing for a way in or a scammer trying to bait you, the smartest move is to treat every unexpected security message as a wake-up call. Taking just a few minutes to check your login history, secure your accounts and update your passwords can make all the difference. Cybersecurity isn't just for experts anymore. It's an integral part of everyday life. And the more proactive you are now, the less likely you'll be dealing with damage control later. Are tech companies doing enough to protect users from password threats, or are they putting too much responsibility on individuals? Let us know by writing to us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels Answers to the most asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
Fox News
4 days ago
- Fox News
Android malware poses as fake contacts to steal your personal data
Hacking keeps evolving, just like any other profession. Cybercriminals are always upgrading their tools, especially malware, to find new ways to scam people and steal data or money. The old tricks no longer work as well. Basic phishing rarely fools anyone twice, so hackers constantly look for new ways to break in. They rely on whatever grabs your attention and doesn't raise suspicion, things like social media ads, fake banking apps or updates that look completely normal. One of the fastest-growing threats in this space is Crocodilus. First detected in early 2025, this Android banking Trojan takes over your contact list to make its scams look more legitimate and harder to spot. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide — free when you join. The Crocodilus malware was first documented by ThreatFabric cybersecurity researchers in late March 2025. They highlighted its extensive data theft and remote control capabilities. Crocodilus uses Facebook to infect devices. It appears in ads that look normal, but once clicked, the malware installs itself on your device. In some cases, it mimicked banking and e-commerce apps in Poland, promising users free points in exchange for downloading an app. The link led to a fake site that delivered the malware. Although the ad was only live for a few hours, it still reached thousands of users, most of whom were over 35, a group more likely to have money in the bank. Smaller but growing campaigns have also been reported in the United States, where Crocodilus disguised itself as crypto wallet tools, mining apps and financial services. These fake apps are often distributed through social media ads or phishing links, targeting Android users who are less likely to question a "legit-looking" financial app. While not yet widespread, the presence of Crocodilus in the U.S. underscores its global reach and rapidly evolving tactics. The Trojan has also been spotted in Spain, where it disguised itself as a browser update, targeting nearly every major Spanish bank. In Turkey, it posed as an online casino app. And the threat doesn't stop there. One of the biggest concerns with Crocodilus is its ability to add fake contacts to your phone, inserting entries like "Bank Support" into your contact list. So, if an attacker calls pretending to be from your bank, your phone may not flag it because it appears to be a trusted number, making social engineering scams much more convincing. The latest version also includes a more advanced seed phrase collector, especially dangerous for cryptocurrency users. Crocodilus monitors your screen and uses pattern matching to detect and extract sensitive data, such as private keys or recovery phrases, all before quietly sending it to the attacker. Crocodilus shows us what the next wave of mobile threats might look like. It uses real ads to get into your phone. It blends into your digital life in ways that feel familiar. It does not need flashy tricks to succeed. It just needs to appear trustworthy. This kind of malware is designed for scale. It targets large groups, works across different regions and updates fast. It can pretend to be a bank, a shopping app or even something harmless like a browser update. The scary part is how normal it all looks. People are not expecting something this malicious to hide inside something that looks like a gift. The creators of Crocodilus understand how people think and act online. They are using that knowledge to build tools that work quietly and effectively. And they are not working alone. This kind of operation likely involves a network of developers, advertisers and distributors all working together. 1. Avoid downloading apps from ads or unknown sources: Crocodilus often spreads through ads on social media platforms like Facebook. These ads promote apps that look like banking tools, e-commerce platforms or even crypto wallets. If you click and install one, you might be unknowingly downloading malware. Always search for apps directly on trusted platforms like the Google Play Store. Do not install anything from random links, especially those shared through ads, messages or unfamiliar websites. 2. Avoid suspicious links and install strong antivirus protection: Crocodilus spreads through deceptive ads and fake app links. These can look like legitimate banking tools, crypto apps or browser updates. Clicking on them may quietly install malware that hijacks your contacts, monitors your screen or steals login credentials. To stay safe, avoid clicking on links from unknown sources, especially those that promise rewards or warn of urgent problems. Installing strong antivirus software on your Android device adds another layer of protection. It can scan downloads, block malicious behavior and warn you about phishing attempts before they become a bigger issue. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 3. Review app permissions carefully before and after installation: Before you install an app, take a moment to look at the permissions it asks for. If a shopping app wants access to your contacts, messages or screen, that is a red flag. After installing, go to your phone settings and double-check what permissions the app actually has. Malware like Crocodilus relies on overreaching permissions to steal data and gain control. If anything seems unnecessary, revoke the access or uninstall the app entirely. 4. Keep your Android device updated at all times: Security patches are released regularly to block known vulnerabilities. Crocodilus is designed to take advantage of outdated systems and bypass newer Android restrictions. By updating your phone and apps regularly, you reduce the chances of malware slipping through. Set your device to install updates automatically when possible and check manually every so often if you are not sure. 5. Consider using a data removal or monitoring service: While not a direct defense against malware, data removal services can help minimize the damage if your information has already been leaked or sold. These services monitor your personal data on the dark web and offer guidance if your credentials have been compromised. In a case like Crocodilus, where malware may harvest and transmit banking info or crypto keys, knowing your data exposure early can help you act before scammers do. Check out my top picks for data removal services here. 6. Turn on Google Play Protect: Google Play Protect is a built-in security feature on Android phones that scans your apps for anything suspicious. To stay protected, make sure it's turned on. You can check this by opening the Play Store, tapping your profile icon and selecting Play Protect. From there, you can see if it's active and run a manual scan of all your installed apps. While it may not catch everything, especially threats from outside the Play Store, it's still an important first layer of defense against harmful apps like Crocodilus. 7. Be skeptical of unfamiliar contacts or urgent messages: One of the newer tricks Crocodilus uses is modifying your contact list. It can add fake entries that look like customer service numbers or bank helplines. So, if you receive a call from "Bank Support," it might not be real. Always verify phone numbers through official websites or documents. The same applies to messages asking for personal details or urgent logins. When in doubt, do not respond or click any links. Contact your bank or service provider directly. Crocodilus is one of the most advanced Android banking Trojans seen so far. It spreads through social media ads, hides inside apps that look real and collects sensitive data like banking passwords and crypto seed phrases. It can also add fake contacts to your phone to trick you during scam calls. If you use Android, avoid downloading apps from links in ads or messages. Only install apps from trusted sources like the Google Play Store. Keep your phone updated, and be careful if something looks too good to be true because it probably is. Who should be held accountable when malware like Crocodilus spreads through platforms like Facebook? Let us know by writing to us at For more of my tech tips anbd security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels Answers to the most asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
Fox News
5 days ago
- Fox News
10 signs your personal data is being sold online
Your personal data is probably being sold right now. Scam calls, junk emails, and weird login alerts aren't random. They're warning signs that your information is being circulated through data brokers, often without your knowledge or consent. Major breaches, like the recent Adidas hack, have exposed millions of names, emails, phone numbers, and home addresses. Once this data is leaked, it's fed into a vast marketplace of data brokers who package, sell, and resell your information to advertisers, spammers, scammers and even cybercriminals. Think it hasn't happened to you? Here are 10 red flags that your data is already out there and the steps you can take to stop it from spreading further. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide free when you join. If your personal information appears on people-finder sites or in sketchy online databases, it stays there until you remove it. This means your full name, home address, email, and phone number are available to anyone, including scammers and stalkers. You can manually opt out of each site, but that takes time and patience. Instead, consider an automated privacy service that scans data broker sites and sends removal requests on your behalf. The less data floating around, the less likely it is to be misused. If any of these are happening to you, your data is likely already floating around the broker and scammer economy. Here's what to watch for: If your inbox is overflowing with shady product offers, sketchy promotions, or strange marketing emails you never signed up for, it's a good bet your email address has been sold. This kind of spam typically results from your address being added to mass marketing lists purchased in bulk. More calls than usual from unknown numbers? Telemarketers, fake IRS agents, and car warranty scammers often use brokered phone lists. If you're getting several calls a day, it likely means your number is being recycled by different call centers and fraud operations. Unfamiliar password-reset prompts are a sign someone is attempting to access your account. They may have found your email address and other leaked credentials and are now probing for weak points. It's a key signal that your digital footprint is being exploited. Tiny charges can be a test by cybercriminals to see if stolen card info works. If even one unrecognized charge shows up, it's critical to act fast. These small transactions often lead to bigger, more damaging fraud if ignored. Losing access to your email, bank, or social media accounts may mean hackers have already reset your passwords. With enough personal data, criminals can bypass security questions and fully take over your identity online. If your contacts report strange DMs, fake money requests, or odd links coming from your accounts, that's a strong sign someone else has gained access. Cybercriminals use this tactic to trick your friends into clicking dangerous links or handing over money. A wave of fake profiles suddenly following or messaging you is more than annoying; it could be a coordinated attempt to gather more information about you or impersonate you later. These accounts may also be bots programmed to phish for details or direct you to scam pages. If your name, email, or phone number shows up on a form before you even touch the keyboard, that website may have purchased your information. Some sites share consumer data with partners, and this pre-fill behavior can indicate that your data is being sold and shared. Sites like Spokeo or Whitepages can display your full name, home address, phone number, family members, and more often scraped from public records or sold by data brokers. This makes you a target for identity theft, scams, and unwanted contact. Rejections for loans, insurance, or rental applications can stem from inaccurate or outdated data in broker databases. If your reputation or credit score is being shaped by information you didn't even know existed, that's a clear signal that your data is out of your hands. Noticing just a few of these signs means it's time to take action. The more proactive you are, the better you can limit future damage and prevent your data from spreading further. 1. Invest in a personal data removal service: Personal data removal services can request that your information be taken down from hundreds of data broker sites. It's an effective way to remove your name from public listings and stop new profiles from popping up. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren't cheap and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It's what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here. Get a free scan to find out if your personal information is already out on the web. 2. Strengthen your passwords: Use long, unique passwords that are different for every account. Consider using a password manager to generate and store complex passwords. Get more details about my best expert-reviewed password managers of 2025 here. 3. Turn on two-factor authentication: Adding a second step to your login process, like a text code or app confirmation, can stop hackers even if they know your password. Turn this on for email, banking, and any service that stores your sensitive info. 4. Monitor your financial accounts regularly: Check your bank and credit card statements every few days. Set up alerts for any activity, and if you're not actively applying for credit, consider freezing your credit reports with all three bureaus. 5. Use alias email addresses: Create separate email addresses for things like online shopping, sign-ups, and banking. This helps keep your primary inbox private and makes it easier to trace which services may be leaking or selling your information. If one alias starts receiving junk mail or suspicious messages, you can simply delete it without affecting your main account. It's one of the simplest ways to reduce spam and protect your digital identity. See my review of the best secure and private email services here. 6. Don't click suspicious links or attachments, and use strong antivirus software: Phishing attempts often look convincing, especially if scammers already know your name or other details. If something feels off, delete the message and go directly to the website instead of clicking the link. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 7. Be cautious about what you post publicly: Avoid sharing your birthday, hometown, full name, or photos of your home or license plates. Social media platforms are heavily scraped by bots and bad actors looking to compile detailed profiles. 8. Block robocalls and filter scam numbers: A surge in robocalls is a strong sign your phone number is being sold or shared by data brokers. These calls often come from spoofed or international numbers and may include fake IRS agents, tech support scams, or phony insurance offers. To fight back, enable your phone carrier's spam call protection (AT&T ActiveArmor, Verizon Call Filter, or T-Mobile Scam Shield). You can also use third-party apps like RoboKiller, Hiya, or Truecaller to screen calls, block known scam numbers, and report suspicious callers. Be sure to avoid answering unknown calls, even pressing a button to "opt out" can confirm your number is active and lead to more spam. Check out how to get rid of robocalls with apps and data removal services. Your personal data is valuable, and once it's out there, it's difficult, sometimes impossible, to claw it back. But you're not powerless. The more proactive you are, the safer you'll be. Start by cleaning up your digital footprint and removing your information from people finder and data broker sites. Whether you go manual or use a trusted service, acting now can help you avoid bigger problems later. Protect your privacy, defend your accounts, and stay one step ahead of the scammers. Should data brokers be required to get your permission before collecting and selling your personal information? Let us know by writing to us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels: Answers to the most-asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
Fox News
5 days ago
- Fox News
Android security upgrades outsmart scams and protect your privacy
With the increasing sophistication of digital threats, safeguarding your phone and personal data has never been more crucial. Android is responding with a suite of new security features designed to protect you from scams, fraud, and device theft. These enhancements are primarily rolling out to devices running Android 16. Some protections, such as enhanced theft protection and AI-powered scam detection, are also becoming available on select devices running Android 10 and later via Google Play Services updates. The most advanced features, including Identity Check and device-level Advanced Protection, are initially launching on Google Pixel and Samsung devices with One UI 7, with plans to expand to other manufacturers as they update to Android 16. Let's take a look at how these innovations are making Android security smarter and more comprehensive. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide free when you join. Phone scammers are becoming increasingly creative, often attempting to trick people into changing device security settings or granting risky permissions during calls. Android's new in-call protections add a layer of defense by blocking certain actions during calls with non-contacts. For example, you won't be able to disable Google Play Protect, sideload an app for the first time, or grant accessibility permissions while on a call with someone not in your contacts. If you're screen-sharing during a call, Android will prompt you to stop sharing when the call ends. Android's AI-powered Scam Detection in Google Messages and Phone by Google is now even more intelligent. It can identify suspicious conversation patterns in real-time and warn you before you fall victim to a scam. This protection covers a wide range of scams, including toll road and billing fee scams, cryptocurrency scams, financial impersonation scams, gift card and prize scams, tech support scams, and more. All message analysis happens on your device, so your conversations stay private. Availability can vary depending on your device, region, and carrier. If you don't see these features yet, make sure your app is updated and keep an eye out as Google continues to expand support to more users worldwide. To help protect you from scammers who try to impersonate someone you know, Android is rolling out Key Verifier in Google Messages. This feature lets you and your contact verify each other's identity using public encryption keys, either by scanning a QR code or comparing numbers. If a contact's verification status changes, like after a SIM swap, you'll see a warning, giving you extra confidence that you're talking to the right person. If you've ever used Android's Find My Device to track down a lost phone or set of keys, you know how helpful it can be. Now, Find My Device is evolving into Find Hub, making it easier to keep track of your devices, family, and friends all in one place, with more partner brands joining the network. Find Hub is also becoming more personalized. Whether you want built-in luggage tracking from July and Mokobara, ski protection with Peak integration, or Disney-themed Bluetooth tags from Pixbee, there are options to suit different needs. Soon, tags that are enabled with ultra-wideband, starting with moto tag, will provide improved nearby location tracking. Later this year, Find Hub will include satellite connectivity, allowing you to stay connected with friends and family even when cellular service is unavailable. For travelers, new partnerships with airlines such as Aer Lingus, British Airways, Cathay Pacific, Iberia, and Singapore Airlines will let you share your Bluetooth tag's location directly with these airlines. This should make recovering lost luggage easier and less stressful. Android continues to strengthen its theft protection features. The new Identity Check adds an extra layer of security if your PIN or password is compromised, and it's rolling out to more devices with Android 16. Factory Reset Protection is getting tougher, restricting all functionalities on devices reset without the owner's authorization. Remote Lock now includes a security challenge question to prevent unauthorized use, and one-time passwords will be hidden on the lock screen in higher-risk scenarios. For those who want even stronger security, Advanced Protection is now available as a device-level setting in Android 16. This combines Google's most robust security tools, like intrusion logging and scam call detection, into one setting that can't be turned off without unenrolling. Whether you're a journalist, a public figure, or just want extra peace of mind, Android 16 makes it easy to activate Advanced Protection. This suite of features brings together Google's top security tools, like Intrusion Logging, USB protection, and scam detection for calls, into one powerful setting. Once enabled, these protections can't be turned off, shielding you against even the most sophisticated attacks. And new features are on the way, including tighter controls over app permissions and network connections. To turn on Google's Advanced Protection, follow these steps: Settings may vary depending on your Android phone's manufacturer. You may be prompted to verify your identity (such as entering your password or using biometric authentication). Once you've completed the steps, you'll see a confirmation that Advanced Protection is active. Note: After activation, these protections cannot be turned off without unenrolling from Advanced Protection. You can review and adjust related security settings within the Advanced Protection menu, such as app permissions and network controls, as new features become available. If you don't see the option, make sure your device is updated to Android 16 and check for any additional requirements, such as a Google account or specific device compatibility. Some features may require additional verification steps, like using a security key or two-factor authentication, especially if you're enrolling for the first time or on a new device. While Android is doing a lot to protect you, there are a few extra steps you can take to boost your security: Install strong antivirus software: This adds another layer of defense against malware and suspicious apps. Google Play Protect, which is built-in malware protection for Android devices, automatically removes known malware. However, it is important to note that Google Play Protect may not be enough. Historically, it isn't 100% foolproof at removing all known malware from Android devices. So, you may want to choose a strong antivirus app and keep it updated for maximum protection. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices. Keep your device updated: Always install the latest Android updates to patch any security vulnerabilities. Updates often include important security fixes that protect against new threats. To do this, go to Settings, tap System or About phone, select Software update or System update, then tap Download and Install if an update is available. Use strong, unique passwords: Avoid reusing passwords across different accounts to reduce the risk if one is compromised. Consider a password manager to generate and store complex passwords. Get more details about my best expert-reviewed password managers of 2025 here. Be cautious with app permissions: Only grant apps the permissions they truly need. Review permissions regularly and revoke any that seem unnecessary or intrusive. Enable two-factor authentication: This adds an extra step to your logins, making it more difficult for others to access your accounts. Most major apps and services offer this feature in their security settings. Download apps only from the Google Play Store: Avoid third-party stores, which are more likely to host unsafe apps. The Play Store has security checks that help reduce the risk of downloading malicious software. Regularly review your privacy settings: Make sure you're comfortable with what you're sharing. Adjust settings to limit data sharing and enhance your privacy whenever possible. Consider a personal data removal service: Scammers often start by gathering information about you from public records and data broker sites. Using a personal data removal service can help scrub your personal details from these sites, making it much harder for scammers to target you. If you're concerned about your privacy or just want to take your security to the next level, this is a smart step to consider. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren't cheap and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It's what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here. Get a free scan to find out if your personal information is already out on the web. Keeping your phone and personal data secure is more important than ever, but Android is making it easier to stay protected with smarter scam detection, new ways to keep track of your devices and loved ones, and the strongest security features yet. By taking a few extra steps, like using strong passwords, keeping your device updated, and considering a personal data removal service, you're adding even more layers of protection against evolving threats. Security is always changing, but with these tools and habits, you can use your Android device with greater confidence and peace of mind. Who do you think should bear the greatest responsibility for keeping your data safe: tech companies, the government, or you as an individual? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels: Answers to the most-asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
Fox News
14-06-2025
- Fox News
How addresses are collected and put on people finder sites
Print Close By Kurt Knutsson, CyberGuy Report Published June 14, 2025 Your home address might be easier to find online than you think. A quick search of your name could turn up past and current locations, all thanks to people finder sites. These data broker sites quietly collect and publish personal details without your consent, making your privacy vulnerable with just a few clicks. Sign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide — free when you join. How your address gets exposed online and who's using it If you've ever searched for your name and found personal details, like your address, on unfamiliar websites, you're not alone. People finder platforms collect this information from public records and third-party data brokers, then publish and share it widely. They often link your address to other details such as phone numbers, email addresses and even relatives. 11 EASY WAYS TO PROTECT YOUR ONLINE PRIVACY IN 2025 While this data may already be public in various places, these sites make it far easier to access and monetize it at scale. In one recent breach, more than 183 million login credentials were exposed through an unsecured database. Many of these records were linked to physical addresses, raising concerns about how multiple sources of personal data can be combined and exploited. Although people finder sites claim to help reconnect friends or locate lost contacts, they also make sensitive personal information available to anyone willing to pay. This includes scammers, spammers and identity thieves who use it for fraud, harassment, and targeted scams. How do people search sites get your home address? First, let's define two sources of information; public and private databases that people search sites use to get your detailed profile, including your home address. They run an automated search on these databases with key information about you and add your home address from the search results. 1. Public sources Your home address can appear in: Property deeds: When you buy or sell a home, your name and address become part of the public record. When you buy or sell a home, your name and address become part of the public record. Voter registration: You need to list your address when voting. You need to list your address when voting. Court documents: Addresses appear in legal filings or lawsuits. Addresses appear in legal filings or lawsuits. Marriage and divorce records: These often include current or past addresses. These often include current or past addresses. Business licenses and professional registrations: If you own a business or hold a license, your address can be listed. WHAT IS ARTIFICIAL INTELLIGENCE (AI)? These records are legal to access, and people finder sites collect and repackage them into detailed personal profiles. 2. Private sources Other sites buy your data from companies you've interacted with: Online purchases: When you buy something online, your address is recorded and can be sold to marketing companies. When you buy something online, your address is recorded and can be sold to marketing companies. Subscriptions and memberships: Magazines, clubs and loyalty programs often share your information. Magazines, clubs and loyalty programs often share your information. Social media platforms: Your location or address details can be gathered indirectly from posts, photos or shared information. Your location or address details can be gathered indirectly from posts, photos or shared information. Mobile apps and websites: Some apps track your location. People finder sites buy this data from other data brokers and combine it with public records to build complete profiles that include address information. What are the risks of having your address on people finder sites? The Federal Trade Commission (FTC) advises people to request the removal of their private data , including home addresses, from people search sites due to the associated risks of stalking, scamming and other crimes. People search sites are a goldmine for cybercriminals looking to target and profile potential victims as well as plan comprehensive cyberattacks. Losses due to targeted phishing attacks increased by 33% in 2024 , according to the FBI. So, having your home address publicly accessible can lead to several risks: Stalking and harassment: Criminals can easily find your home address and threaten you. Criminals can easily find your home address and threaten you. Identity theft: Scammers can use your address and other personal information to impersonate you or fraudulently open accounts. Scammers can use your address and other personal information to impersonate you or fraudulently open accounts. Unwanted contact: Marketers and scammers can use your address to send junk mail or phishing or brushing scams. Marketers and scammers can use your address to send junk mail or phishing or Increased financial risks: Insurance companies or lenders can use publicly available address information to unfairly decide your rates or eligibility. Insurance companies or lenders can use publicly available address information to unfairly decide your rates or eligibility. Burglary and home invasion: Criminals can use your location to target your home when you're away or vulnerable. How to protect your home address The good news is that you can take steps to reduce the risks and keep your address private. However, keep in mind that data brokers and people search sites can re-list your information after some time, so you might need to request data removal periodically. I recommend a few ways to delete your private information , including your home address, from such websites. 1. Use personal data removal services: Data brokers can sell your home address and other personal data to multiple businesses and individuals, so the key is to act fast. If you're looking for an easier way to protect your privacy, a data removal service can do the heavy lifting for you, automatically requesting data removal from brokers and tracking compliance. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren't cheap — and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It's what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here. Get a free scan to find out if your personal information is already out on the web 2. Opt out manually : Use a free scanner provided by a data removal service to check which people search sites that list your address. Then, visit each of these websites and look for an opt-out procedure or form: keywords like "opt out," "delete my information," etc., point the way. Follow each site's opt-out process carefully, and confirm they've removed all your personal info, otherwise, it may get relisted. 3. Monitor your digital footprint: I recommend regularly searching online for your name to see if your location is publicly available. If only your social media profile pops up, there's no need to worry. However, people finder sites tend to relist your private information, including your home address, after some time. 4. Limit sharing your address online: Be careful about sharing your home address on social media, online forms and apps. Review privacy settings regularly, and only provide your address when absolutely necessary. Also, adjust your phone settings so that apps don't track your location. Kurt's key takeaways Your home address is more vulnerable than you think. People finder sites aggregate data from public records and private sources to display your address online, often without your knowledge or consent. This can lead to serious privacy and safety risks. Taking proactive steps to protect your home address is essential. Do it manually or use a data removal tool for an easier process. By understanding how your location is collected and taking measures to remove your address from online sites, you can reclaim control over your personal data. CLICK HERE TO GET THE FOX NEWS APP How do you feel about companies making your home address so easy to find? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Ask Kurt a question or let us know what stories you'd like us to cover. Follow Kurt on his social channels: Answers to the most-asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved. Print Close URL
