Google is the most popular email provider (Gmail) contributes about 70% of the email traffic on earth and being one of the oldest mass adopted email service (passing 20 years old is a worth achievement for any application, especially a “free” one.
As a cyber security digital expert, I have raved about the free service, its novel cloud-based structure, and how and why is
While I’m tickled to have been an early adopter of now-successful technology, though, it’s important to know when enough is enough. For me, that time has come, and I’m moving my primary digital correspondence to privacy-focused Swiss provider Proton Mail. It’s been a long time coming.
Should I, or should I not be popular?
Google is a Mega Monopoly Email Provider: Legal, but is it Ethical?
We’ve seen a lot go down in the privacy and security realms over the last two decades. Google’s been far from the only culprit, but as the default search engine for most browsers and the curator of Android, the Play Store, Google Analytics, reCaptchas, and more, the Big G has more data on the average North American user than any other corporation.
I’m as far from paranoid as any internet user, and even I use a VPN (primarily for spoofing IP geolocation); while I don’t do anything nefarious, and nobody’s tracking me for anything other than advertising, I prefer knowing I’m a little safer from bad actors that can hijack the content I’m viewing and thus possibly my hardware.
But Google creeps me out, and I’m no longer comfortable using Gmail. The successors to the FAANG stocks, the MAMAA companies (Meta, Apple, Microsoft, Amazon, and Alphabet) own a considerable amount of not just forward-facing web resources but also the underlying infrastructure most of the world’s internet relies on. I can’t avoid my data passing through the Google Cloud or Amazon Web Services, but I can limit what sites and apps I actively engage with.
Gmail’s interface is fine, I guess, if somewhat cluttered and not very attractive
Google’s always innocent until it’s not
Until 2017, Google automatically scanned Gmail accounts for keywords that it then used to personalize ads within the platform and probably outside it, too. Here’s why that should terrify you:
It had likely been happening since Gmail’s launch
Scans included messages from non-Gmail accounts, presumably contributing to shadow accounts containing data on those users
Widespread publicity via a 2013 Microsoft ad campaign and lawsuit the same year failed to stop it
Google’s proposed settlement was rejected for being overly vague and failing to promise proper disclosure of data harvesting practices
I’m under no misconception that I can extricate myself entirely from Google’s clutches; It’s too ubiquitous, and tons of common apps and services rely on its wide range of services. But I’ll do what I can, which includes moving to Proton Mail, a privacy-centric email provider with encrypted, underground servers, practically the polar opposite of Alphabet Inc.
Google paid over $26 billion in 2021 to remain the default search engine in various browsers
The surprisingly easy switch to Proton Mail
Why Proton Mail is my new favorite email provider
My own Proton account has been used as a backup since 2018. Moat recently though, it has now become my primary email for both personal and business.
I tested a trial of ProtonVPN a few years afo (ProtonVPN was a bit slow back then, but I and other cyber security expert highly recommend it as one of today’s top VPNs) due to its increased infrastructure and massive much faster speed. They have quadrupled the number of Servers globally since 2021).
I made the jump many years ago (2018) and highly recommend it to all of you going forward – primarily due to Proton’s comprehensive set of features, as well as the policies it enacts to keep your data private.
Among Proton’s consumer-friendly practices:
It opposes data harvesting, ads, and trackers (even the subversive tracking that comes from opening third-party-hosted images)
It falls under Switzerland’s privacy jurisdiction and isn’t subject to US surveillance
Theoretically, no other human can view your emails. In fact, if you lose and need to reset your password, you’ll lose access to previous messages, an impressive layer of security against hacking
Support for end-to-end encryption between Proton users and password protection for external emails
Open-source encryption (including optional PGP signing) and independent auditing to ensure strict adherence to standards
A few clicks, and I never have to access my Gmail page again
Compared to my first brief look years ago, Proton’s UI and general implementation have matured significantly. It was also a breeze to sit back and observe how easy it was to have over 100 (128 and counting!) forward over 100 (121 and counting!) of my Client’s perform the action of transferring each of their current Gmail messages to their now-primary Proton address, and the calendar appears to have integrated well, with alerts showing up consistently on both Android and iPhones without problems.
They are perfectly happy with the features provided by Proton’s most affordable tier, the Mail Plus plan. You can create 10 separate addresses and even a custom domain, as well as shorten the default existing domain to pm.me (because @protonmail.com is, admittedly, a bit of a mouthful).
It includes 15GB of storage, unlimited folders and filters, and can do everything I ever wanted my Gmail account to do. Most importantly, it keeps their permanent correspondence out of Alphabet’s umbrella and especially any private or confidential emails, as well as people who send it to them that don’t even use Gmail!
Proton offers diverse Subscription Plans (including Free!)
You can actually use Proton Mail entirely for free, although it does have restrictions: You are limited to 150 emails per day and 1GB of storage, can’t create custom addresses or domains, and won’t have access to the calendar, or the encrypted password manager and unlimited VPN offered by the Proton Unlimited subscription. But even the free tier is visually and more private and securr, as well as overall being much better than Gmail.
Committing to 1 or 2 years of the $5/month low tier drops the price to $4 or $3.50, respectively.
The Unlimited tier will set you back $10 or $8 per month at those same subscription lengths and afford you 500GB of storage, 15 custom addresses, 3 custom domains, and unlimited VPN and Proton Pass (its password manager) access. There is also a six-user family plan starting at $30 and three tiers of slightly more business-focused options.
But I’m really not advertising for Proton here. I’m just choosing to actively take my digital footprint back into my own hands in a way many of us haven’t done since Gmail’s massive rise over a decade ago. It’s well overdue, and over the few weeks I’ve used Proton Mail full-time, I can’t say I regret it or will ever look back.
In an unprecedented move, a recent court order has now mandated YouTube to disclose the identities of individuals who have viewed certain videos. This decision, stemming from legal proceedings that scrutinized specific content on the platform, marks a significant shift in online privacy dynamics, raising concerns among digital rights advocates and everyday users alike.
What Does This Mean for You?
The ruling necessitates YouTube to reveal viewer details, potentially exposing individuals’ viewing habits and preferences. In an era where digital privacy is already under siege, this development adds another layer of vulnerability, highlighting the necessity for robust measures to safeguard online anonymity.
Safeguard Your YouTube Browsing with Nordman VPN
In response to these growing privacy concerns, turning to reliable security solutions like Nordman VPN becomes paramount. Nordman VPN stands out as a beacon of digital privacy, offering top-tier encryption and IP masking features that ensure your YouTube activities remain confidential and untraceable.
Why Choose Nordman?
Enhanced Privacy: Nordman VPN encrypts your internet connection, keeping your online activities private and secure from prying eyes.
IP Anonymity: It masks your real IP address, making your YouTube viewing habits invisible to outsiders, including ISPs and third parties.
Ease of Use: With user-friendly interfaces and seamless integration, Nordman ensures that your online privacy protection is hassle-free and efficient.
Embrace Your Digital Freedom
While the digital realm continues to evolve, often bringing complex challenges to the fore, tools like Nordman VPN empower you to take control of your online privacy. In light of the recent YouTube ruling, adopting Nordman VPN isn’t just a choice—it’s a necessity for those who value their digital freedom and wish to maintain a private, secure online presence.
Stay Informed, Stay Secure
As advocates for digital rights and privacy, we must stay informed and proactive in protecting our online spaces. By choosing robust security solutions like Nordman VPN, you can safeguard your digital footprint and continue to enjoy the vast world of YouTube without compromising your privacy.
ALERT: Hackers Are Posing As ID.me To Steal Your Identity
Do You Know All .ME Domains like ID.ME Required by the IRS are Owned By Montenegro & Their Billionaire Club?
Identity verification services like ID.me have become indispensable in the digital age. By providing a secure and convenient way to prove your identity online, ID.me opens doors to essential services and benefits. However, as with any popular online platform, scammers are finding ways to exploit these services and trick unsuspecting users.
This article will take an in-depth look at the ID.me scams popping up, how they work, and most importantly, how to avoid becoming a victim. With identity theft and online fraud at an all-time high, awareness is your best defense.
ID.me provides a valuable service as a digital identity network used by government agencies, healthcare providers, and other organizations to securely verify user identities online. By acting as a trusted validator of personal information, ID.me opens the door for people to easily access essential services and benefits.
However, this convenience also creates an opportunity for fraudsters. Scammers are increasingly impersonating ID.me through phishing campaigns in order to steal personal information from victims. Once they have the data, they can hijack identities, drain accounts, and perpetrate other forms of fraud.
These ID.me scams are growing more complex and convincing, making it crucial for users to understand the tactics and stay vigilant. Here are the main types of ID.me scams and frauds being perpetrated:
Phishing Emails
This is one of the most common vectors for ID.me scams. Victims receive emails pretending to be from the legitimate ID.me security team. These emails may:
Warn that unusual activity was noticed on your account
State that immediate account suspension will occur if no action is taken
Provide a fake deadline such as 24-48 hours to re-validate your account
Include a “Verify Account” or “Reset Password” button/link to a phishing site
If the user clicks the deceptive call-to-action button or link, they are taken to a convincing but fake ID.me login page designed to steal login credentials as well as other personal data.
Smishing Text Message Scams
Similar to phishing emails, fraudsters send text messages also impersonating ID.me. They state your account is at risk of being locked or needing immediate validation via a link included. If clicked, the link directs victims to a phishing site masquerading as the legitimate ID.me site.
Once on the fake page, any information entered is captured by scammers. Smishing texts use urgency and threats to get users to comply without thinking it through.
Vishing – Phone Call Scams
This technique uses phone calls rather than messages to trick victims. Scammers posing as ID.me support agents call users claiming that suspicious activity means accounts will be suspended without immediate intervention.
The “agents” pressure and persuade victims to provide personal details or even remote access to the victim’s device, enabling installation of info-stealing malware.
Fake ID.me Websites
Beyond phishing pages, scammers also create entire fake websites impersonating the real ID.me site. Links to these fraudulent sites are sent out en masse via email spam campaigns. They are designed to capture login details and personal info from unsuspecting victims who were persuaded the site was legitimate.
Malicious Software Scams
Scammers may also use phone calls, emails, or texts to trick users into downloading malware. This can occur by:
Sending a phishing message with an infected file attachment
Persuading victims to click a link to download fake “security software”
Requesting remote access to devices in order to “diagnose connectivity issues” then installing malware
Once installed, info-stealing malware can harvest data and credentials directly from the compromised device.
Account Takeover Scams
Sophisticated scammers may attempt full account takeover rather than simple phishing. By gathering key details like usernames, passwords, and partial SSNs from data breaches, they can convince ID.me’s system they are the legitimate account owner.
This enables them to bypass identity verification and fully compromise the account. 2FA often thwarts these takeover attempts however.
In summary, ID.me scams aim to exploit trusting users through impersonation and clever psychological manipulation. By understanding the deceptive tactics used in these scams, people can better recognize the warning signs and avoid being victimized.
How the ID.me Scams Work
Fraudsters use clever psychological tactics to manipulate victims in ID.me scams. Here is an inside look at exactly how they operate:
Step 1 – Initial Contact
Scammers initiate contact via:
Emails pretending to be ID.me security alerts
Texts claiming your ID.me account is at risk
Calls posing as ID.me support agents
Their goal is to cause panic so you act without thinking.
Step 2 – Creating Urgency
Next, scammers pressure you to take immediate action by:
Stating your account will be frozen if you don’t re-verify
Claiming the deadline to avoid suspension is approaching
Warning of penalties or losses if you don’t comply
This plants a fear of missing out, causing you to stop questioning.
Step 3 – Requesting Information
Scammers will instruct you to confirm sensitive details such as:
Login credentials
Social Security Number
Bank account info
Credit card numbers
They may pretend it’s needed to verify your identity and keep your account active.
Step 4 – Gaining Remote Access
In some cases, scammers will try to gain remote access to your device by making you:
Download suspicious files allowing control of your system
Enter codes sent to your phone number enabling account takeover
Allow screensharing applications giving them access to your data
Step 5 – Leveraging Your Identity
Once scammers have your information, they can:
Access and drain your financial accounts
Make purchases using your credit cards
Commit tax fraud with your SSN
Steal your identity to open accounts or apply for loans
The damage can be extensive if scammers successfully exploit your identity.
What to Do if You Fell Victim to an ID.me Scam
If you suspect your ID.me account or identity has been compromised, take these steps immediately:
Step 1 – Lock Down Your Accounts
Reset your ID.me password and enable two-factor authentication
Contact banks to freeze accounts potentially accessed by scammers
Place fraud alerts and monitor your credit reports closely
Change passwords on any compromised accounts
Step 2 – Report the Incident
File identity theft reports with the FTC and your local police department
Notify ID.me directly so they can secure your account
Contact companies where your identity was likely abused
Report social media and email phishing attempts
Step 3 – Monitor for Suspicious Activity
Set up account alerts to notify you of any unusual activity
Periodically get free credit reports to catch new fraudulent accounts
Review all statements thoroughly for any unauthorized charges
Sign up for identity theft protection services to detect misuse
Step 4 – Recover From the Fraud
Dispute any fraudulent charges or accounts opened in your name
Work with creditors to close fraudulent accounts and reverse damages
Update information related to your identity, accounts, and credentials
Change compromised account numbers and request replacement cards
Frequently Asked Questions About the ID.me Scam
1. What is the ID.me scam?
The ID.me scam involves fraudsters impersonating the valid ID.me identity verification service in phishing attempts via email, text messages, and phone calls. Their goal is to trick victims into revealing login credentials or sensitive personal information.
2. How do scammers carry out the ID.me scam?
Scammers initiate contact posing as ID.me through:
Fraudulent emails warning your account is at risk
Smishing texts claiming you must reverify your ID.me account
Vishing phone calls pretending there is suspicious activity
They pressure you to act urgently and provide info to avoid account suspension.
3. What techniques do scammers use in the ID.me scam?
Scammers manipulate victims using:
Fear – Threatening account suspension or penalties
Urgency – Impending deadlines to reverify accounts
Social Engineering – Pretending to be ID.me support agents
4. What information do scammers attempt to steal with the ID.me scam?
Scammers phish for:
Usernames and passwords
Bank account and routing numbers
Credit card details
Social Security Numbers
Driver’s license numbers
Digital wallet account access
5. What do scammers do with my information from the ID.me scam?
Scammers can use your information to:
Drain financial accounts
Make purchases with your credit cards
Steal your tax refund
Apply for loans or credit in your name
Access government benefits using your identity
6. How can I avoid falling for the ID.me scam?
To avoid the ID.me scam:
Never click links in unsolicited messages
Don’t provide info to incoming calls alleging to be ID.me
Verify custom URLs before entering login credentials
Enable two-factor authentication as an extra layer of security
Monitor accounts closely for unauthorized activity
7. What should I do if I fell victim to the ID.me scam?
If you fell for the scam, immediately:
Reset your ID.me password and security questions
Contact banks to freeze accounts
Place fraud alerts on credit reports
Report identity theft to the FTC and police
Close any accounts opened fraudulently
8. How can I recover from identity theft related to the ID.me scam?
To recover, be sure to:
File police reports regarding the identity theft
Dispute fraudulent charges with banks and creditors
Change compromised account numbers and request new cards
Monitor credit reports and financial statements for misuse
Sign up for identity theft protection services
9. How can I help others avoid the ID.me scam?
You can help others by:
Reporting scams and phishing emails to help shut them down
Making family and friends aware of the tactics scammers use
Encouraging people to use unique passwords and two-factor authentication
Advising caution against unsolicited calls, texts and emails
10. Who can I contact for help after falling victim to the ID.me scam?
Reach out to the following for assistance:
ID.me Support – They can secure your account
Your bank’s fraud department
Federal Trade Commission – To report identity theft
IRS – If tax fraud occurred
Local police – To file an identity theft report
The Bottom Line
ID.me provides a valuable service, but also opens the door for scammers to steal identities. Stay vigilant against phishing attempts via email, text and phone. Never click unverified links, provide sensitive information to strangers, or allow remote access to your device. If you do fall victim, take steps immediately to lock down your identity and report the fraud before irreparable harm is done. Spread awareness about these scams to help others avoid becoming victims too.
How to Stay Safe Online
Here are 10 basic security tips to help you avoid malware and protect your device:
Use a good antivirus and keep it up-to-date.It’s essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.
Keep software and operating systems up-to-date.Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.
Be careful when installing programs and apps.Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you’re agreeing to before you click “Next.”
Install an ad blocker.Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.
Be careful what you download.A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.
Be alert for people trying to trick you.Whether it’s your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it’s easy to spoof phone numbers, so a familiar name or number doesn’t make messages more trustworthy.
Back up your data.Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.
Choose strong passwords.Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.
Be careful where you click.Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.
Don’t use pirated software.Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.
To avoid potential dangers on the internet, it’s important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.CategoriesScamsLoad Comments
Meet Thomas Orsolya
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
Since 2010
Founded in 2010, MalwareTips is a leading cybersecurity community providing free malware removal tutorials, tech news, scams exposure, dedicated help forums, user education, and security guides.14+ years of activity65K+ security and tech guides180M+ annual readers
Our Community
With over 60,000 members, we invite you to join our tech-focused community. Discuss malware, security tips, emerging threats, and more with fellow enthusiasts. Share your questions and insights to spread awareness. We welcome you to our diverse, growing forum!70K+ registered members900K+ forum messages65K+ topics discussed
We offer free and tested self-help guides. MalwareTips.com can not be held responsible for problems that may occur by using this information. If you would like help with any of these fixes, you can ask for malware removal assistance in our dedicated support forums.
Please ensure your data is backed up before proceeding.
Follow Us
Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.
Geobox: A Hacking Device That Is Basically Untraceable
In summary, a Geobox transforms the mini-computer Raspberry Pi into a Swiss-army knife type of hacking device!
Sold for a lifetime fee of $700 or a monthly rate of $80, the software is able to:
1. Spoof location
2. Mimic Wi-Fi access points
3. Manipulate DNS and network parameters while providing anonymity.
4. Copying and emulating the same commonly used Wi-Fi landing page that most restaurants and concerts use to log on to avoid suspicion. The operators can even charge 0.99 cents or more depending on the location/Clients of where they are located at (such as a fitness gym, where the upcharge is usually $2.99 for unlimited data use or free for limited data).
Imagination is not required: this Geotool allows any person to set up a virtually untraceable Wi-Fi box that most people take for granted and can own all of the data or even the device or laptop once one connects to it!
After researching a few operators using it at a popular tourist site (March, 2024), it was observed that “three malicious individuals utilized several Geobox devices, each connected to the internet. These devices served as proxies, significantly enhancing their anonymity. This approach complicated the investigation and tracking process for any one attempting to investigate them using them, especially since, by default, Geobox devices do not store any logs nor any digital or paper trail for themselves or whomever logs on to the created Wi-Fi access point. They also have an amazing choice: to either create a Wi-Fi point similar to the official location name of where they are operating from, such as naming it “McDonald’s Free Wi-fi”
OR
They simply use it for their own fully anonymous purposes, such as emulating an internal Wi-Fi access point; which is quite common at Malls, shopping areas and concert venues where the general public or even workers/vendors would have no ability to distinguish between a Geobox created Wi-Fi point and the authentic one. To make it even more authentic, an operator would mimic the secure password of the host site – such as a popular shopping Mall’s password for internal Employees/Vendors.
It only takes these bad actors 2 – 5 minutes on average by simply using the popular $300 Flipper device to get the password or passcode of any device or Wi-Fi router today as well in combination with the Geobox!
Raspberry Pi is a widespread, low-cost, and small single-board computer used for various projects and praised by enthusiasts.
However, with Geobox, it is transformed “into a potent weapon for digital deception.” Malicious software is specifically designed for the Raspberry Pi 4 Model B with at least 4GB of RAM.
The price is $700 for lifetime, which is very cheap and affordable considering the amount of data, private and personal information it can easily obtain within a few minutes of being set up once just one person unwittingly connects to it in this day and age of people expecting free or low-cost internet everywhere!
These device operators also have the ability to create a bogus free or one-time .99 cent-for-24 hour unlimited internet access via a simple landing page to mask and emulate, as an example, your favorite restaurants like McDonald’s or Starbucks!
With Geobox, malicious actors target a broad audience as the setup process is streamlined, clear, and concise, with easy-to-follow instructions also provided. The manual links to the official Raspberry website for OS installation.
Multiple tools are included with Geobox: multiple VPN connections, GPS and Wi-Fi emulation, DNS configuration, data substitution tools, network configurators, and others.
The Geobox Can Be Easily Used For Anonymous Geolocation or Multiple Internet Purposes
“The device’s functionality is diverse, allowing for various forms of digital manipulation and disguise. Key features include the ability to use WebRTC IP for discreet online communication and GPS spoofing to simulate different geographical locations, which is particularly valuable for activities that require geolocation manipulation. Furthermore, the Geobox can completely mask (hide) Wi-Fi MAC addresses, making the user’s network activity more difficult to trace.”
*Most High Schools and Colleges Use Wi-Fi MAC Addresses As Standard Internet and Wi-Fi Usage Tracking Controls*
The emergence of Geobox raises significant concerns and introduces new complexities for cybersecurity – as well as the general public! One simple dot or variation of a “Starbucks or McDonalds Wi-Fi” authentic connecting point at any location is all it takes for operators of a Geobox to own and obtain all of the data on your laptop/phone or any other connected device!
Armed with such an affordable and easy to obtain cyber device, operators can easily carry and coordinate various attacks; such as being a data dump for anyone logging on to the newly created “free Wi-Fi” identity theft and credit card fraud under the veil of anonymity, circumventing network restrictions and surveillance, malware distribution, credential stuffing, spreading misinformation, content piracy, etc.
It was observed one operator used Geobox in combination with two LTE-based wireless modems, “proxyfying connections via multiple chains of SOCKS and PROXY servers globally and automatic pseudo-randomly via AI”. In essence, these easy proxy steps further ensure they are anonymous and cannot be tracked unless known to be doing this activity in advance!
Leveraging several devices deployed in various locations using this model is easy if the operator has a few friends working as a small tight-knit team. Note that this device can be easily carried in a purse, bag or backpack; easily disguisable as simply being a popular Notebook or laptop.
“Once the malicious action has been conducted – they can simply wipe the device or physically destroy it if they have a hunch that they are being monitored or tracked – but this device is so cheap, simple and easy that the chances of them getting caught are slim to none and thus they simply move it to other locations depending on their intent and motives – such as an up coming concert venue or local restaurant that people go to fully expecting and using free Wi-Fi”.
In Cape Cod, Massachusetts, a robot named Spot, made by Boston Dynamics, was shot during a police standoff. This is the first time Spot has been shot while helping the police. Spot was there to help the police stay safe while dealing with a dangerous person who had locked himself inside a house.
The police were called because someone reported a man with a gun hiding in a house. When the police got there, the man shot at them. So, the police used Spot and two other robots to find out where the man was inside the house. This helped the police understand what was happening inside without risking their lives.
Spot went into the basement to check things out. When Spot was trying to open a door, the man came out with a gun and knocked Spot down. Spot can stand up again by itself and followed the man, but then the man shot Spot, breaking it.
Spot: The Robot That Took Bullets And Saves Lives
Even though Spot was hurt, the police managed to arrest the man safely using tear gas. The police said using Spot helped them a lot because they didn’t have to send people or a real dog into the dangerous situation, which could have caused more violence.
Afterward, Spot was sent back to Boston Dynamics. They checked the robot and fixed it. They decided to keep Spot for research and gave the police a new one. Boston Dynamics also talked about how robots like Spot can help in emergencies, like finding people after disasters or helping in dangerous police work.
For those interested in investing in companies like Boston Dynamics and exploring opportunities in technology that saves lives, it’s essential to stay informed and make educated decisions.
Boston Dynamics, known for its advanced robotics, is a subsidiary of Hyundai Motor Group, and while Boston Dynamics itself is not publicly traded, Hyundai Motor Group is.
To delve deeper into investment opportunities in this innovative sector, you might consider exploring companies that are involved in similar technological advancements and are publicly traded. Investing in technology firms requires understanding the market, the technology, and the potential for growth and impact.
Here are some steps and resources to guide potential investors:
Research Emerging Technology Firms: Look for companies that are pioneering in robotics and artificial intelligence. Websites like Crunchbase or TechCrunch can provide insights into emerging tech companies.
Understand the Market: Use financial news platforms like Bloomberg, Reuters, or CNBC to get the latest updates on tech stocks, market trends, and analyses.
Diversify Your Investments: Consider diversifying your portfolio by investing in ETFs that focus on robotics and artificial intelligence, like the Global X Robotics & Artificial Intelligence ETF (BOTZ) or the ROBO Global Robotics and Automation Index ETF (ROBO).
Stay Informed: Regularly follow updates and research reports from investment banks and financial analysts who focus on technology and innovation.
Consult Financial Advisors: Before making investment decisions, it might be beneficial to consult with a financial advisor who understands the tech sector and can provide personalized advice based on your financial goals.
By staying informed and considering a strategic approach, investors can identify opportunities to invest in the companies shaping the future of robotics and technology, potentially contributing to advancements that save human lives.
Apple iPhone Users Targeted As Increased Password Reset Scams Skyrocket In 2024
New password reset attack targets Apple device users
Scammers are taking advantage of Apple’s password reset tool in a new ‘MFA bombing’ attack.
d3sign/Getty Images
Apple device owners are facing a new phishing hack that uses “multi-factor authentication (MFA) bombing” to steal their data.
Several Apple users in have reported a hacking attempt that appears to take advantage of Apple’s password reset feature, KrebsOnSecurity reported, citing people who have been targeted. The scammers have used Apple’s password reset tool to spam their targets with dozens, if not hundreds, of notifications, asking the user to reset their Apple ID password.
Pressing the “Allow” option gets the scammers one step closer to resetting the user’s credentials because that device could then be used to create a new Apple ID password.
Unfortunately, tapping “Don’t Allow” on all the notifications doesn’t solve the problem.
After those targeted by the scam chose to not allow their passwords to be reset, they received phone calls from the scammers claiming they were from Apple’s support team, according to the report. Their goal was to send a password reset code to the user’s device and have the user tell them the code. Armed with that information, the scammers could simply reset the Apple ID password and get full access to the user’s account.
Since Krebs’ sources didn’t press “Allow” on the notification, it’s unclear what the scammers would have done in that scenario. Presumably, the scammers would still likely need to call the target, again acting as Apple support, and fool them into resetting the password on their device and sharing it with the hacker.
Phishing attacks have been used for decades to target unsuspecting victims. But in recent years, scammers have increasingly turned to phishing as a desirable way to steal passwords, delete data, and ultimately steal money from their victims.
In 2022, mobile phishing attacks were up a whopping 61% year-over-year in just a six-month period, according to security provider SlashNext. The company said mobile users faced 255 million phishing attacks during that period.
It’s unclear how many Apple users have been impacted by this MFA bombing attack. However, Krebs’ sources reported that they received notifications on their iPhones, Apple Watches, and Macs, suggesting the attack isn’t just limited to one type of Apple device. What’s worse, there’s no simple way to stop it.
One of Krebs’ sources said they called Apple for help with the attack and the company said they should create a recovery key, a 28-character code that they would need to input to change their Apple ID password.
However, after creating a recovery code, Krebs reported that it was still possible to trigger the notifications the users saw when targeted by the spammers. It appears Apple’s password reset feature may be to blame and until the company changes how that works, hackers could conceivably continue to exploit the flaw and target users.
For now, if you’re an Apple user, your only option is to stay in the know and remain vigilant. If you receive a slew of password reset requests that you didn’t initiate, be sure to always choose the “Don’t Allow” option on the notifications.
Don’t be tempted to choose “Allow” simply because the notifications aren’t allowing you to use other apps or services on your device — a core component in the fraudsters’ plan. Even if you don’t choose “Allow,” be prepared for a call and be sure not to answer it.
Additionally, Apple has made it clear that the company does not call any of its users directly. So, if you receive a number from 1-800-275-2273 (Apple’s actual support line that the scammers are spoofing to make their calls seem legitimate), don’t pick up and definitely don’t provide any information to the caller.
Are you concerned about your online privacy and looking for ways to mask your IP address on Coinbase?
If like many people, you have come to the right place. In this guide, we’ll walk you through the steps to change your location on Coinbase (or any other Crypto Exchange) and hide personal information like your IP address, country, and region.
Quick Guide: Hide Your IP Address and Change Your Location
Mask Your IP Address
Flush DNS and Renew Your IP Address
Change Your Coinbase Location Settings
Other Methods to Hide Your IP Address and Location on Coinbase
Why Hide Your IP Address?
There are several reasons why you might want to hide your IP address. One of the main reasons is to protect your privacy and prevent Coinbase from tracking your physical location. By masking your IP address, you can also avoid leaving a digital footprint and bypass content filters or bans.
How to Hide Your IP Address and Location from Coinbase
Mask Your IP Address
Use a VPN (Virtual Private Network) or proxy server to mask your IP address and spoof your location.
We recommend using NordVPN for its ease of use and reliability.
Follow these steps to install and configure NordVPN:
Visit NordVPN’s website and create an account.
Download and install NordVPN on your devices.
Connect to a VPN server from your preferred location.
Flush DNS and Renew Your IP Address
Clear your DNS cache to ensure your computer obtains the latest IP address from Coinbase’s DNS server.
Renew your IP address through your device’s settings or command prompt.
Follow these steps for PC (Any Windows OS Computer) (please contact me directly at https://www.t.me/DigitalFoundation for one on one Consultation):
Step-by-Step Guide: Flush DNS and Renew Your IP Address
Step 1: Open Command Prompt
On Windows: Press the Windows key, type “cmd” in the search bar, then press Enter.
On Mac: Open Spotlight (Command + Space), type “Terminal,” then press Enter.
Step 2: Run Command Prompt as Administrator
Right-click on Command Prompt in the search results.
Select “Run as administrator” from the context menu.
Step 3: Enter Commands
In the Command Prompt window, type the following commands one by one, pressing Enter after each:
ipconfig /flushdns (This command clears the DNS resolver cache.)
ipconfig /release (This command releases your current IP address.)
ipconfig /renew (This command requests a new IP address from your DHCP server.)
Step 4: Confirm Success
Look for confirmation messages after each command.
You should see messages indicating successful flushing of the DNS resolver cache and renewal of your IP address.
Step 5: Close Command Prompt
Once you’ve completed the commands and confirmed success, you can close the Command Prompt window.
Note:
Flushing the DNS resolver cache and renewing your IP address can help resolve network connectivity issues and ensure that your computer has the latest IP address information.
These steps may vary slightly depending on your operating system. Always run Command Prompt with administrator privileges for these actions.
Mac/Apple Flushing DNS:
Change Your Coinbase Location Settings
Before logging in to your Coinbase account, ensure NordVPN is running and connected to the preferred server location.
Log in to your account, go to “Privacy Settings,” and change your “Location/Region/Country” to match your VPN server.
Save the changes and you’re all set.
Can’t Change Your Coinbase Location Settings? Here’s What to Do
If you’re unable to change your region, location, or country on Coinbase’s account settings, you can contact Coinbase support for assistance. Follow these steps:
Send a message to Coinbase support requesting a manual update of your physical location.
Wait for 24-48 hours for their response.
Other Methods to Hide Your IP Address and Location on Coinbase
In addition to using a VPN or proxy server, you can also consider using a neighbor or trusted friend’s Wi-Fi networks or proxy servers. However, keep in mind the security and privacy implications of these methods. If you are unsure or don’t know whether or not your Internet/Device/Computer is truly SECURE, take 2 minutes of your valuable time and go here to run a VPN and Browser Leak Scan: https://browserleaks.com/webrtc
VPN vs. Proxy vs. Public Wi-Fi: A Comparison
Here’s a comparison table outlining the key differences between using a VPN, proxy server, and public Wi-Fi to hide your IP address and change your location on Coinbase:
Features/Attributes
VPN
Proxy Server
Public Wi-Fi
IP Address Masking
Yes
Yes
Yes
Encryption
Yes (High-level)
No
No
Geolocation Spoofing
Yes
Yes
Partial
Ease of Setup
Easy
Moderate
Easy
Speed
Fast (depends on service)
Moderate
Varies (often slow)
Security
High
Low
Very Low
Privacy
High
Low to Moderate
Very Low
Access to Restricted Content
Yes
Yes
Maybe
Consistency
High
Moderate
Low
Cost
Subscription
Subscription or one-time fee
Free
Legality & Compliance
Generally Legal, some restrictions apply
Generally Legal, some restrictions apply
Legal
In summary, using a VPN offers the highest level of security and privacy, while proxy servers and public Wi-Fi networks may be less reliable. Choose the method that best suits your needs and always prioritize your online privacy and security.
By following these steps and tips, you can effectively hide your IP address and change your location on Coinbase, ensuring your online activities remain private and secure.
Disclaimer:
The information provided in this blog post is for educational purposes only. While we strive to provide accurate and up-to-date information, we cannot guarantee the effectiveness or suitability of the methods described.
By following the steps outlined in this guide, you acknowledge that neither any individuals affiliated with GeeksByTheHour nor its affiliates are responsible for any actions, events, or consequences that may occur as a result.
It is recommended to consult with a qualified IT professional or technician before performing any network-related actions on your computer. Always proceed with caution and at your own risk.
Turning off all 7 of these features will make Windows 11 feel much less intrusive (and some might boost your computer’s performance), and you’ll have a more enjoyable user experience. Say goodbye to annoying notifications disrupting your workflow, targeted ads, data collection, and more.
1. Pop-up banner notifications
In Windows 11, you’ll often see banner notifications appear in the bottom right corner of your screen. These notifications might contain important system alerts or a not-so-important article from a website you allowed notifications for, but they’re generally regarded as a bit annoying.
If you’ve ever found these pop-up banner notifications distracting, here’s how to disable them.
1. Open the Settings app.
2. Click on System in the left menu.
3. Select Notifications from the center menu.
4. Toggle off the switch next to Notifications at the top of the window.
(Image credit: Future)
If you only want to disable notifications temporarily, you can toggle on Do Not Disturb and set up custom times to not receive notifications.
2. Start menu notifications and recommendations
If you’re not using OneDrive or your Microsoft user account is missing info, you’ll see account-related notifications in the Start menu. Here’s how to stop seeing these pesky notifications.
1. From your Settings app, select Personalization from the left menu.
2. Click on Start in the center menu.
(Image credit: Future)
3. Toggle off the switch next to Show account related notifications occasionally in Start.
The Start menu is also home to recommendations, which can sometimes be helpful, but are more often just a nuisance. To turn these off, toggle the switch next to Show recommendations for tips, shortcuts, new apps, and more.
3. Targeted Microsoft ads
With ads on almost every website you visit and in your social media feed, it’s no surprise that Windows 11 tracks your activities so advertisers can send personalized ads your way. While you unfortunately can’t turn off ads completely on Windows 11, you can disable the use of your unique advertising ID to stop seeing targeted ads.
1. Head to your Settings app.
2. Click on Privacy & Security in the left menu.
3. Select General from the center menu
(Image credit: Future)
4. Next to Let apps show me personalized ads by using my advertising ID, toggle the switch off.
(Image credit: Future)
Optionally, while you’re here, you can also toggle off the switches next to Let Windows improve Start and search results by tracking app launches and Show me notifications in the Settings app.
4. News feed from Widgets
Widgets are one of the best Windows 11 features because they give you a quick glance at info from the apps you’ve added, but the news feed added by default is unnecessary.
1. Open your Widgets board by pressing the Windows key followed by the W key.
2. Click the Settings button (cog gear icon) in the top right corner of the Widgets board.
3. Select Show or hide feeds from the menu.
(Image credit: Future)
4. Toggle off the switch next to Microsoft Start.
5. A pop-up window will appear to confirm your decision. Select Turn off, and when you open your Widgets board next, the news feed will be gone.
(Image credit: Future)
5. Optional diagnostic data and feedback
In order to improve the Windows 11 experience, Microsoft collects a lot of data about your computer and how you use it. While real user experience can certainly help Microsoft improve its operating system, it’s not necessary. Here’s how to limit the amount of diagnostic data and feedback your computer sends to Microsoft.
1. Open your Settings app.
2. Select Privacy & security from the left menu.
3. Click Diagnostics & feedback in the center menu.
4. Toggle off the switch next to Send optional diagnostic data.
(Image credit: Future)
6. Unnecessary startup apps
Many applications open during startup by default, and this can majorly slow down your computer’s overall performance, especially if you don’t notice certain apps are open. If you’re not using an app, there’s no reason for it to be open and sucking up system resources.
Seeing which apps are set to launch at startup and turning them off is incredibly simple to do.
1. Open your Settings app.
2. Select Apps from the left menu.
3. Click on Startup at the bottom of the center menu.
(Image credit: Future)
4. At the top of the window, there’s a Sort by dropdown menu. From the available options, select Startup impact to see which apps are demanding the most resources from your computer.
5. Toggle off any apps you don’t need to open during startup.
(Image credit: Future)
7. Search highlights from Bing
Microsoft’s proprietary search engine is Bing, so you’ll see Bing search highlights when using the the Windows 11 Search interface. If you don’t want to see these Bing results every time you search for something, you can turn this feature off in four simple steps.
1. Open your computer’s Settings app.
2. Click on Privacy & security in the left menu.
3. Select Search permissions towards the bottom of the center menu.
4. Scroll down to the More settings heading, and toggle off the switch for Show search highlights.
(Image credit: Future)
While most of the features just mentioned are objectively annoying, there’s one new feature in Windows 11 that could be seen by some as helpful and by others as intrusive: Microsoft’s new AI Copilot tool. Copilot can help you write emails or summarize long walls of text, but it’s quite a resource-heavy app.
If you receive a calendar invite to view new fax documents, be careful – it’s most likely a phishing attack, attempting to obtain your identity and login credentials for your corporate accounts.
It all starts with a hijacked email account, which uses a compromised identity to send out a message containing an invitation to “view newly received documents”, via a link.
In today’s digital landscape, receiving a calendar invite for a meeting is as common as checking your email. However, amidst the sea of legitimate invites lies a new threat targeting Mac users. Hackers have now found a way to exploit calendar invites and meeting links, using them as vectors to inject malware onto unsuspecting systems.
Cyber criminals are leveraging the popularity of scheduling tools like Calendly to execute their nefarious schemes. Unlike traditional malware attacks focused on financial gain, this tactic aims to compromise users’ systems for cryptocurrency theft.
Moreover, these malicious actors are employing sophisticated social engineering tactics, presenting fake video conference links to lure unsuspecting victims into clicking. The days of Mac users feeling immune to malware threats are officially behind us.
However, all hope is not lost. By practicing vigilant cyber hygiene and exercising caution before clicking on any suspicious links or invites, Mac users can shield themselves from falling prey to these insidious malware infections. Here is another example of the most recent Calendly link cybersecurity shenanigans:
If you receive a calendar invitation to see fresh fax papers, be cautious: it’s almost certainly a phishing effort to steal your identity and login credentials for your corporate accounts.
INKY cybersecurity researchers issued the warning, which revealed the phishing effort that was initially discovered at the end of February 2022.
It all starts with a hacked email account that sends out a message inviting recipients to “see newly received documents” via a URL using a compromised identity.
It appears to be a Calendly calendar link at first glance. Calendly was most likely used, according to INKY, because anyone may sign up for a free account without having to provide their credit card information.
The plot thickens at this point. The invite pages on Calendly can be customized. The Add Custom Link function allowed criminals to construct a fake fax document notification with all of the standard fax data (number of pages or file size, for example), then inject a malicious link on the event page using the Add Custom Link tool.
The victim is taken to the credential-harvesting page after clicking on the “preview document” link. The page in this instance is a spoof of Microsoft. However, hovering over the link reveals where it leads: INKY cautions users of https://dasigndesigns[.]com/ss/update/index.html, a hijacked site that is listed in Google, Firefox, and Netcraft threat feeds.
If the victim enters their login credentials here, the attackers will receive them, and the victim will receive an error message stating that an invalid password was input. The victim would be sent to their site after the second attempt, which the researchers regarded as a “smart touch” that reduces the suspicion.
How to Track Anyone’s IP using Images? — Email, QR Code, PDF, EXE, MS Word, MS Excel, & any file can be a “digital mouse trap”..
Supported Tokens: HTTP, DNS, Web Image, Cloned Website, Adobe PDF, MS Word, MS Excel, MySQL Dump, Windows Directory, Custom EXE, QR Code, Sensitive Command, SVN, AWS API Keys, Fast Redirect, Slow Redirect, SQL Server, and many more…
Today I’ll teach you how to track anyone’s IP using Transparent Images! Yeah..
We will first understand the whole concept then redirect towards the step by step usage guide. You can even do this manually using custom developed payloads but it’s a more better way to do this easily. I’ll help you with that today, by providing easy steps you can follow. Let’s start learning..
Understanding Canarytokens
Canarytokens are like digital traps for your computer systems. They work by watching for certain actions, such as someone reading a file, making a database query, running a process, or spotting specific patterns in log files. It’s similar to those tracking images in emails, but instead of tracking opens, it tracks actions on your system.
The cool thing is, we can use Canarytokens to set up these traps in our regular computer systems, kind of like putting alarms in different parts of your house where anything someone does can set off an “alarm” – or at least a notification.
Now, why should you bother with these Canarytokens? Well, sometimes hackers get into computer networks, and it happens to big companies, governments, regular people — basically, everyone. That part is understandable. But what’s not okay is only finding out about it way later, like months or even years down the line which seems disappointing!!
Canarytokens are a free, easy, and fast way to help you know right away if someone is messing around in your systems. It’s like the hackers accidentally letting you know they’re there.
Web bug / URL token — Alert when a URL is visited
DNS token — Alert when a hostname is requested
AWS keys — Alert when AWS key is used
Azure Login Certificate — Azure Service Principal certificate that alerts when used to login with.
Sensitive command token — Alert when a suspicious Windows command is run
Microsoft Word document — Get alerted when a document is opened in Microsoft Word
Microsoft Excel document — Get alerted when a document is opened in Microsoft Excel
Kubeconfig token — Alert when a Kubeconfig is used
WireGuard VPN — Alert when a WireGuard VPN client config is used
Cloned website — Trigger an alert when your website is cloned
QR code — Generate a QR code for physical tokens
MySQL dump — Get alerted when a MySQL dump is loaded
Windows folder — Be notified when a Windows Folder is browsed in Windows Explorer
Log4Shell — Alert when a log4j log line is vulnerable to CVE-2021–44228
Fast redirect — Alert when a URL is visited, User is redirected
Slow redirect — Alert when a URL is visited, User is redirected (More info is grabbed!)
Custom image web bug — Alert when an image you uploaded is viewed
Acrobat Reader PDF document — Get alerted when a PDF document is opened in Acrobat Reader
Custom exe / binary — Fire an alert when an EXE or DLL is executed
Microsoft SQL Server — Get alerted when MS SQL Server databases are accessed
SVN — Alert when someone checks out an SVN repository
Unique email address — Alert when an email is sent to a unique address
Step-by-Step Usage
Go to canarytokens.org & choose your Canarytoken. This is like setting up a digital trap. Provide an email where you want to be notified and a note to remind yourself where you placed it.
Generate a Canarytoken, which is a unique URL or Fast redirect or anything else – it is all your choice. It’s like creating a secret link that will trigger an alert if someone interacts with it. In this blog I’ll be using Fast redirect as an example.
EXAMPLE
Put the generated Canarytoken in a special location & send it to the target. It could be in an email, a document, or even as an embedded image. If a target arrives upon it, you’ll receive an email notification, alerting you that something is off – just like a mouse activating a mouse trap :–)
Clicked..Your Digital Mouse Trap Is Set!
Fast Redirect was really super fast.. Later I tried using URL shortener and surprisingly, our main URL was not even noticeable in real time..
If your target hits the URL/File, like shown in the example above, your token gets activated & alerted to email or webhook as below:
You can also rename the generated PDF/Excel/Word document without affecting its operation!
EXAMPLE
