More stories

  • in

    Your password manager is under attack, and this new threat makes it worse: How to defend yourself

    hh5800/Getty Images Do you sometimes feel stuck in a Catch-22 regarding your long-term credential management strategy? You are. On the one hand, if the tech industry has its way — to abolish all passwords and replace them with passkeys — users will eventually have almost no choice but to rely on password managers for signing […] More

  • in

    How Google’s AI combats new scam tactics – and how you can stay one step ahead

    ZDNETScammers are always looking to exploit the tools and technologies we use to steal our personal information, money, or both. That’s why companies like Google must defend us from hackers, security threats, and other hazards. It is also why we must take responsibility for our own security. In a blog post published Thursday, Google explains how it thwarts online scams across key products and how we can protect ourselves. Google’s scam detection systemWith the largest share of the search engine market, Google uses AI to detect hundreds of millions of malicious and suspicious search results each day. With the help of AI, the company said its scam detection system has been able to catch 20 times more scammy pages than before. Specifically, the latest advancements in AI help Google analyze more text on the web, identify scam campaigns, and detect emerging threats to its search page.Also: Multimodal AI poses new safety risks, creates CSEM and weapons infoAs one example cited in the blog post, Google has seen a significant increase in attackers impersonating airline customer service providers. With this scam prevalent, travelers who search Google for airline customer service may be taken to a malicious phone number where the scammer tries to capture their personal information. Thanks to AI, the company has been able to reduce the number of such scams by more than 80%. Chrome is another Google product that offers enhanced security protection. Its Enhanced Protection mode in Safe Browsing is its highest level of defense, offering tighter security than Standard Protection mode. Now, AI makes that security even stronger.Gemini Nano, Google’s on-device large language model (LLM) on the desktop, serves up instant analysis on risky and scammy websites, protecting users against new scams not seen before. As one example, Gemini Nano is helping to thwart remote tech support scams, one of the largest online threats. As the next step, Google wants to extend this protection to Android devices.Also: Why Google seems to be losing its iron grip on search – and what I use now insteadAnother way scammers try to pull off an attack is by sending you a host of notifications from malicious websites. To address that threat, Google is kicking off new AI-powered warnings in Chrome for Android. If the AI detects a scammy notification, the content is blocked, and you’ll receive an alert with an option to unsubscribe, view the blocked content, or allow future notifications from that site if you think the warning was a false positive. More

  • in

    5 Chromecast features you’re not using enough on your TV (including a smart home hack)

    Kerry Wan/ZDNETSince 2014, Google’s Chromecast has been an affordable means for helping viewers turn their older model TVs into smart TVs, allowing them to stream content from their phones, tablets, and computers to a bigger screen. Also: Your Google TV just got a useful feature upgrade for free, and smart home users will love itAlas, the era of the Chromecast has come to an end. Google is replacing it with the Google TV Streamer, promising a faster processor, Thread and Matter integration, and the ability to summarize TV episodes or whole seasons, among other new tricks.But that doesn’t mean the Chromecast is obsolete yet; in fact, Google has promised to continue providing software and security updates for now. I found a number of cool things anyone can do with their trusty Chromecast that most users are unaware of. More

  • in

    T-Mobile’s data breach settlement payments are finally rolling out – how to see if you qualify

    Kerry Wan/ZDNETIf you’re a T-Mobile customer — or were back in 2021 — you might have a check showing up in your mailbox soon.In 2021, the mobile carrier suffered a massive data breach that affected around 76 million customers (this isn’t related to the 2023 breach that affected 37 million people). T-Mobile denied any wrongdoing but agreed to settle a lawsuit about the breach out of court. Four years later, affected customers are getting compensation. Payments were supposed to start in April, but T-Mobile recently updated its settlement site to read “Due to unexpected delays, we now expect the distribution of settlement payments to begin in May 2025.”Also: I clicked on four sneaky online scams on purpose – to show you how they workIf you suffered financial loss from the incident, you might receive up to $25,000. If you didn’t suffer any loss, even if you didn’t file a claim in the suit, you can receive up to $25 (except California residents, who will receive up to $100). While those are the maximum amounts, a quick crunch of the numbers — a $350 million settlement divided between 76 million people — works out to about $4.50 a person, and that’s before attorney fees.  More

  • in

    T-Mobile’s data breach settlement payments finally rolling out this month – after April delay

    Kerry Wan/ZDNETIf you’re a T-Mobile customer — or were back in 2021 — you might have a check showing up in your mailbox soon.In 2021, the mobile carrier suffered a massive data breach that affected around 76 million customers (this isn’t related to the 2023 breach that affected 37 million people). T-Mobile denied any wrongdoing but agreed to settle a lawsuit about the breach out of court. Four years later, affected customers are getting compensation. Payments were supposed to start in April, but T-Mobile recently updated its settlement site to read “Due to unexpected delays, we now expect the distribution of settlement payments to begin in May 2025.”Also: I clicked on four sneaky online scams on purpose – to show you how they workIf you suffered financial loss from the incident, you might receive up to $25,000. If you didn’t suffer any loss, even if you didn’t file a claim in the suit, you can receive up to $25 (except California residents, who will receive up to $100). While those are the maximum amounts, a quick crunch of the numbers — a $350 million settlement divided between 76 million people — works out to about $4.50 a person, and that’s before attorney fees.  More

  • in

    A whopping 94% of leaked passwords are not unique – will you people ever learn?

    Elyse Betters Picaro / ZDNETDo you ever use “123456,” “admin,” or “password” as the password for a personal or work account? If so, you’re unfortunately not alone and are placing yourself and your employer at risk. Also: 10 passkey survival tips: Prepare for your passwordless future nowPublished last Friday by security news and research outlet Cybernews, a new study of more than 19 billion leaked passwords shows that people still rely on patterns that leave them vulnerable to attack and compromise. For the study, Cybernews looked at credentials leaked from 200 different incidents over the past 12 months. Using various cyber intelligence tools, the outlet was able to determine such factors as password length, character composition, and the use of special characters and numbers.The most common (and lazy) passwords still in useBased on the analysis, lazy passwords such as “1234,” “123456,” “password,” and “admin” are still quite common. Cybernews found “1234” in almost 4% of passwords, more than 727 million. With two extra digits, “123456” appeared in 338 million passwords. Both “password” and “123456” have been among the most popular passwords since at least 2011. Also: Why multi-factor authentication is absolutely essential in 2025 More

  • in

    Is your Roku TV spying on you? Likely, but here’s how you can take back control

    Maria Diaz/ZDNETWhenever I hear about consumer data tracking, my half-century-old brain dredges up that Hall and Oates hit called “Private Eyes” with the refrain “they’re watching you.” I don’t mean to incite Big Brother paranoia; I know I’m not being spied on everywhere I go, especially not in the seclusion of my home. But while using streaming devices, you can almost guarantee that your entertainment and advertisement preferences are being tracked.Also: Your Roku TV is getting 5 useful updates for free – including a Roku City shortcutThe culprit is better known as Big Data — arguably less invasive and sinister, but still annoying to some people — and there are ways to mitigate that on your streaming devices if you’re one of them.While some data collection is necessary for basic functionality, many streaming devices collect more than required; so much so that you essentially lose control of your privacy, fall into filter bubbles (viewing algorithms that are more narrow), and receive more targeted ads than expected. Below are some general strategies for regaining control over your privacy while using streaming services.  More