FBI Warning - Do Not take these calls on your smartphone July 5, 2025

 https://www.forbes.com/sites/zakdoffman/2025/07/06/fbi-warning-you-must-not-take-any-of-these-phone-calls/

A recent increase in calls to victims from many law enforcement agencies seeking funds and/or personal information.

FBI, U.S. Marshals, State, local law enforcement agencies, and government agencies.

All seeking payment via gift cards, cryptocurrency, wire transfers, and other means. These tactics are rapidly evolving.

No government agencies, law enforcement, court systems, or similar will call for notification and payments.

Report any and all such calls to the FBI's Internet Crime Complaint Center at www.ic3.gov.

The FBI warns there are many versions of this scam, “and they all exploit intimidation tactics.” Callers use “an urgent and aggressive tone, refusing to speak to or leave a message with anyone other than their targeted victim.” They also warn victims “not to tell anyone else, including family, friends, or financial institutions.”

The Forbes report is frightening. PLEASE BE AWARE.
HANG UP. REPORT.

New vulnerabilities in Brother (and other) Printers

 At least 8 vulnerabilities found in over 700 printer models from Brother and other vendors. Printers, scanners, label makers.
Add Fujifilm Business Innovation, Ricoh, Konica Minolta, and Toshiba. So, millions of devices.

Critical flaw: Allows device serial number to expose default administrator password. Thus any remote and unauthenticated attacker can access device administrator's functions. Printers are computers on your home network. DoS attacks, generate HTTP traffic, expose recently printed documents.

Brother advisory here. The vulnerability exposing the administrator password CAN NOT be patched. Other manufacture's advisories are available on their respective support sites. 

Security Breach of 16 Billion logins including Apple IDs

 

Meta and Yandex are de-anonymizing Android User's Web browsing identifiers

 

This news from our NRO Anti-Fraud Group.
Read the related stories here:

https://arstechnica.com/security/2025/06/meta-and-yandex-are-de-anonymizing-android-users-web-browsing-identifiers/

https://www.washingtonpost.com/technology/2025/06/06/meta-privacy-facebook-instagram/

FAKE Zelle email

 

Past healthcare data theft and recent efforts to scam and defraud

 Cyber Security SIG has reported many healthcare data leaks and theft.
Many recent posts from Sun City residents posting about phone calls and other attempts to contact residents with spoofed caller id or email addresses from past healthcare providers.
During my recent hospital stay the staff reported many recent reports of past patients calling to verify their recent communications.
We only answer from our contacts lists. The spoofed caller ID might be in your contacts. 
CONSIDER any attempts to verify or give personal information from a healthcare provider may be using information stolen in past data leaks and fake caller  ID or email.

BE AWARE

Major Facebook data leak 1.2 billion user records 22-May-2025

 A massive 1.2 billion user record database was scraped from the Meta-owned Facebook by abusing one of the social media platform‘s application programming interfaces (APIs), attackers claim. Meanwhile, Meta did not deny the scrape taking place.

The API (Application Programming Interface) is how Meta (Facebook's owner company) would sell access to their massive data collection to data users have given and data Meta has collected or purchased. This type of data collection was done by "scraping".
Scraping is collecting data via APIs.

Attackers claim this is not old data offered on hacker forums, but new data. Preliminary analysis of a portion of the records indicate this is new data.

Facebook/Meta is not denied "scrapping" is occurring bit claims it has been addressing limiting scrapping.

A cyber research team analysed a sample and reported the records contain:
   User IDs, names, email addresses, usernames, phone numbers, locations, birthdates, genders, and other.

The attacker's claim is still unverified.
Similar attacks against Shopify, GoDaddy, Wix, and OpenAI are reported.

A smaller data leak from Meta in 2021 of 50 million users was reported and fined by the European Union's Irish Data Protection Commission.

If confirmed Facebook user's data is copied. Quitting Facebook will not remove the copied data.

Be aware. Awareness, Preparedness, Understanding.