Cybersecurity experts have discovered a phishing campaign that uses fake voicemail and purchase order emails to spread malicious software called UpCrypter. The emails link to fake websites that look real by using company logos and domains. Victims are tricked into downloading a ZIP file with a hidden script that installs remote access tools, giving hackers full control of the device. The campaign started in August 2025 and mainly targets industries like manufacturing, healthcare, tech, and retail, especially in countries like Austria, India, and Canada. Hackers use smart tricks to avoid detection, such as hiding malicious software in images and avoiding file traces. In a related attack, scammers abused Google Classroom to send over 115,000 phishing emails, redirecting victims to WhatsApp scams. These attacks are part of a growing trend called...

Always pause before you act. Scammers rely on creating a false sense of urgency to pressure you into quick decisions. This tactic is designed to bypass your usual caution and judgment. Take a moment to verify any unexpected request, especially those involving money, sensitive information, or unfamiliar links. Slowing down and thinking critically can help you avoid serious and costly mistakes. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

Smishing (SMS phishing) is on the rise! Scammers use fake texts to steal personal info or spread malicious links. They often impersonate trusted sources—be cautious!

What to Avoid:

• Clicking on unexpected links.
• Sharing personal or financial info via text.
• Trusting unanticipated messages.

Best Practices:

• Verify the sender's number—official companies rarely send urgent text requests.
• Avoid clicking links or downloading attachments from unknown sources.
• Contact the company directly through official channels if unsure.

"Just because it's in your messages doesn't mean it's legit."

Do you have a question? Submit a ticket at...

Always be careful when you get offers you didn’t ask for, especially if they seem too good to be true, like free prizes or huge discounts. Scammers often try to make you excited or rush you so you don’t have time to think clearly. If someone asks for your personal details or money upfront, don’t trust it right away — take time to check if it’s real before doing anything.

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

Keep your devices and apps well-organized to reduce security risks. Cluttered systems can hide malicious apps or files, making them harder to detect. Delete unused apps and regularly update the ones you keep. A clean digital workspace helps you spot threats faster and stay protected. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

To reduce risk, always store old or unused files in a separate, secure location away from active systems. These files may contain sensitive information and could be targeted if left accessible or forgotten. Regularly review and archive them using strong encryption and restricted access to keep your data safe.

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

Let your device and apps update automatically whenever new versions are available. These updates often fix issues that could be used by cybercriminals to cause harm. If you skip or delay updates, your device may become easier to attack. Automatic updates help protect you without needing to remember anything. It's a quick and easy way to stay safe every day online. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

Vishing (voice phishing) and smishing (SMS phishing) scams are on the rise, especially during the upcoming holiday season. Scammers use these tactics to steal your information through calls and texts. These messages often create a sense of urgency or offer enticing rewards to pressure you into responding, and they can sometimes lead to financial loss. Always pause and think before clicking links or sharing personal details. When in doubt, contact the source directly using verified contact information. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

Google has announced new rules to improve safety on Android phones. Starting in September 2026, all developers—whether they use the Play Store or not—will need to verify their identity before their apps can be installed on certified Android devices.

The new rule will first apply in Brazil, Indonesia, Singapore, and Thailand. Google says it will begin inviting developers to verify their identities starting in October 2025, with a full rollout by March 2026.

According to Google, this change is meant to stop scammers from creating fake apps or re-uploading harmful ones after being removed. It’s part of a broader effort to make Android safer and more trustworthy for users.

Most developers who already use the Play Store are unlikely to be affected, as they’ve already gone through similar checks. Google also plans to introduce special accounts for students and hobbyists to make the process easier for them.

This move follows growing concerns over malicious apps...

Phishing Scams Are Smarter Than Ever. AI-generated emails can look real and create urgency to trick you into sharing personal info. If something feels off, pause and verify.

To Stay Safe:

• Check the sender’s full email address.
• Hover over links to preview URLs.
• Report suspicious emails to IT or security.

Avoid These Pitfalls:

• Avoid click links demanding urgent action.
• Avoid download attachments from unknown senders.
• Avoid sharing sensitive info (passwords, codes) via email.
• Avoid trust an email just because it looks official.
• Watch for red flags like typos or strange formatting.

"Don't let a clever scam...