In this issue:

I know many people who have been online and have suddenly seen a giant flashing warning that says “Your computer is infected! Call this number now!”. If you've seen this, you have likely run into a tech support popup scam.

These popups are designed to scare you. They often take over your whole screen. They might beep loudly. Some even pretend to “scan” your computer and show a long list of fake problems. The message usually claims to be from a well known company like Microsoft or Apple. The logo looks real. The wording sounds urgent. That is exactly the point.

Here is the truth. Real companies do not send random popups with phone numbers telling you to call immediately. They do not lock your browser. They do not demand payment to “unlock” your device.

The goal of the scam is simple. They want you to panic and call the number. When you do, someone answers pretending to be a technician. They may sound professional and patient. They might walk you through steps that seem helpful. Often, they will ask you to download remote access software so they can “fix” the issue.

Once they have access to your computer, things can go downhill fast. They can look through your files, install real malware, steal passwords, or pressure you to pay hundreds of dollars for a fake repair plan. Some even ask for payment in gift cards, which is a huge red flag.

If you ever see one of these popups, do not call the number. Do not click any buttons inside the message. Instead, close your browser. If it will not close, you can force quit the browser or restart your computer. When you open it again, avoid restoring the previous browser session if it tries to reopen the same page.

These scams work because they play on fear. The screen looks serious. The language feels urgent. But remember, a real company is not going to chase you down with flashing warnings and a countdown timer.

This morning I jumped into a rideshare on the way to the airport. It was one of those early trips where you are half awake, juggling bags, and checking your phone for the which airport terminal you will be using.

I had an almost-fully charged phone battery, but I was going to be traveling all day. Right there in the back seat was a neat little charging station. Multiple cables. Lightning, USB-C, even an older connector. A small sign said, “Free charging for passengers.”

It was thoughtful. Convenient. Exactly what some rideshare customers need.

And I did not plug in.

The driver seemed perfectly kind. Friendly hello, clean car, soft music playing. I am sure he was just trying to offer a nice extra service. But here is the thing most people do not realize: a USB cable is not just a power cord. It can also transfer data.

That means if a device has been modified, it could potentially try to access your phone the moment you connect. Security experts even have a name for this type of attack: juice jacking. Instead of just charging your battery, a compromised port or cable could attempt to install malicious software or quietly copy information.

Is that common in random rideshares? Probably not. But the whole point of cybersecurity is that you cannot tell by looking. Some cables even contain tiny chips hidden inside the connector itself.

So I did what I always advise friends and family to do. I waited until there was a real power outlet at the airport.

Sometimes being cautious feels a little awkward. You worry you might seem paranoid. But protecting your data is not rude. It is responsible.

Even when the driver is probably just a nice guy trying to help.

Most of the time these will be companies that you don’t have any personal data with, but scan the names to make sure you aren’t affected.

Do you have an idea for a future newsletter? Please reply to this email and let me know.

Thank you so much!

Sincerely,
Cassie Crossley
Founder, Cyber Safe Center
https://www.cybersafecenter.com