Cybersecurity News You Can Use
Meta is extending its “Teen Accounts” safety program—first launched last year on Instagram—to the Facebook and Messenger social media platforms. TechCrunch says users under 18 are now being automatically placed into teen accounts with built-in protections.
These include default private profiles, message limits, restricted story interactions, nighttime “Quiet Mode,” and reminders to log off after an hour. Teens under 16 will need parental approval to adjust settings or go live on Instagram. Meta says 54 million teens have been enrolled in Instagram Teen Accounts so far, with 97% keeping protections active.
The move comes as lawmakers and regulators increase pressure on social platforms to improve youth safety and mental health support.
Meanwhile, CNET says Meta has stopped fact-checking on Facebook, Instagram, and Threads, replacing it with user-generated comments.
InformationWeek says 25% of all phishing emails now include QR codes because the random-looking pattern of small black and white squares can bypass even the latest email security filters.
QR codes in scam emails also target mobile users, who are less likely to spot red flags or use protective browser tools. Plus, the codes are familiar enough now that they appear to be legitimate—making users more likely to scan them without suspecting malicious intent.
One example now making the rounds: a phishing email urges recipients to scan a QR code to update their federal tax return—redirecting them to a fake Microsoft login page. Malwarebytes says the site is set up to collect victims Microsoft usernames and passwords.
As recession fears rise, scams promising to “fix your credit” are targeting vulnerable consumers—especially car shoppers. Fraudsters are taking advantage of economic anxiety by pushing deceptive credit repair offers that promise to hide or erase bad credit.
One tactic, called credit washing, involves filing false identity theft claims to clear negative records. Once fringe, it’s now mainstream and often promoted by shady credit repair companies. Point Predictive says this fraud is now present in 1 out of 59 auto loan applications.
Consumers charged with credit washing can be prosecuted under wire and mail fraud laws—even if they unknowingly participated.
These organizations say they have been hacked recently. If you do business with any of these companies, change the password on your account and use two-factor authentication wherever possible.
Guess the 5-letter word.
You have 5 tries.
Correct letter, correct spot.
Correct letter, incorrect spot.
Wrong letter.
Hint: A malicious code that replicates itself and spreads to other systems.
Score: 0
Greetings from the Aware Force cybersecurity team:
Each week, we’ll bring you a curated roundup of timely, trusted stories focused on the human side of cybersecurity—how employees, behaviors, and workplace culture are shaping today’s cyber risks and defenses.
This feed reflects what Aware Force does: helping organizations stay informed, engaged, and proactive in protecting their people and data. Every article we share is vetted, relevant, and actionable—designed to spark conversations, raise awareness, and reduce risk.
Thanks for reading—and for making cybersecurity a shared responsibility.
Richard Warner – CEO
Teen Safeguards Now in Place on Facebook
Meta is rolling out its “teen account” safety features from Instagram to Facebook and Messenger. Teen accounts now default to private, limit nighttime notifications, and allow parental controls.
Read on TechCrunch
Google employees: OK to Discuss Company’s Big Legal Issue
Facing union pressure, Google has revoked rules silencing employee discussions about its ongoing monopoly case. A major ruling could soon reshape Big Tech antitrust precedents.
Via: CNBC
Meta Officially Ends All Fact-Checking Across Its Platforms
Meta confirms it’s ending fact-checking on Facebook, Instagram, and Threads, raising alarms as disinformation risks grow.
Coverage on CNET
First-ever Deepfake Bill Gains Traction in Congress
The bipartisan “Take It Down Act” targets AI-generated nudes and revenge porn, mandating 48-hour takedowns — but critics warn it could be misused to censor legitimate content.
Full article on Washington Post
QRs Now In 1 of Every 5 Phishes; Microsoft Office a Prime Target
Phishing emails now commonly feature QR codes — and one recent scam is impersonating Microsoft to steal credentials under the guise of tax season urgency.
Details via Malwarebytes
Social Security Scams Ramp Up Amid Fear
As the debate over Social Security’s future heats up, scammers are seizing the moment with phishing emails and impersonation attempts targeting retirees.
Video and article on Aware Force
Get smarter!
You can check out previous newsletters here.
(This links to an example of a client’s custom page.)
One more thing...
How smart is AI?
Here’s what happens when a parrot chats it up with an AI customer service bot.
Via Instagram | AI Researches (Used with permission)
Answers to Your
Cybersecurity Questions
“I was a victim to the 2015 OPM Background check cybersecurity breach involving 21.5 million military/active-duty members and government employees. Here’s something I learned: if you have deceased loved ones, make sure you contact the Social Security Administration and have their social security number and name taken off voter rolls.” — LS241
You’re correct. USA.gov says that while the Social Security Administration records deaths, it does not directly manage voter rolls. Instead, local election offices are responsible for updating these records. Contacting your local election office directly to request the removal of a deceased loved one’s name from voter registration lists helps prevent ensures the accuracy of electoral records.
“It’s been a year since I was notified that my personal information was compromised in a data breach. Now, I’ve just received an alert about a hard inquiry on my credit report—something I didn’t authorize. I’m not sure what steps to take next. What safety measures do you recommend?” — FM Gonzalez
You’re smart to keep a close eye on your finances. Here’s what to do:
Start by getting credit reports from all three bureaus—Experian, Equifax, and TransUnion—at www.annualcreditreport.com/. Check which company made the hard inquiry and when it happened.
Next, contact the credit bureau that reported the inquiry to file a dispute. You should also contact the company that made the inquiry and ask for more details. If it turns out to be fraudulent, request that the inquiry be removed.
To protect yourself going forward, place a free fraud alert with one of the credit bureaus—they’ll notify the others. You may also want to consider a credit freeze with each bureau. This blocks lenders from accessing your credit report and stops new accounts from being opened in your name. Keep all documentation in a safe place—you’ll need it if you ever want to lift the freeze.
“Do I really need anti-virus, anti-malware, anti-spyware, anti-(fill in the blank) software, or is most of this covered by Windows now? — M Duffey
If you’re using Windows 10 or 11, you already have solid built-in protection with Microsoft Defender. It includes antivirus, anti-malware, a firewall, and even some ransomware protection. For most users who browse safely, avoid sketchy downloads, and keep the software on their home computer up to date, this is usually enough.
But, if you frequently open email attachments, download from unknown sources, or handle sensitive data, you might want added protection. PCMag says tools like Malwarebytes Premium can catch threats Microsoft Defender might miss. Full security suites like Norton or Bitdefender offer extras like VPNs, password managers, and identity theft monitoring.
Mac users: same goes for you.
Original content © 2025 Aware Force LLC