the logo for "NTSC," the National Technology Security Coalition, featuring a gold shield emblem with a dark blue lightning bolt inside. To the right, large dark blue letters spell "NTSC," and below it, the full organization name, "NATIONAL TECHNOLOGY SECURITY COALITION," appears in gold uppercase letters. At the bottom is the bold black text, "Always keeping you safer online." The design is straightforward and professional, set against a clean white background, communicating reliability and cybersecurity expertise.
  • In this edition: The holidays are prime time for scammers. We’ve got their latest tactics.
  • Does your shopping list involve buying from social media sites? Watch this video first. 
  • Here’s who qualifies for payouts from AT&T as a result of a cyber breach settlement.
HoHo Hoax NTSC

Using Social Media to Do Holiday Shopping? Hold On!

Have you ever bought something from a social media ad that didn’t arrive or wasn’t what you were promised?
Join in if you’d like. Everything you share is anonymous, and we don’t collect any personal information. Your privacy stays yours.

Cybersecurity News You Can Use

Holiday Click Season

Three cyber stories for you as the end-of-year holidays approach: Malwarebytes is reporting on a rash of “Congratulations, you’ve won a $750 Walmart gift card!” messages. These are scams designed to pull you into endless surveys and collect your personal information. The pages look harmless, but they’re just trying to grab details like your name, phone number, and address so they can sell your data or target you with more ads. If you see one of these offers, skip the click. Nope, Walmart isn’t handing out gift cards through random pop-ups.

Scammers are running a massive phishing campaign impersonating well-known travel sites like Booking.com, Expedia, and Airbnb. They send emails asking you to “confirm” your hotel reservation, then send you to a fake website that looks real and tricks you into entering your credit-card information. If you ever get an unexpected message about a reservation, don’t click the link. Go directly to the travel site or app you usually use to check your booking.

And ‘tis the season for fake package delivery notices: Amazon is warning its 300 million customers about scammers faking delivery updates, special deals, and even tech-support calls. The safest move is to shop and track orders only in the Amazon app or website. Never trust links that show up in texts or emails, no matter how real they appear to be.

AT&T Settlement

Reader question: I’m seeing stories about a big payout for AT&T customers because the company suffered a cyber breach. I’m an AT&T customer. What should I do to get paid? 

AT&T suffered two significant data breaches last year. If you were an AT&T customer between 2019 and 2024 and your personal information or call records were exposed, you may qualify for some proceeds from a legal settlement.

Most people can expect payments of several hundred dollars unless they prove they also suffered financial fraud or identity theft. In those cases, payouts could reach $5,000 per incident.

AT&T customers can file a claim online at telecomdatasettlement.com or mail it by December 18. They’ll need their AT&T account information, along with any breach notifications they received via email, text, or regular mail. If you didn’t receive a notification from AT&T but were a customer during those years, call the help line at 833-890-4930 or check that website.

Business Insider says that if you suffered identity theft or financial losses from this breach and intend to claim a larger payout, you’ll need receipts or a fraud report to prove your losses.

LinkedIn Invitation b

Cybercriminals are getting smarter about how they approach people on LinkedIn. They’re creating fake profiles, sending friendly messages, and building just enough trust to convince someone to open an attachment that quietly delivers malware. If a user downloads one of these files, it can trigger a ransomware attack that locks up company data and demands a massive ransom payment to restore it.

Scammers know LinkedIn’s networking features make these outreach attempts feel normal, which helps them slip past workplace security. That’s why it’s important to be skeptical about unexpected connection requests or any attachments. If you don’t know the person, don’t open the file or click the link, no matter how polished their profile looks or how many friends you have in common.

Relax training AI

There’s been a lot of chatter online about Google, Facebook, Instagram, and WhatsApp reading our private messages and using whatever we type to train AI beginning this month. But that’s not happening.

Yes, Google scans Gmail accounts to enable features like spam filtering, but the company says it’s not using customer emails to train its Gemini AI platform.

Meta, which owns Facebook and Instagram, sparked concern last month when it updated its AI policy, but the change applies only to conversations people have with its AI chatbot, not to private messages people send on its platforms.

Should you be concerned? Use a search engine to research privacy settings on social media platforms and make sure the settings you’re using feel right. If you handle sensitive information, it’s smart to turn off optional features you don’t need.

You didnt send that email

Reader question: I opened an email supposedly from a friend that invited me to read their message by entering my email password. It wouldn’t work after several attempts. That friend did not answer my texts about it, but later I found out it was spam. The next day, my friends received the same invitation from “me” and contacted me about it. I changed my password. Are we still in danger?

It sounds like you entered your email password on a fake site, which likely gave scammers access to your account and let them send similar messages to others. Changing your password was the right first step, but you should also turn on two-factor authentication and review your account activity for any unfamiliar devices or third-party apps.

Even though you’ve locked the account down, the attackers may have already copied your contacts, so your friends might still get scam messages. Let anyone who received one know it was fake and remind them not to click any links or enter their passwords.

Update Your Passwords

Dec A Logos

These organizations say they have been hacked recently.
If you do business with any of these companies,
change your account password and use two-factor authentication wherever possible.

Cyber Content Archive: Always Available

A conceptual digital illustration shows a large white smartphone lying flat on a white surface. Emerging vertically from the phone’s screen are several tall, white bookshelves arranged in a row. Each bookshelf is filled with colorful books and magazines, representing a vast digital library. The shelves appear three-dimensional and realistic, giving the impression that a physical library is coming to life from within the device. The phone’s details — including the home button, charging port, and side buttons — are visible, emphasizing the connection between modern technology and access to unlimited information. The image symbolizes e-libraries, digital learning, and the convenience of mobile access to knowledge.

Check out our previous newsletters here.

One more thing...

CartoonStock 685789 CS157648

Ask Us About Cyber

Send us your cybersecurity question for possible use in a future newsletter.
Aware force d block q4 2025

Cyber cartoon © 2025 CartoonStock | Original content © 2025 Aware Force LLC