CyberLife Coach

The “Purchase Order PDF” Phishing Scam: How Attackers Are Stealing Passwords Through Telegram Bots A New Twist on a Familiar Email Trap

New phishing campaign alert. Attackers are sending fake PO's disguised as PDFs like:
New PO 500PCS.pdf.htm
It opens a fake login page that sends your password to a Telegram bot.
Read it here: shorturl.at/EOlDZ
If a “PDF” asks you to log in, stop.

#CyberSecurity #Phishing #EmailSecurity #InfoSec

🛠️ Dev Update: Just shipped the React + Vite rebuild of my site.
Applying NIST/RMF "security-first" principles to my own corner of the web. The new site is snappy, secure, and rocking a clean dark theme. 🌑

Open for business, check it out! 🚀
cyberlifecoach.pro
#CyberLifeCoach #Vite #WebDev #InfoSec

AI Website Builders Are Fueling a New Wave of Brand Cloning Scams Criminals are using artificial intelligence to replicate trusted brands in minutes, and most users will not see it coming.

AI website builders are now being used to clone trusted brands in minutes.

These phishing sites look almost identical to the real thing and can fool even experienced users.
Learn how the scams work and how to protect yourself.
Read here:
shorturl.at/YXZhd

#Cybersecurity #Phishing #AI #OnlineSafety

The AI in Your Drive: Assessing the Real Privacy Risks of Claude "Cowork" AI coworkers aren't inherently reckless, but when given access to your files, they change the security equation in ways most organizations haven't fully modeled.

AI agents aren't just privacy risks; they’re access multipliers.

My latest piece explores the true security threats of tools like Claude "Cowork": prompt injection and amplification risk. Why governance must outpace speed:

📖 shorturl.at/82D9b

#AIGovernance #CyberSecurity #InfoSec #AIAgents

1Password publicly clarified that some findings were already documented within its threat model and security documentation. Rather than dismissing the research, it contextualized the results within realistic server compromise assumptions. For me they at least built some credibility.

Your Password Manager Isn't as Safe as You Think: What Happens When "Zero-Knowledge" Isn't Zero Risk A cloud vault's security promise under intense scrutiny

“Zero knowledge” doesn’t always mean zero risk.

New research from ETH Zurich and Università della Svizzera italiana, presented at USENIX Security, analyzed Bitwarden, LastPass, Dashlane, and 1Password.

What this means for your security: shorturl.at/CjqxA

#Cybersecurity #Privacy #Infosec #Security

The Algorithm Already Knows. Here's How to Take Back Control. Your shopping cart and scroll habits are writing a story about you. The question is, who gets to read it?

Algorithms predict pregnancy, credit risk, even life changes from your clicks.
They are powerful, but fragile.
In my latest Substack, I explain how prediction engines work, where they fail, and how to reduce your digital exposure.

Read: shorturl.at/KxJVK

#Cybersecurity #Privacy #AI #GDPR #NIST

3D Printer Surveillance, When Safety Policy Meets Device Control A new proposal in New York is forcing us to rethink who controls the machines in our homes, and what they are allowed to see.

New York may require 3D printers to scan every design file before printing. That is not just a firearm debate. It is a privacy and device control issue. Who sees your files. What new attack surface is created. I break it down here: shorturl.at/c4jia

#Cybersecurity #Privacy #3DPrinting #TechPolicy

Mobile Fortify: What ICE’s New Face Scanning App Means for Everyone in the U.S. A privacy and civil liberties reality check for 2026

Your face can be scanned and stored for years without consent.

In my latest Substack, I unpack ICE’s Mobile Fortify app and the risks of mobile facial recognition for privacy and civil liberties in 2026.

Read more: shorturl.at/DyntZ

#Privacy #Surveillance #DigitalRights #AI #CivilLiberties

Satellites Are Still Whispering Secrets: Why Unencrypted Space Signals Matter The quiet broadcast problem that puts calls, texts, and browsing data within reach of cheap gear

Researchers found satellite links leaking sensitive data with cheap, off the shelf gear. This isn’t sci-fi. It’s happening now. I explain what’s going on and how to protect yourself on Substack: 👉 shorturl.at/Dm8WU

#Privacy #Cybersecurity #Infosec #Encryption #DigitalSafety #Satellite

Your Old Emails and the 1986 Law That Still Shapes Police Access Why It’s Important

Your old emails may be protected by a law written in 1986. And that’s a problem.

I explain how the “180-day rule” still affects police access, what it means for your privacy, and how to protect yourself.

Read more: shorturl.at/RKtJ7

#Privacy #Cybersecurity #EmailSecurity #DigitalRights

Chrome Security Controls (Advanced): Script Your Way to a Safer Browser A friendly guide to prebuilt policy scripts, what they do, why they matter, and how to run them

Most Chrome tips don’t stick. Policy scripts do. I wrote a quick guide to enforce safer defaults, reduce tracking, tighten downloads, and block risky javascript: links. Verify via chrome://policy, rollback included. Read my here: shorturl.at/O9Qk6#privacy
#cybersecurity #browsersecurity

If you know anyone who could benefit from this by all means please forward. This is 100% free and just a way to give back and help those in the job market. You can also reach me at
cyberlifecoach@proton.me

I will Build 3 free custom portfolio sites in the next 3 months, one per month, for recent grads or career switchers. Includes recruiter Q&A chatbot, Job Fit Checker, Netlify launch, GitHub setup, and full source handoff. Reply “PORTFOLIO” with your target role, Yes 100% free. #jobsearch #portfolio

Malicious "ChatGPT Helper" Extensions: What You Need to Know in 2026 A practical plan to spot risky add-ons, protect your AI chats, and keep your browser clean

Malicious “ChatGPT helper” extensions can steal your session token and open your account, no password needed. I explain checks, quick cleanup, and safer defaults. Read here: shorturl.at/v6VnC
#CyberSecurity #BrowserSecurity #ChatGPT #Infosec #SecurityTips

Why You Should Control Browser Extensions on Your Family Computer One browser extension could compromise your whole device, here's how to stay in control

One “fun” browser extension can turn into tracking or account takeover. The Great Suspender showed how trusted add ons can be sold and repackaged. I explain allowlist vs blocklist, plus a simple setup path. Read the full post: shorturl.at/2OOln
#cybersecurity #privacy #familytech #browsersecurity

Proton's New Data Breach Observatory: What It Means for You (and Your Business) A practical guide to understanding Proton's dark web "breach radar" and what to do next

Most data breaches never make the news. Proton’s new Data Breach Observatory just verified 794 breaches exposing 300M+ records, mostly targeting small businesses. 🚨

Read my full guide on how to use this "breach radar" to stay ahead: shorturl.at/CcG97

#CyberSecurity #Privacy #DataBreach

ICE’s Reactivated “Graphite” Spyware Deal: What It Means for Your Phone and Your Privacy How a paused contract came back, what Graphite can actually do, and the practical steps you can take today

ICE reactivated a ~$2M “Graphite” spyware deal. It can hit iOS/Android, even “zero click,” and once a phone is owned it can read encrypted app messages. Quick wins: update fast, enable Lockdown Mode, turn on iCloud Advanced Data Protection. shorturl.at/7lqil
#privacy #cybersecurity #MobileSecurity

Private Navigation in 2026: Why It's Time to Rethink Google Maps A practical guide to choosing maps that respect your privacy without sacrificing usefulness

Your location tells a story: commutes, clinics, places of worship, kids’ schools. In 2026, it’s time to rethink navigation. I compare Google Maps/Waze vs Apple Maps vs Organic Maps/OsmAnd, plus practical settings to reduce tracking.
👉: shorturl.at/w5vem
#privacy #cybersecurity #GDPR #infosec

Speak & Stay Safe: How to Send Alerts Without Giving Away Your Privacy A discreet tool that lets you reach your network securely in just minutes

Want alerts without giving away your phone number or email? I wrote a quick guide to FastAlert.Now, a privacy first broadcast channel with one click or QR signup. No names, no tracking, no forced app installs. 👉: shorturl.at/SZTes
#privacy #cybersecurity #digitalsafety

You're Leaking Clues Online: 5 Surprisingly Simple Ways to Disappear (Just a Little) A practical guide to shrinking your digital footprint and frustrating scammers

5 simple moves to shrink your OSINT trail: rotate emails and usernames, strip photo EXIF, blend in to cut fingerprinting, check breaches, and stop exposing home server ports. Full guide on Substack: shorturl.at/bf5Kf
#privacy #osint #cybersecurity #DataMinimization #DigitalFootprint

Lock Down Your Browsers: A Friendly Guide to Hardening Brave and Vivaldi Simple, quick changes that make your everyday browsing quieter, safer, and less trackable

Your browser is your everyday workspace. I published a hardening guide for Brave and Vivaldi using one simple model: less out, less known, less kept. Read it here on Substack. 👉: shorturl.at/lBMkQ

#Privacy #Cybersecurity #BrowserSecurity #Brave #Vivaldi #AntiTracking #OnlineSafety

The "Most Secure Smartphone" Myth, and the Five Options That Actually Matter Stop chasing “unhackable” claims. Here’s a practical, threat based shortlist, plus the exact settings that make any phone safer day to day.

There is no single “most secure smartphone.” It depends on your threat model: scams and takeovers, app tracking, or targeted spyware. I break down the 5 security properties that matter and the 5 options worth considering, including GrapheneOS and iPhone Lockdown Mode.
👉: shorturl.at/mFlaI

2026 Privacy Playbook: Practical Moves for a Calmer, Safer Digital Life Five Practical Privacy Wins for 2026

My 2026 Privacy Playbook is here. 5 practical moves that lower risk: better browser setup, encrypt storage, quarterly data broker removals, hardened phone options, and passkeys/ hardware keys.
Read it here: shorturl.at/D9xUy

#Privacy #Cybersecurity #Passkeys #Encryption #DataBrokers #DigitalSafety

California’s New Privacy Laws: What Changes for Your Data in 2026–2027 Fourteen new bills just reshaped online privacy. Here’s what matters and how to prepare.

California’s next privacy wave is coming. 2026 brings stronger data broker disclosures and clearer account deletion. 2027 adds a built in browser opt out signal. I break down what it means and what to do now on my Substack. shorturl.at/Hjorh
#Privacy #CCPA #GPC #Cybersecurity #Optout

Bank Impersonation Scams Are Fueling Account Takeovers: What the New FBI Alert Means for You How hackers are tricking people into authorizing theft, and practical steps to shut it down

FBI Alert: Over 5,100 victims of bank impersonation scams in 2025, with losses surpassing $262M! Scammers use fake login pages & phishing tactics to steal funds. Learn how to protect yourself with simple steps in my latest article.
👉 shorturl.at/4ZaCA
#Cybersecurity #Fraud #Phishing #BankScams

Your Smartphone, Their Scanner: Client Side Scanning on iPhone and Android Breaking down how on device checks work, why you can’t “opt out” once they’re mandated, and where your voice matters most

Your phone may be doing the “review” before encryption ever starts. Client side scanning can inspect your photos and messages before end-to-end encryption, and there's no reliable workaround if it’s mandated at the OS or app layer.

👉: shorturl.at/BB8Nm

#Privacy #Encryption #DigitalRights #Mobile

"Virtual Kidnapping" Scams Use Your Facebook Photos: What Families Need to Know A straightforward guide to spotting and stopping AI assisted fake kidnapping schemes, based on the latest FBI alert and independent reporting

Scammers are scraping your Facebook photos to stage "virtual kidnappings" with AI voice clones. It’s terrifying, but you can stop it with a plan.
My new Substack covers:
• Picking a family code word
• Privacy lockdown tips
• How to verify the call

👉: shorturl.at/OgTwT

#AI #Safety #Tech

Mobile Smishing Units: The Rising Threat of SMS Fraud and How to Stay Safe Criminals Are Turning Cars into Rogue Cell Towers. Here is How to Protect Yourself

Criminals are turning cars into fake cell towers to send scam texts directly to phones. These “Mobile Smishing Units” bypass carrier filters using mobile protocols and proximity. I explain how it works and what actually helps.
👉 shorturl.at/4JAT2
#Smishing #Privacy #MobileThreats #OnlineSafety

Are Your Smart TVs Taking Screenshots? What Texans (and Everyone) Should Know Texas sues five TV brands over "periodic screenshots" here's what it means for your living room privacy

Your smart TV may know more about you than you think. Texas is suing Sony, Samsung, LG, TCL, and Hisense over smart TV tracking using ACR. Not screenshots, but viewing fingerprints that raise real privacy concerns.
👉 shorturl.at/FQpGg

#Privacy #SmartTV #Cybersecurity #DigitalRights #OnlineSafety