PHISH & TELL 023

👋 WELCOME to Phish & Tell™️, from Security Done Easy™️

I’m making a few small changes to my newsletter, but nothing too drastic! As always, reply and let me know what you think!

• I’m going to 3 news stories instead of 5. I got feedback that 5 was too many.

• I am going to send out an email with one single focused tip on Wednesdays, starting next week. (You’ll be able to opt out without unsubscribing from everything.)

🎣 TOP CYBERSECURITY NEWS STORIES OF THE WEEK

Top stories of the week, how they are relevant to you, and what to do about them.

1. Google’s AI stops ransomware in its tracks (but not everything)

   Source: Bleeping Computer, Google Drive for desktop gets AI-powered ransomware detection

   What happened: Google added an AI‑powered ransomware detection feature to Google Drive for desktop. It watches for suspicious activity like lots of files changing suddenly, pauses syncing and alerts you. It allows users to restore previous versions of their files if ransomware is detected.

   Why it matters: Ransomware attacks can scramble your files and criminals demand money to get them back. If you use Google Drive to back up invoices, contracts or employee records, this built‑in protection could keep an infection from spreading across your devices. However, it’s not a silver bullet: Google itself notes that the feature focuses on suspicious file‑change behavior rather than catching every type of ransomware.

   What to do: Install the latest version of Google Drive for desktop and leave ransomware alerts turned on (it’s on by default). Remember that this tool only quarantines cloud‑stored files—your local computer can still be encrypted. Continue to use reputable antivirus/anti‑malware software, back up important data to an offline location, and train your team to avoid phishing emails and unsafe downloads.

2. Notion’s AI agent could be tricked into stealing your data

   Source: Schneier on Security, Abusing Notion’s AI Agent for Data Theft

   What happened: Security researcher Simon Willison warned that Notion’s new AI feature (version 3.0) contains a “lethal trifecta” of capabilities: access to your private data, exposure to untrusted content, and the ability to send information outside the system. Attackers can hide malicious instructions that tell the AI to extract customer names and revenue from a database and send them to an attacker-controlled website.

   Why it matters: This is a new twist on data theft: instead of hacking into your systems directly, criminals trick your AI assistant into doing the dirty work for them. If you rely on AI tools like Notion’s agent to manage customer lists, invoices or other sensitive information, a poisoned document or prompt could lead to a major breach.

   What to do: Keep AI agents away from confidential data—don’t give them access to information you can’t afford to lose. Avoid feeding untrusted files (especially PDFs or content from strangers) into AI tools. Regularly review the permissions you grant to any AI agent and disable features that allow external communication unless absolutely necessary.

3. New Android malware targets seniors via fake travel events

   Source: The Hacker News, New Android Trojan "Datzbro" Tricking Elderly with AI-Generated Facebook Travel Events

   What happened: The scheme begins with scammers running Facebook groups that promote AI‑generated “active senior trips” and social events. When older users show interest, the attackers contact them through Facebook Messenger or WhatsApp and urge them to download a “community app” from a fraudulent link. Installing the app deploys malware that has sweeping capabilities: it can record audio, take photos, access files, steal lock‑screen PINs and banking credentials, and perform fraudulent transactions.

   Why it matters: Social‑engineering scams increasingly use AI‑generated content and community‑oriented hooks to lure victims. While this campaign targets seniors, similar tactics could trick employees or family members of small‑business owners into installing malicious apps that compromise personal and corporate accounts.

   What to do: Remind your team and loved ones to never download apps from links in messages or social‑media posts—only use official app stores. Be wary of Facebook groups or messages promoting events that ask you to install special applications. Ensure all Android devices use the latest OS version and enable Google Play Protect. If you, an employee or a relative believe a device may be infected, disconnect it from financial accounts and seek help from a trusted IT professional immediately.

   Not sure what applies to your business or what your options are? Let’s talk.

🔍 In Case You Missed It (ICYMI)

• This week’s blog post: Cybersecurity Doesn’t Have to Be Lonely: How Community Can Make You Safer »   I’m excited by the responses I’ve gotten so far about our new co-op model! At the end of this blog post explaining it, I’ve included a link to a short 3-question survey. I’d love to get your feedback.

• I added a domain scanner to my Resources page for you. Try it out! It’ll tell you if your domain records are set up correctly so your domain (example.com, for example) can’t be spoofed and used by criminals to phish your own customers in your name, your emails will less likely be marked as spam (and so more often delivered to your customers), etc. I’ll be diving into explaining the security aspects of these records in my next blog.

• Follow us on LinkedIn, Facebook or Instagram. Youtube is in the works (subscribe to get notified when I finally start getting these videos out there!)

🤖 The LOL-gorithm

🧷 THE SAFETY SNAP

Keeping yourself safe isn’t just about computers—it’s also about protecting your heart and your wallet. Recent arrests by Interpol show that scammers use romance and sextortion tactics to target women online, especially women business owners. Here’s how to stay safe:

• Take it slow: Don’t rush into relationships with people you meet online. Scammers often push for quick intimacy or financial help. Trust your instincts and seek advice from friends or family. Love bombing is a red flag.

• Keep private details private: Never send intimate photos or videos to someone you’ve never met in person, and be cautious sharing personal information (address, family details, travel plans) publicly.

• Guard your finances: Resist requests for money, gift cards or bank transfers from online acquaintances. If someone asks you to “help them out” with a sudden crisis, it’s a big giant red flag.

• Verify identities: I used to say, use video calls before meeting someone, but deepfakes are making this not as helpful. This is a tough one. Take your time and be observant. Meet in a public place.

  If anything feels wrong, end contact and report the profile to the platform. Reddit has a good guide if you are a victim of sextortion and includes helpful resources for those over 18, as well as under.

  And many feel ashamed and embarrassed to be caught up in something like this. Don’t. They are good at what they do. And we are human. Reach out for support and help.

💬 A PERSONAL NOTE

A friend of mine asked me recently how I got into cybersecurity. We talked a bit about it, and thinking back, two things really stood out to me as a woman in cybersecurity today.

• Representation matters. Before there were dual enrollment programs, my mom got me into a computer class at the university when I was still in high school. I used to spend hours and hours and hours on the weekends in the computer lab. Then when I had my first job in high school, selling the early Macs (mid-1980s), the first thing I bought was a Commodore 64, one of the early home computers. Despite all that, it never occurred to me that I could make a living doing anything with computers. Not even a blip. I joke that I ended up in tech by accident. But… is it really a joke?

• When I got my acceptance letter for my top pick college, a guidance counselor told me I shouldn’t accept — that I’d be taking a spot away from a man who would need that degree to support his family. What?! (Haha, they didn’t know me very well — that was a GUARANTEE I was going to go.)

I’m sure I’m not the only one — I know I’m not the only one — with stories like that.

👂 TELL ME

Running a small business means wearing dozens of hats—CEO, accountant, marketer and more. Cybersecurity may not be your favourite hat, but it’s one you can’t take off. Our goal is to make it lighter by turning complex news into plain‑English guidance you can use. If you found this issue helpful, forward it to a friend or fellow business owner who could use a little cyber‑confidence.

P.S. I’d love your feedback—do you prefer the new 3-story format? Just hit “reply” and let me know!

Stay safe and see you next week! 🌟 

You’re subscribed to Phish & Tell™️ because your business is worth protecting.

🩷