Have you ever wondered what lies beyond the familiar websites you visit every day? Just how much “stuff” there is on the internet? (SPOILER: There’s a lot more than you think!) Netstalking is a fascinating way to uncover the internet’s hidden corners, from forgotten blogs to open webcams and mysterious servers. Think of it like a combination of internet archaeology and a detective mystery with a dash of spy work thrown in for measure.

In this article, we’ll dive into what netstalking really means, how it’s done safely, and why it’s capturing the curiosity of digital explorers everywhere. If you’re tired of the same old online routine and want to discover something new without needing tech skills, this guide outlines some practical tips and insights to get you started.

Key takeaways

• Netstalking is about exploring forgotten or hidden parts of the internet, not
• It involves safe, public searches for unique content like old photos or abandoned sites.
• You should always prioritize ethics and legality to avoid the risk of being sued or prosecuted.
• Tools like web archives can help beginners start without advanced knowledge.

What is Netstalking?

Netstalking is the practice of searching for obscure, rarely visited parts of the internet, uncovering forgotten websites, public webcams, and hidden servers. This digital exploration appeals to curious minds who enjoy finding internet relics without any malicious intent.

Originating from online communities, netstalking blends adventure with anthropology, helping people appreciate the web’s vast, unseen layers. For example, you might stumble upon an old personal blog from the early 2000s or a live feed from a public device.

Common finds in netstalking

Among the many things you may find during netstalking are:

• Abandoned blogs and photo galleries from years past.
• Public webcams showing everyday scenes around the world.
• Hidden servers with open directories of files.
• Artistic or experimental websites not listed in search engines.

The fact that these ‘finds’ are undocumented means that you may stumble across almost anything, some more interesting than others.

How do you start netstalking safely?

Because you will be accessing unfiltered, unknown content, you must exercise caution. Begin with simple tools like web archives (archive.org is a great starting place) or specialized search engines to view old site versions without risking security.

Safety is key in netstalking – stick to public resources and avoid anything that feels private or restricted. Start by searching for archived pages of defunct sites or using random IP scanners ethically. If you have to enter a username and password to access content, you probably shouldn’t be there.

Remember, the goal is discovery, not intrusion.

Steps for beginners

Getting started with netstalking is simple:

1. Use free web archive tools to explore historical websites.
2. Try random searches on public directories.
3. Join online forums like Reddit for tips from experienced explorers.
4. Always check local laws to ensure your activities are legal.

Why try netstalking?

People netstalk for the excitement of uncovering digital history and sharpening research skills in a fun way. It offers a break from mainstream social media, revealing the internet’s quirky, artistic side. Plus, it builds awareness of online privacy and the sheer size of the internet.

Netstalking draws from real-world examples like urban exploration, where people visit abandoned buildings safely. Similarly, digital finds can inspire art or personal projects – or simply give you a chance to laugh at internet entertainment from when your parents were growing up!

One final tip

Always treat unknown files and applications with caution. Even ‘old’, unknown websites can be infected with malware, placing your personal security at risk. Make sure you have a robust anti-malware tool like Panda Dome to protect against accidental infection.

Conclusion

Netstalking opens up a world of hidden internet treasures, blending curiosity with safe exploration. From forgotten sites to public oddities, it’s a reminder of the web’s endless mysteries.

Ready to dive in? Start with a simple web archive search today and share your finds in the comments below. For more tips, check out our related guides on digital privacy.

The post Exploring Netstalking: Hidden Internet Gems appeared first on Panda Security Mediacenter.

A virtual private network, or VPN, is a powerful tool that can transform your online experience by enhancing privacy, unlocking content, and securing your data. With Panda Dome VPN, users gain access to a suite of features designed to protect their digital life, whether at home, at work, or on the move. 

But what exactly can you do with a VPN like Panda Dome VPN? 

Key takeaways

• A VPN is a powerful tool for protecting your privacy online
• A VPN could save you money on your online shopping

• A VPN helps you avoid geographical restrictions and content blocks.

Understanding the basics

A VPN creates an encrypted tunnel between your device and the internet. Any data passing through that tunnel shielded from prying eyes, whether those are hackers, advertisers, or even your internet service provider. 

Panda Dome VPN routes your internet traffic through secure servers located around the world, masking your real IP address and making your browsing truly private.

You might be interested in: Top 11 Tips for Safe Web Browsing

Protect your privacy anywhere

One of the primary reasons people use Panda Dome VPN is to safeguard their privacy. Every time you connect to the internet, your device broadcasts a unique IP address that can be used to track your location and browsing habits. 

Panda Dome VPN hides your real IP address and encrypts your data, making it nearly impossible for third parties to monitor your activity. This matters most on public Wi-Fi, where cybercriminals often try to intercept sensitive information. It’s a much harder for hackers to steal data, like credit card numbers and passwords, when using a VPN.

You can learn more about the importance of online privacy in our free guide about data privacy. 

Access content without borders

Geographic restrictions can prevent you from accessing certain websites, streaming platforms, or online services based on your location – like the BBC. Panda Dome VPN allows you to change your virtual location by connecting to servers in over 60 countries. 

This means you can enjoy your favorite TV shows, sports events, news channels, and social networks from anywhere in the world. You can bypass censorship and content blocks. Whether you’re traveling abroad or exploring content from another region, a VPN gives you the freedom to browse without limitations.

Avoid sneaky price tricks and save money

Online retailers and booking platforms often display different prices based on your location, a practice known as price discrimination. By changing your virtual location with Panda Dome VPN, you can compare prices from various regions and potentially find better deals on flights, hotels, or digital subscriptions. 

Browse anonymously and prevent tracking

Advertisers and data brokers are constantly seeking ways to track your online behavior and build detailed profiles for targeted advertising. Panda Dome VPN’s strict no-logs policy ensures that your browsing activity is never stored or shared. 

VPN hides your IP and encrypts data, blocking websites and third parties from tracking your online activity. This helps preserve your anonymity and ensures you are always in charge of your personal information.

You might be interested in: FTC bans data brokers from selling sensitive information of Americans

Unblock social networks and communication apps

Some countries like Brazil and China restrict access to social networks and messaging apps. Many workplaces do too. 

Panda Dome VPN lets you bypass these blocks, ensuring you can stay connected with friends, family, and colleagues wherever you are. This is especially useful for travelers or expatriates who want to maintain access to familiar platforms while abroad.

Enjoy high-speed, reliable connectivity

Panda Dome VPN operates thousands of servers worldwide, optimizing speed and reliability for users. Whether you’re streaming videos, playing online games, or downloading files, you can expect smooth, uninterrupted performance. 

VPNs use advanced protocols that balance security and speed, so you don’t have to sacrifice performance for protection.

Conclusion

Panda Dome VPN is more than just a privacy tool – it’s your gateway to a safer, freer, and more versatile internet experience. Protect data on public Wi-Fi, bypass restrictions, save money, and avoid tracking—VPNs offer extensive possibilities.

Try it out for yourself – you can download Panda Dome VPN completely free of charge.

The post What can I do with a VPN? appeared first on Panda Security Mediacenter.

You might think your iPhone is a digital fortress, but even the best walls can have cracks. And if you’re wondering, “Can someone hack my iPhone?,” the answer is yes. Hackers use tricks like fake Wi-Fi hotspots and phishing texts to sneak in and steal your data.

Learn how attacks happen and why iPhones aren’t invincible. We’ll also share eight simple fixes for how to secure your iPhone from hackers, so you can keep your data safe.

Can iPhones Get Hacked?

Yes, iPhones can be hacked, but it’s not simple. Apple’s security is solid, but hackers can exploit vulnerabilities in iOS or apps, or trick you into installing malicious software. Common attack methods include phishing, spyware, and compromised apps that sneak in with too many permissions.

Once hacked, attackers might access personal data, track your activity, or even control features like the camera or microphone. However, keeping your iPhone updated and avoiding suspicious apps or links drastically lowers the risk.

Despite their superior security features, iPhones are still susceptible to:

• Unsecured Wi-Fi network traps
• Suspicious apps and social engineering schemes
• Security vulnerabilities the iOS can’t prevent
• Getting your Apple ID stolen and used 

From there, the hacker can access all data on your iPhone, including cloud storage, pictures, messages and sensitive financial and personal information.

Can an iPhone camera be hacked? 

While it’s rare, an iPhone camera can be accessed by hackers under certain conditions. Usually, this happens through malicious apps, spyware, or by exploiting vulnerabilities in iOS or third-party apps. If successful, hackers could record video or access photos without your knowledge.

How can this happen?

• Malicious apps: Hackers create apps that ask for camera permissions and secretly activate the camera once installed.
• Spyware: Malware installed via phishing or compromised sites can monitor your phone and steal camera footage or photos.
• Exploiting vulnerabilities: Rare bugs in iOS or apps might let hackers remotely control your camera until patched.
• Screen mirroring abuse: If someone gains access, they can enable screen mirroring to see your camera feed.

How can you tell if your camera is compromised?

• Watch for the green dot that appears when the camera is in use; if it shows up unexpectedly, be cautious.
• Regularly check app permissions and remove suspicious ones.
• Run spyware scans using trusted security apps.
• Notice if the camera light is on when you’re not using the camera.

How to Tell If Your iPhone Is Hacked

No one knows your iPhone better than you. If you notice your device behaving in strange and unusual ways, your iPhone may have been hacked. Here are six hacked iPhone signs you should know:

Device Performance

Malware can slow your iPhone, drain its battery quickly and even make it overheat when you’re barely using it. You might also see unexplained pop-ups or ads in your browser or notice apps crashing more often than normal. Some of these issues can be chalked up to an older device or a worn-out battery. But if your iPhone is in good shape and still underperforms, unwanted software might be at work.

Tip: Check your battery health in Settings > Battery, clear website data in Safari’s settings to banish pop-ups and restart your phone in Safe Mode (hold Power and Volume Up) to see if performance improves. This can help you isolate and remove any malicious apps.

Network Activity

Malware often talks behind your back, sending and receiving data without you knowing. You might see sudden spikes in data usage or notice your iPhone auto-connecting to unfamiliar Wi-Fi or Bluetooth devices. These sneaky connections can mean someone’s siphoning your info or controlling your phone remotely.

Tip: Go to Settings > Mobile Service > Usage to spot unusual data use, disable “Auto-Join” for unknown networks in Wi-Fi settings and use a trusted VPN to encrypt your traffic and block hidden connections. In some iPhone models, the steps might be a bit different. Look for anything related to “mobile data or cellular” under Settings.

Security and Privacy

Malware can sneak into your Apple ID and mess with your security settings, locking you out or changing your passwords without warning. You might also spot strange iCloud activity — files moved, deleted or accounts suddenly locked — that you didn’t initiate. These are clear iPhone hacked signs, indicating that someone’s trying to control your device or hijack your data.

Tip: Turn on two-factor authentication (2FA) in Settings > [your name] > Sign-In & Security, review your account’s device list regularly and sign out of any unfamiliar sessions in appleid.apple.com to keep unwanted guests at bay.

Unknown Apps

If you spot apps on your home screen that you didn’t install, it could be spyware silently stealing your data. Hackers often disguise malicious software under ordinary names so it blends in with legitimate apps.

Tip: Regularly review your installed apps in Settings > General > iPhone Storage and delete any you don’t recognize.

Strange Messages From Your Number

If friends ask why they got weird texts or emails from you, hackers may have taken over your messaging app to send scams or phishing links. Malware can hijack your number and blast out harmful links to everyone in your contacts list.

Tip: Block and report any suspicious messages, then change your Apple ID password immediately to stop further misuse.

Locked Out of Apple ID

If you suddenly can’t sign in and see alerts that your Apple ID is locked or disabled, someone may have gained control of your account. Hackers often change your password or security questions, so you lose access and they can roam freely.

Tip: Go to iforgot.apple.com to reset your password and contact Apple Support if you still can’t regain access.

8 Tips if Your iPhone Was Hacked

If you think your iPhone or Apple ID has been compromised, remember that you have a short amount of time to secure your account before you’re locked out or your data is stolen. Here’s what to do if your iPhone is hacked:

• Disconnect and power off your device: Turn off your Wi-Fi, Bluetooth and cellular data. Then, disconnect the iPhone from any accessories or wired connections and power it down.

• Remove external components: Take out your SIM card and any external storage or charging devices.

• Access your Apple ID: Use another device to access your Apple ID account. Then, reset your Apple ID password and check for any unknown connections. Immediately change passwords for all accounts linked to the device. Use strong passwords.

• Enable two-factor authentication: Add an extra layer of security with 2FA to your accounts where possible.

• Check your iPhone settings: Check the settings for services or apps you’re signed in to with your Apple ID. To do this, open the Settings app on your iPhone. Tap your name and verify the email address associated with your Apple ID.

• Contact your service provider: Inform your cellular service provider about the hacking incident and verify if there were any purchases or suspicious charges on your service provider’s app.

• Update your phone: Install the newest iOS update in Settings > General > Software Update to patch any security flaws attackers might exploit. Running outdated software is one of the fastest ways to get into your phone.

• Use a reliable VPN: Secure your online activity on all devices by using a reliable virtual private network service and browse the internet safely while protecting your personal information.

3 Common Security Myths About iPhones

Many people believe iPhones are immune to malware because of Apple’s strict controls, but that’s not exactly true. Here are the three most common iPhone myths that might be putting your data at risk:

 1. iPhone Apps Can’t Have Viruses

If you think any app from Apple’s App Store is virus-free, think again. In 2015, the XcodeGhost incident showed that malicious code can slip past review and infect real apps.

Tip: Before you tap “Get,” check app reviews, download counts, developer info and required permissions.

2. iPhones Can’t Get Viruses

It’s true that iOS’ walled-garden design makes virus attacks rarer. Yet, scareware and malware campaigns still target iOS users — clicking a fake link or installing a dodgy profile can let threats in. This means that even iPhones can get viruses.

Tip: Never click links from unknown senders and only install software from trusted sources.

3. Only Jailbroken iPhones Can Get Hacked

Jailbreaking does lower your defenses, but you don’t need to break free of Apple’s rules to be at risk. Phishing texts, unsecured Wi-Fi hotspots and unpatched zero-day flaws can compromise even stock iPhones. Jailbroken iPhones usually need an antivirus to strengthen their security.

Tip: Keep iOS up-to-date, use a strong passcode and avoid public Wi-Fi without a VPN.

How VPNs Can Protect Your iPhone

Even with Apple’s built-in defenses, public Wi-Fi and phishing sites can still expose your data. A reliable VPN service can help you avoid getting your phone hacked and make it hard for hackers to track it.

Panda Dome VPN encrypts every bit of traffic and masks your IP so snoopers and hackers can’t track or intercept your online activity. With one-tap connections, a strict no-logs policy and lightning-fast servers, it turns any network into a private tunnel. Download Panda Dome for free from the App Store or upgrade to a premium version today and browse safely.

 iPhone Hacking FAQ

Learn how iPhones can be compromised to keep your personal information from being stolen and used.

What Are the Signs My iPhone Has Been Hacked?

Look for sudden battery drain, sluggish performance, unexpected data spikes or apps you never installed. These often mean malware is running in the background. You might also see constant pop-ups or ads, frequent crashes or overheating when the phone is barely in use.

Are iPhones Safer Than Androids?

Yes — iOS’ closed ecosystem and strict App Store review process make iPhones less prone to malware than Android devices, which allow side-loading and have a larger attack surface. That said, both platforms rely on you to keep software updated, download only from official stores and use strong passwords.

How Can You Tell if Someone Is Remotely Accessing Your iPhone?

Watch for sudden password or setting changes you didn’t make, like two-factor prompts for no reason. Also, check Settings > Privacy & Security > Location Services > Share My Location for unknown devices sharing your location. Unfamiliar outbound texts or spikes in data usage can be further clues that someone’s tapping into your phone.

Can iPhones Get Hacked From Websites?

Yes, iPhones can be hacked through websites, though it’s not very common. Most attacks rely on exploiting security flaws in iOS or tricking users through phishing. 

For example, visiting a compromised or malicious site could lead to a “drive-by download,” where malware installs silently, especially if your device isn’t up to date. More often, fake websites mimic legitimate ones and trick you into entering your Apple ID, passwords, or other sensitive info. 

Can Someone Hack My iPhone With My Phone Number?

It’s unlikely, but not impossible. A hacker can’t directly break into your iPhone with just your number but they might use it for phishing attacks, SIM swapping, or social engineering to trick your carrier or access accounts tied to your number.

Is It Easy to Hack an iPhone?

No, hacking an iPhone is not easy. Apple’s security measures, frequent updates, and app sandboxing make it hard to break in. Most successful hacks rely on user mistakes, like clicking phishing links or installing malicious apps.

The post Can Someone Hack My iPhone? + 8 Ways to Fix It appeared first on Panda Security Mediacenter.

It is not a secret that often personal information ends up on people search sites. Such websites collect personal data from publicly available sources and then publish it or try to sell it. The data often consists of names, addresses, or phone numbers, and it is frequently published without the consent of the individuals involved. Removing such personal information and clearing digital prints, in general, has become crucial for protecting personal privacy rights. It also significantly reduces the risks of identity theft-related crimes. Here are our suggestions on how to remove such personal information from people search sites. Keep in mind that reclaiming privacy is not an easy task, but following these steps will help minimize online footprint and remove such personal details from the internet. 

Key Takeaways

• Find out which specific sites have such information.
• Explore and follow their opt-out process to remove the questionable data. 
• Keep an eye on online presence regularly.
• Consider using privacy tools to leave fewer digital prints and adequately manage removal requests.

How does personal information end in the hands of data brokers?

People search sites aggregate public data from sources such as court records, voter registrations, and even social media, often without obtaining user permission. These platforms profit by selling access to this type of personal details, which raises privacy concerns. Removing personal information from the internet reduces risks such as fraud, phishing, or cyberstalking. Sites that publish such data include Whitepages, Spokeo, and TruthFinder. Here are more details on how to remove personal data from online directory companies. 

You might be interested in: Final post of the series on our cybersecurity survey: Data privacy

Identify the sites that have your info

Search for yourself on Google using variations of your name, city, or phone number (e.g., “John Smith California”). A mixture of your name, addresses (previous and present), and cellphone numbers (work and personal) will likely show up on Google. We strongly suggest you use the incognito tab to do the search – staying “hidden” prevents Google from showing personalized search results. 

You might be interested in: The 10 Best Search Engines for Privacy in 2025

Start the opt-out process 

Most people search sites are legally obliged to have an opt-out process. The companies are often not excited to receive those requests, so they often bury them at the bottom of the page, under or close to the privacy or opt-out links. Here are a few examples below;

• Spokeo: Navigate to their “Do Not Sell My Info” and enter your profile URL and email address to start the process.
• Whitepages: Scroll to the bottom of the page and hit the “Do Not Sell My Personal Information” button. Then, follow the process by adding your profile URL. 
• BeenVerified: Hit that “Do Not Sell or Share My Personal Information” button at the bottom of the page and add your name, address, and confirmation email.

The process to remove the information is similar to that of all other sites that store personal information. It is essential to maintain a record of your submission – make a screenshot of every confirmation and keep any email correspondence with them. Those will be helpful in case you need legal representation and/or need to follow up. 

Continue to monitor your personal and repeat the first two steps

Sadly, removed data can reappear due to new aggregators or updates. Setting up a Google Alert for your name can be very helpful in monitoring a name. People are advised to review their media presence every 3-6 months and submit requests as needed. 

Consider using tools to navigate the process and prevent personal data leaks

• Google Alerts: it will help you get notifications when personal data is published.
• PrivacyDuck or OneRep: if money is no object, use services that automate removal requests.
• Panda Dome: use protection software to prevent leaving digital prints. 

Additional tips to protect privacy

Make sure that you do your best to limit your public data. Users can adjust their social media privacy settings to ensure their details are not considered public information. Get in touch with government offices (such as the county treasurer-tax collector) and ask them to limit publishing such information, and lastly, avoid sharing personal details on random sites. 

If you’ve identified a website in question that refuses to remove a record, people are welcome to consider using reputation management agencies and/or consult a lawyer. 

Conclusion

Fraudsters are utilizing the data provided by people search services all the time. Often, such websites are where they go to select a target. Know where your information is published. Delete it. That’s the first step to avoid becoming a victim. Persistence is key. Deleting entries once helps. But monitor for future violations. Aggregators often republish after a few months.. If you wish to maintain a fair level of privacy while browsing, consider using antivirus software with a VPN – the good ones often offer one as part of their protection package.

Continue reading: How to protect your personal data when using ChatGPT and generative AI

The post Here’s how to remove personal info from people search sites appeared first on Panda Security Mediacenter.

Forgotten passwords is a major frustration, especially as our digital lives expand across dozens of online platforms and services. A recent study by Heepsy reveals that certain websites are particularly notorious for password resets. The report found that YouTube tops the list as the platform where users most frequently forget their credentials. 

Forgetting passwords isn’t just an inconvenience. It can disrupt workflows, cause missed opportunities, and even increase security risks if users are tempted to choose weak passwords or reuse credentials across platforms.

Where are passwords forgotten most?

The Heepsy study, shows that YouTube is the most common site for password resets. This is followed closely by other major platforms such as Facebook, Instagram, and X (Twitter), probably because of the sheer popularity of these websites.

Forgetting passwords is likely due to the sheer number of accounts people manage, the infrequency of logins on some platforms, and the growing complexity of password requirements. Using the ‘Remember me’ function to simplify future logins makes it very easy to forget passwords!

The Heepsy study reveals a broader problem: as users juggle more online accounts, the likelihood of forgetting passwords-and resorting to insecure practices like password reuse or writing them down increases.

Why forgotten passwords are a security risk

Every time a user resets a password, it introduces a potential vulnerability. Reused passwords, simple passphrases, or storing credentials in unsecured places (like sticky notes or unencrypted files) can expose users to hacking, phishing, and data breaches. 

Additionally, the process of resetting a password often involves email or SMS verification. Although more secure than a password alone, two factor authentication (2FA) techniques can still be intercepted or exploited by cybercriminals if not properly secured.

How Panda Security’s password manager provides a solution

Panda Security’s password manager, Panda Dome Passwords, is designed to address these exact challenges by offering a secure, user-friendly way to manage all your login credentials under a single master password. 

Here’s how it can help solve the problem of forgotten passwords:

One master password for everything

With Panda Dome Passwords, you only need to remember a single master password. The tool stores all your other passwords in a secure, encrypted database and automatically fills them in when you visit your favorite sites, including YouTube, Facebook, and Instagram. 

This auto-fill function eliminates the need to reset passwords because you’ve forgotten them. Your credentials are always available inside Panda Dome Passwords.

Strong, unique password generation

Panda’s built-in password generator creates strong, unique passwords for every account, significantly reducing the risk of breaches due to password reuse or weak security. You don’t have to invent or remember complex strings of characters because the manager does it for you.

Auto-fill and auto-save features

The password manager automatically captures and saves new login credentials as you create them. A next time you visit the site, the tool fills them in automatically. 

Whether you’re logging into YouTube after months away or signing up for a new service, Panda Dome Passwords streamlines the process, saving time and minimizing frustration because it never forgets your passwords.

Security reports and breach alerts

Panda Dome Passwords includes a security report feature that audits your stored passwords, checking for weak, duplicate, or compromised credentials. If your data is leaked online, you’ll receive an alert, prompting you to update affected passwords immediately before they can be used by scammers. This is especially useful for high-target platforms like YouTube and social networks.

Multi-factor authentication and zero-knowledge security

To ensure your vault is protected, Panda supports multi-factor authentication with popular apps like Google Authenticator and Authy. The password manager operates on a strict zero-knowledge policy, meaning only you have access to your stored data. Not even Panda Security can see your passwords.

Sync across all devices

Panda Dome Passwords syncs your credentials across all your devices automatically, so whether you’re on your phone, tablet, or desktop, you’ll always have access to your accounts. This is particularly helpful if you access services like YouTube or Facebook from multiple devices.

Remote logout and session control

Concerned your devices may have been compromised? Or your phone has been stolen? Panda Dome Passwords has a feature that allows you to delete your browsing history and close all your web pages and services – remotely. This adds an extra layer of security and peace of mind.

Simplify your digital life and secure your accounts

The frequency of password resets on sites like YouTube highlights a growing problem in our digital routines. We simply cannot remember all of our passwords! Panda Security’s password manager is comprehensive, secure, and easy to use. It prevents forgotten passwords and boosts online security.

Panda Dome Passwords centralizes password management. It generates strong credentials and offers real-time insights. Regain control of your digital identity. All of which will help to avoid clicking the ‘Forgotten password’ button again.

Continue reading: 40+ Password Statistics That Will Change Your Online Habits in 2025

The post Which websites have the most forgetful users? appeared first on Panda Security Mediacenter.

Last month, Blue Shield of California began notifying its customers that the health data of approximately 4.7 million patients had been leaked to Google. The healthcare provider issued a notice of data breach.  It explained that health data was unintentionally shared with Alphabet’s Google for years. During COVID-19 crisis, Blue Shield allowed member data to be shared with Google Ads and Google Analytics. As a fact, such data is expected to remain private and is considered a physician-patient privilege.

You might be interested in: What is the difference between a data leak and a data breach?

With the data accessible, Google may have launched ad campaigns targeting users based on specific personal information. For example, a Blue Shield customer who suffered an injury from a car accident might have been approached by injury attorneys through advertisements. The breach likely also triggered other types of unethical advertising activities. That includes sales of snake oil products to terminally ill patients or to other vulnerable and/or emotionally unstable people. These groups include drug users, cancer patients, expectant mothers and others.

What personal data was leaked and who is affected

Californians wondering if affected should know Google Analytics linked to sensitive Blue Shield health data from April 2021 to January 2024. The leaked data consisted of data points such as name, address, gender, family size, and medical claim information. The exposed data likely allowed unethical ad campaigns, but luckily no banking info, SSNs, or driver’s licenses were included.

Blue Shield of California used Google Analytics to track website usage and activity. They stated that Google’s tools have helped them improve their services and offerings to its members. While improving services, Blue Shield also overshared protected data with one of the world’s largest tech companies. Their actions raise privacy concerns and the company may get hit with a hefty fine as such actions go against HIPAA compliance.

You might be interested in: Data Privacy: A Guide for Individuals & Families

If people want to limit Google’s tracking, they may consider using top-tier antivirus software solutions to curb Google’s enthusiasm. Such offerings often come with a VPN that helps internet users leave fewer digital prints and maintain better privacy while browsing.

Continue reading: The 10 Best Search Engines for Privacy in 2025

The post Blue Shield health data of nearly 5 million Californians leaked to Google appeared first on Panda Security Mediacenter.

QR codes have become an everyday tool for quickly accessing websites or digital restaurant menus, making online payments, and benefiting from all types of digital services. However, this convenience has been exploited by cybercriminals to devise a new attack technique that is increasingly common and can affect any user: QR code phishing.

This type of scam combines technological deception and manipulation techniques to trick users into scanning a malicious code. By doing this, victims can end up on a fake page that steals personal data, banking credentials, or installs malware on their devices. The cost of this can be high: loss of money, identity theft, or unauthorized access to important accounts. And anyone can be a victim. All you have to do is scan or read a code generated by a cybercriminal.

In this article, we will explain exactly what QR code phishing is and how these attacks work, and will provide you with real-world examples of recent scams, and most importantly, tips to protect yourself easily from these attacks.

Additionally, we will tell you what Panda does to protect users from these threats. Our Panda Dome products include a QR code scanner for iOS and Android that analyzes the content of QR codes before you access the corresponding links. Thus, you can enjoy the convenience of QR codes, safely.

What Is QR Code Phishing?

QR code phishing is a cyber-scam technique in which attackers use malicious QR codes to trick users and redirect them to fraudulent websites.These codes may look legitimate, but scanning them can redirect users to fake sites mimicking banks, payment platforms, or social networks. Their goal: to steal credentials, financial data, or personal info.

What makes this threat so dangerous is that QR codes do not show where they take you until they are scanned. This lack of visibility gives cybercriminals an advantage to camouflage malicious links without raising suspicion. These codes are usually placed in physical locations such as signs, restaurant tables, or gas stations, but they can also be distributed through email messages or social media.

How QR Code Phishing Attacks Work

QR code phishing attacks consist of several stages:

1. Malicious code creation: The attacker generates a QR code that directs users to a fraudulent URL, designed to appear legitimate. Sometimes, it can also redirect to the download of fraudulent apps.
2. Code distribution: This code can be printed and placed in public areas, pasted on top of legitimate codes, sent by physical mail, or included in digital spam campaigns.</span> 
3. Victim capture: The victim scans the code with their smartphone, believing they will access a trusted site.
4. Data theft: The fake site requests personal or financial information, which is sent directly to the attacker.
5. Consequences: The stolen information can be used to impersonate the victim’s identity, empty their bank accounts, or can be sold on the dark web.

This type of attack has a very strong physical component. Hervé Lambert, Global Consumer Operations Manager at Panda Security warns: “The physical layer is crucial because many cyberattacks begin with attackers obtaining personal information through physical means.”

Additionally, attackers are adapting these techniques to include artificial intelligence, making their scams even more convincing. That is why it is essential to combine real-world caution with advanced cybersecurity solutions that can respond to AI-powered cyberthreats.

Real Examples of QR Code Phishing

QR code phishing attacks are not just a theoretical risk; they have already happened and are on the rise. For example, in Switzerland, a group of cybercriminals used fake postal letters that appeared to come from governmental organizations. These letters included QR codes that redirected victims to fake sites where they were requested to enter their banking credentials.

Another incident showed how cybercriminals use QR codes printed on advertising materials to redirect users to fake sweepstakes or promotions. When users participate, they end up voluntarily providing personal data to scammers. You can see more details in our blog post here: “What is a QR Code Scam?”.

Scams have also been documented in places such as parking lots or gas stations, where stickers with fake codes are placed over real ones. In these cases, victims believe they are paying for parking, but they are actually providing their banking information to an attacker. The financial impact can be significant: Cases have been reported where victims have lost up to €14,000 after scanning a fraudulent QR code.

These attacks demonstrate the growing sophistication of QR code phishing and the urgent need to take precautions. In this respect, Panda Security, with user welfare in mind, has launched the ultimate tool to avoid these problems: Secure QR Scanner. Secure QR Scanner is a secure QR code reader included in Panda Dome and available for both iOS and Android. This tool is designed to detect and block phishing or quishing attempts through QR codes, ensuring a risk-free scanning experience and providing an additional layer of security to protect users from potential threats.

How to Protect Yourself from QR Code Phishing

The increasing sophistication of QR code phishing requires users to adopt a proactive security stance against this threat. Far from being a purely digital risk, this type of scam exploits both the online and physical environments to deceive victims. From fake QR codes placed in public places to official-looking postal letters, attacks can occur anywhere.

Therefore, protection must be addressed from a comprehensive perspective. Having a good antivirus is not enough. It is essential to develop a security culture that includes a critical analysis of what we scan, the use of trusted tools, and knowledge of how cybercriminals operate.

As Hervé Lambert explains, “Security should not be limited only to the digital environment. From the perspective of a cybersecurity provider, it is essential to have tools that protect the user from threats that can arise in both physical environments, such as a letter or a printed QR code, and in the digital channels we use daily. We must protect our information and digital footprint.” That is why, at Panda Security, we have launched the Secure QR Scanner tool, available in our Panda Dome line for iOS and Android. This tool enables you to scan QR codes before opening the corresponding links, automatically blocking those considered malicious. 

To protect yourself from this threat, it is crucial to adopt preventive measures both in the physical and digital environment. Here we provide a series of effective recommendations:

1. Use secure scanning applications

Tools such as Secure QR Scanner (available for iOS and Android). This tool included in Panda Dome enables you to securely scan QR codes before opening the links, automatically blocking those considered malicious.

2. Verify the source of QR codes

Before scanning a code, evaluate whether it appears legitimate. Be wary of codes placed in suspicious locations or over other codes.

3. Do not enter sensitive data after scanning a QR code

If, after scanning a QR code, you are requested to provide confidential information such as passwords, banking data, or credentials, stop and verify the URL.

4. Keep your devices updated

This helps protect you from vulnerabilities that attackers can exploit. Panda Dome includes an update manager that makes sure your system is always up to date.

5. Awareness and training

Educating yourself about phishing risks is one of the best defenses. You can find more educational resources on the Panda Security blog.

Additionally, to enhance your security, you can complement your protection with features such as Panda Dome Passwords, a robust password manager included in the Panda Dome Complete and Panda Dome Premium plans. This tool is also available as a standalone product.

As if that were not enough, the Panda Dark Web Scanner tool, included in all Panda Dome plans, enables you to check whether your personal information is circulating on the dark web and alerts you if your credentials have been compromised.

When you use a complete solution such as Panda Dome, you not only protect yourself from QR code phishing, but also from malware, ransomware, and more complex threats that can affect your privacy and digital life.

After Tool Installation, Prevention Is Your Best Defense 

The rise of QR code phishing is a reflection of how cybercriminals quickly adapt to our digital and physical routines. A once fast, secure way to access services is now a gateway to fraud, identity theft, and financial loss.

That is why, after you install and use the appropriate technological tools, prevention and education are your best defense. Every time you scan a QR code, you are making a trust decision. Make sure that this trust is backed by tools designed to protect you.

Do you want to scan QR codes with complete peace of mind? Download Panda Dome QR Scanner on your devices and keep QR code phishing at bay. And, if you are looking for comprehensive protection, explore our Panda Dome plans and discover everything they can do for you.

Frequently Asked Questions about QR Code Phishing

Is It Safe to Scan Any QR Code?

No. Many QR codes are safe, but cybercriminals can use them to redirect users to fake sites or install malware. Use the Panda Dome Secure QR Scanner tool to verify the source of QR codes before scanning them. 

How Can I Determine whether a QR Code Is Malicious?

It is important to use a secure QR code reader, such as the Secure QR Scanner tool included in all Panda Dome paid plans. You cannot determine whether a URL is malicious or not just by viewing it. Additionally, the use of shortened URLs that do not raise suspicion is becoming more common. Be wary of QR codes in uncommon places or that do not come from a trusted source.

What Should I Do if I Scan a Suspicious QR Code without Using Panda Dome Secure QR Scanner?

Close the website immediately without entering any personal information and run a security scan on your device. Change your passwords if you believe you could have been a victim of phishing.

What Type of Information Do Criminals Try to Steal with QR Code Phishing?

Mainly login credentials (such as email addresses and passwords), banking data, personal information, and even access details to corporate networks.

Can QR Codes Automatically Install Viruses on My Mobile Device?

QR codes themselves cannot automatically install viruses on your mobile device. However, they can redirect you to malicious websites or initiate the download of apps that contain malware. That’s why it’s important to install a tool like Panda Dome Secure QR Scanner. Use it to scan any QR code. Never download anything from suspicious links.

Does QR Code Phishing Affect Only Mobile Devices?

QR code phishing is not limited exclusively to mobile devices. It can affect any device capable of scanning QR codes, accessing the Internet, and devices with a camera (including tablets, laptops, and desktop computers).

The post What Is QR Code Phishing? How to Protect Yourself from This QR Code Scam appeared first on Panda Security Mediacenter.

Online gaming is a hugely popular past time for kids and adults. Games like Minecraft, Pokémon Go, Fortnite and Roblox are enjoyed by millions of young gamers every day. 

These games are largely safe and fun – but there are a few risks you need to be aware of before they sign up. Make sure you discuss each of these challenges with your child – and ensure they know how to respond if they ever encounter one of them.

Cyberbullying

Children may encounter name-calling and abuse from other players in games with live-chat functions. Also known as ‘griefing’, cyberbullying can be extremely upsetting for victims.

Inappropriate content

Most games have an age rating for a reason. Any game with an adult rating will contain adult content such as violence, bad language and nudity. You can protect your children by ensuring they only play age-appropriate online games.

Stranger danger

Games that provide live chat functions will almost inevitably bring your children into contact with strangers. Most of the time, these strangers will be of a similar age – but there is always a risk they may connect with a predator. Consider blocking access to live chat features and talk about your child’s online interactions. By showing an interest and encouraging kids to talk, you can help protect them against online grooming.

Gaming addiction

Online games are intended to be fun and engaging, but this can quickly spiral into addiction. Spending excessive time playing games will affect sleep, schoolwork and personal relationships. Agreeing a daily time limit can help to manage addictive potential – so long as those time limits are carefully enforced.

Financial risks

Online games offer a host of upgrades, ‘loot boxes’ and in-game purchases intended to make gameplay more fun. There are also plenty of scams designed to rob players through fake online purchases. To avoid excessive spend, make sure that your kids cannot make purchases without your consent. Never, ever leave your credit card details attached to their gaming account.

Privacy and personal security

Some games, particularly smartphone games, collect a lot of personal data in the background. Pay attention to the terms and conditions when installing apps and only proceed if you are happy to accept. You should also talk to your child about the information they share online, particularly with strangers. You can read more about privacy for kids in “8 things your kids shouldn’t do online”.

How to keep your kids safe online

As well as talking to kids about the games they play and who they interact with, you also need tools to provide additional safeguards. Panda Dome Family includes a host of useful features that allow you to monitor and if necessary, control, internet access for kids.

Panda Dome Family provides reports to show the apps your kids are using and the amount of time spent. You can also set time limits across devices, enforcing the rules and helping establish a healthy online/offline balance. Discover more about our products and how it will help you manage the risks your kids while playing online games in parental control features.

The post What are the risks of online gaming for kids appeared first on Panda Security Mediacenter.

The US Customs and Border Protection (CBP) has officially launched the new CBP Home app, which includes a self-deportation feature. The new app replaces the CBP One app introduced by the previous administration in 2020. It was a tool for truckers to schedule cargo inspections and newcomers crossing the Mexico-USA border to provide biometric data and schedule immigration-related appointments in the USA. 

You might be interested in: 10 Ways to Secure Mobile Devices [2024]

The new public-facing government mobile application has a feature called ‘Intent to Depart’. It was built to help illegal aliens notify the US government that they intend to leave the land of the free voluntarily. This new app is part of the USA’s new immigration strategy to decrease the amounts of illegal border crossings.

The new tool is necessary for every illegal immigrant who intends to comply with President’s Executive Order 14159, ‘Protecting the American People Against Invasion.’ The executive order was signed on the President’s first day at the White House, on Jan 20th, 2025. It aims to halt illegal crossings and ensure that the federal government protects the American people by faithfully executing immigration laws. 

The new feature is part of an effort of the Department of Homeland Security (DHS).It which encourages undocumented immigrants to ‘stay out’ or ‘leave now’ if they wish to legally enter the US one day. Kristi Noem, Secretary of the DHS, has vowed that if illegal aliens refuse to comply, the government will find them, deport them, and they “will never return.” 

Additional services offered by CBP Home

The new app also offers other services that may come in handy to people. It allows travelers to apply and pay for I-94 up to a week before arrival in the USA. The new app also provides information on border wait times. It helps truckers set up cargo inspections and helps bus operators submit manifests in advance.

What happens to CBP One users?

All CBP One app users are now redirected to the CBP Home app. The old CBP One app collected vast amounts of sensitive data and photos of non-citizens, stored on government servers. These were likely part of databases readily available to the new administration to explore. Folks hoping to seek asylum might end up on the US Immigration and Customs Enforcement (ICE) deportation list. This could happen if they refuse to self-deport. 

Privacy concerns: How to protect your digital footprint

No one knows how this will play out in the long term. But one thing is for sure – time flies quickly, and the government often makes U-turns. Suppose you wish the government to know less about you, whether you are a US citizen or an asylum seeker. In that case, you might want to explore ways to minimize digital prints and online presence. High-end VPN solutions can blanket your online life. If you are not doing anything wrong, government agencies such as the IRS and ICE and private companies such as Big Tech do not need to know your whereabouts or have access to your sensitive information.

You might be interested in: Data Privacy: A Guide for Individuals & Families

The post USA introduces a self-deportation app called CBP Home appeared first on Panda Security Mediacenter.

It is tax season, and millions of American residents and businesses are filing for 2024 income taxes. The final day to submit a tax return for last year is April 15th, 2025, and experts estimate that over 160 million people will submit income tax forms hoping for a refund.

With so many millions of people filing, it is one of the busiest times of the year for fraudsters as they try to take advantage of all the confusion that usually surrounds tax season. The Internal Revenue Service (IRS) is aware of the constant ongoing efforts of criminals to take advantage of taxpayers and has published a list of tax scams and fraud that hopefully will help Americans not to fall for tricks used by scammers. The comprehensive list consists of tens of common tax scams, and we’ve highlighted some of the most important ones to keep in mind;

Charity impersonators

Many websites claim that a potential donation to their cause would be tax-free, only for people to find out that the non-profit charitable organization actually does not exist or is a for-profit entity. If folks think of making a charitable contribution to claim tax credits, they are strongly encouraged to verify that the company accepting the donations is registered as a non-profit organization on the IRS website. 

You might be interested in: How to recognize a charity scam?

Credits and refund misinformation

It is important to use an honest tax preparer or be as familiar as possible with the filing process. Sometimes, people are fed incorrect information that leads them to submit an incorrect tax return. Inaccurate tax returns can lead to fines, delayed tax refund payments, and even imprisonment. Dishonest tax preparers come with red flags such as insisting on cash-only payments, refusing to sign the tax prep personally, and, in some cases, even putting a person’s refund in their bank account instead of sending it directly to the recipient. 

Impersonators and phishing

Many people get calls from people pretending to be IRS agents. However, those “agents” are usually fraudsters on the other side of the world trying to steal banking information from their targets. It is rare for the IRS to call debtors; the agency would first send letters and then try to call someone if they cannot get ahold of an individual. If someone calls out of the blue and asks for gift cards or wants banking information, it is better to hang up and ignore the call – the unexpected “bill from the IRS” is likely just a scam. The same goes for emails; if a person gets an email that asks them to click on a link to the IRS, someone is likely trying to defraud the taxpayer. 

The IRS also advises people not to rely on social media advice from unqualified tax professionals and to be cautious if someone offers tax debt settlement or relief services. In many cases, those service providers are scammers who want to steal someone’s hard-earned cash.

You might be interested in: What tools does IRS offer to help you navigate through tax season?

Tax season is in full swing. And with so many data breaches over the years, we strongly suggest folks install top antivirus software on all smart devices. The worst thing that could happen is for a fraudster to steal personal information from your device, file a tax claim on your behalf, and steal your refund. The more prepared you are with device protection, the better.  

The post How to recognize tax scams and fraud? appeared first on Panda Security Mediacenter.