January feels like a reset. A new calendar. New goals. New habits. While you clean out your inbox, organize paperwork or set resolutions, however, scammers also hit reset, and they start with your personal data.

That is because January is one of the most important months for online privacy. This is when data brokers refresh profiles and scammers rebuild their target lists.

As a result, the longer your information stays online, the more complete and valuable your profile becomes. To help address this, institutions like the U.S. Department of the Treasury have released advisories urging people to stay vigilant and avoid data-related scams. 

For that reason, taking action early in the year can significantly reduce scam attempts, lower identity theft risks, and limit unwanted exposure for the rest of the year.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

STOP DATA BROKERS FROM SELLING YOUR INFORMATION ONLINE

Why personal data does not expire and keeps compounding online

Many people assume old information eventually becomes useless. Unfortunately, that’s not how data brokers work.

Data brokers don’t just store a snapshot of who you are today. They build living profiles that grow over time, pulling from:

• Public records (property sales, court filings, voter registrations)
• Retail purchases and loyalty programs
• App usage and location data
• Past addresses, phone numbers, and relatives
• Marketing databases and online activity.

Each year adds another layer. A new address. A changed phone number. A family connection. A retirement milestone. On its own, one data point doesn’t mean much. But together, they create a detailed identity profile that scammers can use to convincingly impersonate you. That’s why waiting makes things worse, not better.

Why scammers ‘rebuild’ targets at the start of the year

Scammers don’t randomly target people. They work from lists. At the beginning of the year, those lists get refreshed.

Why January matters so much:

• Data brokers update and resell profiles after year-end records close
• New public filings from the previous year become searchable
• Marketing databases reset campaigns and audience segments
• Scam networks repackage data into “fresh” target lists.

Think of it like the upcoming spring cleaning, except it’s criminals organizing identities to exploit for the next 12 months.

If your data is still widely exposed in January, you’re far more likely to:

Once your profile is flagged as responsive or profitable, it often stays in circulation.

Why taking action in January protects you all year long

Removing your data early isn’t just about stopping scams today; it’s about cutting off the supply chain that fuels them. When your information is removed from data broker databases:

• It’s harder for scammers to find accurate contact details
• Phishing messages become less convincing
• Impersonation attempts fail more often
• Your identity becomes less valuable to resell.

This has a compounding benefit in the opposite direction. The fewer lists you appear on in January, the fewer times your data gets reused, resold, and recycled throughout the year. That’s why I consistently recommend addressing data exposure before problems start, not after.

Why retirees and families feel the impact first

January is especially important for retirees and families because they’re more likely to become targets of fraud, scams, and other crimes.

Retirees often have:

• Long addresses and employment histories
• Stable credit profiles
• Fewer active credit applications
• Public retirement and property records

Families add another layer of risk:

• Relatives are linked together in broker profiles
• One exposed family member can expose others
• Shared addresses and phone plans increase visibility

Scammers know this. That’s why households with established financial histories are prioritized early in the year.

Why quick fixes don’t work

Many people try to “start fresh” in January by:

Those steps help, but they don’t remove your data from broker databases. Credit monitoring services alert you after something goes wrong. Password changes don’t affect public profiles. And unsubscribing doesn’t stop data resale. If your personal information is still sitting in hundreds of databases, scammers can find you.

The January privacy reset that actually works

If you want fewer scam attempts for the rest of the year, the most effective step is removing your personal data at the source.

You can do this in one of two ways. You can submit removal requests yourself, or you can use a professional data removal service to handle the process for you.

Removing your data yourself

Manually removing your data means identifying dozens or even hundreds of data broker websites, finding their opt-out forms and submitting removal requests one by one. You also need to verify your identity, track responses and repeat the process whenever your information reappears.

This approach works, but it requires time, organization, and ongoing follow-up.

Using a data removal service

A data removal service handles this process on your behalf. These services typically:

• Send legal data removal requests to large networks of data brokers
• Monitor for reposted information and submit follow-up removals
• Continue tracking your exposure throughout the year
• Manage a process that most people cannot realistically maintain on their own

Because these services handle sensitive personal information, it is important to choose one that follows strict security standards and uses verified removal methods.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

RETIREES LOSE MILLIONS TO FAKE HOLIDAY CHARITIES AS SCAMMERS EXPLOIT SEASONAL GENEROSITY

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

Kurt’s key takeaways

Scammers don’t wait for mistakes. They wait for exposed data. January is when profiles are refreshed, lists are rebuilt, and targets are chosen for the year ahead. The longer your personal information stays online, the more complete-and dangerous-your digital profile becomes. The good news? You can stop the cycle. Removing your data now reduces scam attempts, protects your identity, and gives you a quieter, safer year ahead. If you’re going to make one privacy move this year, make it early-and make it count.

Have you ever been surprised by how much of your personal information was already online? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report 
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter. 

Copyright 2025 CyberGuy.com. All rights reserved.

Towerborne, a side-scrolling action RPG published by Xbox Game Studios that has been available in early access, will officially launch on February 26th. But instead of launching as a free-to-play, always-on online game as originally planned, Towerborne is instead going to be a paid game that you can play offline.

“You will own the complete experience permanently, with offline play and online co-op,” Trisha Stouffer, CEO and president of Towerborne developer Stoic, says in an Xbox Wire blog post. “This change required deep structural rebuilding over the past year, transforming systems originally designed around constant connectivity. The result is a stronger, more accessible, and more player-friendly version of Towerborne — one we’re incredibly proud to bring to launch.”

“After listening to our community during Early Access and Game Preview, we learned players wanted a complete, polished experience without ongoing monetization mechanics,” according to an FAQ. “Moving to a premium model lets us deliver the full game upfront—no live-service grind, no pay-to-win systems—just the best version of Towerborne.”

With the popular live service games like Fortnite and Roblox getting harder to usurp, Towerborne’s switch to a premium, offline-playable experience could make it more enticing for players who don’t want to jump into another time-sucking forever game. It makes Towerborne more appealing to me, at least.

With the 1.0 release of the game, Towerborne will have a “complete” story, new bosses, and a “reworked” difficulty system. You’ll also be able to acquire all in-game cosmetics for free through gameplay, with “no more cosmetic purchasing.” Players who are already part of early access will still be able to play the game.

Towerborne will launch on February 26th on Xbox Series X / S, Xbox on PC, Game Pass, Steam, and PS5. The standard edition will cost $24.99, while the deluxe edition will cost $29.99.

Cybercriminals have found a clever new way to get phishing emails straight into inboxes.

Instead of spoofing brands, they are abusing real cloud tools that people already trust. Security researchers say attackers recently hijacked a legitimate email feature inside Google Cloud. 

The result was thousands of phishing messages that looked and felt like normal Google notifications. Many slipped past spam filters with ease.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – when you join my CYBERGUY.COM newsletter.

How this Google Cloud phishing attack worked

At the center of the campaign was Google Cloud Application Integration. This service allows businesses to send automated email notifications from workflows they build. Attackers exploited the Send Email task inside that system. Because the messages came from a real Google address, they appeared authentic to both users and security tools. 

According to Check Point, a global cybersecurity firm that tracks and analyzes large-scale threat campaigns, the emails were sent from a legitimate Google-owned address and closely matched Google’s notification style. Fonts, wording, and layout all looked familiar. Over a two-week period in December 2025, attackers sent more than 9,000 phishing emails targeting roughly 3,200 organizations across the U.S., Europe, Canada, Asia Pacific, and Latin America.

MALICIOUS CHROME EXTENSIONS CAUGHT STEALING SENSITIVE DATA

Why Google phishing emails were so convincing

The messages looked like routine workplace alerts. Some claimed you had received a voicemail. Others said you were granted access to a shared document, like a Q4 file. That sense of normalcy lowered suspicion. Many people are used to seeing these exact messages every day. Even more concerning, the emails bypassed common protections like SPF and DMARC because they were sent through Google-owned infrastructure. To email systems, nothing looked fake.

What happens after you click

The attack did not stop at the email. Once a victim clicked the link, they were sent to a page hosted on storage.cloud.google.com. That added another layer of trust. From there, the link redirected again to googleusercontent.com. Next came a fake CAPTCHA or image check. This step blocked automated security scanners while letting real users continue. After passing that screen, victims landed on a fake Microsoft login page hosted on a non-Microsoft domain. Any credentials entered there were captured by the attackers.

Who was targeted in the Google Cloud phishing attack

Check Point says the campaign focused heavily on industries that rely on automated alerts and shared documents. That included manufacturing, technology, finance, professional services, and retail. Other sectors like healthcare, education, government, energy, travel and media were also targeted. These environments see constant permission requests and file-sharing notices, which made the lures feel routine.

“We have blocked several phishing campaigns involving the misuse of an email notification feature within Google Cloud Application Integration,” a Google spokesperson told Cyberguy. “Importantly, this activity stemmed from the abuse of a workflow automation tool, not a compromise of Google’s infrastructure. While we have implemented protections to defend users against this specific attack, we encourage continued caution as malicious actors frequently attempt to spoof trusted brands. We are taking additional steps to prevent further misuse.”

The incident demonstrates how attackers can weaponize legitimate cloud automation tools without resorting to traditional spoofing.

Ways to stay safe from trusted-looking phishing emails

Phishing emails are getting harder to spot, especially when attackers abuse real cloud platforms like Google Cloud. These steps help reduce risk when emails look familiar and legitimate.

1) Slow down before acting on alerts

Attackers rely on urgency. Messages about voicemails, shared files or permission changes are designed to make you click fast. Pause before taking action. Ask yourself whether you were actually expecting that alert. If not, verify it another way.

2) Inspect links before you click

Always hover over links to preview the destination domain. In this campaign, links jumped across multiple trusted-looking Google domains before landing on a fake login page. If the final destination does not match the service asking you to sign in, close the page immediately.

3) Treat file access and permission emails with caution

Shared document alerts are a favorite lure because they feel routine at work. If an email claims you were granted access to a file you do not recognize, do not click directly from the message. Instead, open your browser and sign in to Google Drive or OneDrive manually to check for new files.

4) Use a password manager to catch fake login pages

Password managers can be a strong last line of defense. They will not autofill credentials on fake Microsoft or Google login pages hosted on non-official domains. If your password manager refuses to fill in a login, that is a red flag worth paying attention to.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

NEW GOOGLE AI MAKES ROBOTS SMARTER WITHOUT THE CLOUD

5) Run strong antivirus software with phishing protection

Modern antivirus tools do more than scan files. Many now detect malicious links, fake CAPTCHA pages, and credential harvesting sites in real time. Strong antivirus software can block phishing pages even after a click, which matters in multi-stage attacks like this one.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com.

6) Reduce your exposure with a data removal service

Phishing campaigns often succeed because attackers already know your email, employer or role. That information is commonly pulled from data broker sites. A data removal service helps remove your personal information from these databases, making it harder for attackers to craft convincing, targeted emails.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

7) Enable two-factor authentication (2FA) everywhere

Even if attackers steal your password, two-factor authentication (2FA) can stop them from accessing your account. Use app-based authentication or hardware keys when possible, especially for work email, cloud storage, and Microsoft accounts.

8) Report suspicious emails immediately

If something feels off, report it. Flag suspicious Google or Microsoft alerts to your IT or security team so they can warn others. Early reporting can stop a phishing campaign before it spreads further inside an organization.

Kurt’s key takeaways

This campaign highlights a growing shift in phishing tactics. Attackers no longer need to fake brands when they can abuse trusted cloud services directly. As automation becomes more common, security awareness matters more than ever. Even familiar emails deserve a second look, especially when they push urgency or ask for credentials.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

If a phishing email comes from a real Google address, how confident are you that you would spot it before clicking? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report 
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter. 

Copyright 2025 CyberGuy.com.  All rights reserved.