Anthropic just released Claude Fable 5, calling it the most powerful AI model it has ever made widely available and praising its skills in biology, among others. But the model won’t answer basic biology questions — the kind you’d expect a high schooler to handle. Instead, it hands off the query to the former flagship model, Claude Opus 4.8.
Technology
Hackers can steal money and make your bank account look intact
Hackers have become increasingly sophisticated in targeting bank accounts, sometimes stealing money without the account holder realizing it right away. This raises an unsettling concern among many: could someone actually drain your bank account while making it appear as though your balance remains untouched?
As Bruce from Phoenix asks, “Is it true that hackers can wipe out your bank account but make it look like the money is still there?”
The short answer is yes, though it’s rare and requires a high level of skill. Still, even the possibility is alarming, especially when you consider how easily people can fall victim to common tactics hackers use to gain access to accounts in the first place.
Join the FREE “CyberGuy Report”: Get my expert tech tips, critical security alerts and exclusive deals, plus instant access to my free “Ultimate Scam Survival Guide” when you sign up!
A hacker at work (Kurt “CyberGuy” Knutsson)
How do hackers access your bank account?
There’s a long list of methods cybercriminals use to get into people’s financial accounts, and most of them don’t involve “hacking” in the Hollywood sense. Instead, they rely on tricking you into handing over sensitive information. Here are some of the most common techniques.
Fake banking apps and mobile trojans: Some apps are designed to look exactly like your bank’s official app, but they’re actually fakes. If you enter your login info, it goes straight to the scammer. Even more advanced are mobile banking trojans, which hide inside seemingly unrelated apps. Once installed, the trojan watches for when you open your real banking app and then quickly overlays a fake login screen. If you type in your credentials, the trojan grabs them and sends them off to the attacker.
Phishing scams: Scammers send emails or texts that appear to be from your bank, asking you to verify a transaction or log in to resolve an issue. These messages often include links to websites that look identical to your bank’s site but are actually fakes. The giveaway is often a small detail, like a misspelled URL. For example, “captial0ne.com” instead of “capitalone.com.”
Keyloggers: Keyloggers are a type of malware that silently records everything you type. If one gets onto your device, it can capture your banking username, password and anything else you type, all without you knowing.
Man-in-the-middle attacks: These attacks happen when hackers intercept the data being transmitted between you and your bank’s website. This is especially risky if you’re on public Wi-Fi. You may think you’re logging in securely, but a hacker could be watching everything or even redirecting you to a fake version of your bank’s site.
SIM swapping: SIM swapping is where a scammer contacts your phone provider, pretends to be you and asks to transfer your number to a new SIM card. If successful, they receive your text messages, including any verification codes sent by your bank. This gives them access to your account, even if two-factor authentication is turned on.
A person using a bank card to shop via laptop (Kurt “CyberGuy” Knutsson)
SNEAKY SCAMMERS DRAIN BANK ACCOUNT IN SINISTER PHONE PHISHING SCHEME
Advanced account manipulation
This is where it gets unsettling. In rare cases, hackers can actually make it look like your bank balance hasn’t changed, even though they’ve already taken the money. How? By targeting the display layer of your banking app or web interface. If malware is installed on your device, it can manipulate what shows up on the screen. That means your balance might look normal, while your actual funds are long gone. This type of attack is extremely rare and usually requires access to a compromised or jailbroken device, but it’s technically possible and just sophisticated enough to delay you from realizing what happened.
Bank alert notification on smartphone (Kurt “CyberGuy” Knutsson)
PREVENTING THIS INSIDIOUS EMAIL FORWARDING SCAM THAT WILL DRAIN YOUR BANK ACCOUNT
8 steps to protect your bank account from sophisticated hackers
The good news? You don’t need to be a cybersecurity expert to protect yourself. Just following these key steps can dramatically reduce your risk.
1) Use official apps only: Cybercriminals will try to trick you with fake banking apps and mobile trojans that overlay fake login screens, so it’s critical to download banking apps exclusively from the Apple App Store or Google Play. Never install apps from links in emails or texts.
2) Turn on two-factor authentication (2FA): SIM-swapping attacks can hijack your phone number and intercept SMS codes, so enable app-based 2FA to block unauthorized logins even if hackers obtain your password.
3) Get text or app alerts: Hackers can manipulate your account’s display to hide stolen funds, so set up real-time transaction alerts to expose unauthorized withdrawals immediately, especially for microtransactions used to test your account.
4) Use strong, unique passwords: Phishing scams and keyloggers often harvest weak or reused credentials, so use a password manager to generate and store complex passwords. Get more details about my best expert-reviewed password managers of 2025 here.
5) Avoid clicking suspicious links and install strong antivirus software: Scammers impersonate banks with phishing emails/texts containing misspelled URLs (e.g., “captial0ne.com”), so always navigate directly to your bank’s official website or app instead of clicking embedded links. Strong antivirus software helps protect your devices from fake apps, keyloggers and other threats. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks of the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
6) Check your accounts regularly: Don’t just glance at your balance. Review recent transactions at least once a week to catch any suspicious activity.
7) Avoid public Wi-Fi for banking: Hackers exploit unsecured networks to launch man-in-the-middle attacks and spoof banking sites, so use a VPN to encrypt your connection if you must bank on public Wi-Fi. VPNs will protect you from those who want to track and identify your potential location and the websites that you visit. For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices.
8) Use a personal data removal service: Data brokers sell your contact details and personal information, which hackers can use for targeted phishing attacks or SIM swap scams. These services automatically remove your data from broker databases, reducing the risk of social engineering attempts that could compromise your bank account.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here.
GOT A BANK TRANSFER ALERT TEXT? IT MIGHT BE A SCAM. HERE’S WHAT TO DO
Kurt’s key takeaways
Hackers don’t need to break into your bank’s system; they just need to trick you. Whether it’s phishing, malware or SIM swaps, the goal is always the same: get access to your login and verification codes. Fortunately, you can make it much harder for them by using secure habits and staying alert. Your money belongs with you, not in the hands of a scammer.
Has this ever happened to you or someone you know? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
Bluesky will be getting “communities,” which will function as smaller spaces where you can “go deeper and hang out with people who care about the same stuff” sometime this year, according to head of product Alex Benzer. They will be built on the decentralized AT Protocol that underpins Bluesky, with Benzer saying that “it’s a new structure for everyone” that’s part of the “Atmosphere” (a shorthand for the AT Protocol ecosystem).
Benzer listed out a “few ideas we have in mind so far” in a thread. “On Bluesky, you’ll be able to create communities, join them, post in them, and get updates,” Benzer says. “The core features on Bluesky stay simple. The magic comes from communities also existing on the open web. This means you can truly customize them and add features with other Atmospheric apps and tools.”
Communities will get a handle that “doubles as a URL,” and if you go to that URL, you’ll “land on a custom homepage for the community,” according to Benzer. “Builders can also host a completely custom experience there instead.” There will be three privacy levels for communities: public, invite-only, and private. And each community would have its own feed, Benzer says.
Benzer’s thread follows Bluesky COO Rose Wang saying last week that the company wanted to move away from being a “public square” and that it was “very inspired by companies like Reddit.” Meta’s Threads is currently testing a communities feature, while X announced in April that it would be shutting down its own take on communities.
NEWYou can now listen to Fox News articles!
Amazon is getting ready for Prime Day, and you can bet scammers are, too. In fact, I received a fake Amazon email that looked like an account recovery warning. It claimed there was unusual activity on my account and pushed me to “Sign In to Verify.”
That kind of message can make anyone uneasy. It certainly did for me. After all, who wants to lose access to an account right before a major sale? Then came the part that really stood out: the email said I might need to upload a document to confirm my account.
That was the giveaway. A real deal can save you money. A fake Amazon email can cost you your login, your payment details and even your identity.
Here’s how this scam works, the red flags that exposed it and the steps you should take before clicking any Amazon account warning.
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
A fake Amazon account recovery email is targeting shoppers ahead of Prime Day, using urgency and document requests to steal sensitive information. (Photographer: David Paul Morris/Bloomberg via Getty Images)
Fake Amazon email warning before Prime Day
The timing made this phishing email more convincing. With Prime Day coming up, many people are already watching for Amazon emails. They may be checking delivery updates, deal alerts and order confirmations. That creates the perfect opening for a fake account warning.
The email used the same tricks you see in many phishing scams. It claimed there was account trouble, used urgent language and pushed me toward a sign-in button. That is exactly what scammers want.
Screenshot of scam fake Amazon email (Kurt “CyberGuy” Knutsson)
They want you to react before you inspect the message. They want you to sign in before you think through the request. And in this case, they wanted me to believe a document upload was part of a normal Amazon account check.
Amazon phishing scam red flags
This fake Amazon email had several warning signs. First, it landed in my junk folder. That alone does not prove fraud, but it should make you cautious.
Second, the subject line sounded awkward. It said, “Account Recovery: Sign-in and Verify your Amazon account.” That wording felt stiff and a little off.
Third, the greeting was generic. The email said “Dear Customer” even though it claimed to be about my Amazon account. That alone does not prove the email is fake, but it adds to the concern.
Fourth, the message created urgency. It claimed the account was on hold and that orders or subscriptions had already been canceled.
Fifth, the sender display name said “Amazon,” while the address appeared as account_update@amazon.com. That may look official at first. Still, scammers can spoof sender names or make email addresses look convincing.
Under the yellow “Sign In to Verify” button, the email also says, “Don’t share it with others.” That may sound protective, but in this context, it felt like another attempt to make the fake warning seem official.
The biggest warning sign came from the document request. The email said I would have the option to upload a document with the required information to verify the account.
That should stop you cold. Scammers may be after more than your Amazon password. They may also want your driver’s license, passport, address, phone number or payment details.
Screenshot of fake Amazon email sender address (Kurt “CyberGuy” Knutsson)
Why fake Amazon account emails fool shoppers
This scam works because it hits a very real fear. Most people do not want to lose access to an online shopping account. That concern grows when a big sale is about to start. If you are planning to buy something on Prime Day, an account warning can feel urgent.
The email also borrowed Amazon’s familiar look. It used the Amazon name, a logo area and a yellow sign-in button. It also included a footer that appeared to show an Amazon.com link. That can make the message feel safer than it really is.
Here is the problem. The visible link text in an email can mislead you. A link can appear to point to Amazon while sending you somewhere else. It can also pass through tracking links, redirects or look-alike pages. That is why you should avoid signing in through any account warning email.
120,000 FAKE SITES FUEL AMAZON PRIME DAY SCAMS
Scammers are impersonating Amazon with convincing account alerts designed to capture login credentials, payment details and personal documents. (Photographer: Michael Nagle/Bloomberg via Getty Images)
What happens if you click a fake Amazon link
If you click the link, you may land on a fake Amazon sign-in page. It may look close enough to fool you. Once you enter your email and password, scammers can try to access your real Amazon account. They may check your saved payment methods, shipping addresses and order history.
They may also try that same password on other websites. That becomes a bigger risk if you reuse passwords.
The document request adds another layer of danger. If a fake page asks for your ID, scammers could use that information for identity theft, account takeovers or other fraud. That is why one quick click can turn into a much bigger mess.
Ways to stay safe from fake Amazon emails
A fake Amazon email can look convincing at first, so the best move is to slow down and use these simple checks before you click, sign in or share anything.
1) Do not click the sign-in button
Skip buttons like “Sign In to Verify,” “View details” or “Restore access.” Open the Amazon app or type Amazon.com into your browser yourself.
2) Check Amazon’s Message Center
After signing in directly, go to Your Account > Message Center. If the alert is real, you should see a matching message there.
3) Watch for pressure language
Scammers often say your account is locked, your orders were canceled, or you must act right away. That pressure is designed to make you click before thinking.
4) Never upload ID through an email link
If an email asks for a passport, driver’s license or other document, stop. Contact Amazon through the app or website before sending anything.
5) Use a password manager
A password manager can help you spot fake login pages. If the page is fake, your saved Amazon password usually will not autofill. Check out the best expert-reviewed password managers of 2026 at CyberGuy.com.
6) Turn on two-step verification
7) Use strong antivirus software
Install strong antivirus software on your computer, phone and tablet. Good security software can help detect malicious links, phishing pages, malware and other threats before they do damage. This is especially important if you clicked a suspicious link or downloaded anything from a fake email. Security software should back up your smart habits, not replace them. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com.
8) Use a data removal service
Scammers often build more convincing attacks with information they find about you online. That can include your name, address, phone number, relatives, old usernames and other personal details from people-search sites and data brokers. A data removal service can help remove your personal information from many of those sites. That makes it harder for scammers to personalize phishing emails and identity theft attempts. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.
9) Report the suspicious email
Forward suspicious Amazon emails to reportascam@amazon.com. Then delete the message from your inbox or junk folder.
JANUARY SCAMS SURGE: WHY FRAUD SPIKES AT THE START OF THE YEAR
Cybersecurity experts warn consumers to avoid clicking links in Amazon account warning emails and verify alerts directly through Amazon. (David Paul Morris/Bloomberg via Getty Images)
Kurt’s key takeaways
Prime Day is a great time to find real deals, but it is also a busy season for fake Amazon emails. Scammers know shoppers are checking delivery updates, watching for discounts and hoping nothing gets in the way of a good buy. That is what made this email so sneaky. It used a familiar fear at the perfect moment: losing access to your account right before a major sale. The safest move is to slow down before you click. Do not trust the button. Do not trust the sender name alone. Open the Amazon app or type Amazon.com into your browser and check your account yourself.
Have you ever received an email that looked official enough to make you click, and what finally made you stop? Let us know by writing to us at CyberGuy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
HOW TO DETECT FAKE AMAZON EMAILS AND AVOID IMPERSONATION SCAMS
Copyright 2026 CyberGuy.com. All rights reserved.
It isn’t because Fable doesn’t know the answers. It’s because Anthropic won’t let it, by design.
Fable is a public-facing, Mythos-class model, a family so capable at cybersecurity tasks Anthropic said it was too dangerous to release publicly. But while Anthropic has spent much of the extended Mythos rollout warning about cybersecurity, it is biology where Fable’s guardrails are the most obvious — and most limiting.
When I tried the model, it refused to answer a range of basic biology questions, many that felt about as far away from any plausible safety risk as any question could be. It would not respond to “tell me about cell membranes” or answer “what are mitochondria,” that famous powerhouse of the cell. It refused to explain “what is a prion,” the proteinaceous particles behind mad cow disease, or “how mRNA vaccines work.”
“We made this tradeoff so customers could benefit from the model’s capabilities sooner without the risks.”
The restrictions applied to ordinary and objectively rather harmless medical queries too. Fable would not answer “what causes hay fever,” explain how asthma medicine works, explain how antibiotic resistance arises, or tell me what Ebola is and how it spreads. Some of my basic queries occasionally got through, with Fable answering questions like “what is cancer” and “what is DNA.” When Fable refused, Opus 4.8 generally answered perfectly well.
Anthropic says the broad biology filters are an intentional choice and are deliberately conservative, with bioweapons the primary concern. “With the launch of Claude Fable 5, our first Mythos-class model, we believe models now have a greater ability to accomplish real-world scientific tasks and for malicious actors to potentially use our models for highly risky biological research,” spokesperson Paruul Maheshwary told The Verge. “We have always used classifiers to block our models from helping with bioweapons-related requests. To deploy Fable 5 safely, we believe it was necessary to be overly conservative with our safeguards so they block most queries tied to biology work.”
Anthropic has previously highlighted four key areas where it would throttle Fable’s responses for safety: chemistry, biology, cybersecurity, and distillation, a technique for training smaller AIs using the outputs of larger ones. The company has accused Chinese rivals like DeepSeek of using distillation on its models on an “industrial” scale.
While I could not meaningfully test distillation, Fable seemed more willing to answer questions about chemistry and cybersecurity. For example, it gave a basic overview of the explosive TNT, though withheld synthesis instructions “for obvious reasons.” It readily answered questions on the use of chlorine gas as a chemical weapon, common password threats, and nuclear fusion and fission, as well as explaining how to secure an iPhone from hackers. It still limits: Fable deferred to Opus when I asked it about sarin gas, a highly toxic nerve agent. Fable and Opus both refused the prompt “how to make anthrax,” and Claude paused the chat entirely. That made sense. The mitochondria prompt refusal seems like a false positive.
“We made this tradeoff so customers could benefit from the model’s capabilities sooner without the risks,” Maheshwary explained, adding that Anthropic is working hard to improve its detection and reduce the false positives. “We intend to make Mythos-class models available without these safeguards to the broader biology and life sciences community so these capabilities can be used to accelerate biomedical research and drug discovery.”
Anthropic did not answer questions about whether this kind of restricted release will become the new norm for future models.
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
-
San Diego, CA3 minutes agoPadres minors: Jhony Brito solid in El Paso start, Kerrington Cross leads Storm to win
-
Milwaukee, WI6 minutes agoMilwaukee Music Premiere: Wisconsin Space Program, ‘Time Machine’
-
Atlanta, GA18 minutes agoAtlanta World Cup: Additional watch parties in metro Atlanta
-
Minneapolis, MN20 minutes agoOperation Metro Surge cost Minneapolis $700M, city estimates
-
Indianapolis, IN26 minutes agoWhen is 60th annual Indianapolis Strawberry Festival? Date, time, strawberry shortcake prices
-
Pittsburg, PA33 minutes agoThese teachers around Pittsburgh had highs and lows in their first years. Here’s why they’re coming back.
-
Augusta, GA36 minutes agoDeadly Augusta case highlights ongoing concerns about domestic violence across the CSRA
-
Washington, D.C41 minutes agoHEAT ALERT issued for DC through June 13 — here’s how to stay cool
