Technology

New email scam uses hidden characters to slip past filters

Published

1 month ago

December 2, 2025

New email scam uses hidden characters to slip past filters

NEWYou can now listen to Fox News articles!

Cybercriminals keep finding new angles to get your attention, and email remains one of their favorite tools. Over the years, you have probably seen everything from fake courier notices to AI-generated scams that feel surprisingly polished. Filters have improved, but attackers have learned to adapt. The latest technique takes aim at something you rarely think about: the subject line itself. Researchers have found a method that hides tiny, invisible characters inside the subject so automated systems fail to flag the message. It sounds subtle, but it is quickly becoming a serious problem.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

NEW SCAM SENDS FAKE MICROSOFT 365 LOGIN PAGES

Cybercriminals are using invisible Unicode characters to disguise phishing email subject lines, allowing dangerous scams to slip past filters. (Photo by Donato Fasano/Getty Images)

How the new trick works

Researchers recently uncovered phishing campaigns that embed soft hyphens between every letter of an email subject. These are invisible Unicode characters that normally help with text formatting. They do not show up in your inbox, but they completely throw off keyword-based filters. Attackers use MIME encoded-word formatting to slip these characters into the subject. By encoding it in UTF-8 and Base64, they can weave these hidden characters through the entire phrase.

One analyzed email decoded to “Your Password is About to Expire” with a soft hyphen tucked between every character. To you, it looks normal. To a security filter, it looks scrambled, with no clear keyword to match. The attackers then use the same trick in the body of the email, so both layers slide through detection. The link leads to a fake login page sitting on a compromised domain, designed to harvest your credentials.

If you have ever tried spotting a phishing email, this one still follows the usual script. It builds urgency, claims something is about to expire and points you to a login page. The difference is in how neatly it dodges the filters you trust.

Why this phishing technique is super dangerous

Most phishing filters rely on pattern recognition. They look for suspicious words, common phrases and structure. They also scan for known malicious domains. By splitting every character with invisible symbols, attackers break up these patterns. The text becomes readable for you but unreadable for automated systems. This creates a quiet loophole where old phishing templates suddenly become effective again.

The worrying part is how easy this method is to copy. The tools needed to encode these messages are widely available. Attackers can automate the process and churn out bulk campaigns with little extra effort. Since the characters are invisible in most email clients, even tech-savvy users do not notice anything odd at first glance.

Security researchers point out that this method has appeared in email bodies for years, but using it in the subject line is less common. That makes it harder for existing filters to catch. Subject lines also play a key role in shaping your first impression. If the subject looks familiar and urgent, you are more likely to open the email, which gives the attacker a head start.

How to spot a phishing email before you click

Phishing emails often look legitimate, but the links inside them tell a different story. Scammers hide dangerous URLs behind familiar-looking text, hoping you will click without checking. One safe way to preview a link is by using a private email service that shows the real destination before your browser loads it.

Our top-rated private email provider recommendation includes malicious link protection that reveals full URLs before opening them. This gives you a clear view of where a link leads before anything can harm your device. It also offers strong privacy features like no ads, no tracking, encrypted messages and unlimited disposable aliases.

For recommendations on private and secure email providers, visit Cyberguy.com

PAYROLL SCAM HITS US UNIVERSITIES AS PHISHING WAVE TRICKS STAFF

A new phishing method hides soft hyphens inside subject lines, scrambling keyword detection while appearing normal to users. (Photo by Silas Stein/picture alliance via Getty Images)

9 steps you can take to protect yourself from this phishing scam

You do not need to become a security expert to stay safe. A few habits, paired with the right tools, can shut down most phishing attempts before they have a chance to work.

1) Use a password manager

A password manager helps you create strong, unique passwords for every account. Even if a phishing email fools you, the attacker cannot use your password elsewhere because each one is different. Most password managers also warn you when a site looks suspicious.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

2) Enable two-factor authentication

Turning on 2FA adds a second step to your login process. Even if someone steals your password, they still need the verification code on your phone. This stops most phishing attempts from going any further.

3) Install a reliable antivirus software

Strong antivirus software does more than scan for malware. Many can flag unsafe pages, block suspicious redirects and warn you before you enter your details on a fake login page. It is a simple layer of protection that helps a lot when an email slips past filters.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com.

4) Limit your personal data online

Attackers often tailor phishing messages using information they find about you. Reducing your digital footprint makes it harder for them to craft emails that feel convincing. You can use personal data removal services to clean up exposed details and old database leaks.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

AI FLAW LEAKED GMAIL DATA BEFORE OPENAI PATCH

Researchers warn that attackers are bypassing email defenses by manipulating encoded subject lines with unseen characters. (Photo by Lisa Forster/picture alliance via Getty Images)

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

5) Check sender details carefully

Do not rely on the display name. Always check the full email address. Attackers often tweak domain names by a single letter or symbol. If something feels off, open the site manually instead of clicking any link inside the email.

6) Never reset passwords through email links

If you get an email claiming your password will expire, do not click the link. Go to the website directly and check your account settings. Phishing emails rely on urgency. Slowing down and confirming the issue yourself removes that pressure.

7) Keep your software and browser updated

Updates often include security fixes that help block malicious scripts and unsafe redirects. Attackers take advantage of older systems because they are easier to trick. Staying updated keeps you ahead of known weaknesses.

8) Turn on advanced spam filtering or “strict” filtering

Many email providers (Gmail, Outlook, Yahoo) allow you to tighten spam filtering settings. This won’t catch every soft-hyphen scam, but it improves your odds and reduces risky emails overall.

9) Use a browser with anti-phishing protection

Chrome, Safari, Firefox, Brave, and Edge all include anti-phishing checks. This adds another safety net if you accidentally click a bad link.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt’s key takeaway

Phishing attacks are changing fast, and tricks like invisible characters show how creative attackers are getting. It’s safe to say filters and scanners are also improving, but they cannot catch everything, especially when the text they see is not the same as what you see. Staying safe comes down to a mix of good habits, the right tools, and a little skepticism whenever an email pushes you to act quickly. If you slow down, double-check the details, and follow the steps that strengthen your accounts, you make it much harder for anyone to fool you.

Do you trust your email filters, or do you double-check suspicious messages yourself? Let us know by writing to us at Cyberguy.com.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Related Topics:cybercrime email Featured Privacy

Click to comment

Technology

Power bank feature creep is out of control

Published

7 hours ago

January 6, 2026

Press Room

Power bank feature creep is out of control

There was a time not too long ago when buying a power bank was as easy as choosing the cheapest portable battery that could charge your phone and quickly slip into your pocket, purse, or backpack. The hardest part was deciding whether it was time to ditch USB-A ports.

Recently, however, brands have been slathering on features, many of which are superfluous, in an attempt to both stand out from the commodified pack and justify higher price points. It’s especially prevalent amongst the bigger power banks that can also charge laptops, those that butt right up to the “airline friendly” 99Wh (around 27,650mAh) size limit.

At CES 2026, we’re seeing a trend towards power banks with integrated cables, which is very convenient. But a similar trend to slap large, energy-sapping displays onto these portable batteries is just silly. And that’s just the start of the atrocities witnessed in recent months.

EcoFlow’s modular accessories are easy to lose and that big display sucks power, is difficult to navigate, and requires a screensaver.

Image: EcoFlow

The power bank that pushed things over the edge for me is the $270 EcoFlow Rapid Pro X Power Bank 27k that I received for review. Here’s my review: it’s bad. Do. Not. Buy. As a power bank, it tries too hard to do too much, making it too expensive, too big, too slow, and too heavy.

The snap-on decorative faceplates are ridiculous and the proprietary magnetic modules for its Apple Watch charger and retractable USB-C cable are too easy to misplace.

The giant display EcoFlow uses scratches easily and is too dim to easily read outdoors. The confusing UX on the Rapid Pro X model is especially offensive in its touch-sensitive clumsiness. Nobody needs a display that takes 30 seconds to wake up from sleep and plays swirly graphics and blinking eyeballs when awake, slowly sapping the power bank’s energy reserves. The fact that it has a screensaver tells me that the product team completely lost the plot.

Anker’s also guilty of putting large displays onto its power banks. Most people don’t need anything more than four dots to show the remaining capacity, but it’s becoming increasingly difficult to buy a power bank without a colorful LCD display. In the 20,000mAh range, Anker doesn’t even list a display-less model anymore. I, like many Verge readers, love to see the actually wattage pumping in and out of those ports — but the vast majority of people have no need for that.

Anker’s fast-charging, proprietary dock upsell.

Image: Anker

Anker, like EcoFlow, also offers power banks with proprietary pogo-pin connectors, Both companies use those connectors to lure owners into buying expensive desk chargers that don’t work with anything else. Those extra-fast charging speeds are unlikely to justify the premium expense for most people.

Most people, even tech savvy Verge readers, don’t even need a power bank that can output 140W of power delivery over USB-C. The majority of non-gaming laptops require 65W or less. And the primary computing device for most people — the phone — only requires about 20W.

We certainly don’t need power banks with built-in hotspots when that’s already built into our Android and iOS phones. Baseus made one anyway.

Bluetooth and Wi-Fi connectivity are becoming a common feature in some flagship power banks. I’m all for remotely monitoring massive power stations used to power off-grid homes and campers, but not a portable power bank that’s charging the phone in your hand or is plugged into a nearby wall jack.

The phone you’re charging also has a flashlight.

Image: Pangootek

We also don’t need integrated flashlights. Why random Amazon brand, why?

All these extra “features” just add weight, size, and cost to power banks. They also increase the risk that something will go wrong on a device that’s meant to always be with you and just work when you need it. And power banks don’t need any extra help justifying a recall.

Kickstands and integrated cables are useful features I’ll pay extra for.

Image: Kuxiu

One power bank trend I can get behind is integrated cables like the retractable version found on EcoFlow’s Rapid Pro Power Bank 27k (note the lack of “X” in the name). Always having a properly specced cable that matches the device’s max input and output is super convenient. I like that Kuxiu’s S3 MagSafe power bank, for example, neatly wraps the cable around the chassis to plug into a hidden USB-C jack. That way the cable can be replaced if it frays or breaks.

I’m also a fan of adding kickstands to MagSafe power banks that prop phones up at your preferred angle for extended viewing or recording. More importantly, a few companies are now adopting semi-solid state chemistry that makes their power banks less susceptible to thermal runaway, which was an industry plague in 2025. They cost more to buy, but they’re cheaper to own over their extended lifetimes.

Sharge’s counter argument to everything I’ve written.

Image: Sharge

I can’t help but enjoy the look of Sharge’s Retractable 3-in-1 Power Bank, even though its integrated wall outlet and underwhelming specs for a battery pack of this size and price completely undercuts my entire argument. I’m a sucker for Braun design, forgive me!

Basic power banks like Anker’s PowerCore 10k are a rarity these days.

Image: Anker

There are still basic power banks available that charge phones and even laptops without too much feature creep and attempted upsell. If all you want is to charge your phone then there’s Anker’s trusty $26 PowerCore 10k or, if you’re feeling fancy, Nitecore’s $65 NB10000 Gen 3 Ultra-Slim USB-C Power Bank. If you also want to charge laptops then you might consider INIU’s delightfully named Cougar P64-E1 Power Bank Fastest 140W 25000mAh for $90, or even Belkin’s more capable $150 UltraCharge Pro Laptop Power Bank 27K coming in March.

The fastest and most powerful power banks with lots of gee-whiz features will often generate headlines for pushing the envelope of what’s possible. But the “best” power bank might not be best for you, when basic affordability is all you really need.

Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.

Thomas Ricker

Technology

How to send free digital invitations on iPhone

Published

7 hours ago

January 6, 2026

Press Room

How to send free digital invitations on iPhone

NEWYou can now listen to Fox News articles!

Creating invitations should feel easy, not stressful. Apple’s Invites app makes it simple to create free digital invitations with built-in RSVP tools, even if your guests do not use iPhones.

You can design the invite, track responses, and share photos after the event, all from your iPhone. Below is a clear step-by-step guide with exact instructions so you can get it right the first time.

Oh, and if you want more options beyond Apple’s Invites app, we also cover the best invitation apps for both iPhone and Android.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

HOW TO SHARE YOUR ESTIMATED ARRIVAL TIME ON IPHONE AND ANDROID

Apple’s Invites app lets users create free digital invitations with built-in RSVP tools directly from an iPhone, making event planning faster and easier. (Katharina Kausche/picture alliance via Getty Images)

Why Apple Invites makes event planning easier

Apple Invites keeps everything in one place. You design the invite, manage RSVPs and share memories without switching apps. You can:

Create invitations for parties, meetings and family events
Let guests RSVP from any device
Share photos, playlists and links after the event

Apple Invites system requirements

Before you start, confirm these basics. You need:

An iPhone running iOS 18 or newer
An iCloud+ subscription to create invitations

Guests can view and RSVP without an iCloud+ subscription. The steps in this article were tested on an iPhone 15 Pro Max running iOS 26.2.

Download Apple Invites from the App Store

First, install the Apple Invites app.

Open the App Store.
Search for Apple Invites.
Download the app named Apple Invites to avoid confusion.

Open the Invites app after installation.

How to create a free digital invitation with RSVP on iPhone

You are now ready to build your invitation.

Start a new invitation in Apple Invites

Open the Invites app.
If this is your first time, tap Create Invitation.

If you have created invites before, tap the plus icon in the top corner.

Add a background image to your invitation

Tap Add Background.
Choose one option:PhotosCameraPlayground using Apple Intelligence on supported modelsYou can also select Emoji, Photographic or Color backgrounds.
Photos
Camera
Playground using Apple Intelligence on supported models
You can also select Emoji, Photographic or Color backgrounds.

Grant photo or camera access if prompted.

Add event details like title, date and location

Next, fill in the key information.

Tap Event Title and enter the name of your event.Choose from four available fonts.
Choose from four available fonts.
Tap Date and Time.Select a start and end time or mark the event as all day.
Select a start and end time or mark the event as all day.
Tap Location.Enable Location Services if prompted.
Enable Location Services if prompted.
Tap Add a Description to include event details or notes.

If you add both a date and a location, the app automatically shows:

The weather forecast for that day
A Maps link with directions

Add optional features like photos, links and playlists

You can add several optional features to enhance your invitation.

Add a shared photo album so guests can view and upload photos by tapping Create Album
Add a website link, such as a gift registry, by tapping Add a Link
Add a shared Apple Music playlist guests can listen to and add songs to by tapping Add Playlist

Add a Tile to bundle photos, playlists or links in one place by tapping Add Tile

Preview and create your invitation

Before sending, review everything.

Tap Preview.
Review how the invitation will look to guests.
Tap Next in the upper-right corner.
Wait a few seconds while the invite is created.

NEVER LOSE YOUR CAR WITH MAPS PARKING TOOLS

Apple Invites allows hosts to design invites, track guest responses and share photos without requiring guests to own an iPhone. (Nikolas Kokovlis/NurPhoto via Getty Images)

How to send invitations and manage RSVPs on iPhone

Once your invitation is live, you can share it in two different ways.

Invite guests using a public link

Under Invite with Public Link, choose how you want to share the link:MessagesMailShare LinkCopy Link
Messages
Mail
Share Link
Copy Link
Toggle Approve Guests on if you want to review RSVPs before guests are added.
Leave Approve Guests off to allow anyone with the link to RSVP automatically.

Guests who accept the invite will appear in your guest list.

Invite guests individually

Scroll to Invite Individuals.
Tap Choose a Guest.
Then you’ll be prompted to access your contacts and click Continue.
Click Select Contacts
Select only the contacts you want to include for this invitation and click Continue
Tap Allow Selected Contacts
Select a contact to send a one-time invite link.
Then click Messages, Mail or Share Link

This option sends a unique link to a single guest.

Guests can RSVP even if they do not own an iPhone.

How to send invitations and manage RSVPs on iPhone

Once your invitation is live, you can share it in two different ways.

Invite guests using a public link

Under Invite with Public Link, choose how you want to share the link:MessagesMailShare LinkCopy Link
Messages
Mail
Share Link
Copy Link
Toggle Approve Guests on if you want to review RSVPs before guests are added.
Leave Approve Guests off to allow anyone with the link to RSVP automatically.

Guests who accept the invite will appear in your guest list.

Invite guests individually

Scroll to Invite Individuals.
Tap Choose a Guest.
Then you’ll be prompted to access your contacts and click Continue.
Click Select Contacts
Select only the contacts you want to include for this invitation and click Continue
Tap Allow Selected Contacts
Select a contact to send a one-time invite link.
Then click Messages, Mail or Share Link

This option sends a unique link to a single guest.

Guests can RSVP even if they do not own an iPhone.

Manage event settings and RSVP notifications

You stay in control after sending.

Tap the Settings icon inside the invite.
Adjust guest permissions and RSVP options.
Enable notifications to receive alerts when guests respond.
Set plus one limits or block additional guests if needed.

Your invitation appears on the app home screen under Upcoming.

Edit an invite after sending it

Plans change, and edits are allowed.

Open the invite from the Upcoming list.
Tap the More Button (three horizontal dots in the upper-right corner)
Click Edit to update details.
Changes sync automatically for guests.

5 BEST APPS TO USE ON CHATGPT RIGHT NOW

With Apple Invites, users can manage event details, RSVPs and shared content all in one place using iOS 18 or newer. (Nikolas Kokovlis/NurPhoto via Getty Images)

Pro tip: duplicate invitations for recurring events

If you host a recurring event, such as a book club, save time.

Open an existing invitation.
Tap the More button. (three horizontal dots in the upper-right corner)
Select Duplicate.
Adjust the date, time or details as needed.

Take my quiz: How safe is your online security?

Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt’s key takeaways

Apple Invites makes event planning feel simple again. You can create free digital invitations, send them in seconds and track RSVPs without chasing people down. Everything lives in one place, from guest lists to shared photos, which saves time and reduces stress. Best of all, guests do not need an iPhone to respond. That makes Apple Invites practical for real life, not just Apple users. Whether you are planning a birthday, a family dinner, or a casual meetup, this app helps you focus on the event rather than the logistics.

Would you consider replacing paper invites or group texts with Apple Invites, or are you still planning events the old way? Let us know by writing to us at Cyberguy.com.

Technology

Nvidia’s GeForce Now is getting native Linux and Fire TV apps

Published

19 hours ago

January 6, 2026

Press Room

Nvidia’s GeForce Now is getting native Linux and Fire TV apps

Nvidia’s RTX 5080 rollout for its GeForce Now cloud gaming service is now complete, so it’s ready to announce some additional features for subscribers. In the coming months, Nvidia is planning to launch native GeForce Now apps for Linux and Amazon’s Fire TV devices, alongside flight control support for its cloud gaming service.

The native Linux app is a highly requested feature for GeForce Now, especially as subscribers have had to rely on unofficial apps or browser tweaks to get access to the service. A beta of GeForce Now for Linux will be available initially for Ubuntu 24.04 and newer soon, nearly a year after Nvidia made it easier to access GeForce Now on the Linux-based SteamOS.

“Right now, the GeForce Now Linux app is going to launch first as a beta on Ubuntu 24.04 primarily because this is a long-term support release that enables stable graphics drivers and consistent system libraries,” says Michael McSorley, product marketing manager at Nvidia, in a briefing with The Verge. “As we continually test the app, we’re going to be expanding formal support to additional [Linux] distributions in the coming weeks.”

Nvidia is also further expanding GeForce Now into the living room with support for Amazon Fire TV devices. The app will launch early this year for Fire TV Stick 4K Plus and 4K Max initially, allowing owners to stream PC games to their TV with just a controller.

If you’re a fan of Microsoft Flight Simulator, Nvidia is also introducing full flight control support for GeForce Now so that devices from Thrustmaster and Logitech will work on its cloud gaming service. That means you can connect a joystick or yoke to an underpowered laptop and stream a copy of Microsoft Flight Simulator 2024 with the controls all working in the game.

Nvidia is also enabling automatic sign-in for Battle.net accounts on GeForce Now this week, with Gaijin.net account support soon. And if you’re wondering when GeForce Now will finally launch in India, as Nvidia promised last year, it has been delayed to “sometime in Q1, 2026,” according to McSorley.