Hi, friends! Welcome to Installer No. 124, your guide to the best and Verge-iest stuff in the world. (If you’re new here, welcome, send me your Coachella fits, and also you can read all the old editions at the Installer homepage.)
Technology
New scam sends fake Microsoft 365 login pages
NEWYou can now listen to Fox News articles!
Attackers have a new tool that targets Microsoft 365 users at a massive scale.
Security researchers say a phishing platform called Quantum Route Redirect, or QRR, is behind a growing wave of fake login pages hosted on nearly 1,000 domains. These pages look real enough to fool many users while also slipping past some automated scanners.
QRR runs realistic email lures that mimic DocuSign requests, payment notices, voicemail alerts or QR-code prompts. Each message routes victims to a fake Microsoft 365 login page built to harvest usernames and passwords. The kit often lives on parked or compromised legitimate domains that add a false sense of safety for anyone who clicks.
Researchers tracked QRR in 90 countries. About 76% of attacks hit US users. That scale makes QRR one of the largest phishing operations active right now.
WINDOWS 10 USERS FACE RANSOMWARE NIGHTMARE AS MICROSOFT SUPPORT ENDS IN 2025 WORLDWIDE
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
Attackers use fake Microsoft security alerts to trick people into entering their Microsoft 365 passwords. (Chona Kasinger/Bloomberg via Getty Images)
A fast follow to other major Microsoft credential attacks
QRR appeared soon after Microsoft disrupted a major phishing network known as RaccoonO365. That service sold ready-made Microsoft login copies used to steal more than 5,000 sets of credentials, including accounts tied to over 20 US healthcare organizations. Subscribers paid as little as $12 a day to send thousands of phishing emails.
Microsoft’s Digital Crimes Unit later shut down 338 related websites and identified Joshua Ogundipe from Nigeria as the operator. Investigators tied him to the phishing code and a crypto wallet that earned more than $100,000. Microsoft and Health-ISAC have since filed a lawsuit in New York that accuses him of multiple cybercrime violations.
Other recent examples include kits like VoidProxy, Darcula, Morphing Meerkat and Tycoon2FA. QRR builds on these tools with automation, bot filtering and a dashboard that helps attackers run large campaigns fast.
What makes QRR so effective
QRR uses about 1,000 domains. Many are real sites that were parked or compromised, which helps the pages pass as legitimate. The URLs also follow a predictable pattern that can look normal to users at a glance.
The kit includes automated filtering that detects bots. It sends scanners to harmless pages and sends real people to the credential-harvesting site. Attackers can manage campaigns inside a control panel that logs traffic and activity. These features let them scale up quickly without technical skill.
Security analysts say organizations can no longer depend on URL scanning alone. Layered defenses and behavioral analysis have become essential for spotting threats that use domain rotation and automated evasion.
Microsoft was contacted by CyberGuy for comment but did not have anything to add at this time.
HACKERS FIND A WAY AROUND BUILT-IN WINDOWS PROTECTIONS
Why this matters for Microsoft 365 users
When attackers get your Microsoft 365 login, they can see your email, grab files and even send new phishing messages that look like they came from you. That can create a chain reaction that spreads fast. This is why the steps below all work together to block these threats before they turn into something bigger.
Steps to stay safe from QRR and other Microsoft 365 phishing attacks
Use these simple actions to shrink the risk from fake Microsoft 365 pages and look-alike emails.
1) Check the sender before you click
Take a second to look at who the email is really from. A slight misspelling, an unexpected attachment or wording that feels off is a big clue the message may be fake.
2) Hover over links first
Before you open any link, hover your mouse over it to preview the URL. If it does not lead to the official Microsoft login page or looks odd in any way, skip it.
3) Turn on multifactor authentication (MFA)
MFA adds an extra layer adds an extra layer that makes it much harder for attackers to break in even if they have your password. Use options like app-based codes or hardware keys so phishing kits cannot bypass them.
4) Use a data removal service
Attackers often gather personal details from data broker sites to craft convincing phishing emails. A trusted data removal service scrubs your information from these sites, which cuts down on targeted scams and makes it harder for criminals to tailor fake Microsoft alerts that look real.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
QRR hides its phishing pages across nearly 1,000 domains, making the fake login screens look convincing at first glance. (Microsoft)
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
5) Update your browser and apps
Keep everything on your device up to date. Updates seal off security holes that attackers often rely on when building phishing kits like QRR.
6) Never click unknown links and use strong antivirus software
If you need to visit a sensitive site, type the address into your browser instead of tapping a link. Strong antivirus tools also help by warning you about fake websites and blocking scripts that phishing kits use to steal login details.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
MICROSOFT SOUNDS ALARM AS HACKERS TURN TEAMS PLATFORM INTO ‘REAL-WORLD DANGERS’ FOR USERS
7) Use advanced spam filtering
Most email providers offer stronger filtering settings that block risky messages before they reach you. Turn on the highest level your account allows to keep more fake Microsoft alerts out of your inbox.
8) Watch for login alerts
Turn on Microsoft account sign-in notifications so you get an alert anytime someone tries to access your account. To do this, sign in to your Microsoft account online, open Security, choose Advanced security options and switch on Sign-in alerts for any suspicious activity.
Strong sign-in alerts and phishing-resistant MFA help block these scams before criminals can take over your account. (Drew Angerer/Getty Images)
Kurt’s key takeaways
QRR is a reminder of how quickly scammers change their tactics. Tools like this make it easy for criminals to send huge waves of fake Microsoft emails that look real at first glance. The good news is that a few smart habits can put you a step ahead. When you add stronger sign-in protection, turn on alerts and stay aware of the newest tricks, you make it much harder for attackers to sneak in.
Do you think most people can tell the difference between a real Microsoft login page and a fake one, or have phishing kits become too convincing? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
According to Nikkei Asia, even as suppliers ramp up DRAM production, manufacturers are only expected to meet 60 percent of demand by the end of 2027. SK Group chairman has even said that shortages could last until 2030.
The world’s largest memory makers — Samsung, SK Hynix, and Micron — are all working to add new fabrication capacity, but almost none of it will be online until at least 2027, if not 2028. SK opened a fab in Cheongju in February, but that is the only increase in production among the three for 2026.
Nikkei says that production would need to increase by 12 percent a year in 2026 and 2027 to meet demand. But according to Counterpoint Research, an increase of only 7.5 percent is planned.
The new facilities will primarily focus on producing high-bandwidth memory (HBM), which is used in AI data centers. With the companies already prioritizing HBM over general-purpose DRAM used in computers and phones, it’s not clear how much these new fabs will help alleviate the price crunch facing consumer electronics. Everything from phones and laptops, to VR headsets and gaming handhelds have seen price increases due to the RAM shortage.
NEWYou can now listen to Fox News articles!
Most people assume scammers need to hack something. A database. A password. A bank system. They don’t.
In most cases, everything a scammer needs to target you is already sitting online, publicly available, completely legal to access, and surprisingly easy to find.
Here’s what they’re actually looking at before they ever pick up the phone.
Sign up for my FREE CyberGuy Report
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
Data broker listings often include sensitive details like your address, phone number and relatives, making removal a critical first step. (Kurt “CyberGuy” Knutsson)
Your personal profile is already out there, and it’s more complete than you think
There’s an entire industry built around collecting and selling your personal information. It’s called data brokering, and most people have never heard of it.
Right now, without your knowledge or consent, your details are being published by dozens of websites, including:
- People search sites (like Whitepages, Spokeo, and BeenVerified): your full name, current address, phone numbers, and age.
- Address lookup tools: your current and past home addresses, sometimes going back decades.
- Relatives databases: the names and contact information of your family members, automatically linked to your profile.
- Property records: whether you own your home, what it’s worth, and when you bought it.
None of this requires a hack. It’s all pulled from public records, voter registrations, court filings, real estate transactions, marriage and divorce records and assembled into a profile that anyone can search for a few dollars or sometimes for free.
They’re not guessing. They’re researching
In 2024, federal prosecutors indicted a network of scam call centers operating out of Montreal that had defrauded hundreds of elderly Americans out of more than $21 million. What made the scheme so effective wasn’t sophisticated technology. It was a spreadsheet.
The scammers were working from lists of potential victims that included names, ages, and household income information pulled from commercial databases. They used those lists to identify targets, then called them pretending to be grandchildren in trouble. The calls were convincing enough that victims handed over thousands of dollars, sometimes in cash picked up at the door.
They didn’t hack anyone. They just did their research first.
WHY WIDOWS AND DIVORCED WOMEN ARE TARGETS FOR RETIREMENT SCAMS
A call that sounds personal or urgent often relies on real information found about you online. (Kurt “CyberGuy” Knutsson)
Three ways scammers turn your public data into a weapon
Scammers use your publicly available data to make their attacks more personal, believable and harder to detect. Here are three ways they do it.
1) Impersonating your bank
A scammer calls and says, “Hi, this is fraud prevention at [your bank]. We’re seeing suspicious activity on your account ending in 4721.”
They already know your bank, your name, and possibly your address. That’s enough to sound legitimate. From there, they walk you through “confirming your identity,” which is really just you handing over the information they need to access your account.
This kind of scam starts with a simple people-search lookup. Your name and address lead to property records. Property records suggest your income range.
2) The family emergency call
Imagine getting a call: “Meemaw, it’s me. I’m in trouble. Please don’t tell Mom.” Scammers don’t guess. Instead, they research your family first. They use relatives’ databases to find your children’s names, ages and connections.
With that information, they build a story that sounds real. For example, they know to call you “Meemaw.” They also know which grandchild to impersonate. In some cases, they even mention a sibling’s name to make the story more convincing.
As a result, the call feels personal and urgent. However, none of it is random. It’s all based on information that was publicly available the entire time.
3) Targeted phishing with your own details
A phishing email that says “Dear Customer” is easy to ignore. One that says “Dear [your full name], we noticed unusual activity on your account registered to [your home address]” is a lot harder to dismiss.
Scammers use publicly available data to personalize attacks, adding your real name, city, or even a reference to your neighborhood to make a fake email or text look authentic. The more specific the details, the more likely you are to believe it.
“But I’m not on social media.” This is the most common objection, and it misses the point entirely.
You don’t have to be on social media for your information to be online. Data brokers pull from public records, not your Facebook profile. Your information is likely already listed on dozens of sites because of:
The less they think they’ve shared, the more surprised people usually are when they search for themselves on a people-search site for the first time.
DATA BROKERS ACCUSED OF HIDING OPT-OUT PAGES FROM GOOGLE
The more details a scam includes, the more likely it is built from your publicly available data. (Kurt “CyberGuy” Knutsson)
How to reduce your exposure
You don’t have to accept this as permanent. A few practical steps can help:
- Search your full name on Whitepages, Spokeo, FastPeopleSearch, and other people-search sites and submit opt-out requests.
- Look up your address directly, not just your name, since many listings are organized by location.
- Ask elderly family members to search for themselves, too, since older adults are disproportionately targeted.
- Be skeptical of any call that opens with personal details, as it can be a sign that someone researched you first.
How to remove your personal data and stop scammers from finding you
The challenge is that there are hundreds of data broker sites, each with its own removal process. Manually opting out of all of them can take hours, and your information often reappears weeks later when brokers refresh their databases.
That’s why ongoing automated removal is the only approach that actually works. That’s why I recommend using a trusted data removal service.
These services automatically contact data brokers on your behalf and request the removal of your personal information. They also continue monitoring those sites and submit new removal requests if your data reappears.
Many services remove personal data from hundreds of data broker and people-search websites, and some plans allow you to request removals from additional sites as needed.
Some have also received third-party assurance from independent firms, helping validate their claims.
The goal is simple: make it much harder for strangers, scammers, and cybercriminals to find your personal information online.
These services often include a money-back guarantee, so you can try them risk-free and see how much of your information is exposed online.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com
Kurt’s key takeaways
Most scams don’t start with a breach. They start with a search. Your name, address, relatives and even income clues are already out there, quietly fueling more convincing and more dangerous attacks. That’s what makes this so unsettling. You can do everything “right” online and still be exposed because the system itself is built to share your information. The good news is you’re not powerless. Once you understand how scammers build their playbook, you can start disrupting it. Removing your data, limiting exposure and staying skeptical of anyone who knows a little too much about you can dramatically reduce your risk. The goal isn’t to disappear completely. It’s to make yourself a much harder target.
What should be done to stop scammers from using your publicly available data against you in the first place? Let us know by writing to us at Cyberguy.com
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
Copyright 2026 CyberGuy.com. All rights reserved.
This week, I’ve been reading about restaurant bread and GLP-1s and Lenny Rachitsky and Artemis II fashion, watching the new boy band doc because I will always watch a boy band doc, also watching every clip I can find from Justin Bieber’s Coachella set, filling the Schitt’s Creek-shaped hole in my heart with Big Mistakes, getting increasingly excited about The Mandalorian and Grogu, and watering my new lawn so it doesn’t die. Please don’t die, lawn. You were so expensive.
I also have for you a couple of new AI apps to install on your computer, new action cameras worth planning a trip around, a new sci-fi action game to play, and much more.
Oh, and a reminder: Send me the thing you made! We’re doing self-promotion week in Installer (probably next week but maybe the week after), and either way I want to hear about the things you’ve been making, building, coding, creating, whatever-ing that you think the Installerverse might like. I’ve already heard from SO MANY of you, and it rules — keep the good stuff coming! Let’s dig in.
(As always, the best part of Installer is your ideas and tips. What are you watching / reading / playing / listening to / storing on your NAS this week? Tell me everything: installer@theverge.com. And if you know someone else who might enjoy Installer, forward it to them and tell them to subscribe here.)
- OpenAI Codex. Here’s OpenAI’s latest stab at an all-in-one AI superapp, which includes a web browser, new coding tools, and a setting that allows Codex to just use your computer for you. Tread lightly, as always, but people seem to be liking Codex a lot recently.
- Gemini for Mac. I’m mad at Google for tying its Mac app to a keyboard shortcut lots of people use for other things, and for making the app a login item by default. But! This is immediately the best way yet to interact with Gemini, and even Google Drive and Photos, from your computer. Into my dock it goes.
- Beef season two. Beef is one of the very best shows nobody ever seems to talk about. I’ve been burned before by the “we’ll just do it again but with a whole new cast” premise — looking at you, True Detective — but this is a win even just as a reason to rewatch the first season.
- Gradient Weather. Y’all, I think somebody finally made the gorgeous, simple weather app Android has been desperately needing. It’s very new and very beta, but I love the look, and I love that the whole aesthetic shifts with the weather. Insta-install.
- Lorne. By all accounts this is about as close as anyone has ever gotten to a truly inside look at Saturday Night Live and its semi-mythological creator, Lorne Michaels. Morgan Neville mostly makes great docs and got a ton of access for this one; I’m very excited to watch it.
- “Where Are All Of These GPUs Actually Going?” A very fun answer to a surprisingly complex question: What are companies doing with the unbelievable quantities of chips they’re buying? The numbers are all kind of pretend, and How Money Works does a good job making them make sense.
- The DJI Osmo Pocket 4. It’s very sad that this gimbal camera isn’t coming to the US in the near future, because more buttons, better slo-mo, and more built-in storage are all terrific upgrades. I use a Pocket 3 all the time, and will be keeping an eye out for the upgrade.
- The GoPro Mission 1 Pro ILS. This one’s still in “coming soon” mode, but it is the first GoPro in a long time I’ve been excited about. Adding an interchangeable lens mount, along with all the other Mission 1 upgrades, is going to completely change the kinds of things people do with GoPros. I can’t wait to see this thing out in the wild.
- Coachella TV. I’ve never spent much time with YouTube’s Coachella livestream, but this year’s show has been terrific. It almost feels like a concert doc being shot in real time — and there’s more Bieber to come!
- Pragmata. I am always here for a game that’s not trying to be a live-service, battle-royale, open-world anything, and instead just sends you on an adventure. It may suffer from being a touch too derivative, but it still appears to be very much my kind of game.
I’ve been a fan of Maria Popova’s work for… about as long as I can remember. Maria runs a site called The Marginalian, which I started following back when it was called Brain Pickings; under both names the site has been a fountain of stuff to read, with surprising and smart ideas about just about everything. I spend a lot of time reading, and on the internet, and I can’t think of anyone who shows me more stuff I never would have found otherwise.
Maria put out a book earlier this year, called Traversal, that is all about how people look at, think about, and reckon with the world around them. There is a lot going on in this book, and I suspect you’ll like it. I asked Maria to share her homescreen with us, curious if she also had a more enlightened take on all things technology.
Here’s Maria’s homescreen, plus some info on the apps she uses and why:
The phone: iPhone 16 – still too large for me, but I had to grudgingly resign to it after my last 13 mini gave up Moore’s ghost.
The wallpaper: Spring moonrise behind leafing maple in the forest where I live much of the year.
The apps: Evernote, Phone, Safari. (Blank Spaces is the app that turns the icons to text.)
The usual life-management tools (calendar, connection, climate) plus Evernote, which I have been using since 2003 and which is by now an Alexandria of meticulously organized information that just about runs my life.
I also asked Maria to share a few things she’s into right now. Here’s what she sent back:
- Robert Macfarlane and Jackie Morris’s Book of Birds: A Field Guide to Wonder and Loss.
- Joan As Police Woman’s record Lemons, Limes and Orchids.
- Jad Abumrad’s miniseries Fela Kuti: Fear No Man.
- The lovely reminder of who we can be in the story of how humanity saved the ginkgo.
Here’s what the Installer community is into this week. I want to know what you’re into right now as well! Email installer@theverge.com or message me on Signal — @davidpierce.11 — with your recommendations for anything and everything, and we’ll feature some of our favorites here every week. For even more great recommendations, check out the replies to this post on Threads and this post on Bluesky.
“Becca Farsace recommended the OhSnap Mcon on her channel recently and I picked one up. It’s super slick and works great with the Delta emulator so far. I got Goldeneye running just fine with it after a little tuning.” — Ian
“Really been enjoying Plain Text Sports to follow the start of baseball season. Loads fast, has everything I want with none of the ESPN cruft” — Rich
“I’ve almost finished reading Service Model by Adrian Tchaikovsky and I’m obsessed: equal amounts of humor and existential dread. It’s very silly, very thoughtful, and frankly a very Verge-y take on technology.” — Olof
“YouTube has been my recent go-to for surprisingly good short films that you would probably never hear about or would probably get lost in the Hollywood machine. For instance, this one called Aborted was amazing and there are more like it out there.” — Steve
“Definitely watch Jon Bois’ hilarious, quirky, and informative series about the birth of the internet mashed up with Home Improvement TV show references.” — Logan
“I bought a MacBook Air a few weeks ago after looking at the Neo and getting fed up by Windows, and I bought a few helper apps to fix small annoyances I had with the notch and
Spotlight. There are a lot of good notch applications but I bought Alcove — having the notch show me when I raise and lower volume makes the giant black bar in the middle of my screen feel slightly less useless somehow. I’ve also been using TinyStart, which is really
fast and nice! These two helper apps have made using the Mac as my main computer feel much nicer than it did the last time I tried.” — Iris
”My passion for discovering TTRPGs and learning about game design has led me into a deep dive on the Youtube channel Knights of Last Call. Long live-streams and VODs and a super active community have opened my eyes to even more of what is possible in TTRPGs.” — Simeon
“Season 3 of Shrinking on Apple TV just ended on such a powerful note. The ensemble cast just keeps bringing it and the writing realistically takes on all kinds of human problems we all deal with or know about. A+” — Aaron
“I find SO MANY great book recommendations thanks to The Big Idea feature on John Scalzi’s blog, Whatever!” — Steve
You surely already know this, but I spend way too much time on snacks. Eating them. Researching them. Thinking about them. Longing for more of them. And I know I’m not alone! So I have big news: My wife recently brought home a variety pack of candy from YumEarth, and it’s all excellent. It’s basically Skittles, Starbursts, and Sour Patch Kids, but with more natural ingredients and a lot less sugar. (But still a lot of sugar, because it’s candy. Sugar-free candy is a lie.)
I am constantly on the lookout for a way to make my bad habits a little better, without making my life worse in the process. This is a perfect one. The Skittles equivalent are called “Giggles,” which is awful, but they’re delicious. So I’ll allow it. I’m gonna go get some right now.
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
-
Florida1 minute agoSNAP benefits will be changing in Florida starting Monday
-
Georgia7 minutes agoGeorgia on nobody’s mind: The Dawgs are under the radar, and that’s a compliment
-
Hawaii13 minutes agoLarge section of Aloha Stadium demolished as project proceeds – West Hawaii Today
-
Idaho19 minutes ago
Idaho Lottery results: See winning numbers for Powerball, Pick 3 on April 18, 2026
-
Illinois25 minutes ago5 tornadoes confirmed in Illinois from Friday’s storms
-
Indiana31 minutes agoAn Indiana district turned to voters to fund more preschool seats. Here’s what happened next.
-
Iowa37 minutes agoVote: Who Should be Iowa’s High School Athlete of the Week? (4/19/2026)
-
Kansas43 minutes agoKansas Losing Momentum With Key Transfer Target After New Visits