Technology
QR code email scam targets employee reviews
NEWYou can now listen to Fox News articles!
We received an email that looks like an official HR notice about a performance review. It mentions pay updates, benefits and a deadline. There is also a QR code to access your file.
The message claims to come from an internal HR office. Instead, it pushes us to scan a QR code to access your appraisal. That setup is a classic phishing move. In many cases, these scams try to move you off your computer and onto your phone, where it is harder to verify links.
So, let’s break down what stands out and why this message should absolutely not be trusted.
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
FAKE TRAFFIC VIOLATION TEXT SCAM USES QR CODES TO STEAL PAYMENT INFO
A fake HR performance review email uses a QR code to push employees toward a phishing page designed to steal login details. (Kurt “Cyberguy” Knutsson)
QR code email scam red flags you should notice
This email is built to feel routine and urgent at the same time. Take a closer look, and the red flags start to add up.
Red flag #1: The sender’s email does not match the company’s
The message shows “CyberGuy” as the sender. The actual email address is mario@toituresphenix.com. That domain has nothing to do with the brand it claims to represent. This is one of the biggest warning signs. Legitimate companies send HR notices from their own domain. If the domain looks unrelated, treat it as suspicious right away.
Red flag #2: The email creates urgency with a deadline
The email says you must act by May 15, 2026. Deadlines push people to react fast. Scammers rely on that pressure, so you skip basic checks. Real HR systems do use deadlines. The difference is how they deliver them. They do not rely on a random email with a QR code.
Red flag #3: The QR code is the main call to action
The message tells you to scan a QR code to access your file. That is a newer phishing tactic called “quishing.”
Why it matters:
Most companies will send a direct link or ask you to log in through a known portal. They do not force QR-only access for something as sensitive as compensation details.
Red flag #4: The greeting is generic instead of personal
The email starts with “Dear Techtips.” It looks like a mailing list or placeholder. Legitimate HR messages usually address you by your full name. They often include employee-specific details that scammers cannot easily fake.
Red flag #5: The email uses vague HR system language
The email mentions a “secure HR access system” but never names it. There is no recognizable platform like Workday or ADP. That vagueness is intentional. It avoids giving you something you can verify.
Red flag #6: The branding looks real yet feels off
There is a Microsoft logo in the message. That does not mean Microsoft sent it. Logos are easy to copy. The layout tries to mimic a corporate notice. Still, the formatting feels generic. Real internal emails usually follow a consistent company template you have seen before.
Red flag #7: The high-importance flag adds pressure
The message is marked as high importance. That visual cue pushes urgency again. Scammers stack these signals so you feel like you cannot ignore the message.
Red flag #8: The instructions bypass normal login habits
Instead of telling you to log into your HR portal, the email asks you to scan and access a file directly. That isn’t how sensitive employee data is handled. Companies want you inside a secure login system, not opening a file from a QR code.
FBI WARNS OF QR CODE SCAM DISGUISED IN MYSTERY PACKAGES
QR code phishing scams can hide suspicious links, making it harder for users to verify the destination before opening it. (Hispanolistic/Getty Images)
Why QR code phishing scams are growing fast
QR codes feel safe because we see them everywhere. Restaurants use them. Airlines use them. That familiarity lowers your guard. Scammers take advantage of that trust.
They embed malicious links inside codes so you cannot preview them easily. Once you scan, you may land on a fake login page that looks real. From there, it is a quick path to stolen credentials.
What happens if you scan a malicious QR code
If the QR code leads to a phishing page, a few things can happen:
- You enter your login details and hand them over
- Malware downloads silently to your device
- The page asks for more personal information
In some cases, attackers use the stolen login to access company systems or your email account. That can lead to more attacks against your contacts.
Ways to stay safe from QR code email scams
These scams rely on speed and distraction. Slow things down, and a few simple checks can protect your data.
1) Do not scan unexpected QR codes
If an email pushes you to scan a code, pause. Go to the official website yourself instead of using the code.
2) Check the sender’s domain carefully
Look past the display name. Verify the full email address. If it does not match the company, do not trust it.
3) Use your normal login path
Access HR systems by typing the URL you already know or using a saved bookmark. Avoid links and codes in emails.
4) Watch for generic greetings
Messages that avoid your real name should raise suspicion. That is often a sign of mass phishing.
BE AWARE OF EXTORTION SCAM EMAILS CLAIMING YOUR DATA IS STOLEN
Employees should access HR systems through official portals instead of scanning QR codes or clicking links in unexpected emails. (gpointstudio via Getty Images)
5) Confirm with your company
If something feels off, ask your HR team directly. Use a known contact method, not the one in the email.
6) Use strong antivirus software
Strong antivirus software can block malicious links, flag phishing pages and stop malware before it installs. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
7) Consider a data removal service
Scammers often use personal data found online to make emails feel more convincing. A data removal service can reduce your exposure by removing your information from broker sites. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com
8) Keep your devices and apps updated
Security updates patch known vulnerabilities. Turn on automatic updates so you are always protected.
9) Enable two-factor authentication
Even if your login gets stolen, a second verification step like two-factor authentication (2FA) can stop attackers from getting into your account.
Join CyberGuy Live: Lock Down Your Phone in 30 Minutes (Saturday, June 13, 10 am ET)
Your phone holds your email, passwords, photos, banking apps and personal data. In this free, live online class, Kurt the CyberGuy will walk you step by step through simple phone security fixes you can do in real time. You’ll learn how to improve your privacy settings, spot the latest phone scams, use trusted security tools and walk away with a simple checklist to stay protected. Register here: CyberGuyLive.com
Kurt’s key takeaways
Phishing emails keep evolving. Today, it is a QR code tied to a fake HR notice. Tomorrow, it could be something else that feels just as routine. The safest thing to do is simple. Do not trust the path an email gives you when sensitive information is involved. Use your own path instead.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
If a message asks you to act fast with a QR code, would you stop and verify it first or trust it because it looks familiar? Let us know by writing to us at Cyberguy.com
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
Copyright 2026 CyberGuy.com. All rights reserved.
Technology
Lorde says Ray-Ban Meta AI glasses are ‘not sexy’
Lorde was performing at the Real Cool Festival in Madrid on Thursday and took some time during her set to speak out against AI glasses. While she didn’t specify any brands in particular, it’s likely she was taking a shot at festival sponsor Ray-Ban, which has collaborated with Meta on a pair of AI smartglasses.
The comments were captured in videos shared to social media. After thanking the crowd for being there and taking part in “something real,” she said that it was increasingly hard to know is and isn’t real, before saying “You don’t know if someone is wearing sunglasses or if they’re wearing those fucked up fucking… Can I just say, for the record, fuck the glasses. Don’t get the glasses. Not sexy.”
The comments come as Meta faces renewed scrutiny over its smart glasses. And, even in the face of that backlash, it is still reportedly planning to launch a pair of “super sensing” glasses that are continuously recording.
According to Stereogum, Lorde was followed on stage by Blackpink’s Jennie, who is a Ray-Ban Meta AI ambassador and has been featured in advertising campaigns on Instagram and in a video screened between sets at Real Cool.
Technology
Google may use your photos and voice to train AI
Google general counsel explains AI-powered phishing rise
Halimah Delaine Prado, Google General Counsel, reveals the rise of AI-powered phishing scams originating from China’s ‘outsider enterprise.’ She explains how these criminals use artificial intelligence to create highly convincing fake websites, impersonating trusted brands like T-Mobile to defraud hundreds of thousands of Americans, causing millions in losses. Prado highlights Google’s strategy to combat these evolving threats.
NEWYou can now listen to Fox News articles!
There are few emails that make your stomach drop faster than one about “new privacy settings.” That usually means a company has moved another data switch, renamed a control or tucked a new choice inside an account menu you rarely visit. Google is now rolling out one of those changes for Search services. The setting is called Search Services History. It controls whether Google saves your activity from Search services when you are signed into your Google Account.
That may sound routine at first. Most of us already know Google can save search history. However, this update goes beyond the old idea of typed searches in a box. Google says Search Services History can include images you upload, files you ask about, voice searches, Search Live recordings, Translate speaking practice audio and other interactions with Search services.
The part that should make you pause is the Save Media setting. When it is turned on, Google can save media from your Search services interactions. That saved media may be used to improve Google’s AI models and technologies. In other words, the random photo you searched with Google Lens or the voice recording you used in a Search feature may help improve Google’s AI.
GOOGLE TURNS OLD PHONES INTO CLOUD SERVERS
Google’s new Search services pop-up tells you media from your searches may now be saved in your history. (Harun Ozalp/Anadolu via Getty Images)
Free live CyberGuy class: Sick of Spam? Join us July 22
Join us Wednesday, July 22, at 1 PM ET for a free CyberGuy Live class that will help you cut down on robocalls, spam texts, junk email and other unwanted messages. Kurt “CyberGuy” Knutsson will walk you step by step through simple ways to filter spam, clean up your inbox and recognize the messages that could put your personal information at risk. No technical experience is needed. You’ll also receive our spam-stopping checklist, and every registrant will get a link to the class recording afterward.
Reserve your free spot today at CyberGuyLive.com.
APPLE AI SECURITY UPDATE PROVES HACKERS MOVE FAST
What Google’s Search Services History can save
Google says Search Services History may include your searches, results you view, AI Mode responses, voice search recordings, Search Live transcripts, Google Lens images, uploaded files and some information tied to your activity.
Maybe you used Google Lens to identify a plant. Perhaps you uploaded an image to search for a product. You might have used Translate to practice before a trip. Or maybe you asked a question by voice because your hands were full. All of that can feel harmless in the moment. Still, the bigger issue is where that data can go after it is saved.
Google says saved media may help you revisit past visual searches or continue a Search Live conversation. That can be useful. However, Google also says saved media may help develop and improve AI models and technologies. That is the trade-off. You may get more personalized features. Google may get more personal inputs from the tools you already use.
CHRIS HANSEN URGES PARENTS TO TEACH CHILDREN ABOUT ONLINE PREDATORS BEFORE ALLOWING INTERNET ACCESS
Why this Google AI setting deserves your attention
This is the kind of privacy change that can slide right past you. The language sounds helpful. The setting lives inside account controls. The rollout happens gradually, so you may not see it right away. That is exactly why you should check.
Google says the new settings are based on your prior choices for Web & App Activity and Search Personalization. If those were on, the new Search Services History setting may also be on. If your prior settings were off, the new one should be off too. That sounds fair enough, but it still puts the work on you.
Also, turning off Save Media does not automatically wipe everything that was already saved. Google says previously saved media may continue to be used to improve its technologies unless you delete it from your account. If saved media has already been selected to train AI models, Google says it is no longer connected to your account and may be kept for up to four years.
That is the part I would not ignore. Once your media moves into that AI-training pipeline, deleting the original activity may not pull it back.
The Search Services History setting appears inside Google’s My Activity page, where you can review what Google saves. (AP Photo/Seth Wenig, File)
How to opt out of Google’s Search AI data training setting
You can check this from a phone or computer, but I recommend using a computer if you can. The account settings are easier to read.
- Open a browser and go to myactivity.google.com.
- Make sure you are signed into the account you use for Search, Gmail, YouTube or Android. If you have more than one Google Account, repeat these steps for each one.
- Look for the Search Services History section. If you do not see it yet, Google says the new settings are still rolling out. In that case, your Search history may still be controlled by Web & App Activity.
- If Search Services History is turned on, you should see a Save Media subsetting.
- Uncheck the box next to Save Media if you do not want Google saving media from your Search services interactions.
- If you want to go further, turn Search Services History off. Google says you can choose Turn off or Turn off and delete activity.
- To remove older items, go back to Search Services History and select View and delete saved history. Review what appears there, then delete activity you do not want saved.
- If Search Services History has not reached your account yet, go to My Activity and review Web & App Activity. That may still control some Search services history until the rollout reaches you.
- Google also has a Personalized Recommendations setting for Search services. This can affect how Search services personalize results, feeds and AI responses based on your activity. You can review it in your Google Account under Data & privacy, then Personalization settings.
What happens after you turn Save Media off
Turning off Save Media stops Google from saving media from future Search services interactions as part of Search Services History. However, it does not shut down every kind of Search history. Text-based activity, transcripts and some AI responses may still be saved if Search Services History remains on.
Also, Google says media from your future interactions can still be used to respond to you and help keep services safe. The key difference is that future media should not be used to train Google’s generative AI models unless you provide feedback. That is a meaningful distinction, but it isn’t the same as using Google with no data collection at all.
You should also know that Save Media does not control everything across Google. It does not cover separate activity settings for Gemini Apps, YouTube, NotebookLM or Google Voice. Those services have their own controls.
Kurt’s key takeaways
Google’s new Search Services History setting is worth checking now, especially if you use Lens, voice search, Translate or AI Mode. The Save Media box is the one I would look for first. If you do not want your images, files, audio or video saved for future AI improvement, turn it off. Then go one step further and review old activity. Turning off a setting usually protects future data, but past items may still sit in your account unless you delete them. Finally, repeat the process for every Google Account you use. Many of us have a personal account, a work account or an old account still signed in somewhere.
The Save Media checkbox is the key setting to turn off if you do not want images, files, audio and video saved for AI training. (Kurt “CyberGuy” Knutsson)
Would you keep using Google Lens the same way if you knew your image searches could help train AI for years? Let us know by writing to us at Cyberguy.com
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
Copyright 2026 CyberGuy.com. All rights reserved.
Technology
Apple’s failed self-driving car program left a legacy of powerful AI chips
Apple’s self-driving car program never really got off the ground, but it may have been what made the company’s chips the powerful AI performers they are. Early in the development of the self-driving platform, Apple realized that it would need powerful on-device AI processing. While the car processor was never finished, as Mark Gurman details in his latest Power On newsletter, it did lead to the development of the Neural Engine, the backbone of Apple’s on-device AI processing.
The Neural Engine made its debut with the iPhone X and the A11 Bionic. In those early days, it was primarily used for computer vision, powering FaceID, Animoji, and augmented reality features. But by laying the groundwork for on-device AI processing, Apple established itself as an early leader by bringing the Neural Engine to desktops with the M-series chips. While Apple’s AI software efforts have lagged behind the rest of the industry, its hardware has been impressive. It’s also what has allowed Apple to tout its privacy features, since less data is sent to the cloud.
Apple is making its AI hardware a cornerstone of its strategy going forward. According to Gurman, the company is skipping the Pro, Max, and Ultra versions of its upcoming M6 chip. Instead, it’s accelerating development of the M7, which should arrive in the first half of 2027 with significant Neural Engine upgrades. The M7 Ultra is expected to be the basis for a new server product from Apple as well, with support for up to 1.5TB of RAM.
-
Rhode Island45 seconds agoOfficials call off search at Lincoln Woods Beach, no one found in the water
-
South-Carolina7 minutes agoWhat happens next after Lindsey Graham’s death? South Carolina law lays out the process
-
South Dakota13 minutes ago
SD Lottery Millionaire for Life winning numbers for July 12, 2026
-
Tennessee19 minutes ago
TN Lottery Cash 3 Evening, Cash 4 Evening winning numbers for July 12, 2026
-
Texas25 minutes agoArrest made in death of North Texas teen Daniel Erving found in Lake Ray Hubbard
-
Utah31 minutes agoFamilies fight to stay cool as Salt Lake City reaches record-breaking temperatures
-
Vermont37 minutes ago
VT Lottery Pick 3, Pick 3 Evening results for July 12, 2026
-
Virginia43 minutes agoVirginia Lottery Pick 3 Night, Pick 3 Day results for July 12, 2026