Lucid Motors found itself in a tough bind this week, fending off bankruptcy rumors and watching its stock price plunge as a result. The company quickly denied the report, calling it “completely false” and pointing to its available free cash flow as evidence that it has enough runway to operate into next year.
Technology
Teen hackers recruited through fake job ads
NEWYou can now listen to Fox News articles!
At first glance, the job posts look completely harmless. They promise fast money, flexible hours and paid training. No experience required. Payment comes in crypto. But these are not tutoring gigs or customer service roles. They are recruiting ads for ransomware operations.
And many of the people responding are middle and high school students. Some posts openly say they prefer inexperienced workers. Others quietly prioritize young women. All of them promise big payouts for “successful calls.”
What they leave out is the risk. Federal charges. Prison time. Permanent records. This underground ecosystem goes by a familiar name. Insiders often refer to it as “The Com,” short for “The Community.”
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
HACKERS ABUSE GOOGLE CLOUD TO SEND TRUSTED PHISHING EMAILS
Fake job ads promising fast cash and flexible hours are quietly recruiting teens into ransomware and extortion schemes, often paying in cryptocurrency to hide criminal activity. (Donato Fasano/Getty Images)
How The Com operates behind the scenes
The Com is not a single organized gang. It functions as a loose network of groups that regularly change names and members. Well-known offshoots tied to this ecosystem include Scattered Spider, Lapsus$, ShinyHunters and related splinter crews. Some groups focus on data theft. Others specialize in phishing or extortion. Collaboration happens when it benefits the operation.
Since 2022, these networks have targeted more than 100 major companies in the U.S. and UK. Victims include well-known brands across retail, telecom, finance, fashion and media, including companies such as T-Mobile, Nike and Instacart. The combined market value of affected companies exceeds one trillion dollars.
Teenagers often take on the riskiest roles within these schemes. Phone calls, access testing and social engineering scripts typically fall to younger participants. More experienced criminals remain in the background, limiting their exposure.
That structure mirrors what identity and fraud experts are seeing across the industry. Ricardo Amper, founder and CEO of Incode Technologies, a digital identity verification company, says fake job ads are effective because they borrow trust from a familiar social contract.
“A job post feels structured, normal and safe, even when the actual behavior being requested is anything but,” Amper said. “A job posting implies a real process – a role, a manager, training and a paycheck. That’s exactly why it works. It lowers skepticism and makes risky requests feel like normal onboarding.”
Amper notes that what’s changed is not just the scale of recruitment, but how criminals package it. “Serious crime is now being sold as ‘work.’”
Why teens excel at social engineering attacks
Teenagers bring a unique mix of skills that make them highly convincing. Fluent English and comfort with modern workplace technology help them sound legitimate. Familiarity with tools like Slack, ticketing systems and cloud platforms makes impersonation easier.
According to Amper, teens don’t need technical expertise to get pulled in. “The on-ramp is usually social, a Discord server, a DM, a ‘quick gig,’” he said. “It can feel like trolling culture, but the targets are real companies and the consequences are real people.”
Risk awareness is often lower. Conversations frequently take place in public chats, where tactics and mistakes are shared quickly. That visibility accelerates learning and increases the likelihood of detection and arrest.
Gaming culture feeds the pipeline
For many teens, it starts small. Pranks in online games turn into account takeovers. Username theft becomes crypto theft. Skills escalate. So do the stakes.
Recruitment often begins in gaming spaces where fast learning and confidence are rewarded. Grooming is common. Sextortion sometimes appears. By the time real money enters the picture, legal consequences feel distant.
Amper compares the progression to gaming itself. “These crews package crime as a ladder,” he said. “Join the group, do small tasks, level up, get paid, get status.”
Why young women are being targeted
Cybercrime remains male-dominated, but recruiters adapt. Young women are increasingly recruited for phone-based attacks. Some use AI tools to alter accents or tone. Others rely on stereotypes. Distress lowers suspicion faster than authority. Researchers say women often succeed because they are underestimated. That same dynamic puts them at risk inside these groups. Leadership remains overwhelmingly male. Girls often perform low-level work. Training stays minimal. Exploitation is frequent.
Red flags that signal fake job scams and ransomware recruitment
These warning signs show up repeatedly in cases involving teen hackers, social engineering crews and ransomware groups.
Crypto-only pay is a major warning sign
Legitimate employers do not pay workers exclusively in cryptocurrency. Crypto-only pay makes transactions hard to trace and protects criminals, not workers.
Per-call or per-task payouts should raise concern
Promises of hundreds of dollars for a single call or quick task often point to illegal activity. Real jobs pay hourly or a salary with documentation.
Recruitment through Telegram or Discord is a red flag
Criminal groups rely on private messaging apps to avoid oversight. Established companies do not recruit employees through gaming chats or encrypted DMs.
Anonymous mentors and vague training are dangerous
Being “trained from scratch” by unnamed individuals is common in ransomware pipelines. These mentors disappear when arrests happen.
Secrecy requests signal manipulation
Any job that asks teens to hide work from parents or employees to hide tasks from employers is crossing a line. Secrecy protects the recruiter, not the recruit.
Amper offers a simple rule of thumb: “If a ‘job’ asks you to pretend to be someone else, obtain access, move money, or share sensitive identifiers before you’ve verified the employer, you’re not in a hiring process. You’re in a crime pipeline.”
He adds that legitimate employers collect sensitive information only after a real offer, through verified HR systems. “The scam version flips the order,” he said. “It asks for the most sensitive details first, before anything is independently verifiable.”
Urgency and emotional pressure are deliberate tactics
Rushing decisions or creating fear lowers judgment. Social engineering depends on speed and emotional reactions.
If you see more than one of these signs, pause immediately. Walking away early can prevent serious legal consequences later.
MICROSOFT TYPOSQUATTING SCAM SWAPS LETTERS TO STEAL LOGINS
Cybercrime recruiters are targeting middle and high school students for risky roles like social engineering calls, exposing them to federal charges and prison time. (Philip Dulian/picture alliance via Getty Images)
Law enforcement is cracking down on teen cybercrime
Since 2024, government indictments and international arrests have shown cybercriminal groups tied to The Com and Scattered Spider are under increasing scrutiny from law enforcement. In Sept. 2025, U.S. prosecutors unsealed a Department of Justice complaint against 19-year-old Thalha Jubair, accusing him of orchestrating at least 120 ransomware and extortion attacks that brought in over $115 million in ransom payments from 47 U.S. companies and organizations, including federal court networks. Prosecutors charged Jubair with computer fraud, wire fraud and money laundering conspiracy.
Across the Atlantic, British authorities charged Jubair and 18-year-old Owen Flowers for their alleged roles in a Transport for London cyberattack in 2024 that compromised travel card data and disrupted live commuter information. Both appeared in court under the U.K.’s Computer Misuse Act. Earlier law enforcement action in the U.S. included criminal charges against five Scattered Spider suspects for mass phishing campaigns that stole login credentials and millions in cryptocurrency, laying out how members of this collective staged coordinated extortion and data theft.
Federal agencies are also issuing advisories about the group’s social engineering techniques, noting how attackers impersonate help desks, abuse multi-factor authentication and harvest credentials to access corporate networks.
Parents often learn the truth late. In many cases, the first warning comes when federal agents arrive at the door. Teens can move from online pranks to serious federal crimes without realizing where the legal line lies.
How parents and teens can avoid ransomware recruitment traps
This type of cybercrime thrives on silence and speed. Slowing things down protects families and futures.
Tips for parents and guardians to spot fake job scams early
Parents play a critical role in spotting early warning signs, especially when online “work” starts happening behind closed doors or moves too fast to explain.
1) Pay attention to how online “jobs” are communicated
Ask which platforms your child uses for work conversations and who they talk to. Legitimate employers do not recruit through Telegram or Discord DMs.
2) Question sudden income with no clear employer
Money appearing quickly, especially in crypto, deserves scrutiny. Real jobs provide paperwork, supervisors and pay records.
3) Treat secrecy as a serious warning sign
If a teen is told to keep work private from parents or teachers, that is not independence. It is manipulation.
4) Talk early about legal consequences online
Many teens do not realize that cybercrime can lead to federal charges. Honest conversations now prevent life-changing outcomes later. Also, monitoring may feel uncomfortable. However, silence creates more risk.
Tips for teens to avoid fake job offers and cybercrime traps
Teenagers with tech skills have real opportunities ahead, but knowing how to spot fake offers can mean the difference between building a career and facing serious legal trouble.
1) Be skeptical of private messages offering fast money
Real companies do not cold-recruit through private chats or gaming servers.
2) Avoid crypto-only payment offers
Being paid only in cryptocurrency is a common tactic used to hide criminal activity.
3) Choose legal paths to build skills and reputation
Bug bounty programs, cybersecurity clubs and internships offer real experience without risking your future. Talent opens doors. Prison closes them.
Take my quiz: How safe is your online security?
Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com
FBI WARNS OF FAKE KIDNAPPING PHOTOS USED IN NEW SCAM
A loose cybercrime network known as “The Com” has been linked to major U.S. and U.K. data breaches affecting companies worth trillions combined. (Photo by Uli Deck/picture alliance via Getty Images)
Kurt’s key takeaways
What makes this trend so unsettling is how ordinary it all looks. The job ads sound harmless. The chats feel friendly. The crypto payouts seem exciting. But underneath that surface is a pipeline pulling teenagers into serious crimes with real consequences. Many kids do not realize how far they have gone until it is too late. What starts as a quick call or a side hustle can turn into federal charges and years of fallout. Cybercrime moves fast. Accountability usually shows up much later. By the time it does, the damage is already done.
If fake job ads can quietly recruit teenagers into ransomware gangs, how confident are you that your family or workplace would spot the warning signs before it is too late? Let us know by writing to us at Cyberguy.com.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Copyright 2026 CyberGuy.com. All rights reserved.
Technology
Lucid’s bankruptcy rumor is a bad sign for the EV future
But despite the swift response, the damage was widespread. The panic immediately bled into competing automakers, pulling down shares of Rivian and Polestar as investors speculated about the long-term survival of EV-only companies in the face of slowing consumer demand and whiplash policy shifts. And it cast a harsh light on the precarity of all three companies and the future of electric vehicles.
The trouble started on Tuesday, when EV trade publication EV reported that restructuring firm AlixPartners had advised Lucid’s board to consider Chapter 11 bankruptcy or a take-private deal. The report also said AlixPartners had encouraged the board to further restructure in the US and Europe and to focus on the Gravity SUV. But while the rest of the media has since reported on Lucid’s denial, no other publication has confirmed EV’s scoop. (For what its worth, EV’s URL is “eletric-vehicle.com,” enshrining the incorrect spelling in its address.)
Lucid confirmed that it had hired AlixPartners, but denied that the firm had made any such recommendations to its board. Instead, AlixPartners would provide advice on “improving execution, strengthening operations and positioning Lucid to realize the full potential of its technology, products and innovation,” Lucid chief communications officer Nick Twork said.
Lucid went a step further, filing a cease and desist order against EV
Lucid went a step further, filing a cease and desist order against EV, claiming that the site’s report directly led to the stock crash. “In short, your actions caused serious injury to a number of investors,” Lucid’s chief legal officer and general counsel, Brian Tomkiel, said in the letter. “And they injured, and continue to injure, Lucid directly.”
Still, the timing was terrible. Lucid is genuinely not in good shape, having lost over $1 billion in the first quarter of the year. The company has also gone through two rounds of layoffs in 2026, having cut 12 percent of staff in February and then 18 percent in June. The company also reduced production at its factory in Arizona in a bid to counteract its high inventory and save money. And there’s been leadership turmoil, with COO Marc Winterhoff departing the company and his position being eliminated entirely in an effort to flatten the structure.
The report sent the stock into freefall, plummeting as much as 50 percent in one of the worst single-day drops in Lucid’s history. And with Polestar and Rivian also catching strays, it’s generally been a glum time for companies not named Tesla trying make a go of exclusively building electric vehicles. Wall Street is panicking because the rumors are aligning with the bad news coming out of these companies’ earnings reports. EV sales are stabilizing, but recovery is still a distant promise. The all-electric future seems further away than ever.
Whether or not Lucid is actually weighing Chapter 11, it’s a sure sign of more turbulent waters ahead. Polestar getting strong-armed out of the US over its Chinese ties has left a lot of EV owners and dealers scratching their heads. Rivian is in an increasingly precarious position thanks to its huge, expensive bet on becoming a mass-market car company with the production of the R2.
All of these companies are increasingly reliant on big stakeholders — Lucid with Saudi Arabia’s Public Investment Fund, Polestar with Geely, and Rivian with Volkswagen — for their future survival. If any of these big backers get cold feet, the future could get really dark really fast.
Technology
Insurance breach exposes 7M driver’s licenses
NEWYou can now listen to Fox News articles!
AssuranceAmerica, an auto insurance provider that works through a network of independent agents, has disclosed a data breach affecting nearly 7 million people. The exposed information includes driver’s license numbers and other personal details tied to auto insurance customers.
The company said it detected suspicious activity on March 17, 2026, after malicious activity targeted one of its employees one day earlier. Investigators later found that an unauthorized third party accessed parts of AssuranceAmerica’s IT environment and copied certain data files.
According to an Indiana Attorney General breach listing, the incident affected 6,998,886 people. A California Attorney General notice also says AssuranceAmerica began notifying affected individuals after completing its file review on June 15, 2026.
AssuranceAmerica sells auto, renters and commercial auto insurance through independent agents. So even if the company name does not sound familiar, your information could still be involved if your policy, quote, claim or driver details passed through its systems.
ADT DATA BREACH EXPOSES CUSTOMER INFORMATION
AssuranceAmerica says a March cyberattack exposed personal information tied to nearly 7 million people, including driver’s license numbers and insurance data. (Felix Zahn/Photothek via Getty Images)
Free live CyberGuy class: Sick of Spam? Join us July 22
Join us Wednesday, July 22, at 1 p.m. ET for a free CyberGuy Live class that will help you cut down on robocalls, spam texts, junk email and other unwanted messages. Kurt “CyberGuy” Knutsson will walk you step by step through simple ways to filter spam, clean up your inbox and recognize the messages that could put your personal information at risk. No technical experience is needed. You’ll also receive our spam-stopping checklist, and every registrant will get a link to the class recording afterward.
Reserve your free spot today at CyberGuyLive.com.
What happened in the AssuranceAmerica data breach
AssuranceAmerica said the breach started with malicious activity that targeted one employee. The company did not explain exactly how the employee was targeted. However, it said it later disabled compromised credentials and unauthorized sessions.
That detail should get your attention. Many breaches start with one stolen login, one convincing message or one infected device. Once attackers get inside, they can move quickly and look for files worth stealing.
In this case, AssuranceAmerica said an unauthorized third party copied certain data files from its IT environment. The company then reviewed those files to identify affected individuals.
What information was exposed in the AssuranceAmerica breach
AssuranceAmerica said the stolen files contained names plus one or more other types of personal information. That information may include contact details, auto insurance policy or account information, driver or vehicle information, claims-related information and driver’s license numbers. The California notice also says some files may have included Tax ID information and/or Social Security numbers.
That mix can create real risk. A scammer with your name, license number and insurance details may sound much more convincing. They could pretend to be from your insurer, a repair shop, a claims department or a state agency. This follows other identity-document breaches, including the Texas data breach that hit 3 million license customers. Once driver’s license numbers leak, the risk can last much longer than a stolen credit card number.
How AssuranceAmerica responded to the breach
AssuranceAmerica said it took affected server devices offline and hired external forensic specialists to investigate. The company also said it reset passwords, deployed enhanced monitoring and threat detection tools and gave employees more cybersecurity instruction. It also notified law enforcement.
AssuranceAmerica is offering 12 months of complimentary credit monitoring for affected individuals. That can help spot some suspicious activity. However, you still need to watch your insurance account, financial accounts and mail.
Why the AssuranceAmerica breach puts drivers at risk
A driver’s license number can help an imposter build a more believable scam. Insurance information can make that scam feel personal.
For example, a caller may mention your policy, your vehicle or a claim. Then they may ask you to “verify” more information. That is where the damage can grow.
Also, stolen breach data can be matched with public records and data broker profiles. That can give criminals a fuller picture of your life. We have seen the same pattern in scams tied to travel accounts, phone accounts and other breaches, including the Booking.com breach that exposed traveler data to scams.
BEFORE YOU CONNECT ANOTHER SMART TV, TABLET OR PHONE, LOCK IT DOWN
State officials say the breach involved Medicaid, Medicare Savings Program and rehabilitation services records spanning multiple years. (Photo by Silas Stein/picture alliance via Getty Images)
Ways to stay safe after the AssuranceAmerica data breach
If you receive a notice or think your information may be involved, take these steps now to make the stolen data harder to use.
1) Read the breach notice closely
If you receive a notice from AssuranceAmerica, read it carefully. Check what information the company says may have been exposed in your case. Do not assume every affected person had the same data stolen. Some people may have had driver’s license numbers exposed. Others may also have had Tax ID information or Social Security numbers involved.
2) Use the credit monitoring offer safely
AssuranceAmerica says it is offering 12 months of complimentary credit monitoring. Use the instructions in the official notice. Be careful with emails or texts that claim to offer enrollment links. Scammers often copy real breach language to trick you.
3) Freeze your credit
A credit freeze makes it harder for someone to open a new account in your name. You need to place a freeze separately with Equifax, Experian and TransUnion. It is free, and you can lift it when you need to apply for credit.
4) Add a fraud alert
A fraud alert tells lenders to take extra steps before opening credit in your name. You can place a fraud alert with one credit bureau, and that bureau should notify the others. This adds another layer of protection if your personal information was exposed.
5) Watch your insurance account
Log in to your insurance account and check for changes you do not recognize. Look for unfamiliar claims, new contact details or strange policy updates. If something looks wrong, call the company using a number from your policy documents.
6) Protect your devices from malware
Credential theft often starts with malware, a bad link or a fake download. Strong antivirus software can help block malicious files and phishing links before they cause damage. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
CARNIVAL BREACH MAY PUT YOUR TRAVEL DATA AT RISK
Strong passwords protect your accounts, but they do not stop data brokers from collecting public records and selling personal information to people-search sites. (Photographer: Chris Ratcliffe/Bloomberg via Getty Images)
7) Clean up your online personal data
Breached data becomes more useful when scammers can match it with your address, relatives, phone number or public records. A data removal service can help reduce what data brokers display about you. That will not undo a breach, but it can make you a harder target. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.
8) Be suspicious of insurance-related calls
If someone calls about your policy, claim or payment, slow down. Do not share verification codes. Do not confirm sensitive details during an unexpected call. Instead, hang up and call the company back through an official number.
9) Check your DMV options
If your driver’s license number was exposed, review your state DMV’s fraud guidance. Some states may offer replacement options or identity theft guidance. The rules vary, so check directly with your state agency.
10) Use a password manager
Create strong, unique passwords for your insurance account, email and financial apps. A password manager can also help you spot fake login pages. If it will not autofill, you may be on a scam site. Check out the best expert-reviewed password managers of 2026 at CyberGuy.com.
11) Turn on two-factor authentication
Turn on two-factor authentication (2FA) for your insurance account, email and financial accounts when available. Use an authenticator app when you can. Text codes are better than nothing, but scammers often target them.
Kurt’s key takeaways
The AssuranceAmerica data breach is a reminder that your driver’s license number has become a high-value target. You may not be able to control how every company stores your information. However, you can make stolen data harder to use. Start with your credit. Then check your insurance account and watch for imposters who know just enough to sound convincing. Also, clean up the personal data already floating around online. The bigger issue is trust. Companies ask for sensitive information because they need it to do business. When that information leaks, you are the one left checking statements, freezing credit and worrying about what comes next.
What should a company owe you when it loses the ID number you use to prove who you are? Let us know by writing to us at CyberGuy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
Copyright 2026 CyberGuy.com. All rights reserved.
Technology
Google and Epic give up fighting — third-party Android app stores are coming next week
Epic Games and Google have just jointly withdrawn their attempt to retroactively settle the lawsuit that’s changing how Android app stores work in the United States — and that means Google will be forced to carry rival app stores inside of its own. In fact, Google tells the court, it’s ready to begin carrying third-party app stores on Wednesday, July 22nd. Does that mean it’s time for Microsoft to launch an Xbox game store on Android?
But Judge James Donato was skeptical he should abandon his original permanent injunction in favor of Google’s proposed “Registered App Stores” that users would have to sideload — instead of simply downloading third-party stores directly through Google Play. On Thursday, July 16th, both parties were set to appear in court to argue it again, but that may no longer be necessary.
Here’s is Google’s full statement on withdrawing its proposed modifications to Judge Donato’s permanent injunction, via Google spokesperson Dan Jackson:
We’ve agreed with Epic to withdraw our motion to modify the US Court’s injunction rather than prolonging this process which creates uncertainty for the ecosystem. This allows us to focus on executing our recently announced global business model evolution to deliver greater app store choice, lower prices, and more opportunities for developers and users. We remain committed to maintaining Android’s industry-leading security and fostering a competitive ecosystem where every app store and developer has the freedom to compete. In parallel, we continue to comply with the US Court’s injunction.”
Google had previously announced that it would launch its sideloaded Registered App Store program in the rest of the world, beginning with the new version of Android later this year. That means there may be two different tracks for Android: stores-within-a-store in the United States, and Registered App Stores everywhere else.
It’s not yet clear if there will be a parallel “program” for third-party app stores inside of the Google Play Store, or if companies will simply submit them the way they’d submit any other app. Technically, the court’s permanent injunction states that Google “may not prohibit the distribution of third-party Android app distribution platforms or stores through the Google Play Store,” not that it has to proactively invite them in.
For access to the Google Play catalog of apps, Google will charge stores an annual fee of $5,000 for “security and policy reviews,” and it has many additional requirements, including: stores can’t distribute apps outside of the US, have to be open to all eligible third-party developers, have “clear, non-discriminatory” trust and safety policies, and no more than 1 percent of “install attempts” can be malware.
-
Science6 minutes agoHow to eat safely amid outbreak of diarrhea-causing cyclosporiasis
-
Sports12 minutes agoMagical Lionel Messi leads Argentina past England for trip back to World Cup final
-
World24 minutes agoToronto engulfed by wildfire smoke as US cities threatened
-
News54 minutes agoArgentina is back in the World Cup final after a thrilling semifinal win over England
-
Los Angeles, Ca2 hours agoRemains of murder victim identified as missing Southern California millionaire
-
Detroit, MI3 hours ago4Warn Weather Alert: Wildfire smoke leading to ‘unhealthy’ air quality in Metro Detroit
-
San Francisco, CA3 hours agoSan Francisco fishermen recount harrowing rescue after boat capsizes near Alcatraz
-
Dallas, TX3 hours agoTimothée Chalamet ‘Starstruck’ by Dallas Cowboys Cheerleaders