Technology
Warning signs your mail has been fraudulently redirected
Change-of-address scams involve some of the most seemingly harmless personal information getting into the wrong hands. This can lead to a whole host of problems, including financial losses and identity theft, although change-of-address fraud is technically a form of identity theft.
This kind of fraud involves a scammer impersonating you to request a change of address with the United States Postal Service (USPS).
Once they have your mail redirected to an address they control, they can go through it at their leisure, looking for mail they can steal and information they can use to perpetrate further scams, like taking out loans or credit cards in your name or using your identity to defraud others.
STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS — SIGN UP FOR KURT’S THE CYBERGUY REPORT NOW
USPS delivery truck (Kurt “CyberGuy” Knutsson)
Here’s how it works, step by step
This detailed breakdown explains the process of a change-of-address scam, from initial targeting to the potential consequences and warning signs to watch for.
Targeting
A person with criminal intent gets your postal address and full name, something that’s most easily done using a so-called people search site. People search sites, also known as people finder sites, are a kind of data broker that specializes in collecting, organizing and selling access to personal information.
Making a fraudulent change-of-address request
The scammer then mails a change-of-address request to the USPS, providing your name and a new address he has access to. The online change-of-address form is generally more secure, requiring confirmation via a bank account. That’s why scammers will almost always mail in the request.
The form requires a signature, but this is unlikely to be verified when processing the request. So, the scammer will either find an image of your signature somewhere, steal a document that includes your signature or simply sign your name any which way.
Harvesting sensitive documents and data
Now that they’ve redirected your mail straight into their hands, the scammer just has to patiently wait for sensitive mail to arrive. They’re on the lookout for anything they can use to steal from you or defraud you. Bank statements, tax documents, checks and even your household bills can be used to commit further acts of fraud and identity theft.
One of the scariest things a scammer can do once he has enough of your personal information is to commit deed fraud, otherwise known as home title theft. You’re far from helpless, though. There are telltale signs that you can watch for to catch change-of-address scams early.
The signs to look out for
The most obvious sign to watch for is a sudden and persistent drop in the amount of mail entering your mailbox. This only applies to mail addressed to you by name. Mail delivered to your address without an addressee, including mail addressed to “homeowner” or “occupant,” won’t be affected by a change-of-address scam.
The other major things to keep an eye on are your credit report, credit card statements and bank statements. You can request a free credit report from one of the three credit bureaus once per year.
A mailbox in front of a house (Kurt “CyberGuy” Knutsson)
HOW DATA BROKERS ARE FUELING ELDER FRAUD IN AMERICA
What to do if you think your mail has been fraudulently redirected
If you have good reason to believe that someone has redirected your mail without permission, don’t hesitate to take action. The sooner you catch this, the better. Here’s what you can do:
- Start by keeping detailed records: Document everything that’s led you to believe your mail has been redirected. This includes the mail you were expecting, any communication with the senders of the missed mail (such as confirming dispatch dates), suspicious phone calls, texts or emails, and any unusual activity in your online accounts, bank accounts or credit reports.
- Reach out to the USPS for help: Use the online locator to find and contact your local U.S. Postal Inspection Service (USPIS) office. They can assist with investigating fraudulent mail redirection.
- Take action if identity theft is suspected: If you believe you’ve become a victim of identity fraud, visit the Federal Trade Commission’s identity theft portal. This resource will help you develop a recovery plan and guide you through the steps to protect yourself.
Taking these steps will put you on the road to regaining control and getting through what can quickly become a stressful situation.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
A stack of mail (Kurt “CyberGuy” Knutsson)
DON’T LET THIS CREDIT CARD FRAUD NIGHTMARE HAPPEN TO YOU
Stop change-of-address scammers in their tracks
Prevention is better than a cure, and, luckily, there’s a lot you can do to stop change-of-address scams before they start.
1. Invest in personal data removal services: Have your personal information removed from data broker databases, including people search sites. They’re the first port of call for many scammers. Without these companies in the mix, scammers aren’t likely to come across your address in the first place.
A reputable personal information removal service can take your data down from hundreds of sites and keep it off by resending removal requests, even as data brokers try to add your information to their databases.
While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.
2. Reduce the amount of sensitive mail in your mailbox: Start by switching to paperless options wherever available. This will dramatically reduce the amount of sensitive mail heading to your mailbox, leaving criminals with little value to steal. Check your mail daily, as soon as possible after it’s delivered. Get someone to do this for you if you’re away. Some redirection scams start with mail being stolen from your mailbox. Definitely avoid allowing your mailbox to overflow.
3. Secure your mailbox: Consider upgrading to a locked mailbox to prevent mail theft. If you live in an area prone to mail theft, this simple step can stop criminals from intercepting sensitive documents before they even reach you.
4. Use an identity theft protection service: Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.
5. Set up USPS Informed Delivery: Enroll in USPS Informed Delivery, a free service that lets you preview images of incoming mail before it arrives. This can help you spot missing mail early and identify potential issues with mail redirection.
6. Report suspicious activity immediately: If you notice anything unusual, such as missing mail or unauthorized changes to your accounts, report it right away. Contact the USPS, your bank and the Federal Trade Commission to ensure the issue is documented and addressed promptly.
BEWARE OF FRAUDSTERS POSING AS GOVERNMENT OFFICIALS TRYING TO STEAL YOUR CASH
Kurt’s key takeaways
Change-of-address scams might sound like an unlikely threat, but they can wreak havoc on your finances and peace of mind if left unchecked. By staying alert, securing your personal information and taking proactive measures like monitoring your mail and credit, you can greatly reduce the risk of falling victim to these scams. Remember, catching fraud early is key. So, don’t hesitate to act if something feels off.
What do you think should be done to prevent change-of-address scams? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
Free YouTube Music accounts are now seeing their access to lyrics limited, according to multiple reports. Google started testing lyrics as an exclusive feature for Premium users in September, but it appears that it’s now receiving a wider rollout. It seems that free users will be limited to viewing lyrics for five songs per month, though we’ve reached out to Google for confirmation.
Once that limit is reached, users will only be able to see the first couple of lines. Everything beyond that will be blurred out, and they’ll be prompted to “Unlock lyrics with Premium.” The banner warning users about their limited lyric views remaining appears prominently when you open the tab, complete with a countdown.
NEWYou can now listen to Fox News articles!
Hackers have exposed personal and contact information tied to SoundCloud accounts, with data breach notification service Have I Been Pwned reporting impacts to approximately 29.8 million users. The breach hit one of the world’s largest audio platforms and left many users locked out with error messages before the company confirmed the incident.
Founded in 2007, SoundCloud grew into an artist-first service hosting more than 400 million tracks from over 40 million creators. That scale made this incident especially concerning. SoundCloud said it detected unauthorized activity tied to an internal service dashboard and launched its incident response process. At the time, users reported 403 Forbidden errors, especially when connecting through VPNs.
Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter
149 MILLION PASSWORDS EXPOSED IN MASSIVE CREDENTIAL LEAK
SoundCloud confirmed unauthorized activity after users reported access errors, triggering an internal incident response. (iStock)
What data was exposed in the SoundCloud breach
SoundCloud initially said attackers accessed limited data and did not touch passwords or financial information. The company said the exposed information matched what users already show publicly on profiles.
Later disclosures painted a much bigger picture.
According to Have I Been Pwned, attackers harvested data from approximately 29.8 million accounts. That data included:
- Email addresses
- Usernames and display names
- Profile photos and avatars
- Follower and following counts
- Geographic locations, in some cases
While no passwords were taken, linking emails to public profiles creates real risk. That combination fuels phishing, impersonation and targeted scams.
Who is behind the attack
Security researchers tied the breach to ShinyHunters, a well-known extortion gang. Sources told BleepingComputer that the group attempted to extort SoundCloud following the data breach. SoundCloud later confirmed those claims. In a January update, the company said attackers made demands and launched email-flooding campaigns to harass users, employees and partners. ShinyHunters has also claimed responsibility for recent voice phishing attacks targeting single sign-on systems at Okta, Microsoft and Google. Those attacks targeted corporate SaaS accounts to steal data and extort.
Why this breach matters even without passwords
At first glance, this may sound less serious than breaches involving passwords or credit cards. That assumption can be dangerous. Email addresses tied to real profiles allow scammers to craft convincing messages. They can pose as SoundCloud, brands or even other creators. With follower counts and usernames, messages feel personal and believable. Once attackers gain trust, they push links, malware or fake login pages. That is often how larger account takeovers begin.
What SoundCloud users should expect next
SoundCloud has not said whether more details will be released. The company did confirm the attack and the extortion attempt, but it has not answered follow-up questions about the scope or internal controls. For users, the long-term risk comes from how widely this dataset spreads. Once published, exposed data rarely disappears. It circulates across forums, marketplaces and scam networks for years.
We reached out to SoundCloud for comment, and a representative told us, “We are aware that a threat actor group has published data online allegedly taken from our organization. Please know that our security team—supported by leading third-party cybersecurity experts—is actively reviewing the claim and published data.”
SoundCloud has said it has found no evidence that sensitive data, such as passwords or financial information, was accessed.
Ways to stay safe after the SoundCloud breach
If you have or had a SoundCloud account, now is the time to act. Even limited data exposure can lead to targeted scams if you ignore it.
1) Watch for phishing and impersonation emails
Scammers often move fast after a breach. Watch your inbox for messages that mention SoundCloud, music uploads, copyright issues or account warnings. Do not click links or open attachments from unexpected emails. When in doubt, go directly to the official website instead of using email links. Strong antivirus software adds another layer of protection here.
Nearly 29.8 million accounts had emails and public profile data harvested, raising concerns about phishing and impersonation. (Cyberguy.com)
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
2) Change your SoundCloud password anyway
Passwords were not exposed, but changing them is still smart. Create a new password that you do not use anywhere else. If remembering passwords feels impossible, consider using a password manager to generate and securely store strong passwords. This reduces the risk of reuse across platforms.
Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2026 at Cyberguy.com
3) Turn on two-factor authentication
Two-factor authentication (2FA) adds a critical barrier if someone tries to access your account. Even if attackers guess or obtain a password later, they still need a second verification step. Enable 2FA anywhere SoundCloud or connected services offer it.
4) Lock down your email account
Your email is the real target after most breaches. If someone gains access to it, they can reset passwords everywhere else. Use a strong, unique password for your email account and turn on two-factor authentication. Review recovery emails and phone numbers to make sure they still belong to you.
DATA BREACH EXPOSES 400,000 BANK CUSTOMERS’ INFO
5) Reduce your online data footprint
Attackers use breached emails to search data broker sites and social platforms for more details. The less data available, the harder you are to target. Consider a data removal service to limit how often your email and personal details appear across the web.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com
6) Check your other accounts for suspicious activity
Attackers often reuse exposed email addresses to test logins across streaming services, social media and shopping accounts. Watch for password reset emails you did not request or login alerts from unfamiliar locations. If something looks off, act fast.
Security researchers linked the breach to the ShinyHunters extortion group, which later attempted to pressure SoundCloud for payment. (Thomas Trutschel/Photothek via Getty Images)
Kurt’s key takeaways
Data breaches no longer stay contained to one app or one moment in time. Even when attackers expose information that looks harmless, the fallout can last much longer. The SoundCloud breach shows how public profile data paired with private contact details creates real exposure. Staying alert, limiting data sharing and using strong security habits remain your best defense as breaches continue to escalate.
Have you checked which old or forgotten accounts still expose your email and could be putting you at risk right now? Let us know your thoughts by writing to us at Cyberguy.com
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter
Copyright 2026 CyberGuy.com. All rights reserved.
After what can generously be called a contentious tenure as the CEO of The Washington Post, Will Lewis is stepping down following mass layoffs this week. Jeff D’Onofrio, former CEO of Tumblr from 2017 to 2022, will step in as acting CEO and publisher. D’Onofrio has been CFO at the Post since June of last year, meaning he’s had a front row seat to Jeff Bezos’ dismantling of the once storied paper for the last nine months.
D’Onofrio’s resume doesn’t include extensive experience in traditional news media, nor many notable success stories. He was briefly the general manager of Yahoo News while it was still a Verizon property, before shifting his focus solely to Tumblr. Under his leadership, Tumblr tried to clean up its image by banning adult content, but its traffic fell by 30 percent. Yahoo had purchased Tumblr for $1.1 billion in 2013. By 2019, it was sold to Automatic, the owner of WordPress, reportedly for less than $3 million.
Miami plays Utah in non-conference action
The Seahawks ruin the ending to a magical Patriots season – The Boston Globe
Super Bowl 2027 odds: Denver Broncos not heavily favored next season
Fans seen climbing Pergola in Seattle’s Pioneer Square after Seahawks’ Super Bowl win
What’s Coming to Frontwave Arena in 2026: Sports, Shows & New League Debuts
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Indiana Members Credit Union announced as new anchor tenant at Bottleworks District
Video: ‘We Will Pay’: Savannah Guthrie Addresses Mother’s Captor in New Video
SCOOP: Trump ally Kid Rock jumps into key governor’s race with high-profile endorsement
EU proposes new sanctions to weaken Russia’s oil and gas revenues
Democrats will stop Trump from trying to nationalize midterms, Jeffries says
West Virginia worked with ICE — 650 arrests later, officials say Minnesota-style ‘chaos’ is a choice
-
Indiana1 week ago13-year-old rider dies following incident at northwest Indiana BMX park
-
Massachusetts1 week agoTV star fisherman, crew all presumed dead after boat sinks off Massachusetts coast
-
Tennessee1 week agoUPDATE: Ohio woman charged in shooting death of West TN deputy
-
Indiana7 days ago13-year-old boy dies in BMX accident, officials, Steel Wheels BMX says
-
Politics5 days agoTrump unveils new rendering of sprawling White House ballroom project
-
Politics1 week agoDon Lemon could face up to a year in prison if convicted on criminal charges
-
Austin, TX1 week ago
TEA is on board with almost all of Austin ISD’s turnaround plans
-
San Francisco, CA5 days agoExclusive | Super Bowl 2026: Guide to the hottest events, concerts and parties happening in San Francisco
