Technology
You could be sharing your Social Security number when you don’t need to
NEWYou can now listen to Fox News articles!
Some Social Security number requests are not optional. Federal reporting systems rely on the SSN as a primary identifier.
Employment offers the clearest example. Employers collect your SSN to report wages and file taxes, including Form W-2 submissions. The Social Security Administration credits your earnings record with it. The IRS uses it to match payroll taxes with reported income. Federal agencies also require your SSN when you apply for certain benefits or meet tax obligations. If you refuse to provide your SSN in these situations, you can delay processing or lose access to services.
However, not every form carries that authority. Landlords, medical offices, schools, gyms and retailers often include an SSN field by default. In those cases, ask why they need it and whether another identifier will work. So how do you tell when your SSN is truly required and when you can push back?
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Your Social Security number powers tax reporting and federal benefit systems, which is why some requests truly are mandatory. (AP Photo/Jenny Kane, File)
Examples of when you need to share your SSN
Certain U.S. laws and federal regulations require an SSN because it functions as the official taxpayer or benefits identifier.
Federal income tax returns: The IRS requires individuals who qualify for an SSN to use it as their taxpayer identification number on Form 1040 and related filings. The IRS uses the number to match income statements, credits and refunds to the correct taxpayer record.
Form W-2 wage reporting: IRS regulations require employers to include each employee’s SSN on Form W-2. Employers submit the form to both the IRS and the SSA so agencies can record earnings and reconcile payroll taxes.
Social Security retirement and disability benefits: Applications for Social Security benefits require an SSN so the SSA can retrieve the applicant’s earnings history and calculate eligibility and payment amounts.
ILLINOIS DHS DATA BREACH EXPOSES 700K RESIDENTS’ RECORDS
FAFSA for federal student aid: U.S. citizens and eligible noncitizens applying for federal student aid must provide a valid SSN on the Free Application for Federal Student Aid (FAFSA). The number is verified against SSA records during processing.
Interest income reporting: Financial institutions must obtain a taxpayer identification number — usually an SSN for individuals — to report interest income to the IRS on Form 1099-INT.
In each of these cases, the requirement stems from tax administration statutes or federal benefits law. The SSN is used to link records across agencies and systems.
When you don’t need to share your SSN
Beyond tax filings, wage reporting and federal benefits, many SSN requests come from internal company policy rather than statute. Private businesses are generally allowed to ask for your SSN. In most everyday transactions, there is no federal law forcing you to provide it.
Rental applications: Landlords often request an SSN to run credit checks. Federal housing law does not mandate collecting a tenant’s SSN to lease property. Screening is conducted through consumer reporting agencies, and alternative verification methods may be available.
Medical intake forms: Healthcare providers routinely include an SSN field. Federal law does not require patients to disclose an SSN for treatment. Since 2018, Medicare cards have used randomized beneficiary identifiers instead of SSNs. These Medicare Beneficiary Identifiers (MBI) don’t include your SSN.
School enrollment forms: Public schools may request a student’s SSN, but students cannot be denied enrollment for refusing to provide one. Institutions tend to assign their own identification numbers.
TAX SEASON SCAMS 2026: FAKE IRS MESSAGES STEALING IDENTITIES
Utilities and subscription services: Power companies, mobile carriers and gyms sometimes request an SSN to evaluate credit risk or secure payment agreements. This is a risk management choice, not a statutory requirement.
In these cases, the request may feel routine. The legal footing is different from tax or benefits administration. You can ask what authority requires it and whether another form of identification will suffice.
Not every form that asks for your SSN has legal authority behind it. Many requests are simply company policy. (Kurt “CyberGuy” Knutsson)
What to ask before you hand over your SSN
If the request comes from a government agency, look for a Privacy Act disclosure statement. Federal law requires agencies to state whether providing your SSN is mandatory or voluntary, cite the legal authority for the request, and explain how it will be used. If the request comes from a private company, ask direct questions:
Is this required by federal or state law?
What will the SSN be used for?
Can you accept the last four digits instead?
Is there an alternative way to verify identity?
You can also ask how the number will be stored, whether it is encrypted and who has access to it. Collecting only what is necessary is a recognized security practice, but not every organization follows it.
What actually happens when your SSN is leaked
A leaked or stolen SSN can be used anywhere that number is treated as proof of identity.
In tax administration, the IRS processes returns based on the SSN attached to them. If a fraudulent return is filed first, the legitimate taxpayer’s electronic filing may be rejected because the number has already been used. Fixing it means paper filing and identity verification while the IRS reviews the case. The agency’s Identity Protection PIN program was introduced after years of SSN-based tax fraud.
Credit reporting works the same way. Under the Fair Credit Reporting Act framework, credit bureaus use the SSN to build and match consumer files. If credit is issued using your SSN, that account can attach to your report until you dispute it. It stays there while bureaus and lenders investigate.
Federal benefit systems also depend on the number. The SSA warns that criminals use stolen SSNs to impersonate beneficiaries and create fraudulent online accounts. An SSN does not expire or reset. Once exposed, it can continue appearing in tax filings, credit applications, or benefit records until you flag it.
How identity monitoring services help you respond faster
Identity monitoring services attempt to detect suspicious activity tied to your personal information as early as possible. Many services track credit activity across all three major U.S. bureaus and alert you to new inquiries, accounts and report changes. Some also scan known data breach datasets for exposed identifiers, including Social Security numbers.
Certain plans include identity theft insurance to cover eligible recovery costs, along with fraud resolution support to guide you through disputes and paperwork if something goes wrong.
No service can prevent every type of identity theft. The real value is early warning, knowing when and where your SSN is being used so you can act quickly before damage spreads.
How to check if your personal information was exposed
If you are unsure whether your personal information has been compromised, take action. Start with a reputable breach scan to see whether your email or other identifiers appear in known leaks. Early detection gives you more control and helps you respond before fraud escalates.
See my tips and best picks on Best Identity Theft Protection at Cyberguy.com.
Before handing it over, ask how your SSN will be used, stored and protected. That simple pause can reduce your risk. (Kurt “CyberGuy” Knutsson)
Kurt’s key takeaways
Lawmakers created the Social Security number to track earnings and administer benefits, not to unlock every part of your life. Yet today, many companies treat it like a universal key. In some situations, you must provide your SSN. Taxes, employment and federal benefits depend on it. However, many everyday requests come from internal company policies, not federal law. That distinction matters. Before you share your number, pause and ask why the business needs it. Ask how they store it. Ask whether another form of identification will work. Small questions can prevent big problems. If someone has exposed your SSN, act quickly. Monitor your credit. Set up alerts. Report suspicious activity right away. Early action limits damage and protects your identity. Your Social Security number does not change. But you control when, where and how you share it.
Have you ever been asked for your Social Security number in a situation that didn’t feel necessary, and did you push back? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Copyright 2026 CyberGuy.com. All rights reserved.
Slay the Spire II launched in early access last week, and it’s already an excellent sequel to one of the best roguelikes of all time. In many ways, it’s very similar to its predecessor. Like Hades II and Hollow Knight: Silksong, Slay the Spire II mostly iterates on an already superb foundation. But it does add online co-op with up to four players. While multiplayer changes the familiar rhythms of Slay the Spire just a bit, it’s still a great way to tackle the arduous climb up the spire.
A round of Slay the Spire II plays essentially the same as the original: In each run, you navigate three different acts across a winding map, slowly making a build by crafting your deck and picking up various perk-giving relics, and fighting enemies, elites, and bosses along the way. Slay the Spire II retains the deliberate, turn-based style of play, meaning that when it’s your turn, you have as much time as you want to decide what to do. Since you can see exactly what your enemies are planning for their next turn, there’s a lot of strategy in deciding how much damage to do and how much defense you might need to set up. Multiplayer adds a slight twist: When it’s your turn, everyone can play simultaneously. That opens up all sorts of new opportunities for planning, but it also requires communication to make sure everyone is using their cards effectively.
My multiplayer partner was my wife, the biggest Slay the Spire fan I know, and on our second run we got a thrilling victory. I played the new Necrobinder character, a necromancer, while she played as the returning Silent, which can make decks built around flurries of shivs. Over the course of the run, we accidentally settled into a strategy where I focused on applying the Vulnerable status to as many enemies as possible before my wife would rain down shivs upon our foes.
Slay the Spire II doesn’t encourage teamwork only in battles. At a campfire rest stop, you can choose to mend a friend’s health to help them out. (Some of the new enemies are tough, so I’m glad this is an option.) You each get a vote on which path to take next on the map. Everyone can draw on the map, too — as I learned many times after seeing the doodles my wife made when I would spend too long in the shop.
Since we had to communicate so much, our winning run took about an hour and a half, slower than how fast I could blast through runs in the first game. When we finally defeated the Act 3 boss, though, it was even more satisfying than most of my solo wins because we did it together. My one complaint is that co-op requires you to each play online on your own copy of the game, and that, because there’s no couch co-op, we each had to play on separate devices even though we were sitting on the couch right next to each other.
Those are annoying tradeoffs, but multiplayer is such a fun addition to Slay the Spire that I don’t mind. I can’t wait to try another multiplayer run and see what challenges — and doodles — are in store for me.
NEWYou can now listen to Fox News articles!
Most people never think about Android security updates until a headline like this appears. Suddenly, your phone, the device you use for messages, banking, photos and work, becomes part of a global cybersecurity story.
That is exactly what happened this week. Google released its latest Android security updates, and they fix a massive 129 vulnerabilities. Even more concerning, one of them is already being exploited by attackers.
The flaw targets a component connected to Qualcomm graphics hardware, and researchers say it has already been used in limited targeted attacks. If you use an Android phone, this is the kind of update you want installed as soon as possible.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter
GOOGLE DISMANTLES 9M-DEVICE ANDROID HIJACK NETWORK
Google’s March Android security update fixes 129 vulnerabilities, including a zero-day flaw already exploited in targeted attacks. (Firdous Nazir/NurPhoto via Getty Images)
Android security flaw already targeted by attackers
One vulnerability in particular has security researchers paying close attention. The flaw is tracked as CVE-2026-21385. Google says there are signs it is already being used in targeted attacks. That makes it a zero-day vulnerability.
In simple terms, attackers discovered the flaw before many devices received a fix. According to Qualcomm, the problem is tied to the graphics processing component inside many of its chipsets. Specifically, the issue involves something called an integer overflow. That technical term means a calculation error can cause memory corruption inside the system. Once that happens, attackers may gain a foothold on the device.
Qualcomm says the flaw impacts 235 different chipsets, which means a large number of Android phones could be affected. Google’s Threat Analysis Group discovered the issue and reported it through coordinated disclosure practices. Qualcomm then worked with device makers to release patches.
Why the Android security vulnerability is dangerous
Several of the patched vulnerabilities allow attackers to execute code remotely or gain elevated privileges on a device. One issue inside the Android System component is especially concerning. Google says it could allow remote code execution without any user interaction.
That means an attacker may exploit the flaw without the victim tapping a link or installing an app. In cybersecurity terms, that type of vulnerability ranks among the most dangerous.
The March Android bulletin addresses ten critical flaws across the System, Framework and Kernel components. These parts sit at the core of Android, so any weakness there can ripple across millions of devices.
ANDROID MALWARE HIDDEN IN FAKE ANTIVIRUS APP
Android users are urged to install the latest security patch as manufacturers roll out updates across devices. (Barrington Coombs/PA Images via Getty Images)
Why some Android phones get security updates faster
Google released two patch levels for this update:
- 2026-03-01 security patch level
- 2026-03-05 security patch level
The second update includes everything in the first, plus fixes for additional hardware components and third-party software. Google Pixel devices typically receive updates immediately. However, many Android users must wait longer.
Phone manufacturers such as Samsung, Motorola and OnePlus often test the patches before releasing them for specific models. Carriers may also delay updates while they verify compatibility. As a result, some users receive security patches quickly while others wait weeks.
How to protect your Android phone from security threats
Security vulnerabilities are a reality in modern software. The good news is that there are several simple steps that can greatly reduce your risk.
1) Install Android updates quickly
Check for updates regularly and install them as soon as they appear. On most devices, go to Settings, tap Security and privacy or Software update, then select Check for updates and install the latest version if one is available. Security updates often fix vulnerabilities that attackers may already be trying to exploit.
2) Avoid apps from unknown sources
Only download apps from trusted stores like Google Play. Third-party app stores pose a higher risk of malware.
3) Keep Google Play Protect enabled
Google Play Protect, which is built-in malware protection for Android devices, scans apps for malicious behavior and warns you if something suspicious appears. It also automatically removes known malware. However, it is important to note that Google Play Protect may not be enough. Historically, it isn’t 100% foolproof at removing all known malware from Android devices. Therefore, we recommend strong antivirus software because it adds another layer of protection by using deeper threat detection, real-time monitoring and broader malware databases that can catch suspicious apps or files that Google Play Protect may overlook. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
4) Use strong device security
Set a strong passcode on your phone and turn on fingerprint or face unlock if your device supports it. This helps keep strangers out of your phone if it is lost or stolen.
5) Be cautious with suspicious links
Many attacks still start with phishing messages. Avoid tapping unknown links in texts, emails, or social media messages.
YOUR PHONE SHARES DATA AT NIGHT: HERE’S HOW TO STOP IT
A critical Android zero-day tied to Qualcomm chipsets could allow attackers to gain a foothold on affected devices. (Donato Fasano/Getty Images)
The bigger picture behind Android security updates
This Android update also highlights how modern mobile security works behind the scenes. Google’s Threat Analysis Group frequently discovers vulnerabilities that may already be used in real-world attacks. Those findings trigger coordinated responses involving chip manufacturers, phone makers and security researchers. In this case, Qualcomm received the report in December and provided fixes to device makers in early 2026.
By the time the public bulletin arrived, patches were already moving through the Android ecosystem. The process may look slow from the outside. In reality, it involves dozens of companies working together to prevent widespread exploitation.
Kurt’s key takeaways
Security updates rarely feel exciting. Yet they play a critical role in protecting billions of smartphones around the world. This latest Android update proves that point clearly. A zero-day flaw tied to Qualcomm graphics hardware was already being targeted before many users even knew it existed. Installing updates quickly remains one of the simplest ways to protect your device and your personal data. Most of the time, the update only takes a few minutes. Those few minutes can block attacks that might otherwise compromise your phone. So the next time your Android device prompts you to install a security patch, the better question may be this:
When your phone asks for a security update, do you install it immediately or tap remind me later? Let us know by writing to us at Cyberguy.com
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter
Copyright 2026 CyberGuy.com. All rights reserved.
The rumored “HomePod with a screen” we’ve heard so much about was reportedly lined up for launch in 2025, and then this spring, and now, according to the latest updates, it’s on the shelf until this fall. Leaker Kosutami posted as much on X last week, and today, Bloomberg reporter Mark Gurman followed up with similar information, saying its robot arm-equipped cousin is now planned for launch in 2027.
That was supposed to be ready by now, but it is now predicted to arrive later this year, along with the iPhone 18 Pro plus 2027 updates for iOS, macOS, and all the rest. He describes a silver aluminum-cased device with a 7-inch screen and USB-C power port running a version of tvOS 27, while new versions of the HomePod speaker and Apple TV 4K box are also waiting in the wings for that Siri update, and a smart home sensor is in the works, too.
What to know about the Alabama man granted clemency two days before his execution
Alaska High School Girls Basketball 2026 ASAA State Championship Brackets – March 10
WATCH: How Helping One Woman provides hope and support with ‘Girl’s Night Out’
Congressional subcommittee to hold hearing in Little Rock on ‘failures’ of local housing authority | Arkansas Democrat Gazette
Colorado residents should prepare for Xcel power outages this week as fire danger surges, utility says
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Indiana Members Credit Union announced as new anchor tenant at Bottleworks District
Map: 2.3-Magnitude Earthquake Reported North of New York City
Trump stirs GOP primary drama with visit to Massie’s Kentucky home turf
Israeli air strike targets building in south Lebanon
Ed Martin, outspoken Justice Department lawyer, is formally accused of ethical violations | CNN Politics
Trump reveals top issues GOP should focus on to secure midterms victory: ‘I’ve never been more confident’
-
Wisconsin1 week agoSetting sail on iceboats across a frozen lake in Wisconsin
-
Massachusetts1 week agoMassachusetts man awaits word from family in Iran after attacks
-
Maryland1 week agoAM showers Sunday in Maryland
-
Pennsylvania5 days agoPa. man found guilty of raping teen girl who he took to Mexico
-
Florida1 week agoFlorida man rescued after being stuck in shoulder-deep mud for days
-
Detroit, MI5 days agoU.S. Postal Service could run out of money within a year
-
Miami, FL6 days agoCity of Miami celebrates reopening of Flagler Street as part of beautification project
-
Sports6 days agoKeith Olbermann under fire for calling Lou Holtz a ‘scumbag’ after legendary coach’s death