Digital thieves are nothing if not persistent and innovative.

They keep finding new ways to try to part you from your money.

Phishing — where thieves pose as trusted entities or send legitimate looking emails or messages to trick you into giving them access to your accounts — is a widespread method. And it is constantly evolving.

“We’ve seen phishing go through the roof,” said Eva Velasquez, the CEO of the Identity Theft Resource Center, a San Diego-based national nonprofit.

But knowledge is power. So here are three emerging phishing threats to look out for, according to internet safety experts. All three threats target key parts of people’s digital lives: email attachments that lead to fake login pages, multi-factor authentication trickery and deceptive calendar invites.

Spending a few minutes reading these pointers could help you avoid getting your ID or money stolen and save you countless hours of dealing with the fallout.

HTML attachments that open fake login pages

Imagine a busy professional who is in email action mode. In the past 30 minutes on a Saturday morning, he has filled out emailed liability waivers for his seven children’s summer camps, filed an expense report for work, answered a secure portal message from the veterinarian about his sick puppy’s prescription, skimmed 182 email subject lines and paid five bills from his email inbox, including a car insurance premium and his beloved cheese-of-the-month club.

Amid this flurry of inbound emails, ads, invoices and secure messages, he is working on autopilot: opening messages, skimming, clicking and signing in.

What a perfect opportunity.

Scammers are taking advantage of user distraction — and their trust — by sending emails with HTM or HTML attachments. When clicked, those open a browser file that looks like secure, familiar login page. These pages might look like secure invoice viewers, file-sharing services like DocuSign or Dropbox, or sign-in pages to platforms including Microsoft 365.

“Once the user enters their credentials, they are sent surreptitiously to the attacker’s server,” said Vlad Cristescu, the head of cybersecurity with ZeroBounce, a Florida company that helps businesses lower their rate of bounced marketing emails.

Why this method is especially insidious: “There isn’t a clickable link in the email, so standard email security filters (which scan for malicious URLs or attachments like PDFs and ZIPs) may not catch it,” Cristescu added.

To prevent this, he added, companies should “restrict HTML attachments unless essential, and users should treat unfamiliar HTML files the same way they’d treat a suspicious link — don’t open it unless you’re absolutely sure of the sender.”

If you do receive incoming communication with an HTML link or attachment, don’t engage, said Velasquez, with the ITRC.

“Don’t click on links, people. That’s the big, overarching message,” she said. Instead, go to the source: call the phone number on the back of your credit card, visit the bank in person.

Multifactor authentication tricks

If you are one of the many people who uses multifactor authentication, take note.

Multifactor authentication is still very helpful and should be used.

But Cristescu flagged one way that scammers are taking this tool — which is designed to make people’s online accounts more secure — and using it to slither in.

As a refresher, multifactor authentication is an added layer of protection that prevents data thieves from logging into your accounts if they have your username and password. It helps ensure that you’re the one who typed in your password when you log in, and not some scammer in the Philippines or Poughkeepsie.

To use multifactor authentication, you typically download an app, such as Google Authenticator or Microsoft Authenticator. You register your sensitive online accounts, such as Facebook, bank or email, with that app. Then, every time you log into a registered website, the authenticator app generates a new, random code that you enter after your password as a second layer of verification.

With the rise of this protection, a new threat has emerged: Scammers who have your username and password can send log-in requests to your authenticator app. Next, the scammer can pose as an IT expert from your workplace and ask you to approve the log-in request.

If you fall for it, then boom — the scammer is in.

This technique “exploits a user’s frustration and trust in IT. If you’re receiving multiple (authenticator) prompts you didn’t initiate, that’s not a glitch – it’s an attack,” Cristescu said. He recommends pausing, never approving these unexpected requests and flagging the interaction with IT.

Velasquez added that if you get an authenticator notification and you didn’t just log in yourself, “That is a huge red flag. Stop and address it. Don’t ignore it.”

Anytime you interact with IT, be sure you’re the one initiating that contact, she added. If someone from IT calls or emails you, disconnect and reach back out using a trusted method, such as the same phone number you always dial.

Fake calendar invites

A third technique data thieves are using is calendar invites.

“I just get really very angry about this one,” Velasquez said. “It is super hard to detect.”

Here’s what to look out for. If you use an online calendar like Google calendar or the native iPhone calendar app, you might receive an invitation to an event you didn’t see coming. Sometimes these meetings are legitimate. Sometimes, they are not.

Scammers “are now sending meeting requests with malicious links embedded in the invite or ‘join’ button. These invitations sync directly into calendars and often go unquestioned,” according to ZeroBounce.

Scammers use calendar invites because they have “built-in credibility – they’re not usually scrutinized like emails,” Cristescu said. Look for meeting requests from unknown senders and vague event names like “Sync” or “Project Review,” he added.

In some jobs or roles, meetings routinely get added to calendars by other people — clients, prospects, coworkers, bosses, peers.

“I have gotten these repeatedly,” said Velasquez, with the ITRC. “Depending on your lifestyle and your job and how you work, these are going to be particularly challenging. They are real calendar invites. The problem is they have malicious software embedded in them — so when you click on portions of them, ‘Click to join,’ it’s like opening an attachment (or) clicking on a suspicious link. It’s the same principle.”

Cristescu, with ZeroBounce, shared this tip: “Treat those just like a phishing email. Disable auto-accept where possible and review every invite manually before clicking anything.”

Never stop questioning what lands in your inbox or calendar, Cristescu added. “Always verify the sender’s email address, ensure that any link you click matches the legitimate domain, and look out for subtle red flags like spelling errors or unusual formatting.”

A big picture pointer

“All three of these (scams) are so common that it has probably happened to every single person reading the article — at least one of them. That’s how ubiquitous these are,” Velasquez said.

She shared this broader thought: It’s less important to know how to respond to each scenario and more important to pause, be skeptical, double check.

It’s important to be ever more skeptical, because AI makes it easier and easier for thieves to create convincing ruses, Cristescu and Velasquez both said.

AI “really helps with making these phishing offers look and sound so much more legitimate,” Velasquez said. “And with the amount of data that is out there from public sources and from data breaches, it’s very easy to see what relationships people have.” Where you bank, where you do business — that is all fodder for someone to create a copycat page designed to trick you into logging in.

Adopt an “investigator mindset,” Velasquez said. Use this helpful reminder: the acronym STAR, which stands for Stop. Think. Ask questions or ask for help. Reassess.

The ITRC nonprofit can answer questions, for free, through phone and live chat. Toll-free phone: 888-400-5530. Live chat staffed by people, not bots:  https://www.idtheftcenter.org/victim-help-center/

San Diegans, this summer is the perfect time to finally check off the movies on your must-watch list. More than 100 flicks are showing for free at dozens of parks across the county as part of this year’s “Summer Movies in the Park,” which kicks off on Saturday.

Pack your beach chairs, blankets and favorite picnic snacks, and head to your neighborhood park for a movie night under the stars.

The program runs until Nov. 1, and this year’s lineup includes films like “Twister,” “Moana 2,” “Selena,” “Despicable Me 4,” “Wicked,” and so many more. You can see the full list of movies here.

The movies are expected to start 15 minutes after sunset, although many locations provide entertainment, such as animal exhibits and food trucks, as early as 6 p.m.

All the fun begins on Saturday with a free, family-friendly event at the Waterfront Park downtown. Starting at 6 p.m., attendees can enjoy music, games and bounce houses. This special event will culminate in a sunset viewing of the movie “Moana 2.” Kids can even get their pictures taken with Maui and Moana.

Launched in 2007, Summer Movies in the Park is part of the county’s “Take Back Our Parks” initiative. It gives community members a fun and safe reason to enjoy their local parks after dark.

From San Diego County’s beaches to its deserts, viewings are taking place at parks in the following communities:

Gavin Sheets was smiling a bit as he walked off the field Sunday afternoon, so Padres manager Mike Shildt had the green light to add even more levity as he discussed the aftermath of his 6-foot-3, 235-pound slugger slamming face first into the padded wall in left field after running 85 feet at 23.9 mph as he tried to make a play on Adam Frazier’s fourth-inning homer.

“I think the fence is OK,” Shildt said after a 6-4 win over the Pirates. “I’m not sure. I think Mat Balough, the groundskeeper, is going to check on it, and I’ll get you an update on the wall.”

Shildt said Sheets is day-to-day with a head contusion, a sore hip and a jammed wrist and thumb. The hip is the sorest spot of the ailments on that checklist, while the team is still testing for concussion symptoms.

“Those are tests that take a while,” Shildt said. “There’s some symptoms that they want make sure they either don’t show up or go away, and so we’re still in the process of evaluating that.”

Sheets walked briefly through the clubhouse after the game, but did not speak with the media. He was expected to be on the plane to San Francisco.

Which is good news for a team that can’t afford to be without one of its most potent hitters.

Sheets’ 34 RBIs lead the Padres and his 11 home runs are second on the team. A significant portion of that production has come in the past two weeks, as the rest of the Padres’ offense has hardly existed.

Six of his home runs and 12 of his RBIs had come in the 13 games leading up to Sunday, a span in which the rest of the Padres hit seven homers and drove in 25 runs.

He has seven go-ahead RBIs, fourth on the team, and seven game-tying RBIs, which lead the team.

It was on Frazier’s home run leading off the fourth inning that Sheets was injured.

Sheets reached up at the last instant while running face-first into the wall. His left shoulder hit the wall just before his face did, and his arm was then caught between his body and the wall.

Sheets immediately bounced off the wall as the ball bounced up off the top wall and into seats.

As Sheets lay on his back on the warning track, Jackson Merrill ran over from center field and knelt over Sheets. He put his hand on his chest and motioned with his glove toward the dugout.

Athletic trainer Ben Fraser and Shildt ran out, followed by head athletic trainer Mark Rogow.

Sheets stayed on his back for a few minutes before sitting up and then quickly standing.

By that time, some smiles had been cracked.

Behind the group, the area of the padded wall where Sheets’ arm had hit remained indented.

As Sheets walked in with the trainers and Shildt, there were more smiles and laughter.

“He already in the last couple hours … is improving,” Shildt said. “But he’s a little banged up, understandably. What an effort.”

Michael King talks

Michael King did not pitch Sunday, but he caught himself wondering — tongue in cheek — if he had pitched as reporters crowded around him after he dressed Sunday afternoon.

King had not been in the clubhouse all week during media availability, so he attempted to add some clarity to the pinched nerve that sent him to the injured list last weekend.

“I think figuring out what it was, went through all the different tests and everything came back clean, which is great,” King said. “I think the thing that we now know is that it was probably a pinched nerve that shut down some, like, muscle function. And now that I went through all the tests and everything was clear, it’s really just building up that muscle again, so it’s definitely making progress, and I’m feeling a lot better than I did a week ago.”

King has played light catch a couple of times to keep the arm moving. He expects the ramp-up to be measured in days, but he is not close enough to join the team on the trip to San Francisco. Instead, he expects to visit with specialists to address any unanswered questions ahead of a return.

The timetable on that is TBD.

“I don’t know if there is an understanding. Dr. (Bryan Leek) with us has said that he has seen a lot of progress in me, so he doesn’t expect it to be very long. He said that he’s seen some guys take a couple days, some guys take a couple months, and I think that I’m more on the former of that just because the progress I’ve had.”

A step forward?

Yu Darvish threw six or seven pitches from the bullpen Saturday, played catch on Sunday morning and feels good enough to progress to the next step: A bullpen in San Francisco, either on Monday or Tuesday.

That will be his first full session since throwing 51 pitches in four innings in a rehab start at Las Vegas on May 14.

“I’m just excited,” Darvish said. “Feel good. Just sucks when I get hurt, can’t throw the ball, but now it’s good, so I’m happy.”

Notable

• RHP Matt Waldron was optioned to Triple-A El Paso on Sunday, marking the end of his rehab assignment. He made his last start on Friday, so he will not be the pitcher called up for Tuesday’s start in San Francisco. RHP Ryan Bergert last started for Triple-A El Paso on Wednesday and would be on five days rest on Tuesday.

Originally Published: June 1, 2025 at 6:38 PM PDT