Sentrya logo Sentrya Get rid of spam

Scammers Target Florida Hurricane Victims with Fake FEMA Aid and Malware

Added on: 11/10/2024 In the wake of devastating hurricanes in Florida, scammers are exploiting victims by posing as FEMA officials. These cybercriminals are sending fraudulent emails and text messages that claim to offer disaster relief assistance, but instead, they trick recipients into downloading malware or sharing sensitive personal information.


How the Scam Works


The scammers start by sending out emails or text messages that appear to be from FEMA or other official disaster relief organizations. These messages promise financial aid, housing assistance, or other forms of relief. Often, they contain links that claim to direct victims to official FEMA websites or forms to apply for disaster relief. However, instead of leading to legitimate government resources, the links download malware or redirect users to phishing websites.

Once the malware is downloaded, it can infect the victim’s computer or smartphone, stealing sensitive data like passwords, credit card information, and bank account details. In other cases, the phishing websites ask victims to enter their personal information, such as Social Security numbers, addresses, and financial details, which are then harvested by scammers for identity theft or financial fraud.


Why Victims Are Vulnerable


Hurricane victims are particularly vulnerable to these scams due to the urgency and confusion surrounding disaster relief efforts. Many people are desperate for assistance and may not think twice before clicking on a link that promises help. Additionally, in times of crisis, people are more likely to trust communications that appear to come from trusted organizations like FEMA. Scammers exploit this trust and take advantage of the chaos that follows natural disasters.


How to Protect Yourself


It’s essential for hurricane victims and those in disaster-stricken areas to be cautious when receiving unsolicited communications, especially if they contain links or ask for personal information. Here are some tips to protect yourself from these scams:

1. Verify the Source: Always verify that the communication is from a legitimate source. FEMA and other government agencies will never ask for personal information via unsolicited emails or text messages. Instead, visit their official website directly.
2. Don’t Click on Suspicious Links: If you receive an email or text with a link to apply for disaster relief, avoid clicking it. Instead, go directly to the official FEMA website to find out how to apply for assistance.
3. Watch Out for Red Flags: Be cautious of urgent messages that claim you need to act immediately. Scammers often create a sense of urgency to push people into making quick decisions without thinking.
4. Use Trusted Communication Channels: Always apply for disaster relief using official channels. FEMA will provide information through legitimate websites or phone numbers. If you’re unsure, call FEMA’s official hotline to verify any communication.
5. Report Fraudulent Activity: If you suspect you’ve been targeted by a scam, report it to the Federal Trade Commission (FTC) or your local law enforcement.

To further protect people from being taken advantage of, Sentrya offers free email protection which blocks scams and phishing emails from reaching your inbox.
If you, or someone you know has been affected by the hurricane, and want to take steps into keeping your email secure, reach out to me here to get a free upgrade on your Sentrya account.


As hurricane victims try to rebuild their lives, it’s unfortunate that scammers are looking to exploit their vulnerability. By staying informed and cautious, individuals can protect themselves from falling victim to these fraudulent schemes. Always verify the legitimacy of any offers for assistance, and never share personal information with unverified sources.

Read more

Morocco CNSS Data Breach: A Wake Up Call for Consumer Data Protection

In April 2025, Morocco experienced a significant cybersecurity incident when the National Social Security Fund (Caisse Nationale de Sécurité Sociale – CNSS) was compromised. The breach resulted in the unauthorised release of sensitive data pertaining to millions of Moroccan workers and hundreds of thousands of businesses. The fallout from this breach has raised serious concerns about consumer privacy and the adequacy of data protection measures.<br/><br/><br/><h2 class= "text-heading">The CNSS Breach: What Happened?</h2><br/>On April 8, 2025, a hacker group identifying itself as JabaRoot DZ claimed responsibility for the cyberattack on CNSS. The group leaked over 50,000 official documents, including personal identification numbers, salary declarations, employment contracts, and correspondence involving foreign diplomatic entities. The leaked data was disseminated through various channels, including encrypted messaging platforms and public file-sharing websites.<br/><br/>Cybersecurity analysts suggest that the attackers may have exploited vulnerabilities in outdated file storage protocols or gained access through compromised administrator accounts. The breach potentially began weeks or months before the data was released, allowing the attackers ample time to exfiltrate information undetected.<br/><br/><br/><h2 class= "text-heading">Implications for Consumer Privacy</h2><br/>The CNSS breach has exposed nearly 2 million employees and approximately 470,000 companies to potential risks, including identity theft, financial fraud, and targeted phishing attacks. The leaked information encompasses a wide range of personal and financial data, making it a valuable resource for malicious actors.<br/><br/>This incident underscores the vulnerabilities inherent in centralised data repositories and the critical need for robust cybersecurity measures to protect consumer information. It also highlights the importance of transparency and prompt communication from institutions in the event of data breaches.<br/><br/><br/><h2 class= "text-heading">Sentrya: Empowering Consumers to Protect Their Data</h2><br/>In the wake of such breaches, you must take proactive steps to safeguard your personal information. <a href= "https://sentrya.net" class= "content-link">Sentrya</a> offers a comprehensive solution designed specifically for individual users. Sentrya provides tools to remove personal data from the web and data brokers, and to clear inboxes of scams and phishing emails. By leveraging Sentrya’s services, you can regain control over your digital footprint and enhance your privacy.<br/><br/><br/>The CNSS data breach serves as a stark reminder of the growing threats to consumer privacy in the digital age. While institutions must bolster their cybersecurity frameworks, individuals also have a role to play in protecting their personal information. Utilising services like Sentrya can be an effective strategy for consumers to mitigate risks and maintain their privacy in an increasingly interconnected world. Read more

Trump Administration Reverses Data Privacy Protections Exposing Americans to Increased Risks

In a significant policy reversal, the Trump administration has dismantled a Biden-era initiative aimed at limiting the sale of Americans’ personal data by data brokers. This move raises substantial concerns about consumer privacy and national security.<br/><br/><br/><h2 class= "text-heading">Background: The Biden-Era Initiative</h2><br/>Under President Biden, the Consumer Financial Protection Bureau (CFPB) proposed regulations to subject data brokers to oversight akin to credit bureaus. The goal was to protect consumers from the unregulated sale of sensitive personal information, which could be exploited for identity theft, scams, and even national security threats.<br/><br/><br/><h2 class= "text-heading">The Reversal and Its Implications</h2><br/>On May 14, 2025, the CFPB announced the withdrawal of the proposed regulations, stating that they no longer align with the bureau’s policy objectives. Consumer advocacy groups, such as Consumer Reports, have expressed alarm, warning that this decision leaves consumers vulnerable to scams and identity theft.<br/><br/>The rollback also includes the withdrawal of proposals related to digital payment technologies and the prohibition of certain terms in consumer finance products.<br/><br/><br/><h2 class= "text-heading">Risks to Consumer Privacy</h2><br/>The unregulated sale of personal data poses several risks:<br/>• <u>Identity Theft</u>: Personal information can be used to impersonate individuals, leading to financial loss and reputational damage.<br/>• <u>Scams and Phishing</u>: Data brokers can sell information to malicious actors who craft targeted scams and phishing emails.<br/>• <u>National Security Threats</u>: Sensitive data about government officials and military personnel can be exploited by foreign adversaries for espionage.<br/><br/><br/><h2 class= "text-heading">Sentrya: A Consumer-Focused Solution</h2><br/>In light of these developments, consumers seeking to protect their personal information can turn to services like <a href= "https://sentrya.net" class= "content-link">Sentrya</a>. Sentrya offers tools to remove personal data from the web and data brokers, and to clear inboxes of scams and phishing emails. Designed specifically for individual consumers, Sentrya empowers users to take control of their digital privacy.<br/><br/><br/>The Trump administration’s decision to scrap proposed data privacy regulations underscores the importance of individual action in safeguarding personal information. While federal protections may be in flux, consumers can proactively protect themselves using services like <a href= "https://sentrya.net" class= "content-link">Sentrya</a> to mitigate the risks associated with data exposure. Read more

Your Airline Might Be Sharing Your Data with ICE: Here is What You Need to Know

Have you ever booked a flight thinking it was just between you, your airline, and your destination? You might want to think again. Recent reporting from Jacobin has exposed a chilling truth: airlines and travel companies are quietly sharing your personal travel data with U.S. Immigration and Customs Enforcement (ICE). And it’s happening without your consent, knowledge, or any real way to opt out.<br/><br/>Let’s break down what’s going on—and what it means for you.<br/><br/><br/><h2 class= "text-heading">Your Data Is Being Sold—Not Just Shared</h2><br/>You probably don’t know what the Airlines Reporting Corporation (ARC) is. That’s by design. ARC is a behind-the-scenes player that processes flight bookings between travel agencies (think Expedia, Priceline, or even a local agency) and over 200 airlines. That includes the biggest names: Delta, American, United, JetBlue, and more.<br/><br/>When you book a ticket, your itinerary, payment information, and travel history don’t just stay with the airline. They flow into ARC’s massive system. And from there? That data is being sold directly to ICE, as part of something called the “Travel Intelligence Program.”<br/><br/>Yes, sold.<br/><br/>This isn’t a targeted subpoena for a specific criminal investigation. This is bulk data sharing—ICE getting access to your travel habits, international flights, layovers, and even payment methods, all neatly packaged. Whether you’re a citizen, a visa holder, or just someone trying to visit family, that data can land in a government file, without your knowledge.<br/><br/><br/><h2 class= "text-heading">Why This Should Deeply Worry You</h2><br/>This isn’t just about immigration enforcement. This is about your right to privacy—and how it’s being traded away.<br/><br/>1. <em>You never consented to this.</em><br/>When you hit “purchase” on that ticket, did you get a notice saying your personal information might be sold to a federal law enforcement agency? Of course not.<br/><br/>2. <em>You have no control over where your data goes.</em><br/>Even if you use third-party travel sites, ARC is the middleman. And ARC is owned by the very airlines you’re booking with—so they’re profiting off your data in multiple ways.<br/><br/>3. <em>You could be flagged for future surveillance without doing anything wrong.</em><br/>Maybe you fly often to a country ICE is scrutinising. Maybe you paid for a ticket for someone else. Maybe you booked with cash. These perfectly legal activities can appear suspicious when viewed out of context by an algorithm or agency.<br/><br/><br/><h2 class= "text-heading">Real People, Real Risks</h2><br/>Imagine you’re visiting family abroad and come back to find you’ve been flagged for extra screening—no explanation, just delays and discomfort. Or ICE shows up at someone’s door based on flight data you unknowingly shared when you booked a ticket for them. These aren’t hypotheticals. This data is being used for real enforcement actions, with real consequences.<br/><br/>And no, there’s no easy opt-out.<br/><br/><br/><h2 class= "text-heading">What You Can Do to Protect Yourself</h2><br/>Unfortunately, you can’t completely stop airlines from selling your data—at least, not yet. But you can take steps to limit your exposure:<br/>• <u>Avoid big-name platforms</u> when booking, or research which agencies work with ARC. Smaller, privacy-conscious travel services may reduce how much data is shared.<br/>• <u>Pressure airlines and lawmakers</u> to stop this. If enough consumers speak up, companies and legislators will take notice.<br/><br/><br/><h2 class= "text-heading">This Isn’t Just a Policy Issue—It’s Personal</h2><br/>You deserve to travel without fear that your movements are being logged, sold, and scrutinised by law enforcement. This isn’t about politics. It’s about privacy, consent, and basic digital rights.<br/><br/>Next time you book a flight, take a moment to think about where your data is going—and who might be watching. Read more

19 Billion Passwords Leaked in 2025: What You Need to Know and How to Protect Yourself

In what cybersecurity experts are calling one of the largest password leaks in internet history, over <u>19 billion compromised credentials</u> have surfaced in a massive data dump dubbed “RockYou2024.” This trove of exposed data is not from a single breach but a massive aggregation of credentials from more than <em>200 past incidents</em>, spanning over a decade. First revealed by Forbes, this leak is now widely circulating on hacker forums and underground markets—posing a serious threat to personal and corporate cybersecurity.<br/><br/><br/><h2 class="text-heading">What Is the RockYou2024 Password Leak?</h2><br/>The RockYou2024 leak, analysed by cybersecurity researchers at Cybernews, is a 19-billion-entry compilation of previously stolen passwords, many of which are still actively used. The passwords are in plaintext format, which means hackers don’t need to decrypt anything—they can use them immediately.<br/><br/>Key stats from the leak include:<br/>• <u>19,030,305,929 passwords</u> compiled from global breaches<br/>• <u>94% of passwords are reused across multiple sites</u><br/>• Popular entries include “123456”, “password”, and “admin”<br/>• Most passwords are between 8–10 characters and lack complexity<br/>This dataset isn’t just big—it’s <b>weaponisable</b>, giving cybercriminals an enormous arsenal for launching attacks on personal, business, and government systems.<br/><br/><br/><h2 class="text-heading">Why This Password Leak Is So Dangerous</h2><br/>1. <b>Credential Stuffing Attacks</b><br/>Using automated tools, hackers test these passwords on thousands of sites. If you reuse passwords, they’ll likely gain access to your email, bank account, social profiles, or worse.<br/><br/>2. <b>Phishing and Scams</b><br/>Once attackers have partial information, they can launch targeted phishing campaigns—often using fake emails, phone calls, or messages to extract more sensitive data.<br/><br/>3. <b>Business Security Risks</b><br/>Employees using compromised credentials for workplace accounts can expose entire organisations to ransomware, data loss, or financial fraud.<br/><br/>4. <b>Brute Force Optimisation</b><br/>This leak acts as fuel for brute force tools. Because the passwords are real and common, these tools become more efficient and successful.<br/><br/><br/><h2 class="text-heading">How to Protect Yourself Right Now</h2><br/>With 19 billion passwords out in the wild, now is the time to act. Here’s how you can protect yourself and your information:<br/><br/>1. <b>Scan the Web for Your Exposed Data</b><br/><br/><a href= "https://sentrya.net" class="content-link">Sentrya</a> scans data broker networks and breach databases to identify where your personal data is exposed—and helps you <b>remove it</b>. This drastically reduces your risk of identity theft, targeted scams, and phishing attacks.<br/>• <em>Remove personal data from the web</em><br/>• <em>Block scam and phishing emails</em><br/>• <em>Monitor the dark web for emerging threats tied to your identity</em><br/><br/>You can protect yourself or your entire family with a few clicks at <a href= "https://sentrya.net" class="content-link">sentrya.net</a>.<br/><br/>2. <b>Stop Reusing Passwords</b><br/><br/>Still using the same password for multiple accounts? That’s how 94% of the passwords in this leak were exposed.<br/>Instead, use Sentrya’s <a href= "https://sentrya.net/generate-random-password" class="content-link">secure password generator</a> to instantly create:<br/>• Strong, randomised, unique passwords<br/>• Passwords up to 50 characters in length<br/>• Passphrases using complex symbols, upper/lowercase, and numbers<br/><br/>It’s completely free and requires no signup: <a href= "https://sentrya.net/generate-random-password" class="content-link">Generate a password now</a><br/><br/>3. <b>Enable Multi-Factor Authentication (MFA)</b><br/><br/>Even if a password is leaked, MFA provides an extra layer of protection. Use authenticator apps (like Google Authenticator or Authy) instead of SMS whenever possible.<br/><br/>4. <b>Check If Your Accounts Are Affected</b><br/><br/>Use breach alert services like:<br/>• <a href= "https://haveibeenpwned.com" class="content-link">Have I Been Pwned</a><br/>• <a href= "https://cybernews.com/password-leak-check" class="content-link">Cybernews Password Checker</a><br/><br/>If any of your emails or passwords appear in those tools, update them immediately using Sentrya’s <a href= "https://sentrya.net/generate-random-password" class="content-link">password generator</a>.<br/><br/>5. <b>Watch for Phishing and Scams</b><br/><br/>After major leaks, phishing campaigns spike. Stay alert for:<br/>• Fake account recovery emails<br/>• Messages pretending to be from banks or tech companies<br/>• Unusual login alerts<br/><br/>If in doubt, don’t click. Visit the service’s official website instead.<br/><br/><br/>The RockYou2024 password leak proves that <em>password reuse is no longer just risky—it’s reckless</em>. With more than 19 billion credentials circulating in the cybercriminal underground, every reused or weak password becomes a liability.<br/><br/>Fortunately, with proactive tools like <a href= "https://sentrya.net" class="content-link">Sentrya</a>, you can reclaim control of your digital footprint:<br/>• Remove your personal info from data brokers<br/>• Block phishing scams<br/>• Generate ironclad passwords for every account<br/><br/>The internet is more dangerous than ever—but with the right tools, <u>you don’t have to be the next victim</u>. Read more
Sentrya logo Sentrya
Affiliates Register Terms Privacy
Made with ❤️ by Claudiu All rights reserved | Sentrya 2025
I'd like to set analytics cookies that help me make improvements by measuring how you use the site.