Recently I’ve been getting these messages on my Samsung phone. They pop up in my browser. I’ve already got an antivirus on my phone so I wasn’t concerned about it. Clearly it’s a fake message but WTH are they coming from? After a while I noticed it was popping up when I was playing a mobile game called “Words with Friends”. Some of you may know it, it’s like Scrabble. It’s kind of fun and it reminds me of my childhood when I used to play Scrabble with my grandma. You know with an actual board on the dining room table. I really miss those days when we had little or no technology! Life was simpler.
Anyway, if you play free games on your phone, you’ve probably seen those scary pop-ups that say “Your phone is infected with viruses!” They usually try to push you into downloading a shady “security” app. The good news: your phone isn’t infected. The bad news: you’ve just run into a scam called malvertising.
Let’s break down what’s really going on and how you can protect yourself.
What’s really happening behind the scenes
When you play a free game like Words With Friends, the developer makes money by showing ads. Those ads don’t usually come directly from the game company. Instead, the game uses something called an ad mediation platform — basically a system that auctions off ad space to the highest bidder in real time.
Most of the time, the ads are harmless (think promotions for other games or products). But every so often, a bad advertiser slips a malicious ad through the system.
Here’s how it plays out:
The game loads an ad from an ad network.
The ad includes hidden code that forces your browser to open a new page.
That page is designed to scare you — usually by claiming your phone is infected, hacked, or out of date.
The scammers host their fake page on services like Amazon CloudFront, which is a legitimate tool but can be rented by anyone. That’s why you see a URL ending in cloudfront.net.
To be clear: Amazon isn’t running the scam. Scammers are just renting Amazon’s servers to deliver their fake pop-up.
Why you’re seeing these pop-ups
Mobile games rely on ads: If you play for free, you’re going to see advertising.
Bad ads sneak in: Scammers use the same ad networks as real companies, so sometimes their junk slips through.
It’s not your phone: These warnings are not detecting anything on your device — they’re just designed to scare you into downloading malware.
How to protect yourself
You can’t stop scammers from trying, but you can stop them from reaching you.
✅ Don’t click anything on the fake warning page. Just close the tab or the app.
✅ Keep your apps updated — game developers sometimes block bad ad providers in updates.
✅ Use an ad blocker: On iPhone, install a Safari content blocker. On Android, browsers like Brave or Firefox block most of these redirects.
✅ Clear your browser cache if you accidentally tapped on the ad.
✅ Never install apps from these warnings — only download apps from the official App Store or Google Play.
Can you report this?
Yes! Developers want to know when a bad ad shows up. If you spot one in Words With Friends, you can:
Take a screenshot of the ad or the fake warning page.
Copy the full web address (the cloudfront.net or other URL).
This helps the developer trace which ad partner delivered the scam and block it for everyone.
Bottom line
Those virus pop-ups in your mobile games are scams, not infections. They’re just another trick from online advertisers gone bad. With a bit of caution — and by reporting them when you see them — you can protect yourself and help clean up the ad ecosystem at the same time.
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
In the modern digital age, our mobile devices are more than just communication tools—they are personal vaults containing sensitive information, banking details, private messages, photos, and even work-related data. Unfortunately, this makes smartphones a prime target for sophisticated cyberattacks. One of the most notorious examples is Pegasus, a highly advanced spyware developed by the Israeli company NSO Group.
What Is Pegasus?
Pegasus is not your average piece of malware. It is a zero-click spyware, meaning it can infect a device without the user clicking a malicious link or opening a suspicious attachment. This sets it apart from most other forms of malware, which typically require user interaction. Pegasus is often delivered through vulnerabilities in messaging apps (such as iMessage or WhatsApp) and can exploit weaknesses in both iOS (iPhones) and Android devices.
How Pegasus Affects iPhones
Apple devices are widely regarded as secure, but Pegasus has repeatedly bypassed Apple’s defenses using zero-day exploits. Once installed, Pegasus can:
Intercept messages and calls (including encrypted ones such as iMessage, WhatsApp, and Signal).
Access files and photos stored on the device.
Remotely activate the microphone and camera, effectively turning the phone into a surveillance tool.
Track GPS location in real time, mapping a user’s movements.
The sophistication of Pegasus lies in its stealth. Unlike typical malware, it leaves little trace, and most victims never realize they are being spied upon.
Can Pegasus Infect Android Devices?
Yes. Pegasus is also capable of targeting Android phones, although the infection process differs slightly. On Android, it generally relies on malicious apps or specially crafted exploits that bypass system security. Once active, it grants attackers access to nearly the same capabilities as on iOS—messages, microphone, camera, files, and location data.
Android devices are often considered more vulnerable due to the fragmented nature of updates across manufacturers. Unless a user is running the very latest security patches, their phone may remain exposed.
What Is Pegasus Capable Of?
The full list of Pegasus capabilities is chilling. Once installed, attackers may:
Read SMS, emails, and chat messages.
Exfiltrate passwords and authentication tokens.
Record phone calls in real time.
Monitor browsing history and online activity.
Access cloud accounts if credentials are stored on the device.
In effect, Pegasus can provide a complete snapshot of a person’s digital life. This makes it a powerful tool for government surveillance but also a severe risk to privacy and security if abused.
Can Pegasus Be Removed?
Detecting and removing Pegasus is not simple. The spyware is designed to be persistent and stealthy, often embedding itself deep in the operating system. In many cases, the most reliable way to eliminate it is:
Wipe and reinstall the operating system (factory reset may not always be enough).
Update to the latest OS version, since Apple and Google regularly patch vulnerabilities used by Pegasus.
Replace the device entirely, especially if it has been compromised at a deep system level.
Unfortunately, there is no simple “antivirus” solution for Pegasus.
The Mobile Verification Toolkit (MVT)
To help users and researchers detect Pegasus, Amnesty International released the Mobile Verification Toolkit (MVT). This is an open-source tool that can analyze mobile device backups for signs of compromise.
For iPhones, MVT scans iTunes backups or full file system dumps for known Pegasus indicators of compromise (IoCs), such as suspicious processes, crash logs, or system anomalies.
For Android devices, MVT examines logs, SMS databases, and other system files to look for traces of infection.
While MVT does not remove Pegasus, it is a valuable resource for digital forensics experts, journalists, and security professionals seeking to confirm whether a device has been targeted.
Protecting Yourself Against Pegasus and Similar Threats
Although most Pegasus infections have been targeted at journalists, activists, and political figures, ordinary users can still take steps to protect themselves from advanced spyware:
Keep your device updated with the latest security patches.
Avoid sideloading apps from unofficial sources.
Enable automatic backups so you can restore clean data if your phone is compromised.
Regularly review device permissions, especially for camera, microphone, and location.
Consider using MVT if you believe you may be a target.
About Apple’s “com.apple.pegasus” App
Some iPhone users may come across a system component called com.apple.pegasus, which appears in certain app or system logs. According to Apple’s own developer documentation, this is simply an internal framework that supports Picture in Picture (PiP) functionality on iOS and iPadOS.
It is important to note that this is not related to the NSO Group’s Pegasus spyware. The name overlap is purely coincidental.
Apple’s com.apple.pegasus: A legitimate system service tied to PiP video playback.
NSO Group’s Pegasus: A commercial spyware suite used to compromise mobile devices.
As for which came first, Apple introduced com.apple.pegasus internally when Picture in Picture support arrived in iOS 9 (2015). NSO’s Pegasus spyware, while reported publicly in 2016, is believed to have been active in development earlier. Because both existed around the same timeframe, it’s difficult to say definitively which name came first — but there is no connection between Apple’s service and the spyware beyond the name.
This distinction matters, as some users mistakenly assume that seeing “Pegasus” on their iPhone means they are infected. In reality, it’s just Apple’s benign system framewo
Final Thoughts
Pegasus represents the extreme end of mobile device compromise: highly sophisticated, expensive, and primarily used against high-value targets. However, its existence demonstrates that no device is truly immune, even those considered most secure.
By staying vigilant, keeping devices updated, and making use of tools like Amnesty’s MVT, both individuals and organizations can take steps to defend against the risks posed by spyware.
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
Recently, I had what I thought would be a simple task: Change the distance display on my Samsung Galaxy Watch 6 from miles to kilometers.
Sounds easy enough. I asked ChatGPT for instructions, expecting a quick, step-by-step solution. What I got instead were multiple “solutions” that didn’t work — settings buried in Samsung Health, changes to my phone’s region, and restarts. None of them fixed my issue.
The real fix?
It was buried inside the Google Maps appon the watch itself — under its own “Distance Units” setting. Once I found that, the change worked instantly.
Why Did the AI Get It Wrong?
AI assistants like ChatGPT don’t “know everything.” Instead, they rely on:
Training data: Past examples, documentation, and user reports.
Probabilistic reasoning: Predicting the “most likely” correct answer based on the question.
Patterns: What most people mean when asking a similar question.
In my case, the AI assumed I was talking about fitness distance units in Samsung Health — the most common context when people ask about “changing distance on a Samsung watch.” That assumption was wrong because my question was about Google Maps navigation, which has a completely separate settings menu.
Why Corrections Matter
When you tell an AI it’s wrong, you’re not just fact-checking — you’re giving it a new piece of context.
AI doesn’t browse your watch menus in real time. Without your correction (“No, it’s not under General settings” and “Changing it on the phone didn’t work”), it will keep aiming at the most common solution instead of the actual one.
Cybersecurity Parallels
This small example mirrors a much bigger truth in technology and cybersecurity:
Assumptions kill accuracy: Just because a solution works most of the time doesn’t mean it works in your situation.
Context is king: Without precise details, even advanced systems can head in the wrong direction.
Verification is critical: In digital forensics, for example, acting on an incorrect assumption can lead to lost evidence or flawed conclusions.
What This Means for AI Users
AI is a powerful tool — but it’s not magic. It can:
Provide quick, well-structured answers.
Summarize complex instructions.
Offer starting points for troubleshooting.
But it still needs:
Specific details about your case.
Corrections when it guesses wrong.
Human judgment to verify the answer.
The Takeaway
In cybersecurity, tech troubleshooting, and everyday problem-solving, the same rule applies:
“Trust, but verify.”
AI can get you 80% of the way there. Your expertise, corrections, and persistence are what bridge the last 20% — whether you’re hunting a malware infection or just trying to see your running route in kilometers.
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
I was a guest on QR Radio Calgary yesterday. I discussed #artificialintelligence and the upcoming #election with Andrew Schultz. Can #ai generated media interfere with the election? Yes!
In today’s digital age, managing multiple online subscriptions can be challenging, especially for seniors who may not be as tech-savvy. Unfortunately, some services exploit this vulnerability. One such service is Unsubby.com, which charges users to cancel their subscriptions—a process that is often straightforward and free when done directly through the service provider.
What is Unsubby.com?
Unsubby.com presents itself as a platform that assists users in canceling various subscriptions by sending cancellation letters on their behalf. For this service, they charge a fee of $19.95 per cancellation. Additionally, they offer a subscription plan called “My Unsubby” at $9.95 per month, which claims to help users manage and cancel their subscriptions without additional fees.
Why is Unsubby.com Problematic?
Several red flags suggest that Unsubby.com may not have users’ best interests at heart:
High-Risk Trust Scores: Independent platforms have raised concerns about Unsubby.com’s credibility. Scam Detector assigns it a trust score of 15.1 out of 100, labeling it as “Controversial. High-Risk. Unsafe.” Similarly, Scamdoc gives it a very low trust score of 1%, indicating potential fraudulent activities.
User Complaints: Numerous users have reported unauthorized charges and difficulties in communication. For instance, one user noted being charged $19.95 for a cancellation and then an additional $9.95 without consent. Another user recounted being threatened with exorbitant fees and legal action after attempting to cancel a subscription.
Misleading Practices: There are reports that Unsubby.com may use paid advertising to appear as legitimate service providers like Netflix in search results, potentially deceiving users into believing they are dealing directly with the service they wish to cancel.
Protect Yourself
To avoid falling victim to such predatory services:
Always Attempt Direct Cancellation: Most service providers offer straightforward methods to cancel subscriptions directly through their official websites or customer service.
Be Wary of Third-Party Services: Exercise caution when a third-party service requests payment to perform actions you can typically do yourself for free.
Research Before Engaging: Before using any service, especially those involving fees, research its credibility. Look for reviews, trust scores, and any reports of fraudulent activities.
Monitor Financial Statements: Regularly review your bank and credit card statements for unauthorized charges, and report any suspicious activity immediately.
By staying informed and cautious, you can protect yourself and your loved ones from falling prey to services that seek to exploit unsuspecting consumers.
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
As digital forensics and cybersecurity professionals, we often stress the importance of data encryption in securing sensitive information. Among the options available, BitLocker stands out as one of the most robust disk encryption solutions provided by Microsoft. Historically, this feature was exclusive to Windows Professional editions, leaving many Windows Home users without built-in encryption options. However, with recent updates, Microsoft has introduced a disk encryption option for Windows Home, sparking curiosity and questions about its functionality, differences, and effectiveness.
In this blog, we’ll delve into the key differences between BitLocker for Windows Pro and the disk encryption option available for Windows Home, highlighting the pros and cons of each.
What Is BitLocker?
BitLocker is a full-disk encryption feature designed to protect data by encrypting the entire volume. It integrates seamlessly with the operating system to ensure that unauthorized users cannot access the data on your disk without proper credentials.
BitLocker’s functionality relies on:
Trusted Platform Module (TPM): A hardware component designed to secure cryptographic keys.
Authentication Factors: Such as a PIN or a USB key.
Recovery Keys: A safety net for accessing encrypted data if the primary credentials are unavailable.
BitLocker on Windows Pro
BitLocker’s inclusion in Windows Pro has made it a staple for businesses and power users. Here are its standout features:
Pros:
Full Disk Encryption: Encrypts the entire disk, including the operating system volume.
Granular Control: Allows users to manage encryption settings, such as choosing between hardware or software-based encryption.
Network Unlock: Supports enterprise environments by enabling automated unlocking within a trusted network.
Group Policy Integration: Provides IT administrators with centralized control over encryption policies.
BitLocker To Go: Extends encryption capabilities to external drives.
Cons:
Cost: Available only in higher-tier editions, requiring an upgrade from Windows Home.
Complexity: Advanced features may overwhelm non-technical users.
Disk Encryption on Windows Home
With increasing awareness of cybersecurity, Microsoft has introduced a simplified disk encryption feature for Windows Home users. While not marketed explicitly as BitLocker, it provides basic encryption functionality.
How It Works:
Encryption is tied to your Microsoft account.
Automatic encryption occurs when a Microsoft account is used during setup.
Recovery keys are stored in your Microsoft account.
Pros:
Accessibility: No need to upgrade to Windows Pro, making encryption available to a broader audience.
Ease of Use: Minimal configuration; encryption is often enabled by default.
Cost-Effective: Built into Windows Home without additional fees.
Cons:
Limited Features: Lacks advanced controls, such as manual encryption management and BitLocker To Go.
Microsoft Account Dependency: Requires a Microsoft account for key recovery, potentially raising privacy concerns.
No Group Policy Support: Not suitable for enterprise environments.
Key Differences Between Windows Pro and Home Encryption
Feature
Windows Pro (BitLocker)
Windows Home (Disk Encryption)
Full Disk Encryption
Yes
Yes
Granular Controls
Yes
No
Enterprise Features
Yes (e.g., Network Unlock)
No
External Drive Support
Yes (BitLocker To Go)
No
Recovery Key Options
Local/Network/Microsoft Account
Microsoft Account Only
Cost
Requires Pro License
Included in Windows Home
Which Should You Choose?
The choice between BitLocker on Windows Pro and disk encryption on Windows Home boils down to your specific needs:
For Personal Use: Windows Home’s disk encryption is adequate for protecting sensitive data without additional costs or complexity.
For Business or Advanced Use: Windows Pro’s BitLocker provides the advanced features and controls necessary for enterprise security and compliance requirements.
Conclusion
Microsoft’s decision to introduce disk encryption to Windows Home marks a significant step in democratizing data security. While the features on Windows Home are more basic, they offer an accessible option for users who might otherwise forgo encryption altogether. On the other hand, BitLocker on Windows Pro continues to lead with its robust capabilities tailored for professional and enterprise environments.
In a world where data breaches are a growing concern, encryption is no longer optional. Whether you’re using Windows Home or Pro, enabling disk encryption is a crucial step in safeguarding your digital life. As always, consider your needs carefully and ensure that your data protection strategy aligns with your risk tolerance and usage scenario.
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
