Android users are getting more tools to combat the seemingly endless stream of scam texts from bad actors looking to steal your data and your money. Circle to Search and Google Lens can now assess messages for scam red flags, and if possible fraud is detected, you'll get recommendations for what to do (or not do) next. Even if you think you know the telltale signs of a scam—a sense of urgency, a demand for money or personal information, a link to log in or pay—using these tools can confirm your suspicions, especially when you feel pressured to act.
Use Circle to Search to identify scams
To activate Circle to Search, long press the home button or navigation bar on your device and circle the text you want to scan. Alternatively, you can take a screenshot, open Lens in the Google app (also available on iOS), and tap the screenshot. The feature works for text messages as well as communication on messaging apps and social media sites. Google says the capability is available "when our systems have high confidence in the quality of the response."
This is just the latest in the Google's suite of security features meant to protect against fraud. Pixel users have real-time, AI-powered scam detection, which identifies and alerts you to suspicious conversational patterns in Google Messages and Phone by Google. In-call protections for Android prevent you from taking certain actions, such as sideloading new apps and changing accessibility permission, on your device while on the phone with anyone not saved in your contacts.
Earlier this month, Google also expanded its in-call scam detection feature, meant to combat bank impersonation schemes, to U.S. users. If you are on a call with a number that's not in your contacts and try to open a participating financial app, you'll get a notification reminding you not to share information and a one-click option to stop screen-sharing and end the call.
If you find yourself in an emergency or crisis situation, the more information you can give first responders, the better. Android users can now share a live stream of their surroundings with 911, allowing emergency services to assess and provide guidance in real time while you wait for help to arrive onsite.
Emergency services on Android
Your Android already shares some information with first responders via Emergency Location Services (unless you disable this feature). This built-in tool sends an accurate location as well as contextual information, such as language settings, when you call or text an emergency number. Now, that includes live video from your device's camera.
You don't need to do anything to set up Emergency Live Video. Once available in your area, responders can send a request during an emergency call or text to securely share your camera's live video. You'll see a prompt on your screen to start sharing with one tap.
According to Google, Emergency Live Video is encrypted by default. Users can choose whether to share their video from the prompt as well as stop the share at any time by clicking the onscreen Stop sharing button.
Live video sharing is rolling out now to U.S. users, as well as those in parts of Germany and Mexico, on Android phones running Android 8 and up. Google says they are partnering with public safety organizations to expand the feature to more users.
Other Android safety features
Emergency Live Video is the latest in Google's suite of safety features designed to make help more accessible—more quickly—in an emergency. Pixel users in Australia, North America, and several dozen countries across Europe now have access to Satellite SOS, which allows you to call emergency services even without a cellular or wifi connection. Car Crash Detection contacts emergency services and shares your location in the event of severe crash, while Fall Detection and Loss of Pulse Detection will call for help based on Pixel Watch sensor data.
Netflix's January lineup is on the lighter side, but includes the return of period romance series Bridgerton (Jan. 29). Season four centers on Benedict, the second-eldest sibling, and Sophie, who he meets at Lady Bridgerton’s masquerade ball. The first four episodes drop in January, with the remaining four coming at the end of February.
Another original series worth watching is Agatha Christie's Seven Dials (Jan. 15), an adaptation of crime author's novel The Seven Dials Mystery. Mia McKenna-Bruce plays sleuth Lady Eileen “Bundle” Brent, who is attempting to solve a murder mystery at a country house party in 1920s England. Martin Freeman and Helena Bonham Carter also star.
On the film side, rom-com People We Meet on Vacation (Jan. 9) is an adaptation of Emily Henry's novel of the same name and stars Tom Blyth and Emily Bader. The Rip (Jan. 16) is an action thriller starring Ben Affleck and Matt Damon as Miami cops who discover millions of dollars in cash at a stash house.
Netflix is also releasing true crime documentary Kidnapped: Elizabeth Smart (Jan. 21) about the 2002 abduction of the 14-year-old from her home in Salt Lake City, and her return several years later.
In addition to hosting WWE's Monday Night Raw every week, Netflix is also streaming Skyscraper Live (Jan. 23), in which free solo climber Alex Honnold will attempt one of the world's tallest skyscrapers in Taipei, Taiwan.
Here's everything else coming to Netflix in January, and everything that's leaving.
Microsoft's Patch Tuesday update for December is here, and Windows users should ensure their machines are updated as soon as possible to fix three zero-day vulnerabilities. These are security flaws that are actively exploited or publicly disclosed before the developer releases an official patch.
As reported by Bleeping Computer, this month's update addresses 56 bugs in total: 28 elevation-of-privilege vulnerabilities, 19 remote-code-execution vulnerabilities, four information-disclosure vulnerabilities, three denial-of-service vulnerabilities, and two spoofing vulnerabilities. Three of the remote code execution flaws are labeled "critical." Note that these figures do not include updates released for Microsoft Edge and Mariner.
Patch Tuesday is typically released on the second Tuesday of every month around 10am PT, so you can anticipate security updates at that time.
Three zero-days fixed
One of the zero-days patched in December has been actively exploited in the wild, though Microsoft has not shared any details as to how. CVE-2025-62221 is an elevation-of-privilege vulnerability in the Windows Cloud Files Mini Filter Driver, and when exploited, give attackers SYSTEM privileges. The mini filter allows cloud applications, such as OneDrive, access to file system functions.
The other two bugs fixed have been publicly disclosed:
CVE-2025-64671 - GitHub Copilot for Jetbrains Remote Code Execution Vulnerability: This flaw, which can be exploited through a Cross Prompt Injection in untrusted files or MCP servers, allows attackers to execute commands locally. According to Krebs on Security, this could trick the LLM into adding malicious instructions in the user's auto-approve settings.
CVE-2025-54100 - PowerShell Remote Code Execution Vulnerability: This bug could cause scripts embedded in a webpage to be executed when retrieved using Invoke-WebRequest.
CVE-2025-62221 has been attributed to Microsoft Threat Intelligence Center (MSTIC) & Microsoft Security Response Center (MSRC). CVE-2025-64671 was disclosed by Ari Marzuk, while CVE-2025-54100 has been credited to multiple security researchers.
If you don't yet have a REAL ID, you can continue to fly, but it's going to cost you. Beginning Feb. 1, 2026, the Transportation Security Administration (TSA) will start collecting a $45 fee from travelers using non-compliant forms of identification at airport security checkpoints.
The agency previously proposed a fee of $18 to cover the administrative and IT costs of ID verification for those traveling without a REAL ID or passport but increased the total to $45 in an announcement released earlier this month.
REAL ID requirements
The 2005 REAL ID Act mandated the standardization of state-issued driver's licenses and identification cards. After multiple delays since 2008, the Department of Homeland Security earlier this year finally began requiring anyone age 18 and over to have a REAL ID-compliant license to clear airport security or enter certain federal buildings.
Travelers can also comply with the regulations using a U.S. passport, U.S. passport card, DHS Trusted Traveler card, or state-issued Enhanced Driver's License (from Michigan, Minnesota, New York, Vermont, of Washington). Enhanced Tribal Cards, permanent resident and border crossing cards, Department of Defense IDs, and foreign passports are also accepted.
You can still travel without a REAL ID
The vast majority of Americans—94 percent—already have a REAL ID or another accepted form of identification. Those who don't will have to complete an online verification process and pay the $45 fee before they are able to clear airport security. Travelers are being encouraged to do this in advance: If you arrive without approval, you'll be sent out of line to complete the process (which can take up to 30 minutes) before being allowed through.
The $45 fee covers security checkpoint access for up to 10 days, after which you'll have to repeat the process and payment. Travelers whose REAL ID or passport has been lost or stolen also have to pay.
Malicious extensions do occasionally find their way into the Chrome Web Store (and similar libraries in other browsers) by posing as legitimate add-ons. They are particularly difficult to catch when they are benign to begin with, only morphing into malware after gaining user trust.
That's what happened with a number of extensions on Google Chrome and Microsoft Edge: researchers at Koi Security identified add-ons across both browsers that operated legitimately for several years before receiving malicious updates that allow hackers to surveil users and collect and exfiltrate sensitive data. The scheme, known as ShadyPanda, reached four million downloads and is still active on Edge.
Threat actors ran a similar campaign targeting Firefox earlier this year: They gained approval for benign extensions mimicking popular crypto wallets, accumulated downloads and positive reviews, and then injected the add-ons with malicious code capable of logging form field inputs, which they used to access and steal crypto assets.
Browser extensions can turn bad
As Koi Security outlines, ShadyPanda started out as an affiliate scam, with 145 extensions masquerading as wallpaper and productivity apps across the two browsers. The initial phase injected affiliate tracking codes and paid commissions with clicks to eBay, Amazon, and Booking.com and then evolved to hijack and manipulate search results before launching the five extensions in 2018 that would later be converted to malware.
Those add-ons were marked as Featured and Verified in Chrome—one, a cache cleaner known as Clean Master, accrued a 4.8 rating from thousands of reviews. The extensions were updated in 2024 to run malware that could check hourly for new instructions and maintain full browser access, feeding information to ShadyPanda's servers. (These have since been removed from Chrome.)
Hackers launched an additional five extensions, including WeTab, to Edge in 2023. Two are comprehensive spyware, and all were still active as of Koi's report.
How to find malicious extensions in Chrome and Edge
Unfortunately, malicious extensions are usually pretending to be something else, so a quick visual check of your installed extensions may not reveal a problem. In this case, Koi Security has a list of the extension IDs associated with the ShadyPanda campaign, and you'll have to search for them one by one.
In Chrome, type chrome://extensions/ into your address bar and hit Enter. Toggle on Developer mode in the top-right corner to reveal the IDs for installed extensions. From here, you can copy and paste each ID into the search bar (Ctrl+F on your PC or Cmd+F on your Mac). If there are no results, your browser is safe. If you do find a malicious add-on, click the Remove button. In Edge, follow the same process from edge://extensions/.
While this campaign shows that extensions can be weaponized long after they've been installed, you should still follow best practices for vetting browser add-ons just as you would apps for your device. Check the name carefully, as fraudulent extensions often have names that are nearly identical to trustworthy ones. Review the description for any red flags, such as misspellings and unrelated images. If you see a lot of positive reviews in a short amount of time on a new extension, or if they seem to be reviewing something else entirely, proceed with caution. You can also do additional research, such as a search on Google or Reddit, to see if the extension is legit.
You may have a keen eye for spotting scams, but fraudsters are finding new ways to weaponize trusted systems to avoid detection. For example, threat actors are generating real Apple support tickets to phish two-factor authentication (2FA) codes and gain access to iCloud accounts.
The scheme, detailed on Medium by a security researcher and software product manager Eric Moret, shows how social engineering tactics can sow just enough fear and confusion to trick even those who know the red flags. (The money transfer scam that conned a financial advice columnist out of $50,000 is another example.)
How scammers are exploiting Apple's support system
The Apple support scam started with a text message from Apple containing a 2FA code, followed by verification notifications across devices, indicating that someone was trying to log into Moret's account. He then received an automated call from Apple with another 2FA code. The text was delivered from a five-digit short code, and the call from a toll-free number, both of which are used by legitimate businesses and not necessarily red flags of a scam.
The next call, however, came from an Atlanta-based 404 phone number. The caller claimed to be from Apple Support, stated that Moret's account was under attack, and assured him that they were opening up a support ticket. During a follow-up call lasting 25 minutes, Moret received a real Apple Support case confirmation via email (it turns out anyone can create an Apple support ticket in someone else's name) and was directed to reset his iCloud password.
He was then sent a link via text—from the 404 number this time—to close the ticket. After clicking through, Moret was directed to a phishing website that spoofed a real Apple page (the URL was appeal-apple[dot]com), where he was prompted to enter a 6-digit 2FA code he'd just received via text. An email to his inbox then alerted him that an unknown Mac mini had been used to sign into his iCloud account, which the rep on the phone told him was "expected as part of the security process" and "standard procedure."
Moret then immediately reset his iCloud password again to kick the unauthorized device off.
It may be easy in hindsight to see the signs: the unsolicited call about an urgent security issue, the 404 number, the phishing link that isn't a real Apple subdomain, the request for an authentication code. But the Apple support ticket—with a real case number and official emails from apple.com domains—lent just enough credibility, and the multiple 2FA notifications just enough urgency, to work.
That's the problem with social engineering. It manipulates emotions and instincts that are stronger than logic and reason, leading to actions that are not in our interest.
How to stay safe
As always, you should be wary of anyone who calls, texts, or emails you about a security or account issue, even if you have received real security alerts or they have a legitimate case number. Don't click links, enter credentials, or provide codes when prompted by these unsolicited callers. Don't accept reassurance from anyone on the phone, no matter how calm and confident they sound.
If you are concerned, you should reach out directly using trusted contact information or open support tickets yourself. Always check URLs and subdomains carefully, as hackers can play tricks to make them look legit.
Also, know that simply having 2FA enabled isn't enough to keep your accounts secure. Some forms are (obviously) easily phished, so if possible, you should use a multi-factor authentication method like a hardware key or WebAuthn credentials (biometrics and passkeys) rather than codes.
Bank impersonation is a popular scam tactic, and one I've writtenabouta lot. Fraudsters prey on people's fear, confusion, and desire to protect their money, which may lead targets to hand over login credentials, make irreversible wire transfers, or provide other sensitive information without stopping to question their actions.
Android users in the U.S. will soon have extra protection against scams targeting their financial apps, preventing threat actors impersonating bank representatives from accessing data on their devices. Google's in-call scam protection is designed to prevent users from sharing their screens with threat actors and help them avoid revealing their banking information.
How Android in-call protection works
Android's scam protection kicks in if you are on a phone call with a number not saved in your contacts and attempt to open a participating financial app. You'll get a pop-up warning that the call is likely a scam with a reminder not to make payments or share personal information and a button to end the call (and stop screen sharing). There's also a 30-second delay on further action on your device, which Google says is designed to disrupt any sense of urgency.
Note that financial institutions must opt into in this feature—at this time, Google has specifically named Cash App and JPMorganChase as partners, though it indicates expansion to other popular fintechs and banks.
Google initially rolled out in-call protections for banking apps to UK users earlier this year as part of a larger package of security features announced ahead of Google I/O. That launch also included real-time scam detection alerts for calls and texts, improved theft protection via remote lock and identity check, key verifier for Google Messages, and device-level Advanced Protection (in addition to account-level settings).
Alongside the US pilot, in-call scam protections will now cover most major banks in the UK as well as financial apps in Brazil and India.
The update screen is a normal occurrence on Windows machines, so of course hackers are now manipulating it to sneak malware onto devices. The scheme, a recent iteration of a ClickFix attack, is designed to trick you into executing a dangerous command under the guise of completing a "critical security update." But what you're actually doing is installing an infostealer that hands data over to bad actors.
When a Windows update pop-up is actually a ClickFix attack
ClickFix is a social engineering ploy that uses tactics like fake error messages, CAPTCHA forms, and command prompts to deliver malware to your device. As PCMag reports, the Windows update scam is a pop-up that looks like a standard Windows blue screen but is actually a full screen browser page being displayed from a malicious domain.
The ClickFix element is a set of keystrokes—not part of the real update interface—that have the user paste and execute a malicious command, ultimately delivering malware to their device. These instructions have an air of urgency, which is a common element of a scam.
Researchers at cybersecurity firm Huntress have detailed the exact mechanism behind this attack, including an iteration in which users are prompted to verify they are human (rather than complete a security update). As Bleeping Computer outlines, the malicious code is embedded into the pixel data of PNG images, and the final payload is one of two known infostealers.
According to the Huntress analysis, following a recent law enforcement operation, fake Windows update pages continue to exist across multiple domains, but those domains no longer seem to host the malware payload. That doesn't mean, however, that this attack, or some version of it, won't pop up elsewhere.
How to stay safe from this ClickFix attack
If you run Windows on your device, you've probably seen a blue or black update or error screen many times, and you may not be suspicious if your computer randomly begins an update or prompts you to take an extra step to confirm it. But while a legitimate update screen will have a progress indicator and instructions not to turn off your computer, you should never need to input manual commands. This is a red flag of a ClickFix attack and not something a trusted service will require.
Of course, it's important to keep your computer up to date. Microsoft releases security updates on the second Tuesday of the month, known as Patch Tuesday, and you can enable automatic updates on your machine to ensure you get fixes as soon as they're available.
If you want to take additional steps to prevent ClickFix attacks on Windows, you can disable the Windows Run box to prevent unauthorized access to commands.
The FBI's Internet Crime Complaint Center (IC3) is warning consumers about a type of fraud in which threat actors pretend to be from trusted financial institutions in order to obtain login credentials and gain access to financial and personal data.
The consequences are high: With stolen credentials, scammers can gain full control of your accounts and your money. According to the FBI advisory, criminals will quickly wire funds from your bank to cryptocurrency wallets, making the money nearly impossible to trace and recover, and lock you out of your account in the process.
Here's how account takeover scams work—and how to avoid becoming a victim.
Account takeover scams may impersonate your bank
Most account takeover scams use social engineering: a series of tactics designed to manipulate you into giving up personal information, downloading malware, or paying money to bad actors. Scammers impersonate financial institution employees as well as customer support and technical support staff and reach out to targets via text, call, or email to say that their account has been compromised in some way.
They may tell you that there have been fraudulent charges on your account and send you a link to report the fraud—but this is actually a phishing site designed to harvest your login credentials. They may ask directly for your username, password, or multi-factor authentication (MFA) code over the phone. In some cases, they may even claim that your information was used to buy firearms and pass you off to a second scammer impersonating law enforcement. They're counting on you to feel fear and confusion and act quickly to "resolve" the issue by handing over your information.
The FBI has also identified a version of account takeover using search engine optimization (SEO) poisoning, in which scammers buy ads that appear to be for legitimate businesses but actually allow them to place malicious links to spoofed bank websites higher in search results.
How to avoid falling for account takeover scams
While being targeted for an account takeover may be unavoidable, there are a few red flags that can help you identify the fraud before it goes south.
First, you should always be wary of calls, texts, emails, and other communication (such as social media messages) from someone claiming to be from your bank or creditor, especially if they ask for personal information like your username, password, or time-based one-time password (TOTP). Reputable institutions will not contact you to request your credentials or other sensitive data—so these are almost certainly phishing attempts.
You should also be wary of trusting websites that look like they belong to your financial institution, especially if you click to them from a browser search. Cybercriminals can easily build convincing (but spoofed) websites and place the malicious links at the top of search results. Bookmark the trusted link rather than going through a search engine, or use the verified app on your mobile device. Always avoid clicking directly from unsolicited communication, and check URLs and email addresses carefully, as scammers can also use homographs to hide malicious links.
Finally, protect your personal information. Use complex, unique passwords stored securely (such as in a password manager), enable a stronger form of MFA (and never give away codes), and limit what you share online. Scammers may use what you've posted—like your date of birth, pet's name, or information about family members—to get past your security questions, guess your password, or make an impersonation attempt sound more convincing.
The IC3 also recommends monitoring your financial accounts for irregularities, such as unauthorized withdrawals or transfers, which may be a sign of an account takeover. Consider setting up transaction alerts with your financial institutions to be notified immediately of any suspicious activity.
In its Android Security Bulletin for December, Google is pushing an especially large number of updates to address vulnerabilities across different components—and two of the flaws may have been exploited in the wild.
The December patch covers 107 bugs across Android Kernel, System, and Framework as well as Qualcomm, MediaTek, Arm, Unisoc, and Imagination Technologies components. The high-severity vulnerabilities include denial of service, elevation of privilege, and information disclosure flaws. There are also a handful of bugs labeled as "critical."
Two active exploits
Two of the vulnerabilities addressed in the December update are zero-days, which are flaws that have been actively exploited or publicly disclosed before the developer makes a patch available. Google notes that both may be under "limited, targeted exploitation."
CVE-2025-48633 is an information disclosure vulnerability, while CVE-2025-48572 is an elevation of privilege flaw. Both affect the Android Framework in versions 13 through 16.
Google hasn't disclosed any additional information about the flaws and how they may have been exploited (or by whom). However, as Bleeping Computer reports, similar bugs have been targeted in the past by commercial spyware operations and nation-state campaigns.
Ensure your Android device is up to date
You should always implement security patches as soon as they're available, so if you see a notification to update, go ahead and follow the prompts to download and install it. You can also check for updates via a path like Settings > Security & privacy > System & updates > Security update. Note that this may be slightly different depending on your device, and you can always search "update" to locate it.
This month's patches apply to Android Open Source Project (AOSP) versions 13, 14, 15, and 16 and are dated 2025-12-01 and 2025-12-05—the latter fixes all known issues.
Pixel users (and the core AOSP code) receive patches from Google, and those on other Android devices from Huawei, LGE, Samsung, Motorola, and Nokia should see updates from their respective manufacturers around the same time.
Sales are accurate at the time of publication, but prices and inventory are always subject to change.
Beats' latest on-ear headphones are on deep discount for Cyber Monday: The Beats Solo 4 are just $79 at Walmart right now, specifically the drenched grey colorway. This is the lowest price ever, according to price-tracking tools. The other colors, including black, pink, and blue, are listed for $129 at Walmart and $129.95 on Amazon, which is also a decent deal at 35% off.
The Beats Solo 4 offer well-balanced sound and are particularly high-value for those in the Apple ecosystem. This is because Apple-owned Beats by Dre integrated features like hands-free Siri and personalized spatial audio into this iteration of the Beats Solo. The headphones also have one-touch pairing with most Apple devices, automatic pairing via iCloud, audio sharing, and simultaneous connection with your iPhone and Apple Watch.
PCMag gives the Beats Solo 4 a "good" review. The headphones don't have Active Noise Cancellation, an adjustable EQ option, or an Android-friendly codec.
Nowadays, both large retailers and small businesses compete for Black Friday and Cyber Monday shoppers, so you can expect practically every store to run sales through Monday, December 1, 2025. The “best” sales depend on your needs, but in general, the biggest discounts tend to come from larger retailers who can afford lower prices: think places like Amazon, Walmart, Target, Best Buy, and Home Depot. You can find all the best sales from major retailers on our live blog.
Are Cyber Monday deals worth it?
In short, yes, Cyber Monday still offers discounts that can be rare throughout the rest of the year. If there’s something you want to buy, or you’re shopping for gifts, it’s a good time to look for discounts on what you need, especially tech sales, home improvement supplies, and fitness tech. Of course, if you need to save money, the best way to save is to not buy anything.
Are Cyber Monday deals better than Black Friday?
Black Friday used to be bigger for major retailers and more expensive tech and appliances, while Cyber Monday was for cheaper tech and gave smaller businesses a chance to compete online. Nowadays, though, distinction is almost meaningless. Every major retailer will offer sales on both days, and the smart move is to know what you want, use price trackers or refer to guides like our live blog that use price trackers for you, and don’t stress over finding the perfect timing.
Our Best Editor-Vetted Cyber Monday Deals Right Now
Black Friday sales officially start Friday, November 28, and run through Cyber Monday, December 1, and Lifehacker is sharing the best sales based on product reviews, comparisons, and price-tracking tools before it's over.
Follow our live blog to stay up-to-date on the best sales we find.
Browse our editors’ picks for a curated list of our favorite sales on laptops, fitness tech, appliances, and more.
Sales are accurate at the time of publication, but prices and inventory are always subject to change.
Holiday shopping season is ripe for scammers, as consumers rush to find and take advantage of some of the best discounts of the year, and potentially overlook red flags that signal fraud. Security researchers are warning of an uptick in scams capitalizing on the Black Friday and Cyber Monday hype. Fraudsters know that they can prey on shoppers' sense of urgency and excitement for limited-time, exclusive deals—and AI is making these campaigns even more difficult to spot than usual.
New data from McAfee suggest that nearly half of Americans have come across an AI-powered scam while shopping, from deepfakes impersonating celebrities pushing promotions to near-flawless spoofed websites that steal your credit card information.
Black Friday and Cyber Monday shopping scams
Spoofed websites are a common type of a scam, and fraudsters use holiday shopping season to trap users with fake retail sites and sales pages that look legitimate but are actually just collecting data like your login credentials and payment information. Scammers will use stolen assets like logos and product photos from known and trusted brands, and AI makes it easy to set up a convincing (but fake) small business website with elements like a customer service page and consumer reviews in no time.
Another shopping scam facilitated by AI is the impersonation scam. You think you're watching a popular influencer or celebrity promoting an exclusive deal or product giveaway on TikTok or another social media platform, but it's actually a deepfake. If you click through to enter or buy, you'll land on a counterfeit page (as outlined above) designed to steal from you.
According to Google's November fraud and scam advisory, scammers can get eyes on their content by hijacking search terms for Black Friday sales, running deceptive ads, or pushing deals on social media. Fake storefronts may appear as sponsored links, which are easy to overlook if you're in a rush to make a purchase.
Of course, you may encounter other common holiday scams, such as fake shipping notifications that request payment in order to resolve a delivery issue as well as account verification scams that prompt you to confirm personal details. These phishing and smishing campaigns use standard scam tactics like impersonating a legitimate company or service and sending a fraudulent link that collects your bank information or username and password combination.
Black Friday and Cyber Monday scam red flags
When shopping holiday deals, slow down enough to look for common signs of scams. Fraudsters will use urgency—such as a limited time to secure a deal or a limited number of items left in stock—in hopes you won't think before you buy. You should also be wary of any deal that is too good to be true, or a promotion with especially low prices that are out of line with other sales on similar items. This includes influencers pushing "exclusive" opportunities. If you are purchasing from a small business you don't know, google the brand and read third-party reviews to see whether it is legitimate.
Instead of clicking links from emails, texts, and social media posts promoting sales, go directly to the retailer's website and search for the deal. If you do click through, check the URL carefully to ensure it is legitimate (scammers may use homoglyphs that avoid detection at first glance) and look for website elements that real companies have, such as a privacy policy and address. If you see a promotion on social media, check the creator's account to see when they joined the platform, what they've posted in the past, and whether they are verified.
Beware of any site that requires you to pay with a gift card, cryptocurrency, or bank transfer versus a credit card, which has some protection in the case of fraud. Legitimate retailers will use legitimate payment methods.
Finally, never enter your login credentials unless you've confirmed that the site you're using is trustworthy. This includes delivery services and your Amazon and PayPal accounts, all of which scammers may pressure you to "verify" in order to resolve a billing or delivery issue.
Are Cyber Monday deals worth it?
In short, yes, Cyber Monday still offers discounts that can be rare throughout the rest of the year. If there’s something you want to buy, or you’re shopping for gifts, it’s a good time to look for discounts on what you need, especially tech sales, home improvement supplies, and fitness tech. Of course, if you need to save money, the best way to save is to not buy anything.
What stores have the best sales on Cyber Monday?
Nowadays, both large retailers and small businesses compete for Black Friday shoppers, so you can expect practically every store to run sales through Monday, December 1, 2025. The “best” sales depend on your needs, but in general, the biggest discounts tend to come from larger retailers that can afford lower prices: think places like Amazon, Walmart, Target, Best Buy, and Home Depot. You can find all the best sales from major retailers on our live blog.
Are Cyber Monday deals better than Black Friday?
Black Friday used to be bigger for major retailers and more expensive tech and appliances, while Cyber Monday was for cheaper tech and gave smaller businesses a chance to compete online. Nowadays, though, the distinction is almost meaningless. Every major retailer will offer sales on both days, and the smart move is to know what you want, use price trackers or refer to guides like our live blog that use price trackers for you, and don’t stress over finding the perfect timing.
Our Best Editor-Vetted Cyber Monday Deals Right Now
Black Friday sales officially start Friday, November 28, and run through Cyber Monday, December 1, and Lifehacker is sharing the best sales based on product reviews, comparisons, and price-tracking tools before it's over.
Follow our live blog to stay up-to-date on the best sales we find.
Browse our editors’ picks for a curated list of our favorite sales on laptops, fitness tech, appliances, and more.
Sales are accurate at the time of publication, but prices and inventory are always subject to change.
I love the ritual (and taste) of pour-over coffee, but it's not always feasible to brew two cups for the two adults in my household on busy mornings. Add in guests, and someone has to spend a significant chunk of time grinding beans, boiling water, overseeing the brewing process, cleaning the filter, rinse and repeat.
I bought the Moccamaster KBGV Select coffee maker two years ago for Black Friday, and it has changed my mornings since. It takes a minute or so to grind beans and add water to the machine, and then you've got an excellent pot of coffee in 4–6 minutes with just the press of a button—all without sacrificing the complexity and flavor obtained through manual brewing methods. The machine replicates the bloom of a pour-over and brews at a speed that allows for "optimized coffee extraction."
The Moccamaster makes up to 40 ounces of coffee at once, keeps it warm, and automatically shuts off after 100 minutes. You can choose a half or full carafe, and the machine will adjust the brewing speed and hot plate temperature accordingly. Plus, it looks great on the kitchen counter. The only downside I found is that the carafe is pretty fragile—we ended up replacing ours with this sturdier version, also on sale for Black Friday.
The Moccamaster is pricey, making Black Friday an ideal time to buy. Note that the deal is slightly different depending on the color you choose: As of this writing, Black, Red, Brushed Gold, Butter Yellow, Matte Silver, Midnight Blue, Pistachio, Off-White, Orange, Sandstone, Stone Grey, Turquoise, and Pink are 33% off. Apricot is 31% off, and Yellow Pepper, Matte Black, and Polished Silver are 35% off. (It's not quite the lowest price we've ever seen, according to price-tracking tools, but it's close.)
Several other colors are listed at full price as of this piece—of course, it's always possible that availability will change throughout the deal period from what's covered here.
How long do Black Friday deals really last?
Black Friday sales officially begin Friday, November 28, 2025, and run throughout “Cyber Week,” the five-day period that runs from Thanksgiving through Cyber Monday, December 1, 2025. But Black Friday and Cyber Monday dates have expanded as retailers compete for customers. You can get the same Black Friday sales early, and we expect sales to wind down by December 3, 2025.
Does Amazon have Black Friday deals?
Yes, Amazon has Black Friday sales, but prices aren’t always what they seem. Use a price tracker to make sure you’re getting the best deal, or refer to guides like our live blog that use price trackers for you. And if you have an Amazon Prime membership, make the most of it.
What stores have the best sales on Black Friday?
Nowadays, both large retailers and small businesses compete for Black Friday shoppers, so you can expect practically every store to run sales through Monday, December 1, 2025. The “best” sales depend on your needs, but in general, the biggest discounts tend to come from larger retailers who can afford lower prices: think places like Amazon, Walmart, Target, Best Buy, and Home Depot. You can find all the best sales from major retailers on our live blog.
Are Black Friday deals worth it?
In short, yes, Black Friday still offers discounts that can be rare throughout the rest of the year. If there’s something you want to buy, or you’re shopping for gifts, it’s a good time to look for discounts on what you need, especially tech sales, home improvement supplies, and fitness tech. Of course, if you need to save money, the best way to save is to not buy anything.
Are Cyber Monday deals better than Black Friday?
Black Friday used to be bigger for major retailers and more expensive tech and appliances, while Cyber Monday was for cheaper tech and gave smaller businesses a chance to compete online. Nowadays, though, distinction is almost meaningless. Every major retailer will offer sales on both days, and the smart move is to know what you want, use price trackers or refer to guides like our live blog that use price trackers for you, and don’t stress over finding the perfect timing.
Our Best Editor-Vetted Early Black Friday Deals Right Now
Scammers love to impersonate government and law enforcement officials, from the FBI to the U.S. Marshals Service to Medicare and other health insurance programs. There's a good reason for this: Most Americans use government services at some point, and many may be apt to trust, or at least engage with, someone claiming to be from a well-known agency. Plus, the threat of losing benefits or being targeted by legal action is especially compelling when it comes from a government representative, and victims may be more likely to comply with scammers' demands.
Social Security numbers are often part of identity theft, so it would be alarming to receive a notice that yours has been involved in criminal activity. Scammers are counting on this when impersonating the SSA's Office of the Inspector General (OIG) and trying to trick you into actually giving up your SSN and other sensitive information.
Here's how the scheme works: Fraudsters are sending emails with the subject line "Alert: Social Security Account Issues Detected" and including attachments on letterhead that looks like it comes from the OIG. The notice contains official-seeming information, such as a reference number and case ID, and states that your SSN will be suspended within 24 hours due to fraudulent activity on your account. The letter also says that criminal charges have been filed and even includes the statutes that have supposedly been violated.
Recipients are instructed to call the number listed to "respond to these allegations," but the person on the other end is a scammer impersonating an SSA employee. They will try to exploit your fear and confusion to collect personal and financial information from you.
VA benefits overpayment scam
Scammers are also contacting veterans and military family members who receive VA benefits, claiming that said benefits have been overpaid and pressuring targets to pay back the money owed.
According to the VA's advisory, fraudsters are using fake VA letterhead and logos on notices sent by mail and email as well as spoofing real VA phone numbers. They are trying to convince beneficiaries to make payments immediately using methods like wire transfers, cryptocurrency, prepaid debit cards, and gift cards, and they may also request sensitive information your VA login or bank account credentials.
While VA benefits could legitimately be overpaid, the VA won't contact you and demand money—especially via bitcoin and other unrecoverable methods. Nor should you ever have to pay an upfront fee for assistance with managing VA debts and claims (the VA does this for free).
If you do actually owe money, you will be able to find more information on repayment through your official VA.gov account. Always verify through official VA channels, such as VA.gov and the VA’s Debt Management Center (800-827-0648). Never rely solely on unsolicited communication, and never give out your password, SSN, or financial information.
Government agencies don't send threatening notices via email (or by any other means), so if you receive a scary letter out of the blue, don't act without investigating. Always contact the agency via the information found on its website—don't call or text any number provided in these notices.
Black Friday sales officially start Friday, November 28, and run through Cyber Monday, December 1, and Lifehacker is sharing the best sales based on product reviews, comparisons, and price-tracking tools before it's over.
Follow our live blog to stay up-to-date on the best sales we find.
Browse our editors’ picks for a curated list of our favorite sales on laptops, fitness tech, appliances, and more.
Sales are accurate at the time of publication, but prices and inventory are always subject to change.
The Sonos Arc Ultra is our pick for the best soundbar overall, and you can get it bundled with the Sub 4 subwoofer for a record low price of $1,499 right now for Black Friday. At 25% off, that's the best deal we've seen on the combo, according to price-tracking tools.
Sonos dominates the soundbar space, with some of the best smart speakers and surround sound systems on the market. The Arc Ultra is the brand's latest flagship soundbar and comes with all the premium features you'd expect at this price point, like Bluetooth connectivity, Dolby Atmos support, spatial audio, voice assistant from Amazon Alexa, and Sonos Voice Control. It has excellent audio quality and impressive bass, and its minimalist design looks great on any TV stand or wall. PCMag gives the Sonos Arc Ultra an "outstanding" rating.
The Arc Ultra alone performs better than most soundbar and subwoofer combos, but the deal currently available includes the also-excellent Sub 4 for an even more immersive experience.
Note that the Arc Ultra is a large soundbar—measuring in at 2.95 by 46.38 by 4.35 inches and 13 pounds—so you'll need plenty of space for it.
How long do Black Friday deals really last?
Black Friday sales officially begin Friday, November 28, 2025, and run throughout “Cyber Week,” the five-day period that runs from Thanksgiving through Cyber Monday, December 1, 2025. But Black Friday and Cyber Monday dates have expanded as retailers compete for customers. You can get the same Black Friday sales early, and we expect sales to wind down by December 3, 2025.
What stores have the best sales on Black Friday?
Nowadays, both large retailers and small businesses compete for Black Friday shoppers, so you can expect practically every store to run sales through Monday, December 1, 2025. The “best” sales depend on your needs, but in general, the biggest discounts tend to come from larger retailers who can afford lower prices: think places like Amazon, Walmart, Target, Best Buy, and Home Depot. You can find all the best sales from major retailers on our live blog.
Are Black Friday deals worth it?
In short, yes, Black Friday still offers discounts that can be rare throughout the rest of the year. If there’s something you want to buy, or you’re shopping for gifts, it’s a good time to look for discounts on what you need, especially tech sales, home improvement supplies, and fitness tech. Of course, if you need to save money, the best way to save is to not buy anything.
Are Cyber Monday deals better than Black Friday?
Black Friday used to be bigger for major retailers and more expensive tech and appliances, while Cyber Monday was for cheaper tech and gave smaller businesses a chance to compete online. Nowadays, though, distinction is almost meaningless. Every major retailer will offer sales on both days, and the smart move is to know what you want, use price trackers or refer to guides like our live blog that use price trackers for you, and don’t stress over finding the perfect timing.
If you've spent years curating playlists in Apple Music or another streaming service, you can now easily transfer your playlist to your Spotify library without needing to start from scratch or pay for a third-party service. Playlist transfers are now built into Spotify thanks to a new integration with TuneMyMusic, which facilitates music syncing, sharing, transfers, and backups across platforms.
To initiate a playlist transfer from Apple Music or another streaming service (YouTube Music, Amazon Music, SoundCloud, etc.), open the Spotify mobile app and tap Your Library. Scroll to the bottom of the page, tap Import your music > Get Started, and follow the on-screen prompts to connect with TuneMyMusic. You can choose which platform to transfer music from, and your playlists will populate in Spotify. Your playlists will remain on the original platform, as they are simply being copied into Spotify. (This feature is currently rolling out to users, so you may need to update your Spotify app.)
Data portability across music streamers has been very limited, but it's getting better: TuneMyMusic was already compatible with Spotify, but users had to sign up for a free trial with the service and were capped at just 500 songs before needing to upgrade to a paid plan. (Other third-party playlist transfer tools include FreeYourMusic and Soundiiz.)
Apple Music has a music transfer feature built into its iOS and iPadOS (under Settings > Apps > Music) as well as the Apple Music app for Android and via the web. YouTube Music supports playlist imports and exports but requires a third-party service for platforms that don't permit direct transfers.
Whether you actually go back and look at photos, watch videos, or review files from years past, you may someday be disappointed if those memories disappear forever, either because you didn't back them up or your one backup was destroyed along the way.
I know I have done a poor job of keeping track of media as I have upgraded computers and phones over the years, and I've lost my fair share of photos, videos, and documents along the way, whether on misplaced or damaged external drives or from simply forgetting to back up at all.
Here's how to ensure your data is available for years to come.
You need multiple backups of your data
One approach to backing up your data is the 3-2-1 strategy, which says you should keep three copies of your data across two different forms of storage, one of which should be offsite (in case a disaster strikes your home).
A simple example: You have your photos and files on your computer, which is backed up regularly to both an external hard drive and a cloud service. That's three copies of your data on two storage types—an onsite physical device and remote cloud storage—the latter of which satisfies the "offsite" requirement because it is geographically separate from your other two copies.
This approach protects against a single point of failure, such as a primary device dying, losing an external hard drive, or getting locked out of a cloud account. When it comes to backing up your data, redundancy matters.
As Reddit users note, there are different interpretations of how to apply the 3-2-1 rule, such as whether your working copy on your primary device counts as one of three and whether the one offsite copy is included in the two forms of storage. And while a strict 3-2-1 strategy, or variations of it, may be more commonly employed at the enterprise level rather than by the average consumer, you could think about it as a general guideline for improving your backup system, especially if you don't have one at all.
How to set up backups
You never know when a device might fail, so it's a good idea to plan frequent backups, whether your data is syncing regularly to the cloud or you set reminders to manually push updates to your external hard drive.
Many users sync their devices automatically to a service like iCloud or Google Drive, but relying on this as your sole backup doesn't guarantee that you'll be able to access all of your files in the future.
As HowtoGeek points out, these backups are typically mirroring what's currently on your device rather than historical versions—so once you delete a photo, file, or folder from your computer or phone, it's also deleted from the cloud backup. This is useful for quick access as well as restoring to a new or factory-reset device, but it doesn't do much for the scores of media collected over the years that you don't use daily.
You could use a dedicated cloud backup service like IDrive or Backblaze, which come with a lot of storage space for automatic, full device backups. This may be best for users who have large files or a lot of media that is essential to their jobs as well as those who prioritize data privacy. (However, Wirecutter notes that most online backup services leave a lot to be desired.) Others may be fine to manually move files and media to free or low-cost cloud storage, including iCloud, OneDrive, and Google.
At a minimum, another backup should live on an external hard drive—and if you're not going to do cloud backups, consider two external drives stored in separate locations. Hardware can obviously be lost, stolen, damaged, or simply degraded over time, so again, you shouldn't rely on a single drive for all of your storage. Apple's Time Machine and Windows File History make it easy to save backups to an external drive.
Netflix's December lineup has a little something for everyone, from familiar original series to live sports. Emily in Paris returns for a fifth season (Dec. 18), this time set in Rome. The final installment of Stranger Things is coming at the end of the month—the first half of season five premiered in November—with volume two releasing at 5 p.m. PT on Christmas Day and the finale at 5 p.m. PT on New Year's Eve.
There's also Love Is Blind: Italy (Dec. 1) and My Next Guest with David Letterman and Adam Sandler (Dec. 1), in which Letterman joins Adam Sandler backstage on his comedy tour, and What's In The Box? (Dec. 17), a new game show hosted by Neil Patrick Harris.
On the film side, Daniel Craig returns as Detective Benoit Blanc in a new Knives Out mystery called Wake Up, Dead Man (Dec. 12). The standalone sequel to Glass Onion also stars Josh O'Connor, Glenn Close, Josh Brolin, Jeremy Renner, Mila Kunis, Kerry Washington, and Andrew Scott.
Goodbye June (Dec. 24) also has a stacked cast, including Helen Mirren, Toni Collette, Andrea Riseborough, Johnny Flynn, and Kate Winslet—the film is her directorial debut. Four siblings are dealing with their mother's nearing death over the holiday season.
Finally, the live events lineup in December includes Jake vs. Joshua: Judgment Day (Dec. 19) and two Christmas Day NFL match-ups: Cowboys vs. Commanders and Lions vs. Vikings.
Here's everything else coming to Netflix in December, and everything that's leaving.
Many Americans are in the middle of making hard decisions about their health insurance, in part because open enrollment, the period in which consumers can change their plan, is happening now. That means scammers are also busy contacting people, impersonating insurance providers in an effort to collect personal, financial, and medical information.
Common health insurance scams
Fraudsters especially love to impersonate representatives from Medicare, targeting older adults and others who qualify for the federal program with unexpected calls. As the Federal Trade Commission warns, scammers may have some of your personal information already and will ask you to confirm your Medicare, bank account, and/or credit card number under the guise of sending you a new Medicare card. In reality, Medicare cards are free and sent automatically, so you should never need to provide payment.
Scammers may also target consumers on Marketplace, Medicaid, and Children's Health Insurance Program (CHIP) plans with a similar tactic, claiming that you may lose or be disqualified from health coverage unless you make a payment.
In addition to impersonating government officials, bad actors will pretend to represent a legitimate insurer, promising discounted plans (that are available only for a limited time) or enrollment assistance (for a fee). Plans that seem too good to be true probably aren't health insurance at all and may not provide the coverage promised. And you shouldn't have to pay anyone to sign up for a plan.
Note that while scammers may ramp up efforts during open enrollment, health insurance scams can happen year-round. A Federal Communications Commission (FCC) advisory warns consumers about common tactics like calls and texts in which scammers—impersonating government agencies or insurance companies—offer health screening, free gifts, or other promotional benefits in exchange for your personal information.
Bad actors can pretty easily spoof phone numbers (so it looks like you're getting a call from a reputable insurance provider like Medicare or Blue Cross Blue Shield) as well as set up phishing websites designed to steal your credentials and financial information.
Insurance scam red flags
As always, unsolicited communication that pressures you to take action is almost always a scam. Medicare representatives will never call, email, or text you to verify information or demand payment, nor will legitimate government officials try to sell you anything or threaten you unless you pay up. If someone claims they represent an insurer and asks for money or sensitive personal information, or if they threaten you with legal action, hang up.
Don't share any data, including your social security number, bank account number, or medical history with anyone—that is, unless you have contacted the Medicare office or other legitimate agency directly and first and need to verify your identity. (The number for Medicare is 1-800-MEDICARE, and you can reach a Marketplace representative through HealthCare.gov).
Always verify a representative's identity using official contact information found on a .gov website, legitimate company page, or an account statement, and never send money via gift card, prepaid debit, or crytocurrency in exchange for anything. You should also ensure your credentials for your insurance accounts (like HealthCare.gov and Medicare.gov) are strong and secure, and enable multi-factor authentication wherever possible.
You may be doing everything you can to protect your privacy online—using tools like multi-factor authentication, a secure password manager, and a VPN—but unfortunately, not all privacy-focused apps and services are actually doing what they promise. In its November fraud and scam advisory, Google is warning users about VPN apps and extensions that appear legitimate but are actually vectors for malware.
VPNs may actually be spyware
A VPN, or virtual private network, makes your internet activity much more difficult to track by routing your traffic through a different connection rather than your regular internet service provider (ISP). This allows you to hide your IP address and location, obscure your browsing data, and protect your information and devices from bad actors.
According to Google, malicious VPNs (posing as real ones) are delivering infostealers, remote access trojans, and banking trojans to user devices once installed, allowing hackers to access sensitive personal data like browsing history, financial credentials, and cryptocurrency wallet information. This means that an app you rely on to keep your information private could be doing the exact opposite. Cybercriminals are capitalizing on user trust in these services, creating apps that look and feel like legitimate VPNs but are actually dangerous spyware.
How to ensure your VPN app is safe
As with any app or extension, only download or install a VPN from an official source like the Google Play store. While malicious programs do sometimes sneak through, it's typically safer and more reliable than sideloading through a messaging app or other unvetted site.
In January 2025, Google launched a VPN verification process to help users identify trustworthy VPN apps in the Google Play store. To earn a "verified" badge, VPN apps have to undergo a Mobile Application Security Assessment (MASA) Level 2 validation and opt into independent security reviews. Badges are awarded only to VPNs that have been published for at least 90 days and reach 10,000 installs and 250 user reviews.
Of course, this system isn't perfect either: As TechRadar reported earlier this year, a popular (free) Chrome VPN extension earned a badge and was later discovered to be spying on users. That's why you should rely on a reputable VPN service—which means you'll likely have to pay for it. Free VPNs are far more likely to a privacy nightmare, and any app that sounds too good to be true probably is. You aren't going to get unlimited traffic at no cost without sacrificing something.
Finally, review VPN permissions carefully, and allow the minimum access possible for the app or extension to function. (You should do this with any app you download, and you should audit apps regularly to remove unnecessary permissions.) You can check your VPN service's support pages to find out which permissions are essential—this should not include access to your contacts, camera, microphone, or photos, for example.
Login
