What are the top 5 cybersecurity questions people are asking Google & ChatGPT? 

Cybersecurity is a complex and constantly evolving field, but at the same time, it’s also a subject with profound, real life implications for every person and every business. It’s our goal to provide answers to help you navigate cybersecurity issues in your everyday life and your business. Today we’re answering some of the most-asked cybersecurity questions, according to Google and ChatGPT. If you have other questions you’d like us to answer, please shoot us a message, and we will add them to the ever-growing list!

“How can I recognize and avoid phishing scams?” 

Phishing scams are rapidly evolving in 2025, blending technology and psychology to trick users. Staying alert to subtle warning signs is the key to protecting your data and identity. 

• Familiarity is a key tactic attackers use to trick you. Phishing messages often arrive through email, text, or even voice messages that impersonate individuals you know or legitimate organizations. Look carefully at sender numbers, addresses and URLs — malicious actors frequently use lookalike domains (like “amaz0n.com”) or public email services pretending to be corporate ones.  

• Messages filled with urgency or threats (“Your account will be locked in 24 hours!”) are classic pressure tactics.  

• Poor grammar, spelling mistakes, and generic greetings like “Dear Customer” can be red flags, but keep in mind that thanks to the AI tools attackers are now leveraging, phishing messages often no longer have those telltale errors. 

• Avoid downloading attachments unless you can verify that they are legit via another method (call the sender).  

• Real organizations will never ask for passwords or financial details via email or text.  

• If something feels suspicious, contact the company directly using their official website or phone number rather than replying to the message. 

“What’s the best way to secure my personal information/stay safe online?” 

In today’s hyper-connected world, keeping your personal information safe online requires more than just strong passwords—it takes smart habits, secure tools, and awareness of how your data is used. 

Make Strong Security Your Default 

Start by practicing digital hygiene. Use unique, complex passwords for every account and store them in a reputable password manager. Always enable multi-factor authentication (MFA), and apply software updates promptly to close security gaps. These steps create the first line of defense against unauthorized access. 

Watch for Modern Variants 

Today’s scams go beyond basic phishing. Attackers now deploy AI-generated messages that mimic your organization’s tone, deepfake voices or videos impersonating executives, and QR code phishing (“quishing”) that hides malicious links within QR images.  

Multifactor authentication (MFA) fatigue attacks and fake messages sent from compromised cloud accounts are also on the rise — even seasoned professionals can get caught. A few strategies to stay ahead:  

• Stop MFA‑push abuse by making push approvals hard to accidentally accept (number‑matching / extra context or switch users to phishing‑resistant MFA like FIDO2) 

• Add strong conditional access and device checks 

• Lock down OAuth/mail flows 

• Monitor for anomalous messages 

• When compromise is suspected, immediately revoke sessions & tokens, reset creds, remove malicious OAuth grants and mailbox rules. 

Form strong security habits: building a quiver of strong, habitual security practices and updating those habits as attack evolve can help keep you safe.

“Could my smart devices (IoT) or smart home become cyber threats?” 

Yes — your smart devices and connected home can indeed become cyber threats if not properly secured. As convenient as IoT technology is, every connected gadget adds a potential doorway for cybercriminals. 

The Hidden Risks in Smart Homes 

From smart TVs and thermostats to cameras and voice assistants, each connected device expands your home’s digital attack surface. Experts estimate that over 18 billion IoT devices are active worldwide in 2025 — and many have weak or outdated security settings. This makes them prime targets for breaches, spying, or even hijacking into massive botnets like BadBox 2.0, which infected over 10 million smart devices earlier this year. 

Common vulnerabilities include unpatched firmware, default passwords, unsecured Wi-Fi connections, and lack of device isolation. Once compromised, hackers can spy through cameras, lock users out of their systems, steal data, or use the device for broader cyberattacks. In some cases, security flaws even enable ransomware attacks that demand payment to restore access. 

How to Stay Secure 

The best defense is proactive security hygiene. 

• Change default usernames and passwords immediately. 

• Keep device firmware and apps updated. 

• Use a separate Wi-Fi network for your IoT devices so they don’t share access with computers or banking applications. 

• Buy trusted brands with a proven record of issuing regular security patches. 

• Disable features like remote access unless absolutely necessary, and use a strong, unique router password. 

Smart devices can make life easier, but convenience shouldn’t come at the expense of control. By securing your network, staying informed, and maintaining good cyber hygiene, you can enjoy a smart home that’s both connected and secure. 

“Is using ChatGPT itself safe from a cybersecurity/privacy perspective?” 

It depends heavily on how you use it and what you share. While ChatGPT and other AI tools have some safeguards in place, there are still real risks users should understand. 

A main concern with AI tools is the information users enter into the chat. Chats are typically saved, making it possible for them to be accessed by bad actors, and most companies use the data you enter to train their tools. Consider investing in enterprise versions, which often allow organizations to opt out of model training and add stronger data isolation. Always be aware that anything you share, such as personal details, passwords, or confidential business data, could be stored and reviewed for quality assurance. Once any data is shared, it isn’t easily removed.  

Experts have also noted newer threats like prompt injection, where attackers manipulate AI tools to leak sensitive information or perform unauthorized actions. Shadow IT usage — employees using personal accounts to discuss work matters — also exposes businesses to data loss. Additionally, cybercriminals now use generative AI to create convincing phishing or deepfake messages, blurring the line between safe and malicious content. 

A few user tips for AI tool security:  

• Never share passwords, personal identifiers, or proprietary data. 

• Use enterprise or opt-out modes to prevent data from training the model. 

• Periodically review your data settings and clear your chat history. 

• Verify that links, attachments, and all integrations come from trusted, official sources.