The IT Nerd

With over 345 million personal records already exposed this year, protecting your online identity is now a basic requirement — not a tech luxury.

2025 is shaping up to be a historic year — for all the wrong reasons. According to recent data, over 8,230 data breaches have already compromised more than 345 million records worldwide. If this trend continues, it is predicted to surpass the 2024 total of 512 million exposed records by December.

For every internet user, one thing is clear: Online privacy has never been more under threat.

“Every interaction you have online leaves a trace,” says Marijus Briedis, chief technology officer (CTO) at NordVPN. “When that data falls into the wrong hands, whether through a data broker, a cybercriminal, or an unsecured app, the consequences may be irreversible.”

Personal data matters more than ever

The minutiae of our lives are now stored on servers, from passwords and payment information to personal messages and medical histories. While convenient, digital storage of information has unfortunately come at a steep cost. The rise of data harvesting, digital surveillance, and cyberattacks has created a perfect storm for privacy violations.

“People think of privacy as a luxury,” says Briedis. “But in 2025, it’s a necessity. Without it, you’re exposed to identity theft, financial fraud, and algorithmic profiling that silently shapes your decisions.”

The data economy thrives on invisibility, often collecting more information than users realize. And once it’s out, you can’t take it back.

The first line of digital defence

While VPN usage is increasing, free VPNs often do more harm than good. Many of these services track user activity, sell data to advertisers, or even inject malware onto your device.

According to recent reports, users of free VPNs face serious risks, including:

• Weak or outdated encryption.
• Hidden data logging practices.
• Invasive advertising and tracking.
• Potential malware distribution.

“If you’re not paying for the product, you are likely the product,” says Briedis. “Free VPNs give a false sense of security while quietly profiting from your data.”

The importance of digital privacy

As digital threats grow in scale and sophistication, the need to protect personal information has never been more urgent. Privacy is no longer a niche concern or a topic reserved for cybersecurity experts — it’s a basic requirement for anyone who spends time online.

Strong encryption, no-logs policies, and secure connections are no longer optional features — they are fundamental tools for safeguarding freedom and autonomy in the digital world.

“You don’t need to be a cybersecurity expert to take back your privacy,” says Briedis. “A good VPN makes that possible — simply, powerfully, and privately.”

ABOUT NORDVPN

NordVPN is the world’s most advanced VPN service provider, chosen by millions of internet users worldwide. The service offers features such as dedicated IP, Double VPN, and Onion Over VPN servers, which help to boost your online privacy with zero tracking. One of NordVPN’s key features is Threat Protection Pro™, a tool that blocks malicious websites, trackers, and ads and scans downloads for malware. The latest creation of Nord Security, NordVPN’s parent company, is Saily — a travel eSIM app. NordVPN is known for being user friendly and can offer some of the best prices on the market. This VPN provider covers 165 locations across 118 countries worldwide. For more information, visit https://nordvpn.com.

Consumers are being tricked into paying upfront fees for non-existent prizes –cybersecurity experts share how to spot and avoid these growing scams

More and more people are falling for fake prize scams, where scammers trick them into thinking they’ve won big in a lottery, sweepstakes, or contest they never entered. These fraudsters play on excitement, promising life-changing prizes – only to ask for upfront payments for supposed taxes or fees.

Once the money is sent, the scammers disappear, leaving victims empty-handed and out of pocket. It’s a growing problem, and experts warn us to stay alert to avoid becoming the next target.

“The scammers behind these fake prize schemes are sophisticated, often using personal information to make the scams appear more believable. The emotional effect of ‘winning’ a big prize only makes it harder for people to think critically,” says Adrianus Warmenhoven, a cybersecurity expert at NordVPN. 

The hidden dangers of prize scams

While these scams might seem obvious, fraudsters are constantly evolving their tactics. Scam attempts can be extremely convincing, with phony calls, emails, and even fake websites designed to deceive victims into providing their personal information and making payments. 

In 2024, prize scams were the most commonly reported fraud in the US, making up 38.27% of all scam reports, according to the National Consumers League. Also, the Federal Trade Commission reported that in 2023 alone, consumers lost $301 million to lottery and prize scams, with an average loss of $907 per person. These numbers highlight the ongoing impact of prize-related fraud.

“Scammers use a variety of tactics to make their scam seem real, including spoofing caller IDs, sending counterfeit documents, and creating fake websites that mimic legitimate lottery organizations. They know how to play on human emotions,” explains Warmenhoven. 

Spotting the red flags of fake prize scams

To protect yourself from falling victim to prize scams, Warmenhoven urges everyone to watch out for these common warning signs:

1. Unexpected prize notices: If you didn’t enter a contest or lottery, it’s a scam.
2. Upfront payment requests: Legitimate organizations don’t ask for money upfront to claim a prize.
3. Pressure tactics: Scammers often create a sense of urgency, threatening that you’ll lose your “winnings” if you don’t act immediately.
4. Too good to be true: If it sounds too good to be true, it probably is.

Protecting yourself from prize scams

Adrianus Warmenhoven emphasizes the importance of staying vigilant and skeptical when receiving unsolicited communication about prize winnings. “Always verify the organization’s legitimacy and never share personal information, such as bank account details or Social Security numbers, over the phone or online unless you’re absolutely sure the source is trustworthy.”

It is recommended to remember that if you didn’t enter a lottery or sweepstakes, you didn’t win. The best defense against these scams is awareness. If you have any doubts, contact the supposed prize issuer directly through official channels, and never provide personal information unless you’re sure it’s real.

ABOUT NORDVPN

NordVPN is the world’s most advanced VPN service provider, chosen by millions of internet users worldwide. The service offers features such as dedicated IP, Double VPN, and Onion Over VPN servers, which help to boost your online privacy with zero tracking. One of NordVPN’s key features is Threat Protection Pro, a tool that blocks malicious websites, trackers, and ads and scans downloads for malware. The latest creation of Nord Security, NordVPN’s parent company, is Saily — a global eSIM service. NordVPN is known for being user friendly and can offer some of the best prices on the market. This VPN provider has over 7,300 servers covering 118 countries worldwide. For more information, visit https://nordvpn.com.

NordLayer, a toggle-ready network security platform for business from the cybersecurity powerhouse that created NordVPN, is preparing to launch a new-generation enterprise browser. The upcoming NordLayer Enterprise Browser, built on years of experience developing tools to combat cyber threats, will feature a wide range of security capabilities to protect modern businesses as their daily tasks shift to the web.

Gartner predicts that by 2030, enterprise browsers will be the go-to platform for productivity and security. They’ll work across both managed and unmanaged devices, making hybrid work smoother than ever. 

The NordLayer Enterprise Browser will help organizations to navigate and combat the cybersecurity challenges emerging from current workplace trends, such as the shift to a web-based software-as-a-service (SaaS) application environment. According to research, 50% of employees claim they can complete all of their work using a web browser, and 80% rely on one for most tasks due to the growing transition to the web. 

The switch from desktop to web-based apps requires more safety measures in the browser itself. The enterprise browser will provide defense against critical web-based threats, including phishing attacks, malware infiltration, unauthorized data sharing, and dangerous file transfer vulnerabilities. NordLayer’s solution will offer centralized security control for CISOs and security teams. It will make setting up and enforcing advanced security policies in the browser easier, safeguarding sensitive business data. Additionally, the product will provide high-level observability and quicker incident response, while the built-in security features will ensure stronger threat prevention. 

The enterprise browser will also address the risks associated with the increasing adoption of the bring your own device (BYOD) policy. Two-thirds of surveyed organizations estimate that at least 50% of devices on their network are unmanaged. The NordLayer Enterprise Browser will simplify network security for organizations with unmanaged devices. It will eliminate the need to deploy and maintain other endpoint software on personal hardware and lower the expenses of containing unmanaged devices on an organization’s network. Consequently, the browser will refine device oversight by allowing companies to transition from fully managed to partially or unmanaged hardware, reducing device management costs in general.

The product will further support BYOD equipment, ensuring employees can securely access the organization’s resources through the browser alone without installing additional intrusive security apps on personal devices, providing a user-friendly experience.  

Key capabilities to expect from the NordLayer Enterprise Browser:

• Enhanced security measures and more control. The solution will offer high-level observability and full-scale response features — all in one package.
• A combination of ZTNA and SWG for a unified solution. The browser will merge years of NordLayer experience and capability to combine zero trust network access (ZTNA) and secure web gateway (SWG) features into one solution.
• Data loss prevention (DLP). Controls for copy-paste functionality as well as camera and microphone use and prevention of unauthorized downloads and uploads will help protect sensitive company information. 
• Centralized control. The enterprise browser will allow CISOs and security teams to establish and enforce advanced security policies for all users effortlessly.
• Support for business growth. Designed to scale with businesses, it will ensure security without disrupting workflows or compromising employee productivity. 

To join the waitlist, please visit NordLayer’s website.

Around a third of internet users say they would like to delete themselves from the internet, with people in the US and Canada being at the top.

According to joint research conducted by the cybersecurity company NordVPN and the personal data removal service Incogni, 45% of respondents are concerned about potentially being hacked. That is one of the main reasons people want to erase their online presence.

People globally also expressed that:

• Almost half (44%) of people feel hopeless, as they don’t know how to remove themselves from the digital world.
• 76% of respondents express concern about the potential for hackers or malicious third parties to access their financial information. Statistically, Canadians are notably more likely to fear that such entities could compromise their financial data.
• 57% of all respondents say they know how to delete their personal information from the internet, or at least some of it.

Additionally, according to the National Privacy Test conducted by NordVPN, with 25,567 respondents from 181 countries, only half of the population claim to know how to secure their privacy online. 

The shift in people’s attitude and their increasing need to delete their presence from the internet highlights a trend: People no longer passively accept the idea that their data should live on the internet forever. There is a growing demand for control, empowerment, and the right to be forgotten. 

Another significant source of worry for individuals is the complexity of recovering from a hack. Regaining control of compromised accounts, securing financial assets, and addressing any harm caused by cybercriminals can be time-consuming and overwhelming. 

Methodology: 2024 survey: Would you delete yourself from the internet? was commissioned by NordVPN and carried out by Cint between June 28 and July 10, 2024. A total of 6,800 respondents aged 18 years old and older from the US, UK, Canada, Germany, France, Spain, and Italy were surveyed. Researchers placed quotas on respondents’ gender, age, and place of residence to achieve a nationally representative sample of internet users.

Leading cybersecurity company Nord Security introduces NordStellar, a threat exposure management platform for businesses. Created by developers of market-leading VPN solution NordVPN, the enterprise cyber threat exposure management platform helps businesses detect and respond to cyber threats, secure data access, safeguard accounts, prevent fraud, and reduce the risk of ransomware attacks.

Threat actors don’t need to look for complicated methods to access systems today. Instead, they can simply search for credentials that are probably already available on the dark web. This presents a risk that NordStellar can mitigate.

The number of cyberattacks targeting businesses is increasing at an alarming rate. According to recent statistics, ransomware attacks have seen a significant surge and now account for almost a quarter of all breaches. There was a 71% increase in attacks targeting identities in 2023. Additionally, cybercriminals now commonly abuse valid accounts, which account for 30% of all incidents.

NordStellar provides comprehensive protection and dark web monitoring for employee, brand, and corporate security. It bolsters enterprises’ resilience against cyberattacks by reducing ransomware risks, preventing account takeovers, identifying malware exposure, detecting compromised credentials, and protecting employees from identity theft. NordStellar is available as a platform and API.

It’s the third cybersecurity solution for businesses, created by Nord Security. The first two – a business password manager NordPass, that also servers individual customers, and an advanced network access security solution NordLayer were launched in 2019 and 2020. This year company also introduced Saily – a new global eSIM. Nord Security’s flagship product NordVPN is now considered to be the leading VPN service globally, featuring additional malware protection features, such as Threat Protection.

The team behind NordVPN, one of the world’s most popular digital privacy and security products, is working on a new worldwide eSIM service — Saily. The product will ensure that global connection to the internet is as smooth and effortless as possible. The new app will be launched later this year, and the early access sign-up is starting today.

Why would you need an eSIM?

eSIM cards are mainly used by travelers and people working remotely because they help to decrease roaming charges and connect to the internet from anywhere in the world. They might also be useful in the user’s home country when they need a cheap data package after a prepaid plan runs out. With an eSIM, a user can buy a short- or long-term plan in minutes.

In addition, Saily will help users find affordable data plans in one place. Users will be able to choose from hundreds of countries and dozens of plans to get the deals that are best for them.

How to sign up for Saily

At the moment, Saily is undergoing an internal testing stage. The beta version is expected to be released in the first quarter. Signup for early access is now available on Saily’s official website: saily.com.

While password sharing is associated with the perks such as money-saving, in reality, having the password of a friend or a family member could be convenient in other instances. For example, when jointly managing a family bank account, accessing children’s learning platforms, or even removing the digital presence of the deceased. People share passwords for many reasons but without knowing how to do it safely, says NordPass experts.

According to NordPass research, a single person has around 80-100 passwords to remember and thus often ends up using the easiest option when creating passwords. For years, people have continued using the same insecure variations of numbers and letters — NordPass data from 2021 revealed that the world‘s most famous passwords remain “123456,” “123456789,” and “qwerty.” According to Chad Hammond, a security expert at NordPass, this password fatigue is relevant in terms of credentials creation as well as sharing. 

“People tend to go for the most convenience with their passwords wherever possible, underestimating the risks involved. To illustrate, I’ll use a likely situation: a person chooses an easy password, reuses it for another platform, then shares the password with a friend. The friend passes it to their colleague, and then voilà — the password you use for various accounts is in the hands of a third party,” says Hammond.

To avoid such situations, easy tips to follow to ensure a secure password transfer include: 

1. Do not trust your kid

Pickiness is forgivable and encouraged when it comes to choosing whom to share personal passwords with. As Hammond says, human mistakes are among the most common causes of data breaches. Therefore, it makes sense to re-evaluate who has access to your passwords and then change those if needed.

While a partner, best friend, or close family member might be considered trustworthy, children should be left off this list. According to research conducted by the US National Institute of Standards and Technology (NIST), kids demonstrate poor password habits — they tend to reuse credentials and share them with their friends.

2. Never use the same password

Children are not the only people failing basic password hygiene. Having dozens of passwords to remember, password reuse is also rampant among adults. A 2019 Google security survey revealed that 52% of US citizens use the same password for multiple accounts, and 13% admit to having a single password to secure all of their accounts.

In terms of password sharing, this trend may have some serious consequences. For example, by granting a friend access to a photo editing tool, a person risks giving away the privacy of many other accounts with the same password.

3. Use only secured networks

Based on European Union Agency for Law Enforcement Cooperation (Europol) recommendations, it is safest to assume no public Wi-Fi is secure, especially at airports. While data exchange may seem a better deal than being charged additionally for a cellular connection, the opportunity to get free Wi-Fi does not outweigh its risks.

Most public networks lack even basic network security measures, and it also requires only a little technical experience for attackers to set up a wireless hotspot themselves and get people to join it. From there, criminals look for data they can monetize. Thus, their priority targets are the passwords of online banking accounts, crypto wallets, and other sensitive data helping them commit identity fraud. Passwords shared connected to this network are likely to get into the wrong hands. 

4. Deploy a password manager

Many password managers allow you to store passwords end-to-end encrypted as well as share them securely with a close circle in a family plan subscription. Equipped with security features, this tool also helps generate new unique passwords upon demand. This is especially handy when you are faced with a risk that data could have been compromised.

“Technologies advance, and the security of most password managers available in the market has repeatedly been validated. To date, this solution is considered one of the safest options for password sharing and works best if used following other key password-sharing recommendations, such as relying on secured networks and carefully choosing trustees,” says Hammond. 

5. Double-check your apps

Since people continue using different communication apps for password sharing, it is essential to check how secure they are. End-to-end encryption, which many platforms lack, is among the main criteria to evaluate if channels used for credentials transfer ensure at least minimum security requirements.

NordPass also recommends downloading apps only from official sources (i.e., App Store, Play Store) and changing app permissions on devices, which may help prevent unwanted data transfer.

The latest survey by NordVPN has shown that 38.6% of Canadians save banking details on their devices to use them on shopping apps and websites later. While many customers go for this option out of convenience, cybersecurity experts warn to be careful, especially during the shopping season, as not all methods are equally safe.

People spend billions of dollars during Black Friday, Cyber Monday, and pre-Christmas time, trying to grab the best deals online and save a buck. In 2020, during Cyber Monday, customers in the US spent a whopping $10.8 billion dollars. 23.2% of annual sales in Canada fall on the Black Friday and Cyber Monday week. No wonder that hackers and scammers want to have their share by stealing customers’ banking details.

“Hackers take advantage of users who use unsecure ways to store banking information on their devices. A person who saves his credit card details in an Apple Pay mobile wallet is much safer than one who keeps a photo of his credit card in the gallery or notes on his phone. And the difference between those options is huge,” says Daniel Markuson, cybersecurity expert at NordVPN.

The habit of saving payment details is similar around the world

38.6% of Canadians save their banking information on their devices. The habits are pretty similar around the world. NordVPN’s research has shown that almost half of Americans (43.9%) store their banking information on their personal devices, followed by Spaniards (39.3%), and Australians (38%). While the Polish (25%) and Dutch (25.6%) care about their credit card safety the most among the surveyed countries, the percentage of people risking their security is still high.

Ways to save banking details on your device and their weaknesses

There are several ways people can save payment card details on their devices:

• Notepads or photos

Some people choose to store their payment details for shopping online by just taking a photo of their payment card or writing down the payment card and CVV numbers in the notes application. 

Weaknesses: While this option is easy and doesn’t require any technical skills, it is the riskiest when it comes to the security of users’ banking details. The research shows that 25% of Canadians don’t lock their phones. This means that even a random stranger could access their photos, notes, emails, and contacts without any additional effort if they got to an unprotected device.

“Moreover, the device’s data can be compromised even without the device being stolen. Countless number of apps can access your photos and notes, some of them may be malicious,” adds cybersecurity expert Daniel Markuson. 

• Browser

One of the most popular ways to store payment information locally is in an internet browser (e.g. Google Chrome, Mozilla Firefox, etc.), as this allows users to autofill banking details while shopping online. 

Weaknesses:  This option may be safer than just taking a picture of your credit card and may help to save some time, but experts say it is often targeted by cybercriminals. 

“The biggest issue is that criminals can create malware which will steal all the autofill information you save in your browser, including your credit card details. One nameless malware like that was analyzed by NordLocker at the beginning of this year. The analyzed Trojan-type malware infiltrated over 3 million computers and stole 1.2 TB of personal information, including around 28 million credentials stolen from various internet browsers,” Daniel Markuson explains.

• Mobile wallets

Mobile wallets (such as Apple Pay, Samsung Pay, Android Pay) may be the safest way to keep your banking details on your device. Those applications usually have strong encryption and ensure the safety of their users.

Weaknesses: There are a lot of mobile wallets and other financial encryption tools out there, but it is important to pay attention to their security standards. Make sure you choose the safest option by researching it before putting in your payment details. 

How to shop online safely

“In general, when it comes to shopping online, make sure you trust the security standards of the company that you are giving your credit or debit card details to. Because once the details are given, the chance of them being leaked or misused is greater,”  says Daniel Markuson from NordVPN. 

• Research retailers online. Never rush to make a purchase without doing proper research on the retailer. Check the reviews on various platforms and only then start spending money. Make sure there’s a lock symbol next to the URL, indicating that the website is secure.
• Use strong passwords. Protect your accounts with complex passwords that contain upper-case and lower-case letters along with numbers and special characters.
• Don’t click on suspicious links. Closely inspect every email you receive and never click on any links. Hackers can impersonate online shops and redirect you to malicious websites.
• Avoid storing your payment information on browser. Even though this is not a bulletproof tip, it’s safer to type your credit card information manually.
• Use virtual cards. Some banks also offer temporary virtual cards you can use in order to shop online without any risks. 
• Use a VPN. A virtual private network encrypts your traffic and hides your IP address, improving your online security and privacy. If you make purchases on public Wi-Fi, using a VPN is a must. Hackers can create a fake hotspot, infect your device with malware, and steal your credit card details. 

Half of women (54%) consider themselves responsible for decisions on IT software purchases and solving tech issues, while a third feel comfortable delegating the task to their partners. This might include anything from purchasing a VPN to troubleshooting a malfunctioning device.

However, when men are asked the same question, 75% of them claim to be running tech-related questions, and only 14% of respondents admit they leave the responsibility to their other half.

The older women are, the more they consider themselves responsible for tech questions.

Young women are twice as likely to address their parents with tech issues, as compared to young men. In general, both genders between the ages 19 and 24 still lean on their parents the most for help with tech questions. 

Another interesting finding of the research is that 45- to 74-year-old women tend to delegate the responsibility of taking care of their software and its malfunctioning to their children, while men are less inclined to do so.

Despite not taking full responsibility for their digital tools, women are better at cybersecurity and protecting themselves online, research by NordPass suggests. Women are more concerned about the potential harm of their personal online accounts being hacked. They also tend to use unique passwords more often than men.

“The study by NordVPN only adds to that finding. Among those who admitted they are highly concerned about cybersecurity, women and men seemed to be equally concerned,” said Daniel Markuson, a digital privacy expert at NordVPN.

“The ever-growing demand for cybersecurity tools like VPN signals the rising awareness of the need to be protected online. From our customer surveys we know that approximately 80% of them choose NordVPN because of privacy and protection. This is a comforting trend, as more and more people take precautions to protect their netizenship,” says Daniel Markuson.

NordVPN’s survey of the adult population (1,000 respondents) in the US was carried out in August 2021. 

Cybercriminals exploit emotions and stressful situations for financial gain mainly. Thus, romance scams and cyberbullying are reported to be among the most common of cybercrimes. The fact that victims do not always seek help inflates the activity even more.

According to Cybercrime Support Network, romance scams and cyberbullying are the top most visited topics on FraudSupport.org. Meanwhile, Federal Trade Commission reports that in 2019, approximately $201 million were lost due to romance scams – almost 40% more than in 2018.    

Kristin Judge, CEO and Founder of Cybercrime Support Network, notes that victims of the aforementioned crimes often remain silent. “Not only are these types of cybercrime common, but can be very emotionally triggering. We understand that it can be difficult for victims of cybercrime to seek help.  It’s important to remember that you are not alone.” 

Romance scams are often long-term strategies, luring victims into believing they are in a long-distance relationship. The scammer will tell stories of personal financial hardships or medical emergencies. They hope that the victim will feel obligated or willing to help them financially. Scammers are searching for victims on dating sites and apps. 

Emotionally Charged Messages are Red Flags

Cybercriminals use social engineering techniques that evoke an emotional act on impulse. Judge says, “Cybercrime and online fraud can affect anyone, at any age, in any profession. If you receive a phone call, email, or text that uses urgent language like ‘act now!’ or ‘respond immediately,’ consider it a red flag.” 

As Daniel Markuson, the digital privacy expert at NordVPN, notes, the best thing is to stay informed about the newest scams. “Scammers are always looking out for new ways to lure people into their traps. And yet, emotions and lack of awareness are the universal weakness. Increase of scams surrounding the social turbulence and lockdown nowadays is just another proof of cybercriminals’ use of peoples’ vulnerabilities”.

Markuson advises always to double-check the sender and never download nor click on anything that you are not sure about. Scammers can rush internet users into taking harmful actions by pretending to be friends, family members, or colleagues. If you or someone you know has been impacted by cybercrime, visit FraudSupport.org for free resources.