Are We Close to the End of Passwords?

We’ve been hearing for years that passwords are dead, yet they remain one of the most important layers of security for both individuals and organizations.

It’s true that passkeys, biometrics, and other authentication methods are gaining traction, but passwords are still the primary way most people secure their accounts.

Do you think passwords will eventually disappear?

reddit.com
u/PandaSecurity — 6 days ago

Melissa Virus: trust as the entry point

In 1999, a virus known as Melissa infected around one million computers within just a few days. It spread through a Word document containing the message: “Here is the document you asked for… do not show it to anyone”.

Major companies were forced to shut down their email systems, with estimated damages reaching $80 million in cleanup and recovery costs.

Protecting yourself against email-based threats is simple:

  • Don’t open unexpected attachments.
  • Keep systems and software up to date.
  • Disable Office macros unless necessary.
  • Verify unexpected file requests through another channel.

More than 25 years later, many attacks still rely on the same principle Melissa exploited: trust.

Why do you think trust is still the main entry point for these types of attacks?

reddit.com
u/PandaSecurity — 13 days ago

An automatic Gmail feature may allow access to users’ email data

Many Gmail users may not realize that certain automatic Gmail features can allow access to email content, attachments, and other information in order to enable AI-powered functionalities.

While these tools can improve productivity, they also raise privacy concerns, particularly for users who may not be aware that these features are enabled or how their data is being processed.

Were you aware this feature existed, or is this the first time you’ve heard about it?

reddit.com
u/PandaSecurity — 20 days ago

The World Cup kicks off in 9 days: watch out for scams

Only 9 days until the World Cup kicks off, and while fans are counting down the days and searching for tickets, scammers are stepping up their efforts to try and take advantage of them.

Some warning signs include:

  • Websites claiming to sell tickets before official sales begin or outside official channels.
  • Social media posts offering "guaranteed" tickets at low prices.
  • Messages creating a sense of urgency with phrases like "last chance" or "only a few tickets left."
  • Requests for payment through cryptocurrency, gift cards, wire transfers, or other methods that offer little protection.
  • Suspicious URLs or recently created websites that imitate legitimate sellers.

Remember: if an offer seems much better than the rest, don't trust it.

For those who have attended major events: what's the most convincing scam you've seen, and what signs helped you spot it?

reddit.com
u/PandaSecurity — 1 month ago

RAMageddon: What it means for your next upgrade

Research from firms like IDC and TrendForce warns that DRAM prices have already increased by nearly 90-95%, with potential further hikes of up to 70% in the coming months.

The shortage is driven by the AI boom, a lack of prior investment during the economic downturn, and limited capacity to quickly scale up advanced memory production.

For regular buyers, the RAM shortage has three main consequences: paying more, getting less hardware, and waiting longer to receive the device they actually want.

How to protect yourself?

  • Do not wait to upgrade later; costs will remain high.
  • Last year's equipment with more RAM offers better value and longevity than new models with stripped-down specs.

Do you think the RAM shortage will last as long as analysts predict, or will the market stabilize sooner?

reddit.com
u/PandaSecurity — 1 month ago

Beware of AI-powered vishing scams

Vishing attacks are becoming much more convincing thanks to AI.

What used to be easy-to-spot robocalls now sound natural, personalized, and urgent.

Some tactics that are becoming increasingly common:

  • AI-generated voices impersonating family members, coworkers, banks, or tech support.
  • Calls designed to create pressure, with messages like “your account has been compromised” or “you need to act immediately.”
  • Scammers using leaked personal data to make the conversation feel legitimate.
  • Hybrid attacks that combine SMS, emails, QR codes, and phone calls to build trust before asking for money or sensitive information.

The worrying part is how much easier AI is making all of this. Scams that once required time, skill, or social engineering experience can now be generated and scaled in minutes.

What signs do you usually look for to spot a vishing attempt?

reddit.com
u/PandaSecurity — 2 months ago

Do you use antivirus on your gaming PC?

Many attacks are specifically targeted at gaming communities: stolen credentials, drained accounts, and malware hidden inside “mods,” cheats, or game cracks.

Even on popular platforms, you can run into phishing links or fake downloads designed to trick people who are simply trying to install a mod or improve performance.

So yeah, having a reliable antivirus helps catch these risks and protect you while gaming or streaming.

The issue is that not all antivirus software is really designed with gaming PCs in mind. If you have to pick one, the things that usually matter are:

- Background performance impact while gaming

- Real-time protection against malware, ransomware, and phishing

- A proper game mode that pauses scans, updates, and popups

- Lightweight performance in real use

- Clean and simple UI

- Multi-device protection if you also game or stream elsewhere

Do you use any antivirus on your gaming PC? How has it been working for you?

reddit.com
u/PandaSecurity — 2 months ago