Practive Security Newsletter for June 19, 2026
Android threat, Financial Crime, Digital ID, VPN, Books, Personal Security and more
Hello Practive Security Subscribers!
Thank you again for being members and for joining us in our mission to help everyone defend themselves from the threats lurking online that work against us every day. We hope and pray that our work has been valuable to you.
As always, we have much to bring to your attention by way of the announcements in this update. The key stories are listed below, followed by an expanded explanation and link to the full article or video for each. This is an important set of updates, and we are honored to be your trusted advisor who can bring this to you.
Please let your friends and family know about our work, and sign up to gain full access to all we offer.
From this week:
New threat advisory posted for Android users
New threat intelligence: a story of real-world financial crime
Meta announced an expansion of data harvesting that is more consequential that many seem to realize
Digital ID in the news and throughout the world
VPN confusion
Securing Android smartphones as a shared device for the family
Book updates
New video highlight of our personal security assessment tool and consulting service
New Threat Advisory for Android Users: Rokarolla
This week we learned of a new attack and extremely dangerous malware toolkit that is targeting Android smartphone users. We reviewed the details from multiple sources and relayed our combined understanding, analysis, and strategies to stay safe in our latest Threat Advisory available here: https://www.practivesecurity.com/advisories/threat-advisory-06162026-rokarolla-android-malware
This advisory also highlights some of the deeper security issues inherent in the Android ecosystem that you need to be aware of, but with proper diligence, you can avoid becoming of victim of this attack and others like it.
It’s important to remember also that our Threat Advisory service is a core component of our Essentials Membership available at https://www.PractiveSecurity.com
If you want to be kept informed about the latest threats that are relevant to you, sign-up for an Essentials Membership. It is only $15 / month and comes loaded with features. It’s also important to sign-in occasionally and look for new content that matches your interests to make sure you haven’t missed anything new. We do periodically release threat advisories on Substack, but there is always more on our website for Members: that is our primary focus.
New Threat Intelligence: A story of real-world financial crime
We recently received a call for help from someone who had experienced a relatively sophisticated and rapidly executed cyber attack that caused them substantial trouble while on travel. You can read about it here: https://www.practivesecurity.com/advisories/threat-advisory-06152026-abusing-email-for-financial-crime
This story helps us all remember and understand the threats we face every day when we connect to the Internet or use our devices to engage the digital world. Sometimes it’s difficult to see these risks, but stories like these remind us of how sudden and destructive an attack can be. As always, we also provide our tips to help you prevent this same situation.
It’s a complicated story, but one that could happen at any time. Take a moment to read this report and make sure you are doing all you can to stay protected.
This is also a great reminder of why we are doing what we do. The person who contacted us about this issue was in the midst of recovering from it and needed someone they could trust to guide them through and to help them make final decisions. We are honored to be that for you. For our Substack-only customers, we will post this soon, but website members get exclusive and early access first.
Meta’s New Data Privacy Policy
Over the weekend, it appears that some users of Meta/Facebook received a notice that Meta is phasing in an expansion of their data collection policy to include the use of “off-Meta” information they acquire about their users, now within the Meta product experience. In addition, Meta announced that they are removing data privacy controls that used to be available for users that prevented them from being able to do this.
News of this story was brought to us from someone who asked for our guidance; which is exactly what we are here for.
Reports are circling that many Meta users are taking this news as the final straw among the many ways Meta has continued to openly compromise individual privacy of their customers. There are reports that because of this change, some are closing their personal Meta accounts in favor of other social media platforms.
We analyze this policy change and what it means for you as a Meta user…and for all of us in our article here: https://www.practivesecurity.com/advisories/zhdwgbb0zg9sgklrlv0nw0s5m58rwm
And here: https://practivesecurity.substack.com/p/advisory-changes-to-facebooks-off
But these changes by Meta are part of a larger story that is unfolding live throughout the Western world.
Digital ID
You have probably noticed in the news that for the past several months there has been an increase in activity among countries throughout the Western world toward implementing age-based restrictions that control access to social media and AI. In fact, this is an active topic in the US as we have written about recently regarding the GUARD Act and how Meta is responding to implement it before it becomes law. As many people seem to be responding that “this would never happen here,” because of the first amendment, it actually is happening here, right now.
This week, the UK announced a country-wide ban on social media use for teens, as they work to implement an initial form of digital ID that will govern access to the Internet, for all. Once implemented, all users of social media in the UK will need to prove they are an adult before being granted access, and access will otherwise be denied by default. This is essentially the same structure as our own GUARD Act, although the US version is aimed (for now) at denying use of AI Companions among teens. However, there are multiple states that are working on legislation to implement age-based restrictions for access to social media. It is expanding fast.
These age-based restrictions are actually exactly what led to Meta’s data privacy change and their expansion of the acquisition and integration of data they can buy or obtain from other businesses who provide Internet-based services. They are working to collect enough information about you based on what you do on the Internet, in order to positively identify you as an individual, automatically, when you try to access your Facebook account. Creepy!
This brings up a whole range of subjects regarding user profiling, which we cover extensively throughout our articles, and heavily so in the first few chapters of our book, Practive Security 101.
As we shared in a post earlier this week on X/Twitter:
“What’s the big concern with Big Tech profiling us with data collection practices with such precision that they can identify us individually based on our online behavior and then use that to govern access to their platforms based on who we are?
Well...it’s always about what happens next. Assume great power will fall into the hands of sinful men.
We know recent Presidents and their administrations have used the power of the government along with partnerships in big tech to compile lists of political enemies. In recent years, purchasing Bibles online could earn you a “domestic terrorist” label. As could purchasing emergency resources if the quantity and type earned you the label of a “prepper.”
But despite that concern, with the information these Big Tech companies have about us, they create massive campaigns to influence us, which can affect what we’re thinking about, what we desire, what we fear...and that can affect our souls.
It’s a very big problem no matter how you consider it, which is why I categorize these platforms and the men who create them with these capabilities as adversarial in nature.
We need to be diligent about shielding ourselves from their weapons so that no matter what they send our way, we are protected. But in today’s world, they also own the means of participation...and that’s not something we can shield ourselves from. Instead, we will need to build paths of resilience...ways of sufficiency...communities of support...monasteries within the cities.”
Make no mistake, digital ID is coming very fast to the US, primarily emerging in the name of protecting children. We have much more to say on this topic, which is available in recent articles we have posted, including this one.
As James Madison once said, “crisis is the rallying cry of the tyrant,” and as Benjamin Franklin warned, “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.”
Ironic, given this celebratory year of 250 years as a nation.
VPN
The digital ID debate is also reigniting conversations about VPN, with some concerns that VPN will be banned in the UK soon and throughout Europe as the age-based access controls will need to be able to positively identify you as the person behind the screen. From the responses we have read lately, it appears that many people do not understand what VPN is, how it works, and what its limitations are.
We have written about that here (also in our book, Practive Security 101): https://www.practivesecurity.com/personal-security and elsewhere in Substack, including our VPN-specific article here: https://practivesecurity.substack.com/p/vpn-explained
You can still be personally identified through VPN. X/Twitter has recently demonstrated this as they now place a geo-location label on user accounts which identifies the region in which the account owner resides.
VPN is an excellent tool for privacy, but it is not what many people think it is. Fortunately, you have us to empower you with the truth.
Securing Android Devices for Families
This week we had visitors to our home (often the case) and we had a great conversation about Android devices and the concept of having shared family devices that are used by adults and kids alike. In our own home, we also have and use shared devices. In fact, I think it is wise to do so rather than having dedicated devices for individual children (which I strongly advise against). This conversation was a great real-world dive into the dynamics of parenting today, and how to balance the proper use of technology in life in a way that keeps kids safe, teaches them responsible integration of tech, and also protects them from harm.
This conversation caused us to review our article on securing Android devices for youth, and we published a revised version for our customers on our Parents page here: https://www.practivesecurity.com/parents
Book Updates
Finally, the books! We’ll start with the larger project.
Countering the AI Revolution
We are pens down, finished with editing and our final draft has been accepted and endorsed for printing by our publisher! Final word count is 116,936 words. Wow!
Next week begins the interior layout and cover art design work for the print version, as the design team does their magic. We are getting very close to the finish line. I hope to have the book published in July, but it sounds like marketing might take a little time to get into gear for the launch. The estimate the publisher has given me is “August.” Stay tuned for updates!
But I want to share with you some of the feedback I received from the team of editors who worked the manuscript, because it was very encouraging to me. This is a Christian book publisher, so keep that in mind. My representative on the editorial team started our final review call this week by saying:
“First of all, thank you for submitting this manuscript to us. From a marketing perspective, it’s phenomenal. From a content perspective, it’s phenomenal. We are very excited about publishing this book. Our team of editors rarely have positive feedback to share because they take a critical view on every manuscript through a technical lens. Their feedback was very positive.”
Needless to say, this made my day. We did make a lot of changes based on their feedback, but I believe the tone of the writing remains true, and I’m pleased with their recommendations. I am not a professional writer after all, and I hope their edits make the work more acceptable to the reader.
My editor went on to say that they receive manuscript submissions about AI “all the time,” and she said that these stories are always positive or pro-AI. She shared with me that this has never sat right with her personally and that she has always been concerned about AI, but didn’t know enough to understand if those concerns were founded. When she saw the title of my submission, even before it was endorsed as a book project for editorial reviews, she took it and read it out of personal interest. She thanked me multiple times for writing it and submitting it and she said now she knows her concerns were right, and she is taking steps in her life to change her approach to AI.
That is all I needed to be even more excited to bring this work to everyone. I hope it serves all readers well. It’s coming…soon!
In retrospect (as I’m sure is always the case for writers) I realize there is more I could have written, more I could have explained, and more I could expand upon. There are multiple books I reference throughout Countering the AI Revolution, and I make the assumption that the reader is familiar with them in general and/or will take time to read them in light of what I bring to their attention. And so I submit this work as my contribution among several others on this topic in the hope that my insider perspective can contribute in a meaningful way to a much larger conversation. But I will continue writing for you all through articles shared under Practive Security.
Practive Security 101
Next, I wanted to remind you that Practive Security 101 is available on Amazon.com today in paperback and Kindle formats, for $25 and $19.99 respectively.
I created a summary video shared on our YouTube channel here if you would like to listen to my walk-through and explanation of the book.
The news and announcements I shared in this newsletter above are all topics we cover foundationally in the book, which reminds me of its value as a single guide for all you need to know about digital health, online security, and online safety.
Grab your copy and let me know what you think. https://www.amazon.com/dp/B0H4LK1Y93
Personal Security Assessment Video
Finally, I also created and posted a summary video on our YouTube channel this week about one of our possibly lesser-known services: our personal security assessment tool. Here’s the video
and this is where you can purchase access to the assessment: https://www.practivesecurity.com/signup
Most fundamentally, this is about helping you review your use of online technology and services, to help give you confidence of what you are doing well and also highlight areas where you may need to improve. As I share in the video, privacy and security are very personal topics, and while I’m working to provide you with an understanding of the online threats and how to counter them, each of us must forge the shield of protection that is appropriate for our context, life, family, and business.
I hope the personal security assessment can be a resource to help you do exactly that, and I am always here to connect with you personally, to consult or advise on any topic I can help with. If you would like a personal assessment and session to review your practices, contact us and we will schedule a consultation, but start with the assessment above.
As always, stay tuned for more from Practive Security!