What if the website wasn't fake — but the message it showed you was? In this episode of SipCyber, Jen Lotze stops into City on a Hill Coffee in Leadville, CO, where the Colorado Rockies rise just outside the window and a hazelnut latte sets the scene for a conversation about one of the most effective cyberattack campaigns in recent memory.

Cybersecurity researchers uncovered a massive ClickFix malware operation targeting more than 700 education and technology websites — not fake sites, real and trusted ones. Visitors were greeted by a familiar-looking verification screen, asked to prove they were human, and then walked step-by-step into installing malware themselves. No software exploit required. Just trust — and a message that felt routine.

A side trip to Leadville's straightforwardly named "The Tattoo Shop" becomes an unexpected lens on how trust is built online, how attackers exploit it, and the one question that can protect you: Is this really what it claims to be?

Key Topics Covered:

• What the ClickFix malware campaign is and how it spread across 700+ legitimate websites
• Why real, trusted sites are more dangerous attack surfaces than fake ones
• How fake CAPTCHA screens trick users into running malicious commands themselves
• The psychology of borrowed trust — and why it's so effective
• One grounding question to ask before you follow any online instruction

☕ Featured Coffee Shop: City on a Hill Coffee, Leadville, CO 🍵 Jen's Order: Hazelnut latte

The most dangerous attacks don't feel dangerous. Subscribe for weekly cybersecurity insights from coffee shops across the country — and share this with anyone who's ever clicked "I'm not a robot."

#Cybersecurity #ClickFix #Malware #SocialEngineering #CyberAwareness #InfoSec #CyberSafety #SipCyber #Phishing #TrustAttacks #DigitalSafety #SecurityTips #CyberEducation

Confidence isn't something you find — it's something you build, one skill at a time. In this episode of SipCyber, Jen Lotze visits Bitty and Beau's Coffee in Charleston, SC, a shop with a mission as meaningful as its coffee: creating employment opportunities for people with intellectual and developmental disabilities. That spirit of empowerment carries straight into the cybersecurity conversation.

This month, Microsoft released fixes for more than 200 security vulnerabilities in a single Patch Tuesday — one of the largest update releases in the company's history. It sounds overwhelming. It's not. Jen breaks down what these patches actually mean, why most security failures aren't technical failures, and the one simple habit that closes more gaps than most people realize: restarting your computer every day.

No advanced IT knowledge required. Just a small, consistent action — and maybe a good cup of coffee.

Key Topics Covered:

• What Microsoft's record-breaking June Patch Tuesday actually means for everyday users
• Why security updates don't fully protect you until you reboot
• The real reason most people get compromised (hint: it's not a lack of expertise)
• A dead-simple daily habit that strengthens your security posture
• Bonus tip: how to restore all your browser tabs after a restart (no more excuses)

☕ Featured Coffee Shop: Biddy and Bo's Coffee, Charleston, SC

Small actions, big results. Subscribe for weekly cybersecurity tips from the best coffee spots across the country — and share this with the person on your team who hasn't restarted their laptop in six months.

#Cybersecurity #PatchTuesday #Microsoft #CyberHygiene #SoftwareUpdates #InfoSec #CyberSafety #SipCyber #DigitalSecurity #SecurityAwareness #SmallBusiness #CharlestonSC

In this episode of SipCyber, Jen Lotze settles into The Fox and Pantry in Plymouth, MN — a space so thoughtfully designed it immediately earns your trust — and uses that feeling as the perfect lens for a conversation about AI and healthcare privacy. Over a Pineapple Mango Mint Refresher on a blazing Minnesota afternoon, Jen breaks down a growing blind spot: millions of people are using AI tools to interpret health information, but many of those tools aren't subject to HIPAA the same way your provider is.

The app looks secure. The interface feels clinical. But confidence and verification are not the same thing.

Key Topics Covered:

• Why many AI health tools aren't covered by HIPAA — even when they market as "healthcare-focused"
• What to look for in a privacy policy before uploading any medical information
• How polished design creates a false sense of data security
• What business owners need to know when employees use AI with patient or customer data
• The one-minute habit that protects your most personal information

This isn't about avoiding AI — it's about using it with eyes open. Your health history, mental health concerns, and lab results deserve the same scrutiny you'd give any tool handling your most sensitive data.

☕ Featured Spot: The Fox and Pantry, Plymouth, MN

Don't hand your health data to an app before you know where it goes. Subscribe for weekly cybersecurity insights delivered from the best local spots across the country — and share this with someone who's ever typed a symptom into an AI chatbot.

#HealthcarePrivacy #HIPAA #AIPrivacy #HealthData #Cybersecurity #DataPrivacy #AIHealthcare #InfoSec #SipCyber #DigitalSafety #MedicalData #CyberAwareness #HealthTech