The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust. Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.
Anthem Blue Cross Fake Email
An email claiming to be from Anthem Blue Cross encourages you to open an encrypted message about an invoice. The email is from firstname.lastname@example.org or email@example.com, and the subject line is EFT Enrollment Form – Approved. Similar messages have been used to steal people’s personal information. It was followed up by a second email with a one-time passcode to view the invoice. This second email’s subject line is mis-spelled as ‘Invoice Remmited’ and is a clue that this is a fake. The citizen also received a third email that looked the same, but was from a different sender at fLffirstname.lastname@example.org. Do not click on the link, any attachments or the fake invoice. Reported by a Wyoming citizen.
PayPal and Geek Computers Fake Email
A Wyoming citizen reported a phishing email from PayPal and Geek Computers LLC. The email had a lot of grammatical mistakes, but it did have well designed graphics and looked legitimate at first glance. The email is from PAYING DESK or email@example.com, and the subject line is “Your Order has been processed sucessfully with GEEK Computers llc.” (Note the mis-spellings and mis-capitalizations). The Wyoming citizen did not purchase any equipment.
Credit Card Fraud Advice from a Wyoming Citizen
Always call the phone number on the back of your credit card if you get unexpected communications from your credit card company. A Wyoming citizen received a fraud alert text from a credit card. He had not signed up for fraud alerts with this card, so he was suspicious. Although the text alert was real, after calling the credit card company, the customer service representative said that there was ‘no way’ to really tell if the text alert was real or a scam. Thus, the Wyoming citizen shared, always call the phone number on the back of your credit card because if you initiate the contact, you will know you are talking to a real credit card representative.
Spoofing of SBA’s COVID-19 Loan Relief Website
A Wyoming citizen reported an alert from the Cybersecurity and Infrastructure Security Agency (CISA) stating that there is a malicious cyber fraudster who is spoofing (imitating) the Small Business Administration’s COVID-19 relief webpage and directing victims to the fake webpage via phishing emails. The fake webpage is used to steal credentials. For a picture of the email and more information check out https://us-cert.cisa.gov/ncas/alerts/aa20-225a.
MS-ISAC Patch Now Alert
The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for SAP products (software to manage business operations and customer relations), Microsoft products, Adobe Acrobat and Adobe Reader. If you use these products, make sure the software updated.
Scambusters.org Unclaimed Property Scam Alert
If you receive a phone call, email or text message saying you are entitled to claim funds held in your name, but you need to pay a fee or provide personal information to claim those funds, don’t believe it. Instead, check with the Wyoming State Treasurer’s office.
CharityWatch.org Hall of Shame
With so many in need in the U.S. and the world, charity scams are resurfacing. Before you donate to a charity, be sure to check charitywatch.org and be especially wary of any charity you are unfamiliar with that is raising funds for a current situation, such as the COVID-19 pandemic. Even if they claim to have a celebrity or well-known spokesperson, the charity could be a fake or at least low rated for ethical use of funds. https://www.charitywatch.org/charity-donating-articles/charitywatch-hall-of-shame.
Data Breaches in the News
UtahGunExchange.com, Pace Center for Girls (Florida), SANS Institute, Kent State, Purdue, ISC2.org, Brotherhood Mutual, Zagg, Myriad Genetics, Freedom Forum Institute, Illinois Healthcare System, Michigan State University’s Online Store (credit card info only), ProctorU, Walgreens, and Brown-Forman (makes Jack Daniels).
Other ways to report a scam:
• Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
• File a complaint with the Federal Trade Commission at ftc.gov/complaint
• Report your scam to the FBI at https://www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration.
• Online at https://complaints.donotcall.gov/complaint/complaintcheck.aspx or call 1-888-382-1222, option 3
• Office of the Inspector General: www.oig.ssa.gov