The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust. Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.
Text survey alert
A Sheridan citizen reported a text from Research-Polls.com asking her to respond to a survey about “local issues in Oregon.” The text had a picture that said “Your Opinion Matters!” When CyberWyoming investigated, we found that Research-Polls.com was a new website and had a low trust rating.
Ace Hardware impersonation email
If you receive an email saying they are from AceHardware.com but, if you look closely, it is really from a tut.com email address, a Sheridan citizen wants you to know not to click on the link. The subject line of the email is “2nd attempt for.(name redacted)” and the link goes to a UK website address. Note that this citizen also reported two other scam emails from the same tut.com address impersonating DHL and the three credit reporting agencies.
Wix domain owner email scam
A Laramie citizen reported an email whose subject line was “Your attempt to contact a Wix domain owner” from wix-domains.com. The citizen said that they had not attempted to contact any website domain name owners and felt this email was suspect. CyberWyoming Note: According to the Wix Help Center, legitimate Wix emails always end with wix.com, not domains.com. This appears to be a phishing website attempting to steal information.
Mail delivery failed email scam
Sometimes you may send an email and realize that you fat fingered the email address when you receive a failed delivery message. A Laramie citizen reported an email that looked like one of these failed delivery messages, but it encouraged you to download a document. The email’s subject line was “Mail delivery failed: returning message to sender” and the email was from email@example.com.
Another dying widow scam
Even though you may be an “honest and faithful person”, a Laramie citizen wants you to know that Helen Carson asking for help to disburse her funds in the US before she dies, is a fraud. The email’s subject line is “Greetings” and it came from a Gmail address.
If you’re an Instagram user, watch out for a follow that appears to come from a friend suggesting they have a secret site, which they urge you to visit. A series of links eventually takes you to a page where you’re supposed to use your credit card to sign up for what turns out to be recurring charges. You should never assume that a follow request comes from a person you know. Check independently with them. Brought to you by scambusters.org.
The Better Business Bureau is not handing out checks for $2,950, contrary to what you might think when you get one seemingly from the BBB. They’re forged and may even clear when you initially present them to your bank. The trick could be part of an advance fee scam where you’re asked to refund part or all of the money via a cash wiring service. Even if it’s just a malicious trick, if you spend any of the money, you’ll have to repay your bank when the check eventually bounces. Brought to you by scambusters.org.
Green dot scams
Brought to you by scambusters.org. Green Dot is a legitimate bank that issues prepaid debit cards, among other products, however scammers take advantage of these products to try to get you to send them advanced money fees. Be sure to check the address for the legitimate greendot.com.
New Green Dot impersonation scams:
• Fake COVID assistance program with no strings payments of $10,000 which contains a link to a fake Green Dot webpage that asks for your personal information.
• Fake bonus program with a no strings $1000 account bonus, which asks you for your Green Dot sign on information and personal information.
• Bogus security alerts which direct you to a fake sign-on page.
Data breaches in the news
You probably know that a lot of people are making a lot of money by mining Bitcoin cryptocurrency. But maybe you’re not sure exactly what mining is and how to do it. Scammers have caught on to this by posting YouTube videos that make the whole process look easy and offer free downloadable mining software. But it’s not what they say; it’s data-stealing malware called PennyWise. It’s clever, faking authenticity by using download password protection and a trust certificate. Your antivirus should spot it, but your best protection is not to download files from people you don’t know. Brought to you by scambusters.org.
MS-ISAC and CISA patch now alert
The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Apple, Cisco’s Secure Web Appliance, and Google’s Chrome browser products. If you use these products, make sure the software (or firmware) is updated.
Please report scams you may experience to firstname.lastname@example.org to alert your friends and neighbors.
Other ways to report a scam:
• Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
• File a complaint with the Federal Trade Commission at ftc.gov/complaint
• Report your scam to the FBI at https://www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration.
• Online at https://complaints.donotcall.gov/complaint/complaintcheck.aspx or call 1-888-382-1222, option 3
• Office of the Inspector General: www.oig.ssa.gov
The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register.