The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust. Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.
Apple ID Disabled Scam
A Wyoming citizen reported a fraudulent email claiming her Apple ID had been disabled and that her account information needed to be verified. The email was from email@example.com, spoofed as AppleSupport, and the subject line was “Your Apple ID has been disabled on [today’s date] via a web browser. Code: [#####].” One link in the email appears to be real, but is actually directing the victim to https://prodigueaja.org/vHrUC, not Apple.
Quickbooks Upgrade Scam
A Wyoming citizen reported a fraudulent email spoofing Quickbooks and claiming that “All your payments has currently Been put on hold.” The subject line was “Quickbooks Security Message” and the sender was from firstname.lastname@example.org spoofed as QuickBooks Intuit. Links in this email were verified to be dangerous by Gmail.
Coin Shortage Scammers Warning
There is a national coin shortage. Some less scrupulous store employees are saying they have no coins for change when you present a bill. Thus, your choice is either to put back the goods you wanted to purchase or allow yourself to be short changed. Sometimes this is legitimate. However, if you suspect that this is not legitimate at a business you frequent, tell the store manager. If you suspect the store manager, inform the state Attorney General.
Roku Activation Fee Warning
If you have a Roku, a TV service that delivers streaming channels to your home, there is no activation fee. However, scammers claiming to be Roku support employees are demanding an activation fee via online sales or fake websites when you search for support. Sometimes they demand up to $250. Make sure you reach the real Roku website if you need their support number.
MS-ISAC Patch Now Alert
The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Cisco Small Business, Smart, and Managed Switches and also for Google’s Chrome browser. If you use these products, make sure the software updated.
South Dakota COVID-19 Data Breach
According to the Rapid City Journal, South Dakotans whose COVID-19 status and other personal information was collected by state agencies may be subject to a data breach that is being investigated by the FBI. The information that may have been breached was name, address, date of birth and COVID-19 status.
University of Utah Ransomware
The University of Utah paid a ransomware gang $457,059 to avoid having hackers leak student information online, joining the ranks of Michigan State, the University of California at San Francisco, Columbia College Chicago, and the City University of Seattle. Experts warn that paying the ransom is an agreement with bad actors and that the student data may still be released.
FTC COVID-19 Treatments Alert
The FTC has sent more than 20 warning letters to companies that claim their products can prevent, treat, or cure COVID-19. Before purchasing a remedy, the FTC recommends you always talk with your healthcare professional. https://www.consumer.ftc.gov/blog/2020/08/ftc-sellers-need-proof-covid-treatment-claims
FTC “You’ve Won” Alert
The FTC would like to remind you that legitimate sweepstakes do not make you pay a fee to get your prize and Publisher’s Clearinghouse does not notify winners in advance. Do not trust your caller ID and do not send money, transfer money, gift cards or give personal information, even if you are told you have won a prize.
FTC Stimulus Package Alert
If a new stimulus package is passed by Congress, be aware that you will not have to pay to get it. If someone calls you to ask for your social security number, bank account, or credit card number it is a bad actor.
Other ways to report a scam:
• Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
• File a complaint with the Federal Trade Commission at ftc.gov/complaint
• Report your scam to the FBI at https://www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration.
• Online at https://complaints.donotcall.gov/complaint/complaintcheck.aspx or call 1-888-382-1222, option 3
• Office of the Inspector General: www.oig.ssa.gov