The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust. Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.
Attack detected scam
A Sheridan citizen reported a scam with the subject line misspelled as “System Attak Detected! Blocking is Recommended!” and the link was confirmed by Google as suspicious. The email was from Support.email@example.com.
Zoom vs Zoom Intel scam
If you received an email from Zoom Intel, but it looked like an email from the popular videoconferencing platform, Zoom, it was a scam. Zoom confirmed that they do not own a group called Zoom Intel.
The Secretary of the United Nations scam
The Secretary of the United Nations is not emailing you for an international funds transfer and does not need your personal banking information. The scam, reported by a Sheridan citizen, was from firstname.lastname@example.org with the subject line of IRREVOCABLE RELEASE OF YOUR PAYMENT. Be sure not to open the attached Google form or click on any links.
Former US Ambassador ATM card scam
The former US Ambassador to Nigeria did not leave paperwork in his office saying you should have received your missing ATM card and funds released to you. The email is poorly written and from email@example.com with the subject line of From United States Former Ambassador to the Federal Republic of Nigeria. Reported by a Sheridan citizen.
Scambusters.org deep fake extortion alert
Deep fakes are videos that impersonate an individual and look quite real. Some experts are worried that these videos will be used to show a person doing or saying something that they have never done in reality, like something embarrassing. Then the blackmailers will demand an extortion amount or they will release the video. How do they get your voice and video files to create the deep fake? By installing malware on your PC or scraping them from your social media accounts. Remove online photos and audio files that may have your forward facing picture and voice. Encrypt them on your computer.
Scambusters.org online car buying/selling scam alert
Fake buyers are scamming sellers. They are taking the car for a test ride and then stopping to get out and ‘open the hood’ but when both get out, the fake buyer jumps in the car and drives off with it leaving the seller stranded. Another version of this scam is when the fake buyer pulls a gun on the seller. Scambusters also suggest to be very suspicious of advanced payment scams for cars. Often fake checks are sent. A version of advanced payment to be aware of is fake escrow accounts to hold the cash until the buyer receives the car. The FBI’s Internet Crime Complaint Center and the BBB have said that they have received thousands of these types of fake escrow accounts for cars complaints. Warning signs that the car sale may be a scam:
• Extremely low prices.
• Claims of a family death, divorce or military deployment forcing an urgent sale.
• Any excuse for the ‘seller’ to avoid meeting the ‘buyer’ or letting them see the vehicle.
• Claims that the deal is secure because of an escrow account or a guarantee from a company like eBay, Craigslist, Facebook Marketplace or Amazon.
• Leaving voicemails instead of speaking to you.
Ways to protect yourself when buying/selling a car include:
• Pay for a legal car inspection service to view and report on the car.
• Insist on meeting the owner and inspect the title.
• If an escrow is discussed, insist that you choose the company and then do the research online.
Data breaches in the news
Gaming Partners International, Grow Diaries, Chesapeake Regional Healthcare, Mashable.com, LensCrafters, EyeMed, Target Optical, RedDorz (hotel management platform), CBS Last.fm (music streaming), the US Fertility Network, Sophos (antivirus software), Illinois Valley Community College, Belden, Advanced Urgent Care (FL), Four Winds Hospital (NY), Galstan & Ward Family & Cosmetic Dentistry (GA), Peatix, Headlam, LSU Health New Orleans, the Corcoran Group (real estate files), Spotify, Fortinet (VPNs), Mercy Iowa City, Mitsubishi Electric Corp (business partner info), Pray.com, Liquid (cryptocurrency exchange), TronicsXchange, Pluto TV accounts, Delaware Division of Public Health, North Face, 123RF Stock Photo Service, Vertafore (insurance software provider) and Animal Jam (online children’s playground).
Please report scams you may experience to firstname.lastname@example.org to alert your friends and neighbors.
Other ways to report a scam:
• Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
• File a complaint with the Federal Trade Commission at ftc.gov/complaint
• Report your scam to the FBI at https://www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration.
• Online at https://complaints.donotcall.gov/complaint/complaintcheck.aspx or call 1-888-382-1222, option 3
• Office of the Inspector General: www.oig.ssa.gov