The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust. Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.
Real program announcement from Wyoming AARP
The AARP Fraud Watch Network and Volunteers of America have created a new, free program designed to address the emotional impact of being involved in fraud. “Experiencing a scam can be devastating, but it doesn’t have to define you,” said the announcement. To sign up for a free facilitated peer-discussion group or to get more information about the ReST (Resilience, Strength & Time) program visit www.aarp.org/fraudsupport.
Password expiration scam alert
A Casper organization reported an email from email@example.com, spoofed as the organization’s name@PasswordExpire with the subject line of Password/Notification. The link asks you to use the same password at the following suspicious link: http://397.ridhantours.com/#michaelanthonyshair.com/wlsk/lyadny/cmphY2tzb25Ad3lvaGVhbHRoLm9yZw==. CyberWyoming note: We did notify Vanderbilt’s IT department so they can check into this account that sent this email from their domain.
“Your Account is Hold” scam
A Casper citizen reported an email from Support@Mailgun.com with the subject line of “Your Account is Hold.” The email says that the citizen should “UPDATE ACCOUNTE N0W.” While mailgun.com is a real website, the link takes you to babalu.mx/mailgun which is in Mexico and most likely fraudulent. CyberWyoming note: Any time incorrect grammar or misspellings are in the email, be wary.
Old refund scam
A Gillette citizen reported an email from Balance Days at firstname.lastname@example.org saying they had attempted to contact her three times about an old 2016 refund. The email did not say what kind of refund. CyberWyoming note: While www.improoveandbalance.com is a real website, it is used for investment guidance and there was a warning about these types of ‘no name’ websites by the FTC recently. Also, the website does not list a way to contact them which is a red flag.
Unemployment scams are top three in the nation and a Gillette citizen reported an email from Kiwii K at email@example.com with the subject line of “(3rd Attempt) INTERVIEW for [citizen’s name].” Britney claims to be an employment rep who has been informed of a job opening in the citizen’s area. CyberWyoming note: While www.kindkiwii.com is a real website, it is used for coupons and finding deals and has nothing to do with employment. However, the website does not have a way to contact them, which is a red flag.
Changed bank account scam
A Sheridan business reported an email sent from firstname.lastname@example.org spoofing an employee saying the employee had changed his bank account because of suspicious activity, thus he needed to change his direct deposit details. CyberWyoming note: This has occurred all over the state. Be sure to train your accounts payable personnel not to change direct deposit information without calling and confirming first.
Text scam alert impersonating Wounded Warrior Project
A Laramie citizen reported a text scam alert from 786-494-0878 asking her if she would like to be paid to put a decal on her vehicle for the Wounded Warrior Project and be paid $400/week to increase the awareness of the Project. While the Wounded Warrior Project is real, this car decal offer is not. https://www.woundedwarriorproject.org/scam-information
Amazon package details scam
A Laramie citizen reported an email from email@example.com spoofed as Order Status from Amazon.com. The email was well worded with Amazon’s logo yet the shipped to address was not the citizen’s address, which was probably worded that way to prompt the citizen to call the fake number at the bottom of the email. CyberWyoming note: See Amazon impersonation scams spotted across the nation alert below.
Amazon impersonation scams
While Amazon impersonation scams are in the top five reported by Wyomingites to CyberWyoming, it seems that it may get worse. A spike in complaints about both Amazon and Apple impersonation scams has been reported both via phone and email. According to YouMail, a call protection company, Americans are receiving between 100 million and 150 million illegal recorded calls per month from scammers claiming to be from Amazon. If you receive a call saying there is a ‘problem with your Amazon account’ that mentions fraud or a lost order, just hang up. But also be aware that this call scam could easily move to email and don’t click on any links in your emails. If you are worried, sign on (separately without clicking on a link) to your Amazon account and check the order history. It is also a good time to enable 2-step verification on your Amazon account. 2-step verification sends you a text or email with a one-time code to complete the sign in after you have entered your username and password. For more information, here is the full article: https://uspirg.org/blogs/blog/usp/man-lost-124000-amazon-scam-here-are-10-ways-keep-it-happening-you.
MS-ISAC patch now alert
The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Google’s Chrome Browser and VMware’s Carbon Black App Control products. If you use these products, make sure the software (or firmware) update.
Please report scams you may experience to firstname.lastname@example.org to alert your friends and neighbors.
Other ways to report a scam:
• Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
• File a complaint with the Federal Trade Commission at ftc.gov/complaint
• Report your scam to the FBI at https://www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration.
• Online at https://complaints.donotcall.gov/complaint/complaintcheck.aspx or call 1-888-382-1222, option 3
• Office of the Inspector General: www.oig.ssa.gov