The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust. Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.
Facebook Tracks Browsing Activity Outside of Facebook
A Wyoming citizen reported that when Facebook recently updated their software, a new setting to “Track Off-Facebook Activity” was activated. This means that Facebook can track other websites that you visit, like your bank, online shopping and more. If you would like to keep this information private, here’s how. Open your Facebook account and navigate to Settings. Choose “Your Facebook Information” from the left hand column on the settings screen. Choose the View link next to Off-Facebook Activity. Choose “Manage Your Off-Facebook Activity”, then choose Manage Future Activity, then slide the button to turn off “Future Off-Facebook Activity.” Facebook does not make changing this setting easy, there are pop-up windows asking you if you really mean it in multiple places and at one time you also have to re-enter your password. For screen prints and step by step instructions, check out this link at CyberWyoming’s website https://www.cyberwyoming.org/facebook-setting-tracks-all-activity/.
SAM Registration Reminder
For those businesses that apply for grants, SAM.Gov is the federal government’s system for award management and requires a CAGE code for applications. Both are available at no cost. Many Wyoming businesses have received multiple expiration reminders from scammers asking for money to renew the SAM registration or the CAGE code. Only renew these at SAM.gov and do not follow a link in an email. (Reported by a Wyoming citizen)
MS-ISAC Patch Now Alert
If you use Google Chrome or Bitdefender SafePay the Multi-State Information Sharing and Analysis Center wants you to make sure that the software has been updated (patched). (Bitdefender SafePay is a protected web browser designed to secure sensitive online transactions such as online banking and e-shopping.)
IRS Alert COVID Scams Targeting Stimulus Checks
The IRS would like to remind you that they never communicate via social media, text message, phone calls, and email to discuss stimulus payments. If you receive a message from the “IRS” via these methods it is a scam.
Fake COVID-19 Contact Tracing Apps Infect Android Phones
Researchers have found 12 Android applications disguised as official COVID-19 contact tracing apps, but their real purpose was installing malware onto the devices. Do not install a contact tracing app on your phone unless instructed to do so by a public health officer. Confirm that person’s identity to ensure you aren’t being scammed. (darkreading.com)
Netgear Router Alert
79 Netgear router models can allow an attacker to take full remote control. Netgear is a popular home router brand. The fix for the vulnerability has not yet been published by Netgear, but please watch for it to be coming out soon. For a list of the routers affected check out this Bleeping Computer article: https://www.bleepingcomputer.com/news/security/79-netgear-router-models-risk-full-takeover-due-to-unpatched-bug/
Data Breaches in the News
Specialized dating apps (3somes, Cougary, Gay Daddy Bear, Xpal, BBW Dating, Casualx, sugarD, Herpes Dating, and GHunt) chats and pictures breached, MaxLinear (US Hardware Manufacturing Firm), Elkhart Emergency Physicians (South Bend, IN), Stat Informatics Solutions (Lebanon, TN), BJC Health System (Missouri), Cognizant (IT Services), Frost & Sullivan (San Antonio), 200 police departments nationwide (BlueLeaks), Stalker Online (online game), Aspire News (domestic violence emergency distress messaging system), Sanitary Process Engineering & Components, ArgoMart Group, Preen.me (social media influencer firm), and OneClass (remote learning platform).
Other ways to report a scam:
• Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
• File a complaint with the Federal Trade Commission at ftc.gov/complaint
• Report your scam to the FBI at https://www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration.
• Online at https://complaints.donotcall.gov/complaint/complaintcheck.aspx or call 1-888-382-1222, option 3
• Office of the Inspector General: www.oig.ssa.gov