The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust. Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.
Voice Messaging Scam Email
If you receive an email from Telecom Center (with the Microsoft logo) at firstname.lastname@example.org saying you have a new voice message, this is a scam. The subject line is Telephone Message. Reported by a Boulder, WY citizen.
Business Email Takeover
Sometimes the hackers get into a real email account and send malicious emails from it. This was recently reported by a Cheyenne citizen. One of the vendors the citizen’s company did business with had an email account compromised. The email looked real because it came from a trusted source. When an email account is taken over, the hackers search sent mail and look for wording and mimic the look and feel of an email. So, in this case, they sent an email to download a document and that link stole Microsoft Office 365 credentials. CyberWyoming Advice: If you weren’t expecting an email, call before you click. Hover over the button or link to see where it actually goes.
Microsoft Password Expiring Notification Scam
A Boulder, WY citizen reported a general scam sent from email@example.com but spoofed as her own company’s IT department with the subject line of the date and with a high importance. The only thing attached was a fake Microsoft logo, but it was followed up with an email from firstname.lastname@example.org (also spoofed as her company and with the Microsoft Logo) with fake password reset instructions for her Microsoft account. Then, it was followed up again with a password expiration notice the next day from email@example.com. And, then the hackers tried again from HDSERVICE (firstname.lastname@example.org). None of the links go to Microsoft.
Real looking PDF attachment scam email
A Boulder, WY citizen reported two very real looking PDF document images saying “You’ve Received New Encrypted Document(s). Click the attachment to view.” The PDF icon was very realistic. The first email was from email@example.com spoofed as “Doc ID: 960852” and the “Micrsoft Team” and the subject line was “Scanner From LBX9217502.” The link went to https://pattie19a8a.clickfunnels.com/fax. The second email was from firstname.lastname@example.org spoofed as “Doc ID: #824961” and the link went to https://egosselin.clickfunnels.com/adobefax. This citizen also reported a fake voicemail message attachment email from email@example.com spoofed as “Doc ID: 762910” with a similar subject line and from the “LogMeIn Team” but the attachment did not go to their voice mail server or Google Sheets as claimed and instead directed the user to https://egosselin.clickfunnels.com/adobefax.
Bruce Banner (aka the Hulk) is Not Offering Digital Marketing Services
Sometimes scammers use fictional character names. A Laramie citizen reported that Bruce Banner at firstname.lastname@example.org is offering digital marketing services from a non-specified marketing company. Don’t take the bait.
Image Editing & Retouching Services Scam
A Laramie citizen reported an email from Shruti Choudhary at email@example.com with the subject line of “Image Editing & Retouching Services” for a nonspecific company.
Scambusters.org Self-Employed and Business Scam Alerts
• The Pandemic Unemployment Assistance (PUA) program was set up to help the self-employed and gig workers by providing benefits if their work dried up. But because of the scale and urgency of the help, intended to be a form of unemployment benefit, some of the money has ended up in the wrong hands. Scammers have been using victims’ names and business details that have been stolen on the Internet to claim up to $20,000 a time.
• Some self-employed individuals and small firms have fallen into the grasp of high-interest lenders who, while operating inside the law, may bury some of their costly terms in the small print of contracts -- or fail to disclose them at all.
• Business advertising con tricks: Victims are lured into paying for ads in brochures, programs and calendars, which either don’t exist or have only a tiny print run. The scammers may also falsely promise no competitors will be allowed in the same publication. And they use high-pressure sales pitches.
• Extortion: Website owners who allow Google pay-per-click ads to be placed on their pages receive threats from scammers that they will have them banned by Google. The crooks threaten to bombard the ads with clicks, which will make it look like the site owner is trying to defraud the web giant. If you receive this type of threat, you should contact Google immediately and make them aware you’re being targeted.
• Package delivery notification: This is a variation of a well-established scam. In this instance, victims get an email telling them to schedule a delivery from Amazon Business. The message doesn’t specify what the supposed shipment is, but it contains a link that takes recipients to a fake Amazon page that steals their sign-on information.
• Fake trademark notifications: Many new businesses want to protect their brand by registering a trademark with the U.S. Patent and Trademark Office (USPTO). The organization reports a big rise on fake emails claiming to be from them and advising recipients to pay a large sum or face losing their trademark.
Please report scams you may experience to firstname.lastname@example.org to alert your friends and neighbors.
Other ways to report a scam:
• Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
• File a complaint with the Federal Trade Commission at ftc.gov/complaint
• Report your scam to the FBI at https://www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration.
• Online at https://complaints.donotcall.gov/complaint/complaintcheck.aspx or call 1-888-382-1222, option 3
• Office of the Inspector General: www.oig.ssa.gov