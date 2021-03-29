The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust. Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.
Unusual Sign On Activity Business Alert
A Sheridan company reported an email spoofed as their own mail administrator claiming ‘unusual sign-in activity’ was occurring for an employee. However, the link did not lead them to their Microsoft account but instead to https://main.d2ifct1tuplnsi.amplifyapp.com/index.html#REDACTED.
Banking Survey Alert
An email claiming you can “Recieve Your Exclusive Reward for Banking Survey” (receive was misspelled) was reported. The email’s subject line was “Preview – surprise f0r Bank 0f America Users” (they used zeroes instead of o’s) from noreply@hubspot.com. Oddly, the email blind copied in the recipient and the ‘to’ email address was donalldtruump00123@gmail.com. CyberWyoming Note: One of the way scammers try to gain legitimacy is to spoof celebrities.
Roundup Fake Email Alert
An email was reported with the subject line of “ATTN Victim ID: 00107 Please Respond Last Day to Submit Claim [DATE,TIME]” from contact@nodoka.co. The email had a very real looking picture with text asking if the recipient had been exposed to Roundup and diagnosed with lymphoma, thus possibly being eligible for financial compensation. While there may be real lawsuits, reputable companies notify you via mail, not email.
FedEx Scam
If you get an email from someone pretending to be FedEx saying that you have an email containing personally identifiable information that was sent to you don’t open it. If the email is from ffreoa@exelis.com you can be sure it is a scam. FedEx mails things the old-fashioned they aren’t known for delivering confidential information via email.
Rosetta Stone Impersonator
If you get an email claiming to be a Rosetta Stone third party marketing team trying to sell you a Rosetta Stone demo, this is a scam. The emailer’s contact.36@knit-knop.net.
Fake email opt-in business tool
If you receive an email from Janet Wilson at janet.wilson@virtualreach.tech offering you the ability to gather contact information of your target audience, don’t reply. The email asks you to include things like your target industry, target job title and target geography and in return she will let you know how much her service costs. This is fake, Janet just wants your money!
Square impersonation
A Laramie citizen reported an email claiming you have a negative customer review from squrmailx01@aboutcontactmessagecustomhelp.com, but the email doesn’t specify any details. The subject of the email is “A customer left you negative feedback,” and the email contains a short fake review rating such as “So Poor.”
Microsoft impersonation
An email was reported from support@trademarkengine.com asking them to review emails that Microsoft has quarantined. The email will include a message saying you must review messages in quarantine within 24 hours, however, the scammers are most likely attempting to get your email credentials.
Dr. Jean Louis from Bien-Entre Pharma Inc Scam
If you receive an email from Dr. Jean Louis support@pfm-uk.com or from dr.jeanlouis@bienetrepharmain.com with the subject line of “Supply Proposal” to request that you represent your ‘country’ to sell antiviral herb products, it is a scam. Dr. Louis probably isn’t even a doctor and her claim to “real cool profits” isn’t real either.
Amazon Spoof
A Sheridan citizen reported an email with a malicious attachment supposedly from Amazon Web Service claiming his account was on hold and he needed to log in to “keep your records safe.” The email was from mail-attachmentvweys@71fox.venomgo.org and the subject line was long but contained “A͏c͏c͏o͏u͏n͏t͏ Service : Your ac͏c͏o͏u͏n͏t͏ placed on hold.” (Note the incorrect spacing.)
MS-ISAC Patch Now Alert
The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Adobe (Photoshop, Acrobat, Illustrator, Animate, Dreamweaver, & Magento), Google’s Chrome browser, and F5 BIG-IP and BIG-IQ products. If you use these products, make sure the software (or firmware) updated.
Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.
Other ways to report a scam:
• Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
• File a complaint with the Federal Trade Commission at ftc.gov/complaint
• Report your scam to the FBI at https://www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration.
• Online at https://complaints.donotcall.gov/complaint/complaintcheck.aspx or call 1-888-382-1222, option 3
• Office of the Inspector General: www.oig.ssa.gov