The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust. Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.
Pulling on Spiritual Heart Strings Email Scam
An email from email@example.com claiming that God lead her to contact you to help distribute funds to charity as a dying wish was reported by a Laramie citizen. These types of emails are often money laundering scams. Never respond to unsolicited offers from people you don’t know, even if they quote the Bible and claim to want to support ‘orphanages and justice for the poor.’
Two PayPal Email Scams
Two PayPal Email scams were reported by a Laramie Citizen. The subject lines on each were “Action Required,” but were from different email addresses: firstname.lastname@example.org and email@example.com. Both are spoofed as PayPal. One of the emails said, “In light of recent events (COVID-19), there have been more and more reports of suspicious activity from our customers. Our records confirm that some of your sensitive information has been compromised.” The second email was poorly written and stated “Your account needs to update some information for security reasons, our request to follow the instructions.” Both emails encourage you to provide your PayPal credentials.
Project Financing Scam
An email offer to invest in an UAE company and get a low interest loan rate of 2.5% is a scam. The email was reported by a Laramie citizen, had the subject line of PROJECT FINANCING, and was from firstname.lastname@example.org. Interestingly, this email came to the citizen at 2:12 AM. Getting email offers in the middle of our night is often a warning sign.
Multiple Scams from email@example.com
A Laramie citizen reported that the email address firstname.lastname@example.org has sent scams claiming to be the following companies or organization: Obamacare registration, Renewal by Anderson, Bath & Shower Pros, Walmart, Life & Tech, Breathe Green, Sam’s Club, CVS, Smart Senior Savings, Netflix, 2Own.Rent, Amazon, Medicare, Capital One and Choice Home Warranty. The citizen also reported that the same offers are starting to appear from the email address email@example.com, as well.
Amazon Order Canceled Scam
When you receive an email with the subject line of “Your Amazon Order Cancel…?” at 1:30 a.m. from a non-Amazon email address (firstname.lastname@example.org), it is a scam. These are all warning signs that it is not real. A Laramie citizen reported this scam.
If you are a customer of Chase, watch out for a sneaky email masquerading as a notification about new log-in procedures. The Get Started link does not take you to Chase. Chase asks you forward any potentially phony emails to them at email@example.com. If you accidentally gave out account information, call your local Chase bank rep right away.
Even Irrigation Systems Need Security
According to an article by ZDNet, internet connected irrigation systems used for farming and municipal watering were found unsecured and still using the default username and password. If you connect it, protect it! Check out the manufacturer’s website to learn how to change the default password: https://www.zdnet.com/article/over-100-irrigation-systems-left-exposed-online-without-a-password/?&web_view=true.
CyberWyoming Advice – Wireless Printers – Change the Password
In reading about the irrigation systems, it occurred to us that most people don’t realize that wireless printers often have default user IDs and passwords that come with them. Be sure to check your printer’s manual or manufacturer’s website to see if your printer has a password that needs to be changed.
MS-ISAC Patch Now Alert
The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Google’s Chrome Browser, Google’s Android operating system, Apple products, and Adobe Acrobat/Adobe Reader. If you use these products, make sure the software (or firmware) updated.
Please report scams you may experience to firstname.lastname@example.org to alert your friends and neighbors.
Other ways to report a scam:
• Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
• File a complaint with the Federal Trade Commission at ftc.gov/complaint
• Report your scam to the FBI at https://www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration.
• Online at https://complaints.donotcall.gov/complaint/complaintcheck.aspx or call 1-888-382-1222, option 3
• Office of the Inspector General: www.oig.ssa.gov