Hacker's Brief 01/04/21

January 4, 2021
Security
info@cyberwyoming.org
www.wyocan.org
www.cyberwyoming.org/alliance
307.314.2188, PO Box 2332, Laramie, WY 82073

Home Depot Email Scam Alert:

A Laramie citizen received an email saying “You have been selected for a reward from Home Depot!” The email was from cityau@darwin.nt.gov.au spoofed as “Last Reminder” and the subject line was “Home Depot's Rew@rd Confirmed On{12/23/2020} - Pleaaaase Confirm!” The click here and claim now links do not link to Home Depot.

Lottery Winner Text Scam Alert:

A Wyoming citizen reported a text scam impersonating Powerball winner Bill Lawrence saying that, in light of the pandemic, he is giving one million randomly via a US Telco database. The text asks for personal information to be e-mailed to his ‘attorney’ at rossi.essq2gmail.com. Do not answer the text or send your personal information. CyberWyoming Note: This same scam was reported at the University of Maryland, Baltimore County in August 2020.

QuickBooks Scam Alert:

A Laramie citizen received a call from a Hawaii number impersonating Quickbooks Support saying that her Quickbooks Pro subscription needed to be renewed and her card on file had expired. The citizen knew this was a scam because her small business didn’t use Quickbooks.

Chrome Browser Extensions found with Malicious Code:

If you installed any of these browser extensions, please consider uninstalling them. Avast has flagged them as having malicious code that could be considered spyware. Here’s a list: Direct Message for Instagram, DM for Instagram, Invisible mode for Instagram Direct Message, Downloader for Instagram, App Phone for Instagram, Stories for Instagram, Universal Video Downloader, Video Downloader for Facebook, Vimeo Video Downloader, Zoomer for Instagram and Facebook, VK UnBlock. Works fast., Odnoklassniki UnBlock. Works Quickly, Upload photo to Instagram. Spotify Music Downloader, and the New York Times News. www.zdnet.com/article/three-million-users-installed-28-malicious-chrome-or-edge-extensions/

Microsoft Edge Browser Extensions found with Malicious Code:

If you installed any of these browser extensions, please consider uninstalling them. Avast has flagged them as having malicious code that could be considered spyware. Here’s a list: Direct Message for Instagram, Instagram Download Video & Image, App Phone for Instagram, Universal Video Downloader, Video Downloader for FaceBook, Vimeo Video Downloader, Volume Controller, Stories for Instagram, Upload photo to Instagram, Pretty Kitty The Cat Pet, Video Downloader for YouTube, SoundCloud Music Downloader, and Instagram App with Direct Message DM. www.zdnet.com/article/three-million-users-installed-28-malicious-chrome-or-edge-extensions/

Scambusters.Org Advice About Spotting an Email Scam:

Usually email scams impersonate organizations you know and can be quite convincing, then they set a trap spinning a convincing story to explain why they are contacting you. Here are 7 common examples of these stories.

  1. Suspicious activity has been spotted on your account.
  2. An unrecognized person has tried to log on to your account.
  3. There's a problem with your account or payment details.
  4. You can get coupons or free stuff by clicking a link.
  5. You must pay your account immediately, often via a supposed invoice attachment.
  6. You have to register for a benefit, such as a government refund.
  7. Your account has been locked and you need to confirm personal info.

Scambusters.Org Employment Scam Alert:

Jobs that offer large amounts of money, ask you to pay money up front, and unsolicited offers made without an interview are usually scams. Always check the organization and make sure the contact information is verifiable.

MS-ISAC Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for SolarWinds’ Orion and ArubaNetwork’s Aruba OS and SD-WAN products. If you use these products, make sure the software (or firmware) updated.

Other ways to report a scam: