Business Funding Trap:

A Laramie business received suspicious emails from Elizabeth Robinson using the @hhvanilla domain. The emails, sent under the subject "A to Z Capital Management funding options for [misspelled business name] growth," claimed to offer funding with “founder-friendly terms” and no hidden conditions. The first email was addressed to a former employee and referenced the business’s real programs, while a follow-up email a week later repeated the same message. CyberWyoming Note: This is a common business funding scam that often uses publicly available information to craft convincing, personalized emails, likely generated with AI.

The Mystery Maintenance Contract:

A citizen reported receiving a scam email from someone using the name “Patrick” with an Outlook email address. The email subject was “annual maintainence contract renewed” (note the misspelling) and falsely claimed to confirm a subscription renewal but did not specify any company or what the subscription was for. It stated that a three-year service term had been processed for $449.99 and provided a customer support phone number for questions. CyberWyoming Note: When researched, the phone number provided was connected to numerous scam reports. Be cautious of unsolicited subscription or renewal emails, especially those that do not name a specific company, lack logos or branding, and contain spelling or grammar errors. Do not call the phone number or respond to the message, and instead verify any subscriptions directly through official company websites or accounts.

Using LinkedIn DMs to Deploy Trojans:

Researchers at ReliaQuest have found a new scam on LinkedIn where hackers trick professionals into downloading malware. Instead of using email, the attackers message people directly and spend time gaining their trust. They then send a file that looks like a normal work document, but actually contains hidden malware. The file includes a real PDF reader, a hidden malicious file, and a version of Python that runs the hacker’s code, giving them secret access to the victim’s computer. This scam works because it relies on trust and curiosity rather than complex coding, and LinkedIn doesn’t have strong security filters like email does. Experts warn to be careful and never download files from people you’ve only met online, no matter how professional they seem.
– Brought to you by HackRead
‍hackread.com/hackers-linkedin-dms-pdf-tools-trojan/

Backup & Restore Fundamentals:

Effective backup and restore practices are essential for protecting an organization’s critical data. Begin by identifying key data and applications, such as customer records, employee information, payroll, accounting, procurement, and order data, and prioritize based on business impact. Consider how frequently your data changes, whether hourly, daily, weekly, or monthly, as this will determine how often backups should occur. A strong backup strategy should include full and incremental backups and account for configurations of essential IT equipment such as firewalls, routers, servers, switches, wireless devices, and Active Directory. For cloud-based data and applications, including OneDrive, SharePoint, and Software as a Service platforms, clear backup and restore procedures are necessary. Following the 3-2-1 rule is recommended:

• A minimum of 3 Copies of the data (original + 2 backups)
• 2 different types of media the backups are stored on (disk, tape and/or cloud)
• 1 copy off-site
• 1 version immutable (read-only or air-gapped/physically disconnected)

Regularly test backups to verify accuracy and integrity, and do not assume backups are functioning correctly or that someone else is managing them. These practices apply to personal devices as well. Backup and restore activities are an investment that protects your organization during cybersecurity incidents to ensure critical data is secure.
– Brought to you by CISA Region 8

Most Spoofed Phishing Brands:

Phishing scams continue to target major tech brands, with Microsoft leading as the most impersonated company, accounting for 22% of all brand phishing attempts in Q4 2025, followed by Google (13%), Amazon (9%), Apple (8%), and others. Check Point’s data shows that technology firms dominate phishing campaigns because their accounts are central to identity, productivity, and authentication, making stolen credentials especially valuable. Seasonal trends, such as increased Amazon impersonations during holiday shopping, also influence attack patterns. Attackers employ tactics like fake game pages, account recovery imitations, and targeted campaigns to steal passwords, but the fundamentals of cybersecurity, avoiding suspicious links, using official websites, and enabling two-factor authentication, remain the most effective defense despite evolving threats and AI enhanced sophistication.
– Brought to you by TechRadar Pro
techradar.com/pro/security/who-are-the-most-spoofed-brands-in-phishing-scams-to-be-honest-you-can-probably-guess-most-of-them

Do Not Call Registry:

Did you get a new phone over the holidays? Remember, you can register it with the National Do Not Call Registry to reduce unwanted telemarketing calls at www.donotcall.gov/. You can register both home and mobile numbers for free. While registration stops most telemarketing calls, some organizations such as charities, political groups, debt collectors, and survey companies may still contact you.
– Brought to you by CISA Region 8

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Cisco Unified Communications Products, WatchGuard Firebox, and HPE OneView. If you use any of these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Grubhub, National Auto Loan Network, Brightspeed, and Ingram Micro. Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register