An email with the subject line “BE CAREFUL: Your device has been infected with (79) Viruses:

A Laramie citizen has reported an email scam that appears to come from the Norton protection company although the sender’s email address is not visible. It states that your subscription has expired, and your device has viruses. However, the email was not sent by Norton and there are several typos and interesting capitalizations. Don’t click the Activate Now button as it will take you to a site that will ask for your credit card number and other sensitive details. If you suspect that your subscription really has expired, then navigate to the Norton website directly and update your information there.

Text messages from random phone numbers:

These text messages typically start out with “Hi,” and, if you answer, they will attempt to suck you into their scam. Just don’t answer. If it’s from someone you know, chances are they will either text you again or call you. This was reported by a Laramie citizen.

Email with the subject line “Your MetaMask wallet will be suspended”:

A Laramie citizen reported receiving an email from MetaMask (the sender’s email address is info@welcomepartyhub[.]com) stating their digital wallet would be suspended. Like all phishing scams asking you to click on some button (really a link) in the email, just don’t do it. CyberWyoming note: If you suspect the email is legit, then navigate to the website directly and contact their support staff to clear up the issue.

How to find out who Is calling you:

A Laramie citizen reported receiving many calls from unknown numbers and suggested some websites to help others in the same situation. We all get a lot of spam calls, but sometimes we are in doubt as to whether the call is from a doctor, pharmacist, or our aunt’s new phone. Phone scammers can spoof numbers, and sometimes the call seems to be from our area code or even very close to our own phone number! There are tools you can use such as searching for the phone number in your browser, using websites such as “WhoCallsMe,” “PeopleFinders,” and others. CyberWyoming note: If in doubt, don’t pick up. If it’s legit, the person will leave you a message, and you can always call back.

Scammers Storm into Extreme Weather Regions:

Scambusters is warning people to watch out for con artists that are trying to take advantage of people whose safety, homes, and power supplies have been affected by the storms in the past two months. Some of the most prevalent scams:

• Utility company officials who threaten to turn off the power unless immediate payment is made. The key to dealing with the utility company officials is to verify their ID by calling the power company. And no utility company officials will ever demand payment up front, even if you are in arrears on your utility bills.
• FEMA officials who demand money. Verify their ID by calling FEMA, and never give them money in person. No government employee will ever demand money.
• People stating they can get you to the front of the line for FEMA money. Contact FEMA and don’t pay.
• Unlicensed contractors offering to do repairs or cleanup. If they demand payment up front, don’t do it. If they won’t provide copies of their license or other credentials, don’t hire them.
• Bogus landlords advertising rental listings for people who may have been displaced by the storms. Make sure you inspect the home (inside as well as out), check out the landlord's reputation, and read the lease carefully.
• Charity scammers. They come out in hordes in the wake of any weather or other natural disaster, setting up fake websites either to steal your money or use your credit card and other confidential information for identity theft. Don't be misled by familiar sounding names and logos. Read the FTC's guidance on wise donating here tinyurl.com/Scambusters-donating
• It’s been reported that there is a malicious domain called “weatherplllatform[.]com” which has infected over 7,000 websites. So be careful where you get your weather information.

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Hitachi Energy, Cisco Unified Communications Manager (and SM Edition), Apple products, VMware, Chrome, and Sophos Firewall. If you use these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Note – we normally only report on breaches once a month, but there are some important ones that were reported last week that we thought you should be aware of: Norton Lifelock, Mailchimp (this affected several companies who use Mailchimp), FTX Cypto, Paypal, T-Mobile, KFC, Taco Bell, Pizza Hut, FanDuel, NextGen (Electronic Health Record Software provider), Zendesk, GoTo, DuoLingo. CyberWyoming note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

‍

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register