A Senior's Safety Strategy:

A caring reminder comes from central Wyoming, where an elderly resident unintentionally shared her Social Security Number and/or Medicare number over the phone. This incident occurred late on a Friday afternoon, a time when banks were closed, amplifying concerns about potential risks that could unfold over the weekend. In response to this situation, the following steps are recommended for individuals facing a similar scenario or those assisting a loved one:

1. Credit Freeze: Immediately freeze credit at major bureaus - Equifax, Transunion, and Experian - to prevent unauthorized access and protect against potential identity theft.
2. Bank Notification: On Saturday, either visit the bank in person or use the bank's answering service to report the incident promptly. This step aims to secure the individual's financial accounts and limit potential damage.
3. Social Security Administration (SSA) Contact: Look up the nearest Social Security Administration (SSA) office and call them first thing on Monday to seek advice on further protective measures.
4. Log into your secure Medicare account or call 1-800-MEDICARE to report potential fraud.
5. Legal Authorities Involvement: In case of suspected financial loss, promptly contact local law enforcement and also contact the FBI through ic3.gov, the Internet Crime Complaint Center, to initiate investigations and take appropriate legal actions.

CyberWyoming Note: There have been several Medicare scams reported throughout the state including “we are replacing your paper card with a plastic one” and “because you are on Wyoming Medicare we are changing the card colors to brown and gold.” While these scenarios sound plausible, remember that the real Medicare people won’t ask you for your number over the phone or contact you out of the blue.

Global Atlantic Gambit:

A Jackson retiree annuity client received a fraudulent email with the subject "Global Atlantic Annuity Transaction Confirmation." Despite the email appearing legitimate, the client recognized it as a scam and reported it to the annuity carrier. The email urged the recipient to click a link to access their transaction confirmation in the electronic document library and provided a phone number for inquiries. CyberWyoming Note: This situation highlights the potential risks and dangers posed by phishing scams targeting retirees and emphasizes the importance of verifying such communications to prevent financial fraud.

Unprecedented Data Leak:

26 Billion Records Exposed in Supermassive Breach

A colossal data breach, dubbed the Mother of all Breaches (MOAB), has unleashed a staggering 26 billion records, making it one of the largest ever discovered. The leak amalgamates data from various platforms, including LinkedIn, Twitter, and Tencent, spanning 12 terabytes of information.

• How Scams Operate:
  - Cybersecurity researcher Bob Dyachenko and the Cybernews team uncovered the MOAB.
  - Leak-Lookup identified a "firewall misconfiguration" as the cause, now rectified.
• What to Be Aware Of:
  - The MOAB contains a mix of previously exposed and potentially new data.
  - MOAB includes sensitive information, potentially leading to identity theft and cyberattacks.
• What to Do:
  - Vigilance is crucial; check your data using the new Cybernews data leak checker cybernews.com/personal-data-leak-check

23andMe tells victims it’s their fault that their data was breached:

Facing more than 30 lawsuits from victims of its massive data breach, 23andMe is now deflecting the blame to the victims themselves in an attempt to absolve itself from any responsibility, according to a letter sent to a group of victims seen by TechCrunch. … “Rather than acknowledge its role in this data security disaster, 23andMe has apparently decided to leave its customers out to dry while downplaying the seriousness of these events,” Hassan Zavareei, one of the lawyers representing the victims who received the letter from 23andMe, told TechCrunch in an email. … In December, 23andMe admitted that hackers had stolen the genetic and ancestry data of 6.9 million users, nearly half of all its customers. … The data breach started with hackers accessing only around 14,000 user accounts. The hackers broke into this first set of victims by brute-forcing accounts with passwords that were known to be associated with the targeted customers, a technique known as credential stuffing. – Brought to you by Secure The Village techcrunch.com/2024/01/03/23andme-tells-victims-its-their-fault-that-their-data-was-breached

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Jenkins, Trend Micro uiAirSupport, Google Chrome, and Ivanti Products. If you use these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

• BuyGoods.com, Hewlett Packard Enterprise's (HPE), 23andMe, and Lush
• 26 Billion Records Leaked: Trezor, Weibo, MySpace, Twitter, Deezer, Linkedin, AdultFriendFinder, Adobe, Canva, VK, Daily Motion, Dropbox, and Telegram.

Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

‍

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register