Dinner with Danger:

A citizen reported that their email account had been compromised and was used to send a scam message with the subject “Come And Join Us For A Get Together party!” The email invited recipients to a “Wining & Dining Dinner Party,” with the entire message linked to the suspicious domain dashrun[dot]kostoopoo, likely intended to hack recipients and spread the scam further. The reporter noted that the email may have been sent to their entire contact list before they were able to stop it. CyberWyoming Note: Even if an email appears to come from a trusted friend or colleague, always verify its legitimacy through another channel, such as a quick phone call, before clicking any links or downloading attachments. If your email has been hacked, immediately change your password, enable two-factor authentication, notify your contacts about the breach so they can avoid clicking any suspicious links, and run a full antivirus scan to ensure your device is secure.

Fake FCU Fraud Alert:

A Wyoming resident reported receiving a scam text impersonating “Meridian Trust FCU” with the email domain mt-fc@res, warning of a supposed $310 payment at eBay and directing them to click a suspicious link to cancel it. The recipient noted they are not a member of the mentioned credit union, and the link did not match the company’s name, indicating a clear scam attempt. CyberWyoming Note: If you received a message like this, do not respond or click any links, as scammers often use fear and urgency to steal money or login information. If concerned about potential fraud, always verify by visiting the official website directly or calling the company using a trusted phone number.

Domain Name Game:

A Wyoming business received multiple unsolicited emails from an individual identifying himself as “Peter McHugh” using the email domain “@mysawmarketplace.” The messages referenced a misspelled version of the company’s name followed by “.com” and claimed that the domain was privately owned and represented by their platform. The sender offered additional information and later sent a follow up email repeating the claim, signing as a Saw Domain Acquisition Specialist and Saw Domains Expert. CyberWyoming Note: Although legitimate domain acquisition and brokerage services do exist and purchasing domain names is generally legal, such unsolicited messages may be fraudulent. Practices like cybersquatting, which involves registering a domain in bad faith to profit from another company’s trademark, can be illegal. Regardless of whether the offer is legitimate, businesses should avoid responding or sending money without independently verifying the sender and the claim. This situation serves as a reminder for companies to secure relevant domain extensions for their brand (.com, .net, .org, etc.) and to use trusted cybersecurity tools, such as www.immuniweb.com/websec/, to monitor for potential cybersquatting or typosquatting of their website.

Not Just Romance:

The Rise of Friendship Scams: Friendship scams are an emerging form of online fraud similar to romance scams, but instead of romantic interest, scammers cultivate deep platonic relationships to exploit trust and steal money. They often initiate contact through social media, direct messages, or seemingly accidental texts and gradually build a long-term emotional connection over weeks, months, or even years. Once trust is established, the scammer creates a sense of urgency or opportunity around money, such as asking for personal financial help or promoting a “can’t-miss” investment. These criminals tailor their approach to the victim’s interests or circumstances, making detection difficult. To protect yourself, avoid engaging with suspicious messages, exercise caution with new online friendships, inform trusted contacts about new relationships, and report any suspicious activity to law enforcement, financial institutions, or organizations like the AARP Fraud Watch Network. Victims should act quickly to attempt recovery of funds and report the crime.
– Brought to you by the AARP Fraud Network
www.aarp.org/money/scams-fraud/text-alerts.html

Cloud Storage Payment Scam Floods Inboxes With Fake Renewals:

Over the past few months, a widespread cloud storage scam has been bombarding users worldwide with phishing emails falsely claiming that their accounts, photos, and files are at risk due to failed payments or expired subscriptions. The emails use urgent, personalized subject lines and fabricated account details to pressure recipients into clicking links, which lead to phishing pages designed to look like legitimate cloud service portals. These pages falsely warn that data will be lost unless users “upgrade” their storage, ultimately redirecting them to unrelated affiliate products and checkout forms to steal money or payment information. Unlike these scams, real cloud providers temporarily limit extra storage rather than immediately deleting files. Users are advised to ignore these emails, avoid clicking any links, and verify account status directly through official cloud service websites.
– Brought to you by Bleeping Computer & CISA Region 8
bleepingcomputer.com/news/security/cloud-storage-payment-scam-floods-inboxes-with-fake-renewals/

Interested in cybersecurity business training?

The Made Safe™ Cybersecurity Training Program is a one-on-one program designed specifically for micro-businesses to reduce cyber risk and relieve anxiety around cybersecurity. Thanks to CyberWyoming’s members and sponsors, scholarships are available for Wyoming companies. Learn more at cyberwyoming.org/cyber-training/ or email info@cyberwyoming.org.

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Adobe Products, Microsoft Products, Fortinet Products, and Ivanti Endpoint Manager. If you use any of these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

BridgePay, Conduent, Flickr, Step Finance, Tulsa Airport, Clinic Service Corporation, Substack, Betterment, and MidAmerica Credit Union. Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register