Would you like to make $600 each week?:

A Laramie citizen received a text message asking if the recipient wanted to put an energy drink sticker on their car in exchange for $600 per week. They will even send an advance payment of $600…in exchange for name and address. CyberWyoming note: This scam was reported in Gillette about 2 years ago.

Email with the subject “Action Required: Notification Access”:

A Casper citizen received an email that appears to be from a health organization with the request to reset the Office password that is expiring. However, hovering over the “Keep same Password” button shows the link is going to somewhere in India. Same with the links “Please See Attached” in the email. CyberWyoming note: Taking a second to pause and hover over any link in an email is extremely helpful to make sure the link is not taking you somewhere you do not want to go. To “hover” means to place your cursor over a link (don’t click) and look in the bottom left of your web browser for the website address.

Email with the subject “<company name> CO-OP Settlement ACH”:

A Casper citizen received an email that appears to have a link to a secure document with information about a settlement. Just like the scam above, the links in the document are to a suspicious-looking domain.

Email with the subject “Virtual Assistant NEEDED ASAP!”:

A Laramie citizen searched online for a virtual assistant and then received an email from Perry, with what appears to be a list of services he can provide at a reasonable cost. However, there is no website link provided and it was from a Gmail address, so this is probably a scam. CyberWyoming note: Sometimes scams start with a simple request for a return email, either for an offer, a job, etc. Beware of returning an email to anyone you do not know or a business you did not contact first.

Email with the subject “Ro”:

A Laramie citizen received an email that a bank account wants to split a $9.3 million inheritance. But first, the email recipient needs to provide a list of personal details that any identity theft scammer would love to have.

We need your action:

A Big Horn citizen reported a text message saying their MyVerizon account would be closed. Misspellings and bad grammar are seen in all three sentences. CyberWyoming note: Even if this was a real message from Verizon, the best course of action would be to access the Verizon site online or call support.

[TIKTOK] <numbers> is your verification code:

A Laramie citizen reported receiving a text message with a verification code for a new TikTok account. Someone was attempting to use their phone number for account creation. If this happens to you, make sure to follow the instructions in the text message TO KEEP YOUR ACCOUNT SAFE, NEVER FORWARD THIS CODE.

Email with subject “Wyoming IT Security”:

CyberWyoming received an email asking if we wanted to purchase the domain wyomingitsecurity[.]com. The email was sent from a Gmail address. A quick check showed it is a legitimate domain that is up for sale. Whether the person who sent the email owns the rights is another question that is tough to answer since the owner of the domain is masked in Whois (the domain registry database). CyberWyoming note: if you are going to purchase an existing domain, do not click the link in a solicitation email. Instead, navigate to whois.com, look up the domain registration, and email the registered owner (the email address will be provided in Whois).

Hackers use “social engineering” to get past corporate security:

Coinbase described how hackers started the scam with a phishing email. When an employee clicked the link in the email, IT security quickly detected the breach and shut it down. But then the hackers called the employee, pretending to be IT, and had the employee provide access and corporate data. As Coinbase states: "The most difficult attack of all to resist is a direct contact social engineering attack, like the one our employee suffered here. This is where the attacker directly contacts you via social media, your mobile phone, or even worse, walks up to your home or place of business…. These attacks aren't new. In fact, these kinds of attacks have certainly been happening since the early days of humanity. It's a favorite tactic of adversaries everywhere - because it works." – Brought to you by KnowBe4. Link to the blog post blog.knowbe4.com/coinbase-attack-used-social-engineering

World Trademark Register catalog invoice:

CyberWyoming received a surprise, but official looking invoice via snail mail for $980 to list our trademark in the World Trademark Register catalog. The invoice looked like it was required to be paid. Since trademarks are in the public record, it’s easy for scammers to attempt to get companies to pay for a service that is not needed. If in doubt, check with your trademark attorney (as we did).

3/20 MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Google Chrome. If you use these products, make sure the software (or firmware) is updated.

3/20 Data Breaches in the News:

Lionsgate streaming platform, Ferrari, Lowe’s. CyberWyoming note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

‍

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register