Case Dismissed:

A Laramie business reported receiving multiple suspicious emails offering legal support services, both of which were flagged as spam. One email, sent by an individual identifying herself as Gertha Boucicault using an address associated with “gerthadigitalmarketing,” promoted “Virtual Paralegal Services” with flexible hourly billing and encouraged the recipient to connect. A second set of emails came from Zoe Hutzler, whose very similar email address included “zoehutzlerdigitalmarketing.” These messages advertised remote attorney and paralegal services across a wide range of legal areas, such as personal injury, family law, and corporate law, and included follow-up communication pressing for a response. Notably, neither sender identified any legitimate business name or company affiliation in their messages. CyberWyoming Note: As a precaution, do not reply, click links, or download attachments. Mark them as spam and verify services through trusted sources. Even if legitimate, the suspicious wording and approach make it best not to engage.

Domain Name Hacked or Legit:

A NW Wyoming business owner reported receiving a potentially legitimate or possibly scam email appearing to be from Google Search Console security alerts. The message claimed that “mail.redactedcompanyname.com” had been added to “redactedcompanyname.com”. Concerned, the Wyomingite wondered whether someone had attempted to take over their domain. This business owner had never heard of Google Search Console and contacted their website designer to ask about the message, as it appeared to come from a real Google email address. CyberWyoming Note: In reported cases, victims receive alarming messages or emails suggesting unauthorized access or urgent security issues, sometimes directing them to suspicious links or prompting them to take immediate action. While Google does send real security notifications, hackers exploit this by creating fake alerts to trick users into revealing login credentials or granting access. Google notes that hacked-site warnings typically relate to real security issues like unauthorized content injection or malware, not sudden ownership changes via email alone. If you receive a message like this, do not click any links or share your credentials. Log in directly to your official Google Search Console account to verify any alerts and secure your site.

iPhone Users at Risk from a New Spyware:

A new spyware tool called DarkSword poses a serious threat to iPhones running older iOS versions, potentially affecting hundreds of millions of users worldwide. Researchers from Google, Lookout, and iVerify found that hackers, mainly from China and Russia, have used DarkSword since at least November 2025 to extract sensitive data such as messages, call history, location, health data, and crypto wallets through web browser attacks known as “drive-by downloads.” The malware exploits six different vulnerabilities and primarily targets iPhones on iOS 18.4 to 18.7. Users can protect themselves by updating to the latest iOS version, iOS 26, or enabling Lockdown Mode if updates are not possible.
– Brought to you by Time
‍time.com/article/2026/03/19/iphone-hack-spyware-malware-darksword-cyberattacks/

The Hidden Tax Burden of Cybercrime:

Cybercrime victims often suffer a “double hit” because they lose money to scams and may still be taxed on those stolen or fraudulently withdrawn funds as income. This can lead to unexpected tax bills, reduced Social Security benefits, and higher Medicare costs. Changes under the Tax Cuts and Jobs Act largely removed theft loss deductions for most non disaster cases, leaving many victims without relief, although recent IRS guidance offers limited exceptions for certain scams. While new legislation aims to restore these deductions and provide retroactive relief, it has not yet passed, so many victims, especially those on fixed incomes, continue to face serious financial and emotional strain beyond the initial crime.
– Brought to you by FightCybercrime.org
‍fightcybercrime.org/blog/the-hidden-tax-burden-of-cybercrime/

How Hackers Target ‘Smart Offices’ Via Air-Cons and Coffee Machines:

Cybercriminals are increasingly targeting “smart offices” by exploiting internet-connected building systems hastily installed during the pandemic, including air conditioning, coffee machines, access control, and CCTV. These attacks, often financially motivated, can lock occupants in, disrupt operations, or cause reputational damage, as seen in incidents across California, London, and Canada. Older or incrementally upgraded buildings with outdated technology, such as Windows 2000-based management systems, are especially vulnerable. Basic cybersecurity measures, like updating devices, monitoring access, and ensuring insurance coverage, can reduce risk. Businesses can further protect themselves by regularly auditing all connected devices, removing or securing weak links, and clearly assigning responsibility for technology management.
– Brought to you by The Times
‍www.thetimes.com/uk/crime/article/hackers-target-smart-offices-3l8qz28x3

Interested in cybersecurity business training?

The Made Safe™ Cybersecurity Training Program is a one-on-one program designed specifically for micro-businesses to reduce cyber risk and relieve anxiety around cybersecurity. Thanks to CyberWyoming’s members and sponsors, scholarships are available for Wyoming companies. Learn more at https://cyberwyoming.org/cyber-training/ or email info@cyberwyoming.org.

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Oracle Products. If you use these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Aura, Navia Benefit Solutions, Crunchyroll, National Association on Drug Abuse Problems, and AstraZeneca. Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register