Friendship or Fraud?:

A citizen recently reported receiving a suspicious text message asking if their number belonged to someone named Lisa. Upon replying negatively, the sender initiated a conversation, prompting the citizen to become suspicious. Sensing something amiss, the citizen conducted a quick Google search and discovered that this tactic is commonly used as a ploy to engage individuals in fraudulent schemes under the guise of friendship, often evolving into investment scams. CyberWyoming Note: This is a great example of the importance of being cautious when engaging with unfamiliar contacts and staying informed about prevalent scams to avoid falling victim to fraudulent schemes.

Dropbox Dangers:

A resident received an unsolicited email titled 'Verify your recent Dropbox Login.' The sender’s name was Dropbox Support with a convincing address “dropbox@alerting-services.com”. It claims that the recipient's Dropbox account will be closed due to inactivity and urges them to click on a suspicious link labeled 'Sign In' to prevent document deletion. The URL tester Checkphish, checkphish.bolster.ai/, identified the link as suspicious and traced its origin to Australia, suggesting it could be a phishing attempt. CyberWyoming Note: Exercise caution with such emails, avoid clicking on suspicious links or attachments, and verify the legitimacy of unexpected communications.

Cyberattack on UnitedHealth Unit Paralyzes U.S. Health System:

A cyberattack on UnitedHealth's Change Healthcare unit, beginning on Feb. 21, has paralyzed the U.S. health system. The attack, attributed to the ransomware group ALPHV, initially led to reported application outages, revealing a significant cybersecurity issue. Beyond impacting pharmacies, the attack disrupts payments, insurer authorizations, and critical medical record sharing via systems like CommonWell. With ransomware attacks on healthcare providers doubling since 2016, patients face heightened risks of identity theft, medical errors, and care delays. This underscores the pressing need for improved cybersecurity measures and federal intervention in healthcare. Despite efforts by agencies like the Department of Justice, the response to these attacks remains insufficient, necessitating calls for strengthened cybersecurity standards and funding, especially for rural hospitals. – Brought to you by CBS News & CNN Business
‍cbsnews.com/news/unitedhealth-cyberattack-cloud-based-network-cybersecurity
cnn.com/2024/02/28/tech/cyberattack-health-insurance-doctors-therapists/index.html

Google Incognito Mode Alert:

Incognito mode in Google's Chrome Browser is still tracking you. According to the recent class action settlement, the Incognito splash page now must state that Google collects data from third-party websites "regardless of which browsing or browser mode you use". Google also must update their privacy policy and delete previously collected data on users that were using Chrome in incognito mode. Check out this April 1 article by Wired: wired.com/story/google-chrome-incognito-mode-data-deletion-settlement/ Incognito mode was widely believed to be a feature of the Chrome browser that enables the user to browse anonymously, without the information or search history being saved anywhere on the internet.

Scam Alert!:

The Social Security Administration (SSA) Office of the Inspector General (OIG) issued a scam alert warning the public about criminals impersonating SSA OIG agents. These scammers are requesting individuals to meet in person to hand over cash, posing a physical danger. Genuine SSA OIG agents will never ask for cash or gift cards in exchange. This scam tactic, a dangerous twist on known methods, pressures victims into specific payment methods. Inspector General Gail S. Ennis urged people not to respond to such requests. If scammed, individuals are advised to cease communication, notify financial institutions, file police reports, and report the scam to relevant authorities such as the FBI, SSA OIG, and FTC. Keeping records of financial transactions and communications with scammers is also recommended.
oig.ssa.gov/assets/uploads/scam-alert-handing-off-money-to-agents.pdf

Hackers Targeting Young Students in School Cyberattacks:

In recent years, cyberattacks on school districts have surged, leaving young students vulnerable to privacy breaches and identity theft. When Minneapolis Public Schools fell victim to a major data breach in February 2023, the ramifications were far-reaching, exposing sensitive information of over 105,000 individuals, including children. Such attacks highlight the growing trend of hackers targeting K-12 educational institutions, exploiting the wealth of personal data stored within their systems. This poses not only immediate risks but also long-term consequences, as stolen records can haunt students well into adulthood, affecting college admissions, job prospects, and even legal proceedings. Amidst the chaos, families are left grappling with overwhelming tasks to safeguard their children's identities, shedding light on the urgent need for enhanced cybersecurity measures in schools. – Brought to you by Secure The Village & NPR
‍npr.org/2024/03/12/1237497833/students-schools-cybersecurity-hackers-credit

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Broadcom Brocade Fabric OS, Microsoft Products, Adobe Products, and Google Chrome Could. If you use this product, make sure the software (or firmware) is updated.

Data Breaches in the News:

WordPress
Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

‍

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register