Crafting Canva Cons:

A citizen reported a scam involving a Canva design that was shared to their account, displaying a fake PayPal invoice claiming a $499.99 charge. The message urged them to call a phone number to stop the payment or request a refund—typical of phishing scams aiming to steal personal information. The user reported it to Canva and noted that it appears to be part of a growing trend, with others encountering similar scams. CyberWyoming Note: Always verify unexpected payment requests or invoices by contacting the company directly through official channels—never use contact details provided in suspicious messages. Be cautious of unsolicited file or design shares, even from familiar platforms.

Toll Trolls:

A Wyoming resident reported receiving multiple phishing scam texts claiming they owed money for an E-ZPass toll. The texts threatened to suspend their driving privileges unless they paid via a suspicious link. The recipient did not click the link and deleted the message. The text came from an @outlook email address, with instructions to copy and paste the link into Safari. The resident noted that similar scams have been warned about in various YouTube videos. CyberWyoming Note: Never click on links in unsolicited messages claiming urgent payments—verify directly with official sources instead. This is a common scam currently circulating in Wyoming, often using scare tactics and fake deadlines to steal personal or financial information.

72% of People Fear Government Access to Their Data:

A recent Malwarebytes survey revealed widespread public concern about data privacy, with 72% of people fearing government misuse of personal data. A majority (89%) expressed concern over corporations misusing their data, and 89% were worried about AI tools using their data without consent. This anxiety is fueled by recent incidents, such as the UK government requesting access to encrypted data, the U.S. government exposing sensitive information, and breaches like 23andMe's bankruptcy. In response, many are taking action: 40% have stopped using major platforms like TikTok, Instagram, or X, while 26% ditched fertility or period tracking apps. Privacy measures, such as using ad blockers (69%), opting out of data collection (75%), and employing VPNs (42%), are becoming common. Additionally, 87% support national laws regulating data use, though many feel that meaningful protection is out of reach. Despite this, most people are not giving up on safeguarding their privacy and are actively seeking tools to secure their information.
– Brought to you by MalwareBytes
‍malwarebytes.com/blog/news/2025/04/72-of-people-are-worried-their-data-is-being-misused-by-the-government-and-thats-not-all

New Jersey Criminals AI Deepfakes:

New Jersey Governor Phil Murphy has enacted legislation criminalizing the creation and distribution of deceptive AI-generated media, known as deepfakes. The law imposes third-degree criminal penalties on individuals who produce or share deep-fake audio or visual content for unlawful purposes, with convictions carrying potential prison terms of three to five years and fines up to $30,000. The legislation was partly inspired by the experiences of Westfield High School student Francesca Mani, who, along with other female classmates, was victimized by deepfake content created by male peers. This incident highlighted the pressing need for legal measures to address the misuse of AI technology in creating harmful and deceptive media.
– Brought to you by Government Technology
‍govtech.com/artificial-intelligence/new-jersey-governor-signs-law-criminalizing-deepfakes

The Disadvantage of Passwords:

A new report reveals Atlantis AIO, an automatic hacking machine using millions of stolen passwords to breach accounts across 140+ platforms, including email, VPNs, and streaming services. This highlights the growing risk of credential stuffing attacks, where hackers exploit stolen credentials to gain unauthorized access. Microsoft is now pushing a passwordless future, rolling out passkey authentication for over a billion users. Google has expanded its Titan security keys to 22 new regions, reinforcing the shift away from passwords. With billions of compromised credentials and increasing threats like session hijacking, experts urge users to adopt passkeys and phishing-resistant authentication.
– Brought to you by Forbes
‍https://www.forbes.com/sites/daveywinder/2025/03/28/automatic-hacking-machine-uses-millions-of-stolen-passwords-to-attack/

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for SAP NetWeaver Visual Composer and Mozilla products. If you use any of these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Marks & Spencer (M&S), SK Telecom, Urban One, Verisource Services, and Endue Software. Note: If you have an account with any of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register