41598Your Order is on Its Way: Thank You28720528532447X of items:

A Laramie citizen reported receiving an email with an attached PDF titled “Invoice14598.” While the email is obviously phishing, you might be tempted to click on the attachment anyway. Don’t click! The PDF is likely infected. CyberWyoming note: Scammers hope your curiosity will lead you to click on an infected or malicious attachment.

Even though the tax deadline has come and gone, scammers are still active:

Scammers are actively trying to scare people through fake notifications from the IRS.

• Don’t respond to a tax-related text or email. The IRS initiates most contact through regular mail and will never contact anyone by email, text, or social media about a bill or tax refund.
• Don’t click on any links or attachments in a message claiming to be from the IRS. It could load malware or ransomware that keeps you from accessing your systems and files.
• Report any smishing (text) and phishing (email) scams. You can report a tax scam to the IRS by sending the email or a copy of the text message as an attachment to phishing@irs.gov. The IRS says the report should include the caller ID (email or phone number), date, time and time zone, and the number that received the message.

- Brought to you by Identity Theft Resource Center

Juice Jacking: How Hackers Can Steal Your Data While You Charge Your Phone:

When you connect your phone to a public charging station, you may not be aware that the USB cable can transfer both power and data. Hackers use the USB cable to transfer data from your device to their own device, or vice versa. Hackers can use this opportunity to install malware and monitoring software onto your device in order to steal your sensitive information such as passwords and credit card details. They can also gain access to your contacts, messages, photos, and emails.

• Avoid public charging.
• Use a portable power bank.
• Disable data transfer on your device You can also disable data transfer on your device by turning on the “charge only” mode. This mode allows your device to charge while blocking all data transfer.

- Brought to you by Cybercrime Support Network

Protect Yourself from Etsy Scammers:

You're shopping on the popular online marketplace Etsy when you come across a product description that promises a much lower price if you go directly to the seller's own website and buy there. With an eye for a bargain, it's easy to be lured into this type of come-on. But beware! It could be a scam. And by moving outside the Etsy trading platform, you could lose the protection coverage it offers. It's true that some legitimate sellers use this tactic, but if the supposed discount is really big, like 40 or 50 percent, then you're likely dealing with a scammer. And, if you buy, you'll also be vulnerable to identity theft since the crooks now have all your credit card or bank account details. – Brought to you by Scambusters

Student Loan Scams:

You receive an unsolicited contact offering to help you navigate through state and federal programs to reduce or restructure your student loan debt. “Debt relief experts” offer access to instant, easy-to-use loan forgiveness options; they might even mention the “Biden Plan.” They will ask for up-front payment or for personal information, such as your Social Security number or your FSA ID (the username and password on your loan account). However, these offers provide nothing you can’t find yourself for free. Often that’s as simple as contacting your loan servicer or the U.S. Department of Education. It is illegal for debt relief companies to collect payment from you before they get results, so up-front fees are a surefire sign of fraud. Legitimate agencies and loan servicing companies will not ask you for your Social Security number or FSA ID. – Brought to you by AARP Fraud Network

Phishing by a Friend or Foe:

Scammers are using social engineering tactics by pretending to be either your friend or a government official. Sometimes they will contact you after finding your interests on social media and striking up a friendship. Or they will pretend to be the police or a prosecutor to cause fear and intimidation. Regardless, they want your money. Always, always verify the identity of the person who contacts you. – Brought to you by KnowBe4.com

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Google’s Chrome browser. If you use this product, make sure the software is updated.

Data Breaches in the News:

US Job Services, T-Mobile, Salesforce Community, United HealthCare, ChatGPT. Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

‍

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register