RFQ from a Fake VP:

A Laramie business reported receiving a suspicious email from someone claiming to be “Creative Pathways Inc.” about participating in an RFQ (Request for Quotation) process for a “Q2 2026 strategic project.” The message, signed by a self-identified Vice President “Derica,” asked the recipient to reply to receive additional details and included a phone number, address, and website. The reporter noted the email felt like a possible phishing attempt, as they were unfamiliar with the organization and suspected the sender’s email account could have been compromised. CyberWyoming Note: After further research, Creative Pathways appears to be a legitimate business; however, no individual with the name provided appears to work there, and the company’s website lists a different person as Vice President, suggesting the message was likely impersonating a real organization. Scammers often spoof legitimate companies while using incorrect or stolen identities to build credibility. Always verify unexpected business solicitations through official channels before responding, and trust your instincts if something feels off.

Low Storage, High Deception:

A resident reported a phishing email impersonating Apple’s iCloud service, claiming “Your iCloud storage is full.” The message appeared to come from an address using a deceptive domain (“noreply@email[dot]apple”) and included Apple branding and formatting to look legitimate. The email warned that the user had exceeded iCloud storage limits, causing backups, photos, and app syncing to stop, and threatened that email service could be disrupted if no action was taken. It urged the recipient to upgrade to “iCloud+” (200 GB for $2.99/month) or reduce storage usage, using urgency and potential service loss as pressure tactics. CyberWyoming Note: Do not click links, download attachments, or enter any Apple Account credentials. Always verify storage status by logging into your account directly through official settings or the iCloud website.

Chatbots Are Great Listeners And That’s Exactly the Problem:

Victims of romance and crypto fraud often face not only financial loss but also harsh judgment from friends, family, and even professionals who do not understand how manipulation works, which deepens isolation and can make recovery harder. Because human support can feel confusing or shaming, some survivors turn to AI chatbots for a nonjudgmental, always-available listener that helps them process emotions or find information. While this can be useful as a temporary bridge to support, overreliance carries risks because chatbots can unintentionally replace real human connection, reinforce isolation, and cannot provide the nuanced challenge, crisis awareness, or accountability needed for true healing. The key concern is not that chatbots are harmful in themselves, but that for vulnerable fraud survivors they can feel easier than people and, if they begin to substitute for real relationships, they may quietly slow recovery instead of supporting it.
– Brought to you by FightCybercrime.org
‍fightcybercrime.org/blog/chatbots-are-great-listeners-and-thats-exactly-the-problem/

CISA Guidelines for Strong Passwords:

CISA recommends protecting business accounts by requiring employees to use strong, unique passwords of at least 16 characters, ideally stored in a company-wide password manager. Weak passwords remain a major risk, with many people, including younger generations, still using personal information that is easy to guess. Strong passwords should be long, random, and unique, and paired with phishing-resistant multi-factor authentication for added security. Organizations should enforce secure password policies, provide password managers, and ensure default credentials on devices and software are changed to prevent breaches. Building a culture of strong password use helps safeguard both business systems and customer interactions.
– Brought to you by CISA (Cybersecurity & Infrastructure Security Agency)
‍www.cisa.gov/audiences/small-and-medium-businesses/secure-your-business/require-strong-passwords

Stolen Crypto & North Korea:

North Korea has become the dominant force behind global cryptocurrency theft, with analysts at TRM Labs estimating that 76% of all crypto stolen in 2026 has ended up in the hands of the Democratic People’s Republic of Korea (DPRK). Rather than carrying out constant attacks, North Korean hackers focus on a few highly targeted, high-reward operations, such as the nearly $300 million breaches of Drift Protocol and KelpDAO. Experts say the regime has exploited the weak security and decentralized structure of crypto platforms, which often lack the safeguards and rapid response systems of traditional banking. Researchers also believe North Korea is increasingly using AI to improve social engineering, automate coding, and identify vulnerabilities faster, making attacks more convincing and efficient. Security analysts warn that AI-powered cybercrime could overwhelm current DeFi governance systems, allowing attackers to steal massive sums before humans can react, while the stolen funds continue to support North Korea’s weapons and nuclear programs.
– Brought to you by Dark Reading & CISA Region 8
‍www.darkreading.com/cybersecurity-analytics/crypto-stolen-2026-north-korea

Interested in cybersecurity business training?

The Made Safe™ Cybersecurity Training Program is a one-on-one program designed specifically for micro-businesses to reduce cyber risk and relieve anxiety around cybersecurity. Thanks to CyberWyoming’s members and sponsors, scholarships are available for Wyoming companies. Learn more at cyberwyoming.org/cyber-training/ or email info@cyberwyoming.org.

MS-ISAC and CISA Patch Now Alert:

There aren’t any new patch now (update your software) alerts this week from the Multi State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA).

Data Breaches in the News:

Cardinal Services, Inc., Trump Mobile, Eversource, Amtrak, Healthmine, and DocketWise. Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register