info@cyberwyoming.org
www.wyocan.org
www.cyberwyoming.org/alliance
307.314.2188, PO Box 2332, Laramie, WY 82073

BizNet-US Spoof Alert:

A real company called BizNet-US is being spoofed by a typo squatter called BiziNet-US (not the extra i). A Laramie citizen reported receiving an email with the subject line of “Wyoming Banker’s Association: Moment to chat?” from Rene Silva at silvarenee38505935@gmail.com. The email claims Rene can slash the Wyoming Banker’s Association internet bill by hundreds of dollars. Oddly, Rene didn’t send the email to the Wyoming Banker’s Association.

VBSHealthcare.com Alert:

A Boulder citizen reported an email from noreply@vbshealthcare.com with an eFax attachment and branding from the real eFax company. The retrieve fax link, https://piu-2.jimdosite.com/, does not link to VBS Healthcare or eFax. CyberWoming Note: In researching VBS Healthcare, it appears there is no official website, but there is a Facebook page, yet that Facebook page is linked to a Gmail address (not a VBSHealthcare.com email address), the listed website no longer appears to be valid, and the Better Business Bureau’s business search does not list a VBS Healthcare in Fairfield, CA. It is quite likely that this website is spoofing the valid vbshealthcare.us account or the valid vsshealthcare.com account. Closely read the sender’s address.

Hotmail Accounts Don’t Send Missed Call Messages:

Even though Microsoft owns the Hotmail domain, these email addresses are specifically used for personal accounts. If you receive a VOIP Call Message Service email from a cpbeisler@hotmail.com claiming you have 3 missed call messages from a wireless caller, do not download the attachment to listen to the messages. Reported by a Boulder citizen. Note that the same Boulder citizen also received a second ‘new voice message’ email from a real IT provider’s domain address in Ohio. This email had 3 attachments claiming to be contract documents, like a NDA (nondisclosure agreement). CyberWyoming notified the real company so they could take measures to shut down the fraudulent account.

CyberWyoming Alert:

The MS-ISAC Advisory group has published a generic ‘wi-fi enabled devices could allow for data exfiltration’ alert. What this means to home (and small business) users is that your wireless router will probably soon come out with a firmware update. (Firmware update is a software update for your router.) Check your router’s manufacturer’s website for instructions to make sure this update goes into effect. Many routers are NOT set up to auto-update. Here’s a video from CyberWyoming, the Wyoming CAN (cybersecurity action network) committee, and the Wyoming State Library that will give you background information on protecting your home wireless network. https://youtu.be/t_BWIBBH1tU. Other home tips from the Wyoming State Library and Wyoming CAN: https://library.wyo.gov/services/special-programs/wyocan/

Noticed more spam emails?

According to an article in Hot for Security, a LinkedIn data leak affecting 500 million LinkedIn users may be responsible for those spam emails in your inbox. So, if you get an email about sales leads or digital marketers advertising the delivery of “verified and 100% accurate LinkedIn leads” take it with a grain of salt. For the full article: hotforsecurity.bitdefender.com/blog/linkedin-data-leak-hundreds-of-thousands-of-spam-emails-flood-users-inboxes-25655.html CyberWyoming Tip: To reduce this spam, make a separate email address and tie it to your LinkedIn account. Then, set up rules for forwarding to your ‘real’ email address.

Government Agencies Do Not Threaten You Over Vaccinations:

The Michigan Attorney General has issued a warning about scammers impersonating state or local health departments and vaccination sites. The scammers demand your personal information and may even threaten you regarding vaccination. This scam may move West to Wyoming, so be aware and if you get a call like this hang up and call your local health department directly.

Scam Websites Popping Up Claiming to Help You Find Unclaimed Stimulus Money:

If you receive an email from a non-government website advising you that you have unclaimed stimulus money, don’t believe it. Instead, check directly with the IRS at the IRS Stimulus Tracker: www.irs.gov/coronavirus/get-my-payment.

Scambusters.org Online Eyeglasses Alert:

While there are many reputable online eyeglasses websites, beware of warning signs that a website may be illegitimate. 5 steps to make sure you aren’t scammed:

  • 1. Check the provider's official credentials and accreditation, whether they are US-based or abroad. (US based is better because they are subject to our consumer protection laws.)
  • 2. Check the reputation of the provider through a regular search engine like Google or Bing, using the name of the firm and words like "complaint" or "scam."
  • 3. Establish the firm's returns policy and insured shipping arrangements.
  • 4. As with all retail products, beware of outrageously low prices. They usually signal a scam.
  • 5. Beware of online vision testers who claim to be able to check the health of your eyes. They mainly can't.

MS-ISAC Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for VMware Workstation Pro, VMware VCenter Server, & VMware Horizon Client for Windows and Apple products. If you use these products, make sure the software (or firmware) is updated.

Other ways to report a scam:

Other Blogs