Fake Coinbase Charge:

A Laramie resident got a suspicious text from a New York number claiming a $432.23 charge had been made on their Coinbase account, with a Florida phone number to call if they wanted to cancel. However, the resident confirmed they do not have a Coinbase account. CyberWyoming Note: This scam is probably a fallout from the recent Coinbase data breach. Always double-check unexpected payment alerts directly through official apps or websites, and never call numbers or click links sent in surprise messages.

Not-So-Healthy Offer:

A Big Horn resident reported receiving a scam text from an unknown number with a Texas area code. The message, claiming to be from "Jen," offered reduced-price private health insurance options from UHV and BCBS and asked if the recipient was open to comparing plans via text. CyberWyoming Note: We've received several similar health care scam reports recently; if you get unsolicited texts offering insurance deals like this, do not respond or click any links. Always verify offers directly through official health provider websites or contact numbers.

SharePoint Executive Office Email Scam:

A Sheridan resident reported an email scam with the subject line of “Executive Office has shared a file with you via SharePoint.” The sender’s email was from share.point.33567@ an account that was not a Microsoft or known contact. The email had a calendar link requesting a meeting at 3 a.m. for a “Microsoft 365 Financial Review,” indicating that it probably came from someone in a different time zone. The scammer’s email used the Microsoft Edge logo, the Microsoft name, and had a sense of urgency. CyberWyoming Note: A very similar scam was reported in Torrington, however the calendar invitation impersonated a known vendor. When the employees at the Torrington company didn’t click on the known vendor email, the hacker tried impersonating the CEO to no avail.

QuickBooks Spoofing:

A Riverton company reported fraudulent emails from a real-looking, although generic, QuickBooks account sending automated invoices. The company’s IT personnel analyzed the email and found it originated from outside the country. Advice given by the IT personnel is to check your email provider and see if you can geographically block emails from riskier countries.

Coinbase Staff Bribed in Data Breach:

Coinbase revealed that hackers bribed overseas support agents to steal sensitive customer data, later used in social engineering attacks. The attackers demanded a $20 million ransom, which Coinbase refused to pay, instead offering a $20 million reward for information leading to their arrest. No passwords or funds were compromised, but exposed data included names, contact details, partial bank info, and government IDs. The breach, detected earlier by Coinbase, led to the termination of involved staff and stronger security measures. The incident may cost up to $400 million, and shares dropped over 6%. Despite this, Coinbase is set to join the S&P 500 and plans global expansion. CyberWyoming Note: This incident highlights the importance of strong insider threat policies to protect customer data and maintain trust.
– Brought to you by CNBC
cnbc.com/2025/05/15/coinbase-says-hackers-bribed-staff-to-steal-customer-data-and-are-demanding-20-million-ransom.html

Don’t Let Vacation Scams Ruin Your Trip:

As summer kicks off, so does travel season—and unfortunately, scam season too. Criminals target travelers with fake listings, bogus deals, and fraudulent websites designed to steal your money or personal information. If a deal seems too good to be true, it probably is. Watch out for common red flags. Scammers often create fake travel sites that show up high in search results or repost real rental listings with altered details. You might find an unbelievable vacation deal, an ultra-cheap rental car, or a host on a rental app who asks you to pay outside the platform — all signs of a scam. How to Stay Safe:

• Be wary of steep discounts—they’re often bait.
• Avoid vague search terms like “cheap rental cars.”
• Research new sites by adding “scam” or “review” to the name in a search.
• Use a credit card—it offers better fraud protection.

– Brought to you by AARP Fraud Watch Network
aarp.org/money/scams-fraud/text-alerts.html

FBI Warns of Old Router Exploits:

The FBI warns that cybercriminals are exploiting outdated routers—especially those from 2010 or earlier—to install proxy services using TheMoon malware. These end-of-life devices no longer receive security updates, making them vulnerable, particularly if remote administration is enabled. The malware allows hackers to turn infected routers into anonymous proxies for illegal activity. To protect against this, the FBI advises replacing old routers, disabling remote access, applying updates, and using strong, unique passwords. Suspected victims should report incidents to the FBI’s Internet Crime Complaint Center and secure any affected accounts.

– Brought to you by FBI’s Internet Crime Complaint Center
ic3.gov/PSA/2025/PSA250507

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Google Chrome and HPE StoreOnce Software. If you use either of these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Cellcom, ConnectWise, Victoria’s Secret, LexisNexis Risk Solutions, and Cartier. Note: If you have an account with any of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

‍

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register