Annual Report Filing Solicitation Targets More Wyoming Businesses:

A Wyoming business owner reported receiving a misleading email from “notices@ar.wyomingbusinessfilings” with the subject line "The WY Annual Report filing window is now open." The message warned that failure to file an annual report by the due date could result in administrative dissolution and included business-specific information such as the entity's filing date, formation state, and annual report due date. The email urged the recipient to "Click Here To File Now" and included, in very small print, language stating that the service was not approved or endorsed by any government agency. The business owner contacted a representative from the Wyoming Secretary of State's office and was informed that many people mistake these notices for official government communications, describing them as “borderline phishing.” It was also discovered that the company behind the solicitation charges more than twice the standard state filing fee and that individuals who begin the filing process may have difficulty canceling the transaction or obtaining a refund. CyberWyoming Note: This report closely resembles other recent complaints involving annual report filing solicitations targeting Wyoming businesses. While some of these companies may provide a legitimate third-party filing service, their emails often use urgent and threatening language and mimic official government notices by including publicly available business registration details. Businesses should avoid clicking links in unsolicited filing reminders, verify filing requirements directly through the Wyoming Secretary of State, and file annual reports through official state channels whenever possible to avoid unnecessary fees.

Prime Time Phishing:

A citizen reported receiving a suspicious email supposedly from “Mail Delivery Status,” although the sender used a personal Hotmail email address rather than a legitimate mail service domain. The email carried the subject line “Delivery Status Notification (Failure)” and primarily consisted of a linked image impersonating a Prime Video subscription notice. The message falsely claimed that the recipient’s Prime subscription had expired due to a failed payment and urged the recipient to click a “RENEW MY SUBSCRIPTION NOW” button to restore service. Below the fraudulent subscription notice, the email contained unrelated content appearing to be a Skylawn Travel credit card authorization form, requesting extensive personal and financial information. The email also included two suspicious PDF attachments. CyberWyoming Note: Do not click links or open attachments in unsolicited emails, especially those claiming urgent payment or subscription issues. Instead, verify account status directly by logging into the official service website or app, and report or delete any suspicious messages.

FBI Warns Extortion Hackers Are Visiting US Law Firms To Steal Data:

The FBI has warned that a cyber extortion group known as the Silent Ransom Group is actively targeting U.S. law firms using increasingly bold social engineering tactics. Instead of encrypting systems, the group focuses on stealing sensitive data and extorting victims, often by posing as IT staff through phishing emails, phone calls, or fake help desk interactions that trick employees into granting remote access. In some cases, attackers have even shown up in person at offices to gain physical access to computers and copy data using external drives. The stolen information is then used for ransom demands under threat of public release or sale. The FBI says law firms are especially attractive targets due to the volume of confidential legal and financial data they hold, and that the group’s use of legitimate remote tools and cloud services makes its activity difficult to detect.
– Brought to you by The Record & CISA Region 8
‍therecord.media/fbi-warns-hackers-visit-law-firms-to-steal-data

Dashlane Suspends Customer Accounts Amid Brute-Force Attacks:

Password manager Dashlane temporarily suspended some user accounts during a wave of brute-force login attempts after its automated security systems detected repeated failed device-registration tries. Users received emails explaining the suspensions, while some also reported unusual login attempts from countries like Russia and South Korea and issues with 2FA codes. Dashlane said there was no internal system breach, and it restored affected accounts the same day after investigating, later moving the incident to “monitoring.” The company faced criticism for limited public communication, and some users initially suspected phishing due to the wording and older logo in the alerts.
– Brought to you by The Register & CISA Region 8
www.theregister.com/security/2026/06/01/password-manager-dashlane-suspends-customer-accounts-amid-brute-force-attacks/5248991

Interested in cybersecurity business training?

The Made Safe™ Cybersecurity Training Program is a one-on-one program designed specifically for micro-businesses to reduce cyber risk and relieve anxiety around cybersecurity. Thanks to CyberWyoming’s members and sponsors, scholarships are available for Wyoming companies. Learn more at cyberwyoming.org/cyber-training/ or email info@cyberwyoming.org.

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Oracle PeopleSoft PeopleTools, Mozilla products, and SimpleHelp. If you use any of these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Novo Nordisk, Oracle PeopleSoft, Paylogix, Infinite Campus, iRhythm, Kodak, and The Credit Pros. Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register