DocuSign Phish via Canva:

A phishing scam involving emails titled "Request for Proposal" has been reported by individuals in Sheridan and Cheyenne. These emails impersonate DocuSign, featuring its logo and a message saying, "Document Sent to Review & Sign - All signers completed Complete with Docusign: Request for Proposal." However, the link actually redirects to a Canva site, not DocuSign. From there, it leads to a fake RFP Proposal Document page and then to an image CAPTCHA. The scams are being caught by some phishing filters, but the reports were made to warn others who may not have such protection in place. CyberWyoming Note: Be cautious of emails claiming to share documents via DocuSign that redirect to Canva pages—these may host malware like ScreenConnect, a remote access tool that gives attackers control of your system. Always verify document links independently and never download executables from unknown sources, even if the site appears trusted.

Phantom Payment:

A citizen from Laramie reported receiving a scam email disguised as a payment remittance report from "APCREDlT lD-10092" with the sender address @smsprefeiturasp. The email contained barely visible white text with details like a payment ID, date, and invoice number, and included a disclaimer claiming to be from Smurfit Westrock plc, warning that the message was confidential and only for the intended recipient. The message urged unintended recipients to delete the email and not use or distribute its contents. CyberWyoming Note: Always verify the sender’s email address and be cautious of unexpected messages with hidden or unusual text formatting, as scammers often use these tactics to disguise phishing attempts. Never click on links or open attachments from unknown or suspicious sources.

Healthcare Award Invite Scam:

A business in Laramie reported receiving a suspicious email from a random Gmail address, impersonating someone named "Jacquelyn." The message falsely claimed the recipient was selected for a "Commendation Program" or "Professional Excellence Program" tied to a supposed healthcare conference in early 2026. The sender used vague flattery and requested a video call to discuss the opportunity. CyberWyoming Note: Be cautious of unsolicited emails offering awards or honors, especially from generic email addresses. Always verify the sender’s identity and avoid clicking links or scheduling calls without confirmation.

Voicefail:

The University of Wyoming reported a phishing scam involving fake voicemail emails. The first email had a misleading subject line like "Missed Call Notification [random characters]" and came from an invalid address ending in "@mnlaw". It included an attachment named "Audio_Msg Uwyo", which was actually an XHTML file—not a legitimate audio file. The email also featured a fake security banner falsely claiming the sender was verified by UWYO, placed directly beneath the university’s real warning banner indicating the message came from an external source. A second similar email had a confusing subject line referencing a voicemail recording and included another non-audio file titled "Play_vm_Message_for_Fdn-accounting__vaw". Fortunately, the recipients did not click on the attachments and promptly reported the suspicious messages. CyberWyoming Note: Always verify the sender’s email address and be cautious with unexpected attachments, especially if the file type doesn’t match the content.

Mobile Threats at Every Turn:

The Malwarebytes 2025 Mobile Scam Report uncovers that mobile scams are no longer occasional annoyances—they're a daily reality for millions, especially in the US and UK. Half of mobile users encounter scams daily, and 66% admit it’s hard to tell scams from legitimate content. Attack vectors include SMS, email, social media, and ads. Gen Z and Millennials face the highest exposure, encountering scams through nearly every digital channel.
– Brought to you by Malwarebytes
‍malwarebytes.com/mobile-scams

Inside a Cyberattack:

Cyberattacks are increasingly inevitable as cybercriminals become more advanced, making it difficult for organizations, especially in banking and finance, to keep them out. Once inside, hackers can often move undetected for months, targeting valuable data like sensitive customer information. Hackers are motivated by efficiency and opportunity, using tools like Ransomware-as-a-Service (RaaS) and exploiting weak spots such as phishing or overlooked server vulnerabilities. While cybersecurity measures like firewalls and zero-trust networks help, true protection requires robust data security—including strong encryption, secure key management, and techniques like tokenization—to ensure that even if systems are breached, the stolen data remains useless. To outsmart hackers, organizations must make attacks harder and less rewarding, forcing criminals to seek easier targets.
– Brought to you by Database Trends and Applications
dbta.com/Editorial/Think-About-It/Inside-a-Cyberattack-How-Hackers-Steal-Data-168907.aspx

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Grafana. If you use this product, make sure the software (or firmware) is updated.

Data Breaches in the News:

Erie Insurance and Erie Indemnity Company, McLean Mortgage Corporation, SimpleHelp RMM, Alera Group, VirtualMacOSX, JPMorgan Chase, Bank of America, TD Bank, and Zoomcar. Note: If you have an account with any of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register