Hacker's Brief 06/28/21

June 28, 2021
Security
info@cyberwyoming.org
www.wyocan.org
www.cyberwyoming.org/alliance
307.314.2188, PO Box 2332, Laramie, WY 82073

Real Program Announcement from Wyoming AARP - Helping Victims of Fraud:

The AARP Fraud Watch Network and Volunteers of America have created a new, free program designed to address the emotional impact of being involved in fraud. “Experiencing a scam can be devastating, but it doesn’t have to define you,” said the announcement. To sign up for a free facilitated peer-discussion group or to get more information about the ReST (Resilience, Strength & Time) program visit www.aarp.org/fraudsupport.

Password Expiration Scam Alert:

A Casper organization reported an email from rosemary.lieske@vanderbilt.edu, spoofed as the organization’s name@PasswordExpire with the subject line of Password/Notification. The link asks you the citizen to use the same password at the following suspicious link: http://397.ridhantours.com/#michaelanthonyshair.com/wlsk/lyadny/ cmphY2tzb25Ad3lvaGVhbHRoLm9yZw==. CyberWyoming Note: We did notify Vanderbilt’s IT department so they can check into this account that sent this email from their domain.

“Your Account is Hold” Scam:

A Casper citizen reported an email from Support@Mailgun.com with the subject line of “Your Account is Hold.” The email says that the citizen should “UPDATE ACCOUNTE N0W.” While mailgun.com is a real website, the link takes you to babalu.mx/mailgun which is in Mexico and most likely fraudulent. CyberWyoming Note: Any time incorrect grammar or misspellings are in the email, be wary.

Old Refund Scam:

A Gillette citizen reported an email from Balance days at information@improoveandbalance.com saying they had attempted to contact her three times about an old 2016 refund. The email did not say what kind of refund. CyberWyoming Note: While www.improoveandbalance.com is a real website, it is used for investment guidance and there was a warning about these types of ‘no name’ websites by the FTC recently. Also, the website does not list a way to contact them which is a red flag.

Interview Scam:

Unemployment scams are top 3 in the nation and a Gillette citizen reported an email from Kiwii K at mailinews@kindkiwii.com with the subject line of “(3rd Attempt) INTERVIEW for [citizen’s name]”. Britney claims to be an employment rep who has been informed of a job opening in the citizen’s area. CyberWyoming Note: While www.kindkiwii.com is a real website, it is used for coupons and finding deals and has nothing to do with employment. However, the website does not have a way to contact them, which is a red flag.

Changed Bank Account Scam:

A Sheridan business reported an email sent from padmsurvey398@gmail.com spoofing an employee saying that the employee had changed his bank account because of suspicious activity, thus he needed to change his direct deposit details. CyberWyoming Note: This has occurred all over the state. Be sure to train your accounts payable personnel not to change direct deposit information without calling and confirming first.

Text Scam Alert Impersonating Wounded Warrior Project:

A Laramie citizen reported a text scam alert from 786-494-0878 asking her if she would like to be paid to put a decal on her vehicle for the Wounded Warrior Project and be paid $400/week to increase the awareness of the Project. While the Wounded Warrior Project is real, this car decal offer is not. woundedwarriorproject.org/scam-information

Amazon Package Details Scam:

A Laramie citizen reported an email from info@geek-services27.co spoofed as Order Status from Amazon.com. The email was well worded with Amazon’s logo yet the shipped to address was not the citizen’s address, which was probably worded that way to prompt the citizen to call the fake number at the bottom of the email. CyberWyoming Note: See Amazon Impersonation Scams Spotted Across the Nation alert below.

Amazon Impersonation Scams Spotted Across the Nation:

While Amazon impersonation scams are in the top 5 reported by Wyomingites to CyberWyoming, it seems that it may get worse. A spike in complaints about both Amazon and Apple impersonation scams has been reported both via phone and email. According to YouMail, a call protection company, Americans are receiving between 100 million and 150 million illegal recorded calls per month from scammers claiming to be from Amazon. If you receive a call saying there is a ‘problem with your Amazon account’ that mentions fraud or a lost order, just hang up. But also be aware that this call scam could easily move to email and don’t click on any links in your emails. If you are worried, sign on (separately without clicking on a link) to your Amazon account and check the order history. It is also a good time to enable 2-step verification on your Amazon account. 2-step verification sends you a text or email with a one-time code to complete the sign in after you have entered your username and password. For more information, here is the full article: uspirg.org/blogs/blog/usp/man-lost-124000-amazon-scam-here-are-10-ways-keep-it-happening-you.

MS-ISAC Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Google’s Chrome Browser and VMware’s Carbon Black App Control products. If you use these products, make sure the software (or firmware) update.

Other ways to report a scam:

  • Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
  • Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
  • File a complaint with the Federal Trade Commission at ftccomplaintassistant.gov
  • Report your scam to the FBI at www.ic3.gov/complaint
  • Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
  • Office of the Inspector General: oig.ssa.gov
  • AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
  • IRS: report email scams impersonating the IRS to phishing@irs.gov
  • Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398