
www.wyocan.org
www.cyberwyoming.org
307-223-1265, PO Box 2332, Laramie, WY 82073
Celebration Cyber Trap:
A Laramie resident reported receiving a suspicious email from a legitimate-looking Lubbock Independent School District (Texas) email address with the subject line, “GET TOGETHER... Please Join Us To Celebrate!” The message invited recipients to open an online invitation and RSVP through a linked button. The recipient reported having no connection to the Texas school district, which immediately raised concerns. CyberWyoming Note: After checking the link using https://nordvpn.com/link-checker/, it was flagged as a phishing site designed to steal personal information, such as login credentials and financial details. Further research indicated that the sender’s email address belonged to a real Lubbock Independent School District employee, suggesting their account may have been compromised and used to distribute phishing emails. If you receive an unexpected invitation or email from either an unfamiliar or familiar sender, do not click any links or download attachments until you have verified the message through a trusted contact method.
More Bad Apples:
A Fremont County resident reported receiving a scam text message from a Morocco-based phone number (+212) claiming that a fraudulent $452.70 Apple charge would be automatically processed within 45 minutes unless they immediately called a provided phone number. The message impersonated Apple Security and used urgent, threatening language to pressure the recipient into taking action. CyberWyoming Note: This scam relies on fear and urgency to push recipients into calling or clicking before they have time to think critically. Never call phone numbers or click links provided in unsolicited text messages, emails, or pop-ups claiming to be from a trusted company. If you are concerned about an account or charge, contact the company directly using contact information obtained from its official website or a verified customer service number (Apple Support: 1-800-275-2273 ).
Fake Google Reviews:
A Jackson Hole business reported being targeted by fake Google reviews intended to damage its reputation. The fraudulent review began with positive comments but quickly shifted to false, explicit, and profane allegations about an employee who did not exist and services that were never provided. The business owner spent several hours responding as the reviewer repeatedly changed account names and reposted the content. CyberWyoming Note: If your business receives a suspicious or abusive review, document it with screenshots and report it to Google immediately. If there is a safety concern, contact local law enforcement. Encourage trusted employees, friends, or customers to also report the review to Google as inappropriate or profane, if applicable. Multiple reports may help expedite Google's review process. Regularly monitoring your online reviews and responding professionally can help minimize the impact of these reputation attacks. You can also support other local businesses by reporting abusive or fraudulent reviews you encounter on Google, Yelp, or other review platforms.
How Scammers Exploit Trust in the LGBTQ+ Community:
New research shows that online fraud is a near-universal concern among LGBTQ+ adults, who are frequently targeted by sophisticated romance scams and cryptocurrency fraud on digital platforms. Cybercriminals intentionally exploit the social isolation, marginalization, or desire for community acceptance that some individuals face, using dating applications and social media networks to build rapport and trust before executing financial schemes. Despite two-thirds of romance scam victims suffering financial losses, more than a third choose not to report the incidents due to fragmentation in reporting resources or fear of stigma, prompting calls for expanded digital literacy and enhanced app safety measures.
– Brought to you by FightCybercrime.org
fightcybercrime.org/blog/how-scammers-exploit-trust-in-the-lgbtq-community/
Empty Envelopes and Mailbox QR Code Brushing Scams:
Consumers across the country are receiving mysterious, empty white envelopes in their mailboxes as part of a deceptive setup known as a brushing scam. Shady ecommerce sellers mail these empty packages to real addresses obtained from data breaches to generate valid tracking numbers, which they then use to post fake "verified buyer" reviews that falsely boost their product ratings. In a more malicious variation of this scheme, the package includes a QR code urging the recipient to scan it to identify the sender or claim a gift, which actually redirects the user to credential-harvesting phishing sites or installs malware on their mobile devices. If you receive one, do not scan any QR codes or use the contact information provided. Instead, visit official websites directly, monitor your accounts for suspicious activity, and update your passwords if you suspect your information may have been compromised.
– Brought to you by Fox News
www.foxnews.com/tech/empty-envelopes-mailbox-scan-code
Interested in cybersecurity business training?
The Made Safe™ Cybersecurity Training Program is a one-on-one program designed specifically for micro-businesses to reduce cyber risk and relieve anxiety around cybersecurity. Thanks to CyberWyoming’s members and sponsors, scholarships are available for Wyoming companies. Learn more at cyberwyoming.org/cyber-training/ or email info@cyberwyoming.org.
MS-ISAC and CISA Patch Now Alert:
The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Citrix Netscaler and Oracle E-Business Suite. If you use either of these products, make sure the software (or firmware) is updated.
Data Breaches in the News:
National Association of Insurance Commissioners (NAIC), Aflac, Exeter Finance, AdaptHealth, and Kids Co. Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.
Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.
Other ways to report a scam:
- Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
- Wyoming Attorney General’s Office, Consumer Protection
- File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
- Get steps to help at www.IdentityTheft.gov
- Report your scam to the FBI at www.ic3.gov/complaint
- Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
- Office of the Inspector General: oig.ssa.gov
- If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
- AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
- IRS: report email scams impersonating the IRS to phishing@irs.gov
- Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
- Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register







