‘Prime’ Time Trick:

A citizen reported a phishing email impersonating Amazon with the subject line "Amazon Prime Day Deals—Now Up to 70% Off. iygp 67", sent from an email address ending in @cmss9606. The email contained a linked image promoting early access to “Top 10 Deals” for Prime Day, claiming the recipient was already on the list. It featured enticing phrases like "Amazon Prime Day is Live Now" and a prominent "Get the early deals!" button. The image also included a legitimate-looking Amazon package graphic and the logo "early primeday sale", attempting to increase credibility. CyberWyoming Note: Unfortunately, this is a common phishing scam that many people fall for because it looks very authentic. Always verify any deals directly through the official website and avoid clicking on links or buttons in suspicious emails.

Google Listing Grift:

A business in Laramie received a suspicious call whose caller ID said CVS, using a Wyoming (307) number. The call came through the business’s old Google Voice number, which is no longer publicly listed, and was not flagged as spam. However, instead of being the real pharmacy, the caller offered to "help" with the business’s Google Listing, raising concerns that this was a scam attempt. CyberWyoming Note: The scammer was likely trying to steal business information, sell fake Google listing services, or gain access to the company's online accounts. Be cautious of unsolicited calls offering help with online listings and always verify the caller's identity independently. Never share business or account information over the phone unless you initiate the call to a verified number.

Fake Job Offer Text:

A Laramie resident received a scam text from an email ending in @disciples. The message, claiming to be from “Monica, a recruiter at DSL,” offered a flexible part-time job assisting TEMU merchants with product reviews. It promised same-day payments ranging from $201 to $3000 daily, with free training. The message urged the recipient to contact a WhatsApp number to apply. CyberWyoming Note: Be highly skeptical of unsolicited job offers that seem too good to be true. Legitimate employers don’t randomly contact strangers with promises of huge pay and asking you to switch to another app like WhatsApp is a major red flag for scams. Always verify offers independently and remember: if it sounds too good to be true, it almost certainly is.

103K Affected in Medicare Hack:

A recent data breach has compromised the Medicare information of approximately 103,000 beneficiaries, prompting the Centers for Medicare & Medicaid Services (CMS) to send out notification letters. The breach involved the unauthorized creation of Medicare.gov accounts using stolen personal data such as names, birthdates, Medicare Beneficiary Identifiers (MBIs), and zip codes. CMS discovered the issue in May 2025 and is sending letters to those impacted. While no identity theft has been confirmed, CMS is taking action by deactivating fraudulent accounts, issuing new Medicare cards, and monitoring for suspicious activity. Beneficiaries are urged to check their statements for unusual charges and report any fraud.
‍– Brought to you by Secure The Village & Kiplinger
‍kiplinger.com/retirement/medicare/medicare-accounts-breached-in-latest-hack-was-yours-one

U.S. Warns of Iran Cyber Threats:

U.S. government agencies (CISA, FBI, NSA, DoD) warn that Iranian hackers are likely to increase cyberattacks targeting critical U.S. infrastructure, especially defense contractors and firms linked to Israel, due to heightened geopolitical tensions. Iranian cyber actors have a history of retaliatory attacks against Western targets, exploiting unpatched or poorly secured systems, and have recently conducted disruptive hacks during Israel’s Gaza offensive. The advisory urges organizations to disconnect operational technology from the internet, enforce strong user account protections (like multifactor authentication), patch systems promptly, monitor activity, and have incident response plans ready. While Iranian cyberattacks aim to cause disruption and psychological impact, experts caution against exaggerating their effects.
– Brought to you by CybersecurityDive
‍cybersecuritydive.com/news/iran-cyberattacks-warning-us-government-israel-war/751963/

Voice Cloning Scams on the Rise:

Voice cloning scams are increasingly sophisticated frauds where scammers use AI technology to mimic the voice of someone you trust, such as a family member or colleague, by cloning their voice from just a few seconds of audio often taken from social media or voicemails. Scammers then impersonate that person, frequently making urgent pleas for help, such as claiming an accident or legal trouble, to trick victims into sending money quickly. These scams work because AI-generated voices can convincingly replicate tone, emotion, and speech patterns, exploiting trust and creating panic that pushes people to act without verifying. Real examples include victims losing tens of thousands of dollars after being contacted by scammers posing as family members. To protect yourself, use secret family code words, verify suspicious calls through trusted contacts, limit sharing voice recordings online, and talk openly about these scams. If targeted, report it to the authorities and share your experience. Staying informed and cautious is the best defense against these evolving threats.
– Brought to you by FightCybercrime.org
fightcybercrime.org/blog/voice-cloning-scams/

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Google Chrome, FortiWeb, Microsoft products, and Mozilla Thunderbird. If you use any of these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Aflac, Hawaiian Airlines, Nucor, Qantas, TxDOT, and Ingram Micro. Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register