Wyo Nonprofits Scam Alert:
The Wyoming Nonprofit Network reported emails from impersonated Wyoming nonprofits with the subject line of “Please Review – Name of Nonprofit RFP,” asking you to review a proposal from the named nonprofit. The emails had a sense of urgency. However, these are fake. Do not click on the RFP link.
Microsoft Account Team Impersonation Alert:
A Laramie citizen reported an email from firstname.lastname@example.org impersonating the Microsoft Account Team. (Note that Typeform is a real website where users can build forms, however they are not associated with Microsoft.) The email says that they detected unusual activity to your Microsoft account, a sign in from Norway. The email even lists the IP address, however the link to the Verify Account button does not send you to Microsoft.
Individual Impersonated in Sheridan:
A Wyoming citizen was impersonated by email@example.com saying that she had recently switched banks and would like to change her direct deposit to her new account. CyberWyoming Note: Every business in Wyoming needs to have a procedure to double check these types of emails to protect their business and their employees.
United Nations and Irrevocable Payment Order Scam:
A Casper citizen reported an email from Mr. Paul Claxton at firstname.lastname@example.org, a real company email that was compromised. The email was actually signed Mark Philip and the email asks for personal information to give you an ATM card with funds, but is really an attempt at identity theft. Another email address listed in the email is email@example.com.
Bitcoin Scam Alert:
A Laramie citizen reported a scam email from firstname.lastname@example.org with the subject line of ORDER AHR2021AG. The email claimed that you made a bitcoin exchange transaction of $311.12 and listed a number to call with questions. CyberWyoming Note: Cryptocurrency scams target younger Millennials and GenZ’ers.
Wyoming Bankers' Association Impersonation Continues:
A Laramie citizen reported two new email addresses that sent emails using the Wyoming Banker’s Association name in the subject line. These came from Xander Morgan at email@example.com and William Payton at firstname.lastname@example.org.
Amazon E-Gift Card:
A Sheridan citizen’s friend’s email was compromised and the hacker’s sent an email asking “May I ask you a favor, do you have an account with Amazon?” The Sheridan citizen responded to her friend saying she didn’t have an Amazon account, but then the correspondence became more suspect. The hacker asked the Sheridan citizen to buy her an Amazon e-Gift card for another friend’s birthday giving the reason that there was trouble with her credit card account that the bank was sorting out. The Sheridan citizen called her friend to see what was going on, found out the friend’s email had been compromised, and then reported this scam. CyberWyoming Note: When in doubt, call!
Beware of False Donations to Campaigns:
A Laramie citizen reported an email asking if she was a “Trumph” supporter and then, if so, clicking on a link to donate to support the cause. The email was from email@example.com and the subject line was “Are you a Republican?”
Microsoft Voice Message Impersonation Scam:
A Casper citizen reported an email with perfect Microsoft branding saying that he received a voice note and to click on the button, styled as a voice message player, to retrieve the message. However, the button was disguised and is a link that does not go to Microsoft. The email was spoofed as the Casper citizens name and company but was actually from firstname.lastname@example.org and the subject line was today’s date.
Tip from CyberWyoming to Beat the Scammer:
When you are online, purposely misspell your name on webforms that don’t contain important information. For instance, if your first name is Brian, change the name to Brain. That way, whenever you receive an email for Brain you will know that you can ignore it.
MS-ISAC Patch Now Alert:
The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Google’s Android operating system and Microsoft products. If you use these products, make sure the software (or firmware) is updated.
Data Breaches in the US News:
Spreadshop, LinkedIn (scrape of data, not a data breach), Mint Mobile, Bank of Oak Ridge, CNA Financial Corporation, Morgan Stanley, Republican National Committee, Northwestern Memorial Healthcare, GETTR (new social media platform), PracticeFirst (medical practice management software), Pacific Market Research, Arthur J Gallagher (insurance brokerage firm), LimeVPN, UofL Health (Kentucky), AcadeME, Altus Group, Mercedes-Benz USA, Workforce West Virginia, Wolfe Eye Clinic (Iowa), City of Tulsa, PACS (medical imaging software), Maximus (Ohio Medicaid provider), Reproductive Biology Associates, MyEggBank, NYC’s Law Department, Wegmans, Carnival Corporation, Cake Box, Audi/Volkswagon, and CVS Health.
Change your password if you have an online account with any of these organizations.
- Please report scams you may experience to email@example.com to alert your friends and neighbors.
Other ways to report a scam:
- Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
- Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or firstname.lastname@example.org
- File a complaint with the Federal Trade Commission at ftccomplaintassistant.gov
- Report your scam to the FBI at www.ic3.gov/complaint
- Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
- Office of the Inspector General: oig.ssa.gov
- AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
- IRS: report email scams impersonating the IRS to email@example.com
- Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398