Spotting the Spoof:

A Laramie business reported receiving a scam email with no subject line. The message requested a change to payroll account information. The most alarming part was that the sender's name appeared as a coworker’s, suggesting that the scammer had identified employees at the company to make the message seem legitimate. However, the email actually came from an unrelated Gmail address not associated with that employee. CyberWyoming: Always verify any requests to change account or payroll information by contacting the employee directly through known company channels or calling them before making any updates.

Cloudy with a Chance of Scammers:

A Laramie resident reported a scam email with the subject "Final Notice," falsely claiming to be from a generic “Cloud” that seemed to be impersonating Apple’s iCloud. The message warned that the user's cloud data would be deleted due to a failed payment and urged them to update their billing information, stating there was a deadline which was the same day the email was sent. It listed potential data losses like photos, contacts, and device backups. The email included suspicious attachments titled "noname.html" and was sent from a questionable address ending in "mimtechstone[dot]us," indicating it was a phishing attempt. CyberWyoming note: Always verify the sender's email address and never click on suspicious attachments or links, especially in urgent messages demanding payment updates. When in doubt, contact the company directly through official channels.

Magazine Offer or Mind Games?:

A resident reported a suspicious email scam impersonating Dave Farrow, claiming to be the Editor-in-Chief of BrainHackers Magazine. The email invited the recipient to write for the magazine, mentioning Farrow's Guinness World Records and position. However, the resident suspected the email was a scam, noting that while brainhackers.com exists, it is unrelated to their field, which raised doubts about the legitimacy of the communication. CyberWyoming Note: Be cautious when receiving unsolicited emails offering opportunities, especially if they come from unfamiliar sources. Verify the sender's information and look for red flags, such as irrelevant or unrelated links, before responding or clicking any links.

Social Security Scam:

A Washington man lost over $500,000 in a scam where fraudsters posed as government agents, claiming his Social Security number had been stolen. The con artists used fear, urgency, and secrecy to pressure victims into liquidating their accounts and handing over cash or gold for supposed “safekeeping.” At least 47 Washington residents have reported similar scams, though authorities believe many more have been affected. The scammers often use fake emails, texts, or calls that appear official and may involve multiple impersonators posing as officials from agencies like the FBI or banks. In 2024, Social Security scams cost Americans $577 million. Experts urge the public to be wary of any demand involving secrecy, urgency, or unusual payment methods and to verify suspicious messages directly with government agencies. Victims should stop contact, gather evidence, alert their bank, and report to the FTC, FBI, or SSA immediately.
– Brought to you by Secure The Village & Yahoo News
yahoo.com/news/washington-man-scammed-500k-conmen-190000311.html

YouTube Channel Hack and Recovery:

YouTuber Chase Broen recently had his channel hacked and taken down. He shared the difficult experience he endured, explaining that on May 31st, he accidentally clicked a malicious link that hijacked his active session, allowing hackers to take control of his YouTube channel and other accounts. The hackers used his channel to run a crypto scam livestream, leading YouTube to shut down the channel temporarily for security reasons. This left Chase without income for three weeks and with little communication from YouTube, making the situation very stressful. Throughout the recovery process, Chase received help and support from close friends, tech experts, and fellow content creators who helped him secure his accounts and restore control. One person even helped him secure his email by pulling it away from Gmail and verifying domain ownership via DNS records. Although some channel features like thumbnails and video visibility are still being restored, he now has full access again. Despite setbacks, he’s excited to be back and warns others to be cautious with suspicious links.
– Brought to you by Chase Broen
https://www.youtube.com/watch?v=95dEimODLjc

The Creepy Accuracy of AI in Identifying Your Location:

AI is becoming remarkably adept at geo-guessing from subtle visual and audio clues, often without metadata. Tests showed that tools like ChatGPT and Perplexity can accurately determine locations from images, such as identifying Cork, Ireland, based on architectural and environmental features. AI can also infer locations from more obscure clues, like the type of wheelbarrow in a photo or the species of birds in a recorded song. These capabilities highlight the increasing precision of AI in identifying locations based on small, seemingly insignificant details, making it crucial to be cautious about the background in photos or videos shared online.
– Brought to you by MalwareBytes
‍https://www.malwarebytes.com/blog/news/2025/04/ai-is-getting-creepy-good-at-geo-guessing

MS-ISAC and CISA Patch Now Alert:

It’s kind of amazing and we don’t think this has EVER happened in the history of the Hacker’s Brief, but there aren’t any new patch now (update your software) alerts this week from the Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA).

Data Breaches in the News:

Crypto ATM, Louis Vuitton, Rockerbox, Flutter Entertainment, and Artivion. Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register