Hacker's Brief 08/02/21

August 2, 2021
Security
info@cyberwyoming.org
www.wyocan.org
www.cyberwyoming.org/alliance
307.314.2188, PO Box 2332, Laramie, WY 82073

Fake PayPal Payment:

Emails trying to persuade Wyoming citizens they’ve made large payments through PayPal have been circulating. The first line of this email greets citizens by their email addresses. The email will then state that a payment has been made via PayPal to the Trydex exchange. Look for the email to be sent from renatobrunkhardt598@gmail.com.

Fresh Tax Help Suspicious:

A Casper citizen received an email saying that nb2q.eJZ3@kirovo.creraditus.com spoofed as IRS-2021 had been trying to reach him ‘many times’ and to please confirm receipt of the email regarding his past due taxes. The link, according to checkphish.ai, goes to Fresh Tax Help. However, when CyberWyoming staff Googled the website it didn’t come up. In addition, CyberWyoming staff checked the Better Business Bureau’s site and there have been no reviews for this company. When we clicked on the link to the http://freshtax-help.com/ on the BBB’s site, it said Page Not Found. Finally, the phone number listed was from a list of free 833 numbers. Very suspicious! No real tax preparation company would impersonate the IRS in the email “from” address.

Evelyn Phillips Scam is Back:

If you receive a poorly written email from Mrs. Philips Evelyn (yes, the scammers reversed the first and last name in the email) who claims to be suffering from a brain tumor disease and needs to give away her money, it is a scam. The email is from evelynphilips517@gmail.com and the subject line is simply “Hello”. CyberWyoming Note: This scam was also reported in the 4/26/21 Hacker’s Brief but was recently spotted again by a Laramie citizen.

Two Microsoft Account Team Impersonation Alerts:

A Laramie citizen reported an email from smtpfox-4pnax@nowaholandia.nl and another one from smtpfox-lvm2h@worldforum.center spoofed as Microsoft Account Team saying they had detected unusual activity. The email miscapitalized Microsoft and said that the sign-in was from Norway. The Verify Account button is linked to https://perwatunakiakr.us-east-1.linodeobjects.com(and more characters), but obviously not Microsoft. (CyberWyoming Note: Hackers often change their from address so they can be persistent and try again so pay attention to patterns and report it to phishing@cyberwyoming.org.)

$1000 Amazon Winnings Scam Alert:

A Laramie citizen reported an email from our old friend newsletter@teckntech.com claiming that you can spin to win a $1000 Amazon gift card and click ‘here’ to participate. Like all emails from this address, the graphics and wording are very realistic. The subject line is “Hey [your name] Your Order no #6581352 is now Ready…”

US Economic Development Agency (EDA) Alert:

EDA has become aware of a telephone/email scam in which the perpetrator claims that the victim has won an EDA award and needs to provide personal information and a processing fee to claim it. Please note that EDA does not provide grants or other forms of financial assistance or benefits (including unemployment benefits) to individuals and does not ask individuals to disclose personal information. In addition, EDA does not require applicants to submit a processing or other fee. Funding is only via www.eda.gov/funding-opportunities.

Scambusters.org Blocking Email Trackers Advice:

Some of those marketing, spam, or hacker emails you get could have tiny spy pixels embedded in them so the sender can tell if you opened the email, where you are located, and what type of device you are using. To defeat these trackers, just delete them and don’t open them OR to stop the trackers completely check out this article from Fast Company: fastcompany.com/90325898/how-to-stop-email-trackers-pixels.

FTC Family Emergency Scam Alert:

Family emergency scams try to scare people into sending money to help a loved one in trouble. The caller lies, tries to scare you, and rushes you to pay so you don’t have time to think and check things out before you send money. consumer.ftc.gov/blog/2021/06/dont-send-them-money CyberWyoming Tip: Create a family password. That way, you can ask the caller what the family password is and if he or she doesn’t know it, then you know it is a scam.

IRS OIC Mills Scam Alert:

The IRS reminds taxpayers to beware of promoters claiming their services are needed to settle with the IRS, that their debts can be settled for “pennies-on-the-dollar” or that there is a limited window of time to resolve tax debts through the Offer in Compromise (OIC) program. These promoters are often referred to as “OIC Mills.”

Scambusters.org Has Your Browser Been Modified?

If your browser’s look and feel has changed, the home page has changed, you have strange ads, your computer is slower, or your web searches are slower, then you may have unintentionally downloaded a browser modifier. These are mini-programs, some of which are legitimate, that modify how your browser behaves – including changing security settings on the more malicious of the modifiers. If you want to remove a browser modifier, this article contains excellent instructions 2-spyware.com/remove-browsermodifier.html.

MS-ISAC Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for the Mac Operating System Big Sur, Mac iPad OS version 12, and the iPhone and iPod products. If you use these products, make sure the software (or firmware) is updated.

Other ways to report a scam:

  • Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
  • Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
  • File a complaint with the Federal Trade Commission at ftccomplaintassistant.gov
  • Report your scam to the FBI at www.ic3.gov/complaint
  • Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
  • Office of the Inspector General: oig.ssa.gov
  • AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
  • IRS: report email scams impersonating the IRS to phishing@irs.gov
  • Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
  • Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register