DocuSign Impersonation Scam:

There is currently a DocuSign impersonation scam circulating in Wyoming. We have received multiple reports of this scam, including from businesses in Laramie and Cheyenne. The scam emails will typically display a DocuSign logo and say something like, “[Name] sent you a document to review and sign,” along with a button to view the document. Research indicates that these emails aim to steal your contacts. Some redirect you to Canva, where you may be prompted to download a PDF that could contain malicious code. Unfortunately, one Wyoming resident fell victim after clicking a link, believing it was a legitimate DocuSign document from a trusted contact whose account had been compromised. Their antivirus software blocked the download, but shortly afterward, their Microsoft account was locked. After reviewing the situation, it appears the account lock may have occurred because someone attempted to break in, and multi-factor authentication (MFA) prevented access, or the hacker had already gained access and was sending mass DocuSign impersonation emails. This scam may be designed to dig deeper, potentially targeting sensitive information on the victim’s computer.

What to Do If You Clicked

• Run a deep scan with at least two different antivirus programs.
• If unsure how, contact a trusted local IT provider for assistance.
• In the reported case, the individual is even considering completely rebuilding their computer to ensure security.

Even if the email comes from a trusted friend, colleague, or co-worker, do not click any links. Always call to verify directly with the sender before opening any documents.

ADP Address Conformation Scam:

A resident of Northeastern Wyoming received a suspicious email claiming to be from ADP (a payroll and HR service provider), asking them to confirm their address for tax purposes. The email included a button that said it would directly take them to where they could change their address, a major red flag. The resident noticed this was different from legitimate ADP emails, which always ask users to log in directly through the secure ADP portal. To make things even more suspicious, the exact same email arrived again 53 minutes later. CyberWyoming Note: Never click links in unexpected emails. If you’re unsure, contact the company directly using a verified phone number or website as phishing scams often mimic legitimate communications.

Serving Up Trouble:

A Wyoming resident received a scam text from a toll-free 833 number, claiming to offer free Le Creuset cookware and urging the recipient to claim it via a suspicious link. The message addressed the recipient by name and falsely emphasized urgency to act before the offer was “forfeited.” CyberWyoming Note: This scam is creating a false sense of urgency, pressuring them to act quickly before “losing” the offer. The message contains poor grammar and unusual phrasing, both common red flags in phishing attempts. Never click links from unknown senders, verify offers through official sources, and report suspicious messages.

Hackers Target Federal Court Filing System:

A recent hack of the federal judiciary’s electronic case filing system, CM/ECF, exploited long-standing security vulnerabilities dating back to 2020, allowing hackers—suspected to include Russian groups—to access sensitive court data, including sealed case documents and potentially the identities of confidential informants. The breach, described by insiders as alarmingly easy, highlights the system’s outdated security and decentralized structure, with individual courts maintaining autonomy over local servers and slow adoption of safeguards like two-factor authentication. The intrusion mirrors a similar 2020 breach but has reportedly involved broader theft, including source code, raising concerns that foreign adversaries and criminal organizations, such as Latin American drug cartels, could leverage the information. In response, the federal judiciary is accelerating cybersecurity upgrades, moving highly sensitive activity offline, and coordinating with Congress, the Justice Department, DHS, and CISA to mitigate risks. Experts warn that the judiciary’s aging IT infrastructure makes courts especially vulnerable, emphasizing the urgent need for modernization to protect sensitive legal records and ongoing investigations from increasingly sophisticated cyber threats.
– Brought to you by Politico & Nextgov/FCW
‍politico.com/news/2025/08/12/federal-courts-hack-security-flaw-00506392
‍nextgov.com/cybersecurity/2025/08/us-court-system-boost-cyber-posture-after-hack-electronic-case-management-tool/407321/

Massive Online Gaming Scam Floods Social Media:

Fraudsters are exploiting Discord and other social media platforms to promote over 1,200 polished online gaming and wagering websites that steal cryptocurrency from users. The scam begins with ads claiming partnerships with popular personalities, offering users $2,500 in free credits to play games that require betting. When victims attempt to cash out winnings, they are asked for cryptocurrency “verification deposits,” which are never returned. The network is highly organized, with shared technical infrastructure, unique Bitcoin wallets for each site, AI-assisted live support, and tracking mechanisms across domains to control registrations. While similar in approach to “pig butchering” scams, these sites operate at lower individual risk and cost, but can target large numbers of users quickly, presenting a scalable and sophisticated online gambling fraud.
– Brought to you by KnowB4
krebsonsecurity.com/2025/07/scammers-unleash-flood-of-slick-online-gaming-sites/

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Microsoft products, Mozilla products, Git, Apple products, NetScaler ADC, and NetScaler Gateway. If you use any of these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Farmers Insurance and Healthcare Services Group, Inc. (HSG). Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register