Blue-FCU Impersonation Text:

A Cheyenne resident reported receiving a scam text message from a phone number with a Florida (561) area code. The message falsely claimed to be from "BLUE-FCU," stating that a payment of $478.41 to "THE MAART LTD" had been attempted from a new device. It instructed the recipient to cancel the transaction by clicking on a link hosted on a suspicious "[alceregoli]" domain. CyberWyoming Note: Do not click on links or respond to unexpected texts about account activity. Always verify suspicious messages directly with your bank using trusted contact information. Block the sender and report the scam to help protect others.

McAfee Make-Believe:

A Wyoming resident reported receiving a scam email titled “Payment Reminder” from an unknown Gmail sender named Carl. The email claimed a payment had been successfully processed with the note “Successful Processing of Payment Entry During Fast Run PL Cynthia” and included a fake McAfee Invoice for Lifelock Security. The recipient confirmed they do not use McAfee Antivirus. CyberWyoming Note: Invoice scams are common, often impersonating antivirus companies like McAfee to trick users into paying for services they never purchased. Always verify unexpected invoices directly with the company through official channels and avoid clicking links or opening attachments in suspicious emails.

Emerging Threats and the Challenge of Transparency:

According to the ITRC H1 2025 Data Breach Report, cybercriminals are using increasingly sophisticated tools, including AI-powered phishing attacks, while Previously Compromised Data (PCD)—recycled stolen credentials—continues to fuel identity theft, fraud, and scams. Despite the scale of these threats, a troubling trend persists: 69% of breach notifications did not disclose the attack vector, leaving individuals and organizations in the dark about how their data was exposed. This lack of transparency makes it difficult to fully assess risk and underscores the need for proactive cybersecurity measures rather than reactive responses. Individuals can protect themselves by remaining vigilant with communications, monitoring accounts, freezing credit where necessary, using passkeys or strong unique passwords, and enabling multi-factor authentication to mitigate the impact of potential breaches.
– Brought to you by Identity Theft Resource Center (IRTC)
idtheftcenter.org/publication/itrc-h1-2025-data-breach-report/

Data Scraping on the Web & AI Bots:

In 2025, web data scraping by AI bots has become a major battleground. Once niche, it exploded after ChatGPT’s launch, fueling 250+ US lawsuits against AI firms for copyright violations. ImmuniWeb’s study of 1,807 websites shows strong defenses: newspapers block 83% of bots, academic sites over 70%, and law firms 38–64%. Microsoft’s Copilot, Anthropic’s Claude, and OpenAI’s GPTBot are most banned. With copyright law and AI regulations lagging, creators now rely on technical barriers and updated Terms of Service to protect content, forcing AI companies to rethink their data-hungry business models.
– Brought to you by Immuniweb
immuniweb.com/research/state-of-data-scraping-ai-bots-unwelcome-2025.html

Amazon Stops Russian Hackers Targeting Microsoft 365:

Amazon scored a major win against Russian state-backed hackers APT29, also known as Midnight Blizzard, who were attempting to steal Microsoft 365 credentials. The group had set up a clever “watering hole” scheme, compromising legitimate websites and redirecting visitors to fake Cloudflare pages to trick users into authorizing attacker-controlled devices. Amazon’s threat intelligence team intercepted it, isolating the hackers’ cloud infrastructure and teaming up with Microsoft and Cloudflare to shut down the operation. While APT29 tried to regroup and move to new domains highlighting evolving hacker tactics but leaving Amazon’s systems untouched. Users and admins are reminded to stay vigilant with MFA, device authorizations, and suspicious logins.
– Brought to you by Bleeping Computer
bleepingcomputer.com/news/security/amazon-disrupts-russian-apt29-hackers-targeting-microsoft-365/

Guide to Senior Dating Safety:

Online dating offers older adults renewed opportunities for companionship, especially after divorce or the loss of a spouse. While it can be joyful and hopeful, it also comes with risks—particularly romance scams that target older or isolated individuals.

• Be Supportive, Not Judgmental: Start conversations with kindness and respect their independence.
• Encourage Safe Habits: Use trusted platforms, keep chats on the app, avoid sharing personal info, and meet in public places.
• Watch for Red Flags: Scammers may avoid meeting in person or ask for money.
• Offer Tech Help Gently: Help with privacy settings or spotting fake profiles—only if they’re open to it.
• If You Suspect a Scam: Approach with empathy. Don’t confront; offer support and resources instead.
• Empower, Don’t Scare: Reinforce their right to love and the importance of staying safe.

Online dating can be enriching for older adults when approached with awareness and support. With respectful dialogue, shared safety strategies, and ongoing encouragement, families can help protect their loved ones while honoring their independence and search for connection.
– Brought to you by FightCybercrime.org
fightcybercrime.org/blog/a-guide-to-helping-your-older-loved-ones-date-safely-online/

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Mozilla products, Google Chrome, Adobe September, Cisco IOS XR, Microsoft, Palo Alto Networks, Samsung Android, and SonicWall SSL VPN. If you use any of these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Fairmont Federal Credit Union, Commonwealth Business Bank, FinWise Bank, Kering, Farmers Insurance, and Union Home Mortgage Corporation. Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register