DocuSign Scam from a Real Contact:

A Laramie resident reported receiving a scam email that appeared to come from a real acquaintance using their legitimate email address, suggesting the sender’s account may have been hacked. The message, written with poor grammar, claimed to share a document for review and signature via DocuSign, but the embedded link redirected to a Canva page instead. The email mimicked a DocuSign notification with a subject line “Application-need sign,” detailed instructions, and the real person’s name, email, and professional signature. CyberWyoming Note: When the link was inputted in a URL checker (CheckPhish), the preview revealed a fake Adobe PDF invitation attempting to trick recipients into clicking a fake document link to steal login credentials or install malware. Always verify unexpected document requests directly with the sender using a separate communication method before clicking any links or opening attachments.

Doggone Facebook Scam:

A citizen reported a scam over Facebook involving a seller named Mary claiming to sell beagle puppies in Thermopolis, WY. The user paid a $200 deposit with the remaining $250 due upon delivery. After the deposit, the seller requested an additional $185.99 before releasing the puppy. The buyer offered to pay in person, but the seller refused and promised a refund, which has not been received. The seller’s Facebook profile appeared legitimate, but the behavior was suspicious. CyberWyoming Note: This type of situation is unfortunately very common on Facebook. Sometimes accounts that look legitimate are often real accounts that have been hacked and used to post scams. Other cases like this have occurred in Facebook events where compromised accounts attempt to collect payments for vendors. Always be cautious when asked for additional money beyond the agreed amount and consider using secure payment methods that offer buyer protection.

Image-Based Hack Attacks Surge:

A recent surge in email-based cyberattacks has put Gmail and Outlook users on high alert, with a new threat analysis highlighting the growing use of SVG (scalable vector graphics) files as attack vectors. Analysts from Hoxhunt report that SVG attachments, which can embed JavaScript, are increasingly exploited to bypass email security filters, deliver malware, or steal account credentials. Early 2025 saw a dramatic 1800% rise in SVG-based attacks compared to 2024, with peaks reaching 15% of all attachment-based phishing in March and 4.9% by July. Often misclassified as harmless images, these files can carry hidden links and scripts that execute automatically, evading standard email defenses and tricking users into exposing sensitive information. Both Gmail and Outlook users are advised to exercise caution and review security settings to mitigate this growing threat.
– Brought to you by Forbes
forbes.com/sites/daveywinder/2025/10/20/gmail-and-outlook-users-warned-as-image-based-hack-attacks-surge-in-2025/

Fake Government Notices Target Businesses:

Scammers are increasingly targeting business owners with fake government compliance notices sent by mail and email, impersonating agencies like the U.S. Department of Treasury or fabricated departments such as the “United States Business Regulations Department.” These scams often cite legitimate-sounding laws like the Corporate Transparency Act and warn of severe fines for noncompliance, urging recipients to visit unsecured websites or scan QR codes to provide sensitive information. The fraudulent messages use official-looking seals, watermarks, and data from breaches to appear authentic. To avoid falling victim, businesses should verify any suspicious correspondence directly with the agency, watch for grammar or formatting errors, ensure websites are secure and end in “.gov,” and stop communicating once a scam is suspected. Any such scams should be reported to bbb.org/scamtracker or the FBI at ic3.gov.

– Brought to you by Better Business Bureau
bbb.org/article/scams/29408-bbb-business-scam-alert-watch-out-for-fake-government-compliance-notices-targeting-businesses

Home Depot Halloween Scam:

A recent Halloween-themed phishing scam pretended to be a Home Depot email offering a free Gorilla Cart. The email wasn’t from Home Depot at all. It came from a suspicious domain linked to a Los Angeles high school. Scammers used invisible characters and reused an old legitimate order confirmation to bypass email filters, and included a tiny tracking pixel to see who opened it. Clicking the image led users through shady websites to a fake Home Depot page asking for survey answers, personal info, and an $11.97 “processing fee,” which ultimately failed. The real goal was likely stealing personal and payment info for future scams. To stay safe, don’t click links in unexpected emails, verify sender addresses, check URLs, keep anti-malware updated, and never enter sensitive info on suspicious sites.
– Brought to you by MalwareBytes
‍malwarebytes.com/blog/news/2025/10/home-depot-halloween-phish-gives-users-a-fright-not-a-freebie

Medicare Season Is Scam Season:

Medicare open enrollment (October 15–December 7) is crucial for reviewing health and prescription plans but also peaks in Medicare scams. Fraudsters contact seniors via calls, texts, emails, or in-person, posing as Medicare agents with urgent offers, free gifts, or savings, aiming to steal Medicare or Social Security numbers. Scammers may use caller ID spoofing and appear professional, but legitimate Medicare representatives only call if you initiate contact. To stay safe, beneficiaries should never share personal information with unsolicited contacts, avoid rushed decisions, and compare or enroll in plans only through official sources like medicare.gov or 800-633-4227. State Health Insurance Assistance Programs (SHIP) and the Senior Medicare Patrol can provide guidance and help report fraud.
– Brought to you by AARP Fraud Network
aarp.org/money/scams-fraud/text-alerts.html

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Microsoft Windows Server Update Services (WSUS), Adobe Commerce and Magento, Apple Products, and Windows SMB. If you use any of these products, make sure the software is updated.

Data Breaches in the News:

Blue Cross Blue Shield of Montana and Toys “R” Us Canada. Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register