Hacker's Brief 10/19/20

October 19, 2020
Security
info@cyberwyoming.org
www.wyocan.org
www.cyberwyoming.org/alliance
307.314.2188, PO Box 2332, Laramie, WY 82073

Apple ID Email Scam:

A Cheyenne citizen has reported an email scam with the subject line of “Your AppleID has been disabled – Current changes were made from Ontario. Code: 71293545.” The email came from malingapamogu.anamipang-u9ecukvnq1k@eaaeh.com, spoofed as Apple. The email has the correct branding but is very poorly worded saying “Here your number of cases is: 864846338”.

Amazon Security Alert Scam:

A scam email was reported by a Cheyenne citizen with the subject line of “[New Report Activity] Amazon security alert: Sign-in from new device detected on date” and the subject line continues in a different language from noreply.mailapps-1951375@ownregir.com. The verify now button does not link to Amazon: https://axovia.axo-corp.com/static/css/goes/bruh/index.php?v=vJn9p90uQxbvJn9p904cZZh6hu7q.

Local Law Firm Spoofed via Phone:

A Laramie citizen was on the phone when she received another call. She looked at caller ID and saw the call was from a law firm that no longer exists. Out of curiosity, she wrote the number down and tried to call back, but the number did not even ring. This same citizen said she has even received calls from her own number. She wants other Wyoming-ites to be suspicious of any call, regardless of what caller ID may say.

Amazon Recorded Call Scam:

A Laramie citizen reported a robocall (recorded call) impersonating Amazon saying an iPhone 11 had been charged to her credit card in the amount of some $500 and to please press 1 to cancel the transaction. This is a scam. To report the call, you can report the complaint at www.ftccomplaintassistant.gov or www.donotcall.gov or phone at 1-888-382-1222.

General Credit Card Call Scam:

A Laramie citizen reported a robocall (recorded call) saying “This is an important message regarding your current credit card account. We have attempted to reach you multiple times. Press 1 to reduce your interest rates. Press 2 to discontinue this offer.” This is a scam. To report the call, you can report the complaint at www.ftccomplaintassistant.gov or www.donotcall.gov or phone at 1-888-382-1222.

Scambusters.org Alert Mortgage Scam:

Scammers are believed to have hacked or bought the records of mortgage companies so they can contact clients, posing as a company representative. One tactic to steal personal information is to offer the client an opportunity or modification to an existing loan, like taking advantage of lower interest rates, but you have to pay a fee. Another tactic they are using is that a loan payment is past due and must be paid immediately. If you receive a call like this, hang up and call your mortgage company directly.

Scambusters.org, the FBI, and National Cybersecurity Awareness Month:

October is National Cybersecurity Awareness Month and Scambusters.org reported that the FBI said in 2020 there is a four-fold increase in fake public network, phishing, password theft, identity theft and malware cybercrimes. We have certainly seen the phishing increase at CyberWyoming, from your reports as well as in the news. To find out more about the FBI’s cyber safety tips check out fbi.gov/investigate/cyber/national-cybersecurity-awareness-month.

MS-ISAC Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Adobe’s Flash Player, Microsoft Products, Sonic Wall Sonic operating system (firewalls), Magento CMS (e-commerce application), and Juniper’s Junos operating system (in Juniper’s network routers). If you use these products, make sure the software (or firmware) updated.

Other ways to report a scam: