Week 4 of National Cybersecurity Awareness Month!

Join CyberWyoming and UWIT on Oct 28 for a chilling hour of real Wyoming cyber stories and tips to stay safe online. Register or check out the Scary Cyber Stories webinar here: cyberwyoming.org/scary-cyber-stories-from-wyoming-a-halloween-webinar/

Automatic Calendar Invites:

A Laramie resident reported discovering an unsolicited calendar entry claiming a PayPal payment to Bitcoin had been completed, attributed to someone named Kevin Skinner. The user noted the increasing creativity of these scam attempts, which appear designed to trick people into believing fraudulent transactions have occurred. CyberWyoming Note: Be cautious of unexpected calendar invites or notifications, especially those claiming financial transactions. Never click links or provide personal information from such entries. If you are concerned, consider disabling automatic calendar event additions from email or unknown sources.

Feeling Pressured?:

A Big Horn resident received a scam text from an unknown number claiming they were gifted a “KynPower pressure washer” and asking for $8 shipping via a suspicious link (dismaxx domain). CyberWyoming Note: This is a classic advance-fee scam, designed to trick recipients into paying small amounts of money for a fake prize or service. Never click links or provide payment information in unsolicited messages, especially if they appear to offer free gifts or seem urgent. Be sure to block the sender’s number, report the message, and delete it immediately.

GoFundMe’s 1.4M Unauthorized Nonprofit Pages:

In late 2025, GoFundMe automatically created roughly 1.4 million donation pages for U.S. 501(c)(3) nonprofits without their consent, using public IRS data and partner feeds like PayPal Giving Fund. These pages, appearing official, often went unnoticed by nonprofits, depriving them of donor data, brand control, and stewardship opportunities while introducing confusing default fees, including tips of 15–17% and a 5% recurring-donation surcharge. The surge of pages also created SEO (website searching) conflicts, diverting traffic from nonprofits’ official sites and potentially misleading donors. Nonprofits and advocacy groups, including the Wyoming Nonprofit Network and National Council of Nonprofits, expressed concern over consent, transparency, and operational burden, highlighting that the initiative forced organizations to claim, manage, or remove pages just as year-end fundraising peaks. GoFundMe responded by promising to remove default tips, improve brand control, and enhance communication, but critics argue these updates fail to address the fundamental issue of unsolicited page creation and its impact on nonprofit autonomy. As a nonprofit ourselves, the CyberWyoming Alliance started the steps to disable the GoFundMe page that was set up without our knowledge or consent. While we are still not able to completely delete it, we ‘claimed’ the page, disabled its visibility, and removed any personally identifiable details that GoFundMe added to it. Learn more about this and how to claim and disable your nonprofit’s page:
nonprofitnewsfeed.com/news/1-4-million-donation-pages-without-permission-created-by-gofundme/

Shutdown Sparks Spike in Recruitment Scams:

During the 2025 government shutdown, an estimated 6,000–7,000 federal workers in Wyoming are furloughed, leaving many without pay for over two weeks. Employees report intense stress, financial strain, and reliance on mutual support, as they navigate unpaid bills, childcare, and basic necessities. The uncertainty and delayed paychecks have led to some employees quitting, heightening operational gaps. This environment of financial vulnerability and desperation creates fertile ground for increased recruitment/job scams, as scammers often target individuals under economic pressure with offers that seem urgent or lucrative but are fraudulent. The combination of uncertainty, stalled federal work, and furloughed workers’ need for income likely makes such scams more probable right now. These scams typically involve email or text messages claiming to be from legitimate employers, sometimes with official-looking invitations for virtual interviews. They often push for sensitive personal or financial information, like Social Security numbers or bank account details, before any real interview occurs. Red flags include emails from personal accounts rather than corporate ones, recruiters who insist on personal information upfront, and online searches revealing complaints or scam reports about the company or recruiter. For more information on how to spot and report job scams, go to ftc.gov/jobscams.
– Government Shutdown information brought to you by WyoFile
wyofile.com/furloughed-federal-workers-struggle-hang-on-help-one-another/

Amazon Outage Disrupts Global Services:

On Monday, Amazon Web Services (AWS) resolved a major internet outage caused by a problem with one of its core database products, which had left millions of users worldwide unable to access popular websites and apps. The disruption, which began around 3 a.m. ET, affected services ranging from Snapchat, Roblox, Fortnite, and Apple Music to Amazon’s own Ring cameras, Prime Video, and Kindle, as well as platforms used by airlines, banks, and government agencies. AWS traced the issue to an internal network subsystem that monitors server load balancers, leading to widespread service interruptions despite partial mitigations earlier in the day. The outage highlighted the vulnerability of cloud-dependent businesses and critical digital infrastructure, with social media users, media outlets, financial services, and secure messaging apps like Signal all reporting issues.
‍– Brought to you by NBC News
‍nbcnews.com/news/us-news/amazon-web-services-outage-websites-offline-rcna238594

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Oracle products. If you use these products, make sure the software is updated.

Data Breaches in the News:

Verisure, Prosper, PeopleGuru, Vocus ISP Dodo, and Envoy Air (subsidiary of American Airlines). Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register