Hacker's Brief 11/01/21

November 1, 2021
Security
info@cyberwyoming.org
www.wyocan.org
www.cyberwyoming.org/alliance
307.314.2188, PO Box 2332, Laramie, WY 82073

Wyomingite Gets Even:

A scammer sent a Wyomingite an email from a friend’s address saying “Can you do me a favor?” The Wyomingite started a new email (did not reply) and asked his friend “What’s up?” The scammer had control of the friend’s email account and asked if the Wyomingite would buy a gift card for his grandson’s birthday because she was “in transit.” The Wyomingite said “I don’t buy gift cards for anyone. If you are truly in transit there are stores in nearly every town that sell gift cards…” The scammer asked for the Wyomingite’s phone number. The Wyomingite replied to the email with the final zinger saying the person you are impersonating is “96 years old and living in a rest home. She is not ‘in transit’ or in need of a gift card. I was born ignorant but I didn’t stay that way, a condition apparently not true for you.” CyberWyoming Editorial Note: GOOD JOB!!!

Buckrail News Reports Scammer Posing as Jackson Police Officer:

According to a press release issued by the Town of Jackson, a scammer is calling individuals in the community from a number that appears to be the Jackson Police Department’s main phone line: (307) 733-1430. The individual has been posing as a Jackson Police Officer and informing individuals that they have been issued a subpoena. The scammer then instructs the individuals to obtain a money order to resolve the issue. These scam calls began taking place at approximately 8:30 a.m. on Friday, Oct. 22.

OptumRx Impersonation Phone Scam:

If you receive a phone call from OptumRx asking you to confirm your records with them, do not call the number given in the message. Instead, hang up and call the real OptumRX number from their website at optumrx.com/public/information-center/public-contact-us. Reported by a Wyoming citizen.

Walmart Account Resolution Scam:

A Sheridan citizen reported an email impersonating Walmart from cvfdtb@gmail.com with the subject line of “Walmar#-ID-AA7AYT” saying that there could be potential unauthorized access to your Walmart account and confirming a charge of $499.

Norton 360 Total Protection Renewal Scam:

If you receive an emailed invoice for $209.56 saying your account will be automatically debited in 24-48 hours for the renewal of the subscription, a Laramie citizen wants you to know it is a scam. The email is from jasxebavueh346@gmail.com with the subject line of “SUBSCRIPTION #QR18102021GQO.” CyberWyoming Note: Norton’s Antivirus product retails between $20 & $50.

50% Off Nonspecific Discount Scam:

If you receive a recorded phone call saying you have a 50% off discount but they don’t actually say what the discount is for, then it is a scam, don’t call the phone number given in the call. Reported by a Big Horn citizen.

FBI Special Agent Jackson David Isn’t Handing Out Money to Scam Victims:

A Sheridan citizen reported a government impersonation scam asking for her personally identifiable information in order to be compensated for, of all things, being a scam victim! The email was from chiugoo76@gmail.com and the subject line was “This is for your compensation.”

Suspicious unfunds.com Reported:

A Laramie citizen reported an email from Mr. Vald Dinu at vlad.dinu@rdslink.ro who claims to be the credit manager for the United Nations Compensation Commission at info@unfunds.com. When CyberWyoming researched the domain unfunds.com it redirected to another website that emphasized ‘winnings’ and had misspelled words on it. The email says that Mr. Dinu has been trying to reach you and cites a reference number, but don’t believe it – total scam.

Dear Friend Greeting is a Good Clue It’s Fake:

A Laramie citizen reported an email from Monika Fernandez at crypto@chernomor-auto.ru or frenandemonica483@gmail.com saying that she was diagnosed with cancer and only has a few months to live. She needs help giving away her money and wants to give you 20% commission, but you have to furnish your private phone number.

Scambusters.org EarPod Scam Alert:

There isn’t an Amazon raffle for high-end EarPods. If you receive a text or email, it is just a phishing attempt.

FTC Diabetes Treatment Warning:

The FTC and the FDA have called out 10 companies selling unapproved and misbranded drugs they claim will treat or cure diabetes. The FTC’s cease and desist demands were issued to the following companies: 1) Ar-Rahmah Pharm, LLC; 2) Aceva, LLC; 3) Live Good Inc.; 4) Holistic Healer & Wellness Center, Inc.; 5) Lysulin, Inc.; 6) Metamune Inc.; 7) Nuturna International LLC; 8) Pharmaganics LLC; 9) Phytag Labs; and 10) Radhanite, LLC d/b/a Curalife Ltd.

Shortened LinkedIn URLs:

Attackers are abusing the shortened “lnkd[.]in” (LinkedIn) URL’s to disguise phishing links. If you click on one of these links, you may be sent through several redirects before landing on a suspicious phishing page (asks for your personal information or user id/password). Here’s an article about the alert: blog.knowbe4.com/new-tactic-shortened-linkedin-urls-are-now-used-as-phish-hooks. This has a lesson for real marketers – be transparent with your links in your emails.

MS-ISAC Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for NPM Package (Javascript component), Apple products, and Adobe products. If you use these products, make sure the software is updated.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

  • Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
  • Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
  • File a complaint with the Federal Trade Commission at ftccomplaintassistant.gov
  • Report your scam to the FBI at www.ic3.gov/complaint
  • Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
  • Office of the Inspector General: oig.ssa.gov
  • AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
  • IRS: report email scams impersonating the IRS to phishing@irs.gov
  • Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
  • Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register