Hacker's Brief 11/07/22

November 7, 2022
Security
info@cyberwyoming.org
www.wyocan.org
www.cyberwyoming.org/alliance
307-314-2188, PO Box 2332, Laramie, WY 82073

Geek Squad Impersonators Won’t Give Up!

If you receive an email from a Gmail address with the subject line of “YOUR ORDER IS ON ITS WAY!” (all caps), but the email just says “HI,” (again all caps), just delete it. Do not click on the attachment which is named “INVOICE BILL #4546213.jpg”(what is it with all the capital letters?). The attachment impersonates Geek Squad but they would never send an email so unprofessional with all of those capital letters! Reported by a Sheridan citizen. (Note that the same citizen received a similar email from a different Gmail address with the subject line of “Please check your membership before it expire” and the “hi” was in lower case letters.)

FTC Alert – Fake Geek Squad Renewal:

Email and text scams have been reported to the FTC saying about the Geek Squad scams that Wyomingites have been reporting for the past 3 months. The FTC reminds you not to call the number in the email or on the fake invoice, don’t give anyone you don’t know remote access to your computer, and don’t open attachments. If you see a scam, report it to the FTC at ReportFraud.ftc.gov.

Don’t Open Attachments:

The theme for this week’s phishing reports seems to be don’t open attachments. A Sheridan citizen received an email with the subject line of “Payment info” from a Gmail address spoofed as “Renewal”. The email body simply said “PURCHASING DETAILS” and the attachment was a MS Word document called ‘PHG-89247589’. The scam claims that they are verifying your order for Norton’s antivirus software for 2 years to the tune of over $200.

Nonspecific Renewal with a Pinedale Address:

A Florida citizen reported an email saying her subscription had expired and that she would become vulnerable to Hackers (with a capital H). Oddly, the email never actually said what the subscription was that expired. But the kicker was that it asked you to write to a Pinedale address to unsubscribe from the alerts. The subject line was “Restore your Anti-virus” and the email was from a minorore.com email address. The links went to sentinelclothingco.com, definitely not a place that sells antivirus software.

Laramie Business Reports Potential Phishing Email:

While this email hasn’t been confirmed as an actual scam, the business leader reporting says it looks ‘phishy’. The PDF attachment didn’t look quite right and it wasn’t attached in the right place. In fact, it looks more like a picture of a PDF attached to an email than an actual file attached. This is a known scam tactic – using a picture of a well-known type of file attachment, so go with your instincts and call the sender to double check.

FTC Alert – Medicare Open Enrollment Period:

With Medicare open enrollment ending on December 7, remember that scammers impersonate Medicare agents and may sound professional. Don’t trust the name displayed on your phone. If someone asks for your Medicare, Social Security number, or banking or credit card information, then they are a scammer. If the person on the other side of the phone tries to rush you into making a decision, threatens to take away your benefits, or suggests that a certain plan is preferred by Medicare, then they are a scammer. Call 800-677-1116 to find local resources to give you real information about different Medicare plans available.

What is credit piggybacking?

Credit piggybacking is the practice of becoming a named authorized user on someone else’s credit cards, usually someone that has a better credit score than you do. It is often used by shady companies who say they can get your credit score up fast. However, this artificially inflates a credit score and could lead to accusations of fraud. Brought to you by scambusters.org.

Storm damage:

A reminder that devastating hurricane storm and flood damage is a common platform for scams. Check out contractors for planned repairs, only contribute to reputable charities, and ensure you check for telltale signs of flood damage in cars you're interested in buying. See our earlier guidance here: scambusters.org/floodedcars.html and scambusters.org/disasterscams3.html Brought to you by scambusters.org.

Passport warning:

Among recent data breaches, American Airlines has disclosed that a recent hack via employee emails has exposed a "small number" of customers' personal information, including passport and driver's license details. The firm is offering two years' free identity theft monitoring. Brought to you by scambusters.org.

AARP Mail Theft Alert:

AARP wants you to know that stealing checks from the mail and ‘washing’ them is back with a vengeance. While most of the fraud reported is on the coasts, it is a good idea to avoid problems and drop off the mail containing checks at the post office. To learn more about this issue: aarp.org/money/scams-fraud/text-alerts.html

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Google’s Chrome browser, Apple’s Xcode 14.1, and Cisco products. If you use these products, make sure the software (or firmware) is updated.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

  • Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
  • Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
  • File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
  • Report your scam to the FBI at www.ic3.gov/complaint
  • Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
  • Office of the Inspector General: oig.ssa.gov
  • AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
  • IRS: report email scams impersonating the IRS to phishing@irs.gov
  • Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
  • Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register