Hacker's Brief 11/08/21

November 8, 2021
Security
info@cyberwyoming.org
www.wyocan.org
www.cyberwyoming.org/alliance
307.314.2188, PO Box 2332, Laramie, WY 82073

Hello Dear from Alicia Collins:

A Laramie citizen reported an email that pulls on all the heart strings: dying widow, God, charitable projects, and humanitarian purposes. The email’s greeting is “Hello Dear,” asks for your help to disburse funds to charity, and is from alciliacollins634@gmail.com with the subject line of “Hello.”

McAfee Renewal Email Scam:

A Sheridan citizen reported a McAfee subscription renewal scam from ndgmqpcymfby@oldiesrising.com spoofed as “License Error!” with the subject line of “Important Update for 25/10/2021.” CyberWyoming Note: Look at the date. When the day is before the month, then you know it isn’t from an American based company.

Janet Yellen is Not Giving Out Inheritances:

Janet Yellen, the Secretary of the Treasury, is not emailing you from mrsevelynbenz81@gmail.com. This poorly written email even has the US consistently written as United State (missing the s on States). Do not provide your personal information. Reported by a Sheridan citizen.

McAfee Scare Tactics Scam:

A Sheridan citizen reported two emails impersonating McAfee. The first one was from Warning-153 at Notice@arynews.tv with the subject line of “Your Subscription is Suspended!” The button actually links to email.christianexaminer.com. The second one’s subject line said “ACTION REQUIRED! _Your_DEVICE_is_infected_with_89_VIRUSES” and is from a University of Hawaii address that has been discontinued for several years.

Hello:

A Laramie citizen reported an email from jp671143@gmail.com saying “Hello” in the subject line. CyberWyoming Note: These are truly ‘fishing’ attempts to see if the email address is valid and if you will engage, just delete them.

Irony is Alive & Well:

A Sheridan citizen reported a scam email with the subject line of “READSUPPORT” from developer@eshail.net and collinsowenn@gmail.com asking for your personal information to compensate you because your email address was identified as a victim of fraud!

Scambusters.org Important Tips for Avoiding Phishing:

First, never share the confirmation code that is texted to you to get into one of your accounts. Real IT people won’t ask for the code or your password. Second, links often take people to fake sign on pages so instead of clicking on a link in an email or text, type in the address of the real website and check. Third, just because someone emails you with the correct personal information doesn’t mean they are legitimate. Be suspicious.

FTC Dating App Advice:

The FTC is warning people in the LGTBQ+ community that extortion scams are occurring on dating apps. Scammers ask for explicit photos and threaten to send them to family members if they aren’t paid. Other scammers target people who are not fully ‘out’ as LGBTQ+ with the same threat. If you think someone is trying to extort you, call the Cyber Civil Rights Initiative’s crisis hotline: 844-878-CCRI (2274) for help or advice. CyberWyoming Note: This ‘send me pictures’ extortion scam is not limited to the LGTBQ+ community. At the recent Wyoming Cybersecurity Conference, a Sheridan County Sheriff’s officer discussed this happening to younger males in his community. He said “If it is something you wouldn’t want your mom to see, don’t put it out on the internet.”

Tinder, Bumble, Grindr, & Facebook Dating App Scam:

If you meet someone on a dating app that asks you to message them outside of the app and then encourages you to download an investment app, don’t do it! The app gives scammers control of your computer or mobile device.

Scambusters.org Child Tax Credit Scam Alert:

If you receive a call or email to ‘enroll’ for the Child Tax Credit program for 2021, ignore it. The payments started in July. You don’t have to apply and payments are automatic. If you think you are entitled to a payment and haven’t received one, contact the IRS.

Scambusters.org Medicare Scam Alert:

Open enrollment for Medicare applicants and members is in full swing right now. If you're one of them, you have rights to prevent being scammed: Insurers can only give you information about products you request on a scope of appointment form; they can't set time limits for you to sign up other than the December 7 closing deadline; they can't threaten to suspend existing coverage, offer gifts, or suggest Medicare backs their plan.

MS-ISAC Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Mozilla’s Firefox browser, Google’s Android Operating System, Google’s Chrome Browser, and the Cisco Adaptive Security Appliance and Firepower Threat Defense products. If you use these products, make sure the software (or firmware) is updated.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

  • Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
  • Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
  • File a complaint with the Federal Trade Commission at ftccomplaintassistant.gov
  • Report your scam to the FBI at www.ic3.gov/complaint
  • Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
  • Office of the Inspector General: oig.ssa.gov
  • AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
  • IRS: report email scams impersonating the IRS to phishing@irs.gov
  • Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
  • Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register