Small Business Saturday Scams:

In 2020, scammers impersonated the Thermopolis Police Department on Small Business Saturday threatening to put a local business’s accounts on hold due to deposits of counterfeit money. Support your local companies for holiday shopping as they face down threats!

Fire Sticks and Fancy Steaks:

A citizen received a suspicious email claiming to be from the "AMAZ0NFlRE STlCK Department" with an unusual sender address ending in @thefreshmarketmail[dot]dog99. The subject line was "🖤 EVEN MORE BLACK FRIDAY! 🖤" and the email falsely stated the recipient had won an Amazon Fire Stick. It included a broken or missing unsubscribe option and contained a linked promotional image from Omaha Steaks urging the recipient to "Answer and win! Claim a Brand New Free Great Steaks Sampler!" via a [klclick3 domain]. CyberWyoming Note: During the holiday season, be extra cautious of emails claiming you’ve “won” prizes or offering unbelievable deals. Avoid clicking suspicious links, verify promotions through official company websites, and never provide personal or payment information to unknown senders.

PayPal Scam in Disguise:

A Big Horn resident received a suspicious email from an unknown sender named "Brian V. Mayer" with the subject "Print." The email stated, "Project change are recorded. No issues from my side - Brian V. Mayer" and included an attachment that appeared, via the preview window, to be a fake PayPal invoice. CyberWyoming Note: While the email might seem unusual on its own, it is particularly suspicious because it tries to present itself as a legitimate business document the recipient supposedly requested, when in fact it is just a fake PayPal invoice. Do not open attachments or click links from unknown senders. Always verify unexpected business-related emails through another channel (e.g., by phone or a separate email address) before taking any action, and report, block, and delete suspicious emails.

Robinhood Fake Fraud Alert:

A resident of Laramie received a fraudulent text from a UK number (+44) pretending to be Robinhood Securities. The message claimed there were anomalies in their account and urged the recipient to click a provided link with a suspicious domain to perform a “security check.” The link led to a suspicious domain. CyberWyoming Note: This is likely a Fraud Alert scam attempt potentially trying to steal login credentials. Never click links in unsolicited messages; instead, access your account directly through the official website or app. Always verify unexpected alerts by contacting the company through trusted channels.

Google Urges Users to Avoid Public Wi-Fi:

Google strongly warns against using public Wi-Fi, citing it as a major security risk. Unsecured networks in places like airports, cafés, and hotels make it easy for hackers to steal sensitive information, including banking details and personal data. Their warning is based on the latest Android “Behind the Screen” report, which highlights rising mobile scams and digital fraud, responsible for about $400 billion in global consumer losses. Cybercriminals now use sophisticated operations, phishing-as-a-service, and automated attacks to target users. To stay safe, Google advises avoiding public Wi-Fi whenever possible, not entering sensitive information on such networks, disabling auto-connect settings, verifying network security, keeping devices updated, and remaining cautious of strangers.
– Brought to you by MSN
msn.com/en-us/news/technology/here-s-why-google-is-warning-you-to-avoid-using-public-wi-fi-at-all-costs/ar-AA1Qmnxr

Beware the “Copy-Paste” ClickFix Malware:

ClickFix is an emerging and highly deceptive malware threat targeting both Windows and macOS users. It typically begins with a seemingly legitimate email, WhatsApp message, or top search result, often referencing hotel reservations, tricking victims into visiting a malicious site. The site prompts users to copy and paste a line of text into a terminal or command prompt, which silently downloads and installs malware like credential stealers, cryptocurrency theft tools, or botnet software. The attacks bypass many security protections by using native system tools and browser sandboxes, making them hard to detect. Its success relies heavily on users’ trust and lack of awareness, making education the primary defense: never click unknown links, copy code from messages, or enter commands in a terminal without verifying their source. Accessing services directly through official websites or contacting organizations by phone is a safer alternative.
‍– Brought to you by Ars Technica & David Horton, a Wyoming retired cybersecurity professional
‍arstechnica.com/security/2025/11/clickfix-may-be-the-biggest-security-threat-your-family-has-never-heard-of/

Cybersecurity Experts Turned Hackers Indicted:

Two former cybersecurity professionals, Kevin Tyler Martin of Texas and Ryan Clifford Goldberg of Georgia, have been indicted for allegedly hacking and extorting U.S. companies while working for firms that specialize in defending against such attacks. Prosecutors say the men conspired, outside of their day jobs, to deploy the ALPHV ransomware in 2023 against several firms, including a Florida medical device maker, from which they extorted about $1.27 million after demanding $10 million. Both face federal charges of extortion and damaging protected computers. Their employers, DigitalMint and Sygnia Cybersecurity Services, denied any involvement and are cooperating with the FBI. The case highlights concerns about trust in the cybersecurity industry as experts allegedly turned their skills toward the crimes they were hired to prevent.
‍– Brought to you by WISN
‍wisn.com/article/hackers-extortion-us-companies-cybersecurity/69238912

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

‍Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register