Hacker's Brief 12/21/20

December 21, 2020
Security
info@cyberwyoming.org
www.wyocan.org
www.cyberwyoming.org/alliance
307.314.2188, PO Box 2332, Laramie, WY 82073

Amazon Scam Invoice Alert:

A Sheridan citizen reported an email with the subject line of “ORDER” from amaz0n0rder808@gmail.com. The email simply said “Hello please check invoice attach with thai email.” Note the incorrect grammar and spelling. Do not click on the PDF attached.

International Monetary Fund Email Scam Alert:

A Sheridan citizen wants you to know that the International Monetary Fund Investigation Bureau Department is not investigating overdue compensation and inheritance funds for you. The email comes from paul33673@gmail.com from Geoffrey W.S. Okamoto, and requires you to reply to ba9339561@gmail.com. It’s subject line is “Twenty Million Dollars for you.” It references a contact person, Patricia Williams, of the United Bank of Washington DC (which is a real bank, but this is not a real offer). Do not click on Google Form link.

Package Delivery Text Scam Alert:

A Gillette citizen has been receiving a lot of text messages impersonating FedEx, UPS, and Amazon saying that the planned delivery time for his package was changed and to click a link to confirm. These were not for orders he had made. CyberWyoming Note: Don’t click on links in texts. Instead go directly to your Amazon account online and check your order status.

Amazon Phone Call with a Live Person Scam Alert:

A Cheyenne citizen reported a call from a 970 prefix from ‘Amazon’ saying that $900 had been charged to her Amazon account for an iPhone. The caller had a strong accent and was a live person, not a recording. Once the citizen said she had not purchased an iPhone, the caller transferred the citizen to ‘technical support.’ Luckily, the Cheyenne citizen’s spidey sense started going off and she hung up on ‘technical support’ before they accessed her computer accounts. CyberWyoming Note: Amazon does not call you for fraud alerts. Hang up and check your credit card statement or your Amazon orders page.

Spotify Change Your Password Notice by CyberWyoming:

A vulnerability was found on Spotify’s platform on November 12. Be sure to change your password if you use the product.

Scambusters.org Zoom Alert:

If you receive an email saying that a defect in the Zoom software has enabled the fraudster to access your camera and record your activities, it is not true. Do not pay the fraudster. CyberWyoming Note: We recommend webcam covers so you know that even if a camera is turned on by a hacker, all they will see is the back of the cover. Check out the Cyber in a Box Library program for how to make a webcam cover https://library.wyo.gov/services/special-programs/wyocan/ or if you aren’t crafty, we will send you one from our conference supply (until we run out) free of charge – info@cyberwyoming.org.

Scambusters.org Christmas Scam Alert:

Tis the season for shopping scams. Watch out for fake websites, price gouging, sale of counterfeit products, fake email shipping notices with clickable links and phony fundraising charities. Remember to read all emails and receive all unknown phone calls with a note of suspicion.

Scambusters.org Red Mercury COVID Scam Alert:

Some scammers are selling ‘red mercury’ as a cure for COVID where they are filling bottles with mercury and painting the outside red. Consuming or using mercury as hand sanitizer is dangerous. Avoid these scams.

Scambusters.org Wine (not whine) Alert:

Although the holidays are hectic and may produce whining in your household, Scambusters.org wants you to know that if you are buying specialty wine as a gift be aware. There is a glut of grapes this year and winemakers keep the best for themselves and then sell the extra on the open market. This produces substandard specialty wines. Here are some tips. If you want an organic wine, look for the certification mark. If the wine is described as ‘clean’ then look for supporting evidence on the label. Finally, the words ‘private label’ mean nothing beyond the printing of the label.

MS-ISAC Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Apache Struts, Google’s Android operating system, Apple products, Cisco’s Jabber (instant messaging), Mozilla’s Firefox browser, Mozilla’s Thunderbird (email client), Mozilla’s Firefox ESR (web browser for enterprise company use), HP’s Systems Insight Management (network management product), Solar Winds N-Central, and various Microsoft products. If you use these products, make sure the software (or firmware) updated.

MS-ISAC Mitigate Code - Compromise Alert:

Solar Winds Orion Code has been compromised and CISA(Cybersecurity and Infrastructure Security Agency) has issued an emergency directive which can be found here: https://cyber.dhs.gov/ed/21-01/.

Other ways to report a scam: