CyberWyoming brief – June 21


Ayesha Gaddafi is not in a refugee camp: The Laramie citizen that reported this scam mentioned that hackers should learn to spell the name of the person they are impersonating. This email was from Mrs. Aisha Al-Qaddafi from a Gmail address, but in the text of the email the name was spelled as Aisha Muammar Gaddafi. While she may claim to be in a refugee camp needing to transfer money, a Google search showed that she currently has asylum in the Sultanate of Oman and she has been removed from sanctions. The subject line in the email was “Please my beloved one, I need your assistance,” another clue that the email is fake.

PayPal fake payment: A very well drafted email impersonating PayPal was reported by a Laramie citizen. The email had PayPal’s branding, logo, and transaction reporting format and says that you sent a payment for $150. The email even anticipates you checking your real PayPal account by saying “Keep in mind, it may take a few moments for this transaction to appear.” But, if you look closely, the email isn’t from [email protected], but from a long odd email address from emaildl.att-mail.com. Note that this citizen said she received a second email just like this but the amount was for $101.

Chase identity verification required: If you receive an email saying your “Chase Private Client” account was temporarily locked due to unsafe activity, watch for the generic greeting of “Dear Chase account member” and the long sender’s email address that isn’t a Chase address. While this email looks real with its FDIC logo, Chase logo, and branding, don’t click on the verify identity button. It will probably steal your real Chase user ID and password. Reported by a Laramie citizen.

USPS shipment on hold fake alert: A Laramie citizen wants you to know about a well-crafted fake email supposedly from the USPS, but really from an email from formresponse.com. These emails have been reported around the U.S. and the United States Postal Inspection Service has issued an alert as well: https://www.uspis.gov/news/scam-article/smishing-package-tracking-text-scams. The USPIS’s first advice is “Don’t click on the link!”

FTC Student Loan Forgiveness alert: With the U.S. Department of Education announcing another extension through Aug. 31 to pause student loan payments, student loans are back in the headlines and, thus a prime target for scammers. Note that the only student loan forgiveness programs are Public Service Loan Forgiveness and Teacher Loan Forgiveness, and neither charge you for help to qualify for the program. The FTC wants to remind you not to share your FSA ID with anyone.

Fake update: Still using Windows 10? Watch out for scam update messages with a link that's supposed to install the latest version of the operating system. Several fake updates, with genuine-sounding filenames, are currently circulating. They install malware, usually ransomware that locks up the user's machine. Avoid this by using only the “check for updates” built into Windows' settings. Brought to you by scambusters.org.

Center for Internet Security summer travel tips: Before you travel, remember to update your devices, back them up, and review the security settings on your phone and tablets that you take with you. The CIS recommends setting your screen to lock after a short period of time and using longer PINs and passwords. Also, add multifactor authentication to important accounts that you may access while traveling. During your travel, guard your devices, never plug your phone into a public USB charging station, delete the data from your rental car, don’t use public Wi-Fi (use your phone’s hot spot) unless you use a VPN (virtual private network), turn off the auto-connect option on your Bluetooth devices and your phone, don’t share too much on social media (think home break in if they know you may be away a while) and don’t use public computers. When you get home, shred your board pass and luggage tag because they have scanable codes on them that contain sensitive information. Also, scan any computers or thumb drives for viruses before you use them to make sure they haven’t been compromised. https://www.cisecurity.org/insights/newsletter/cyber-safe-travel.

Please report scams you may experience to [email protected] to alert your friends and neighbors.

Other ways to report a scam:

  • Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
  • Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or [email protected]
  • File a complaint with the Federal Trade Commission at https://reportfraud.ftc.gov/#/
  • Report your scam to the FBI at https://www.ic3.gov/Home/FileComplaint
  • Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3
  • Office of the Inspector General: https://oig.ssa.gov/
  • AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
  • IRS: report email scams impersonating the IRS to [email protected]
  • Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398

Victim support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register.

Advertisement