CyberWyoming security – April 25
Paypl vs PayPal alert: Watch your emails closely for a fake email from [email protected] with the missing ‘a’ in ‘pal.’ The subject line is “Account Locked. ID : DLMXD-PCNEEBQ” and the email is well written with PayPal’s branding and colors. The button to login to PayPal actually links to Amazon’s signin, so although the branding looks great, the hacker got a few details wrong. Reported by a Laramie citizen.
Create your own spam box: A very creative Casper citizen received an unusually large amount of spam calls after giving her landline to a local company. The calls impersonated Medicare, Amazon, home insurance companies, insurance for electronics and Facebook. Before providing her phone number, she rarely had a spam call, but afterwards was logging 18 per day. So, she came up with a very creative solution. She cut a hole in an old Styrofoam box (a Styrofoam cooler would work) and placed a speaker in the hole. Now when she gets a spam call, she puts her phone in the box and blasts the speaker with the “world’s most annoying sounds.” Her favorite is an air raid siren.
Unsolicited offers to buy your home warning: If you receive a phone call from a stranger asking to buy your home, remember that home ownership is part of Wyoming’s public record and even if the call is from a Wyoming number, it could still be a scammer. As the inventory of homes in Wyoming decreases, these types of calls may increase, but the best bet is to ignore the unsolicited calls. If you really are interested in selling your home, contact a local real estate agent recommended by friends, family or neighbors. Reported by a Big Horn citizen.
Text delivery notice: If you receive a text saying “Your parcel #US189222 which includes the following products: 1. Smart Samsung TV. Cannot be approved for delivery pending your outstanding tax balance has been paid. Current outstanding balance: $1.72” be very wary. The link that starts with productsholdings.com doesn’t exist and, statistically, about 50 percent of text and email delivery notifications sent are fake. The Big Horn citizen also received a follow up text from the same number saying “Hi: You have one fully paid item awaiting. You did not update delivery preferences” and then it had a link to trick you into providing private information.
Lowes reward open immediately: A Big Horn citizen wants you to know that a fake Lowe’s reward email is making the rounds. The email has Lowe’s branding and asks you to take a short survey to claim a $100 reward. The subject line was “Confirmation:4238276.” CyberWyoming note: Often surveys are used to gain important personal information like password reset questions.
MS-ISAC joint cybersecurity advisory alert: A cybersecurity advisory was issued to warn critical infrastructure organizations of evolving intelligence that indicates the Russian government is exploring options for potential cyberattacks and increased malicious cyber activity. Additionally, some cybercrime groups have publicly pledged support for the Russian government. https://www.cisa.gov/uscert/russia CyberWyoming note: While the alert is specifically for critical infrastructure, it is a good idea for all organizational leaders to talk to their employees about online vigilance and maintaining a high level of suspicion.
The FTC isn’t emailing you: Scammers are pretending to be FTC Commissioner Rebecca Kelly Slaughter saying there is an award ready to be collected, for a fee. An alternative line the scammers are playing is that there is a COVID issue that requires immediate attention, and ultimately a fee. The FTC reminds you that they won’t ever call, email, text or direct message you to ask for money (or gift cards) or your personal information. The FTC does not give awards or funds related to COVID. What to do if you suspect mail fraud: If you believe you are the victim of mail fraud or theft, notify the United States Postal Inspection Service at https://www.uspis.gov/report. The phone number to call for suspected mail theft is 1-877-876-2455.
Scambusters.org alert - crypto millions: In a new study, the Better Business Bureau said it received 2,465 complaints about cryptocurrency scams in 2021, with losses totaling more than $7 million. But this is the tip of an iceberg. The Federal Trade Commission (FTC) said crypto losses last year cost more than $750 million. CyberWyoming note: Because Wyoming is known as being cryptocurrency and blockchain friendly, our citizens get more of these types of scams. If you receive a message from a friend of a friend about a crypto investment, do your research before investing money.
MS-ISAC and CISA patch now alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) and the Cybersecurity & Infrastructure Security Agency (CISA) have published a patch now (update your software) alert for Oracle, Drupal, and Cisco products. If you use these products, make sure the software (or firmware) is updated. Please report scams you may experience to [email protected] to alert your friends and neighbors.
Other ways to report a scam: ● Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam ● Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or [email protected] ● File a complaint with the Federal Trade Commission at https://reportfraud.ftc.gov/#/ ● Report your scam to the FBI at https://www.ic3.gov/Home/FileComplaint ● Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3 ● Office of the Inspector General: https://oig.ssa.gov/ ● AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360 ● IRS: report email scams impersonating the IRS to [email protected] ● Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398 Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register.