Cyber Security Sept 9 report
September 8, 2022
Hacker’s Brief 9/12/2022
Geek Squad Scam Email: A Sheridan citizen reported an email from Geek Squad at a Gmail address with the subject line of “Dear, [Name redacted]” and “The Network Of support for Geek Squd.” (Note the odd capitalization and the misspelling of squad.) The email says that the citizen’s protection plan will expire and $329.99 will be deducted from her account. While the email doesn’t have any links, it asks you to call an 800 number. Don’t call the number, just delete.
Don’t Call the Number: A Laramie citizen reported a text saying that “$599.99 was Deducted From Your Card For iphone Purchase on SEPT 8th at 01:44hrs. If this was not done by you, Call Amazon at +1-(844)-427-1118 to Cancel Order.” Note the improper grammar and capitalization.
Scam Call Spoofing Powder River Energy: A Sheridan citizen reported a scam call that came across on caller ID as Powder River Energy, but when she answered it said “This call is from Amazon” and continued to say that there was fraud on her account. Just hang up!
Publisher’s Clearinghouse Phone Scam: An Albany County citizen received a phone call telling him he won $650 million in prizes from Publisher’s Clearinghouse and a check as big as his door was on the way. The citizen, guessing it was a scam, had time and kept the fraudster on the line for over 30 minutes asking questions. (A big thank you to this citizen!) The scheme was elaborate with three people, including a prize attorney and celebrity host, claiming to be Publisher’s Clearinghouse employees. One employee claimed to be on-route in a flatbed truck with a 2021 Chevy Silverado to deliver to this citizen and was only “45 minutes away” with package number 90758222 and the truck driver’s name was “Bobby Wilson.” The citizen was asked to go to Walgreens, which was 45 minutes away from his house, and purchase $1250 of Secure Spend Cards to receive the prizes. The agent wanted the citizen to get in his car, drive to Walgreens, and stay on the line. At this point, the citizen decided to hang up – he had wasted enough time and saved another Wyomingite from the hassle.
Sure You Are Beautiful: Because the Laramie citizen that reported this email scam isn’t sure what a website called “sureyouarebeautiful” has to do with his credit score, he felt it was important to warn you. He received an email from FS360 (FreeScore360) with links to view his credit scores from Transunion, Equifax and Experian but the links all led him to a link for sureyouarebeautiful.com. CyberWyoming securely followed this link and the hosting provider, Pittsburgh Community Television, had taken the website down.
Government Employees Don’t Use Gmail Addresses: A Sheridan citizen reported an email from Alejandro Mayorkas at a Gmail address with the subject line of “GREETINGS FROM THE HOMELAND SECURITY.” (Note that all caps.) The email said that there was an unpaid fund worth $40.2 million for her and all she has to do is provide her full name, home address, identification card, and the nearest airport.
Redirected to Turkey: A Sheridan citizen continues to receive scam emails from a tut.com email address. Each of the links is redirected to a link to christmascard.o2.co.uk in Turkey. The latest two emails claimed to be from AceHardware.com and iphone14 with the subject lines saying “3rd attempt for.([Name redacted])” and “[Name redacted], We have a surrprise for you!”
CVS Pharmacy Scam Email: If you receive an email from a durhamworks.info address spoofed as “CVS.COM” (yes, all caps) with the subject line of “#YOUR ORDER NO_: 63999775” telling you that you have a loyalty reward of “$100.0” be sure to note the mis-capitalizations and don’t click on the link because it goes to a Chinese phishing website. Reported by a Laramie citizen.
MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Google’s Chrome browser and Android operating system products. If you use these products, make sure the software (or firmware) is updated.
Data Breaches in the News: Savanna College of Art & Design, North Face’s website, TikTok, IRS Form 990-Ts for IRA Income https://news.yahoo.com/irs-inadvertently-publishes-120-000-234841222.html, KeyBank (home mortgage holders), Samsung, San Francisco 49ers, Tulsa Tech, Common Ground Healthcare Cooperative, Nelnet Servicing (Oklahoma Student Loan Authority and EdFinancial data exposed), OneTouchPoint, Okta, DoorDash, LastPass (proprietary data and source code), North Dakota’s Department of Workforce Safety & Insurance (182 injured employees), Lamoille Health Partners, Practice Resources, Methodist McKinney Hospital, California Prisons (affected visitors, staff, and inmates), Fremont County Colorado, Sferra (employee information), DigitalOcean (Mailchimp recipients), Signal, and ShitExpress (anonymous poop gifting website).
If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.
Please report scams you may experience to [email protected] to alert your friends and neighbors.
Other ways to report a scam:
● Better Business Bureau Scam Tracker: http://www.bbb.org/scamtracker/us/reportscam
● Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or [email protected]
● File a complaint with the Federal Trade Commission at https://reportfraud.ftc.gov/#/
● Report your scam to the FBI at https://www.ic3.gov/Home/FileComplaint
● Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3
● Office of the Inspector General: https://oig.ssa.gov/
● AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
● IRS: report email scams impersonating the IRS to [email protected]
● Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit http://www.aarp.org/fraudsupport to learn more about the free program and register.