Brief 2/6/2023

CyberWyoming Alert: With Valentine’s Day coming up, take this opportunity to talk to your friends and family about romance scams. Follow CyberWyoming on Facebook for tips at https://www.facebook.com/madesafeinwyoming and get your free romance scams toolkit from https://staysafeonline.org/resources/romance-scams-toolkit/.

When ‘Do Me a Favor’ is a Scam: A Laramie citizen reported a scam where criminals pose as someone you know – a boss, friend, family, pastor/minister/priest – and ask you for a favor: buy some gift cards. The message can come by email, text, or social media, and the sender claims to be traveling or is somehow unable to perform the task themselves. The scammer asks you to purchase a gift card for them and then instructs you to send photos of the front and back of the card, exposing the PIN so the card can be used. What to do? If the request is from someone you know, contact them via another channel (phone, mail, ring the doorbell) to confirm. If you buy the gift cards and then discover it is a scam, contact the retailer or card issuer immediately. You may be able get some of the money back. As this is a crime, also contact your local law enforcement and file a report.

Subject line: “Details regarding your annual plan [series of numbers]”: A Laramie citizen received an email with an attachment that supposedly contained details of an annual plan. Do NOT click on the attachment. It’s a phishing scam to get you to link to a website that will ask for your financial and personal information. CyberWyoming Note: Scammers often take advantage of end of year benefits registration to get you to concoct a half story that gets you to click.

You’ve Been Chosen: A Laramie citizen reported receiving an email impersonating Ace Hardware to join the loyalty program for free. (Note that the real Ace Hardware’s loyalty program IS free!) There is also a picture of a drill, seemingly an offer to join. Unfortunately for those who need a new drill, the offer is a fake, sent from an email address with the domain name “ausspeiende.lol.” The entire body of the email is a link, so be careful if you open the email as it would be easy to accidentally click the link.

Scambusters.org Alerts:

• Don't Take that Quiz: The US Federal Trade Commission (FTC) has issued a new warning to people who enjoy answering quizzes and surveys on social media. Certain questions in some of the surveys can be used to crack your password reset questions, such as the make and model of your first car. CyberWyoming Note: One helpful tip? Treat your password reset questions as if they were your passwords. For more information, check out this video created by the WyoCAN (Cybersecurity Action Network) committee: https://www.youtube.com/watch?v=jcLiVrderE4.

• Don't Let Them In: The ability to track a missing mobile device has been hijacked by scammers who knock on people's doors and claim they've tracked their device to your home. In reported cases, they've either asked for the individual's Wi-Fi password to supposedly check further or just used the incident as a way to enter the home. Never tell anyone you don't know or trust your network password - and certainly don't let them into your home. Call the police instead.

FTC Consumer Alert - Looking for a job? Scammers are looking for you: Recent layoffs have scammers fine-tuning their approaches to take advantage. They may advertise jobs online, sometimes setting up fake websites, or looking for targets on social media — all to try to steal your money and personal information. Scammers may go to great lengths to get what they want. Some may conduct fake online job interviews and set up phony onboarding portals where they ask you for Social Security numbers and bank account information to (supposedly) deposit paychecks. Other scammers may ask you to send money for (supposed) equipment or background checks needed for remote work — with the promise to reimburse you with your first paycheck. But these are scams. Verify all job postings before submitting your resume, and never pay for a job. Recruiters charge the companies, not the applicant.

MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for VMWare vRealize Operations, Apple products, Google’s Chrome browser, and Sophos Firewall. If you use these products, make sure the software (or firmware) is updated.

Please report scams you may experience to [email protected] to alert your friends and neighbors.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: http://www.bbb.org/scamtracker/us/reportscam

• Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or [email protected]

• File a complaint with the Federal Trade Commission at https://reportfraud.ftc.gov/#/ 

• Report your scam to the FBI at https://www.ic3.gov/Home/FileComplaint 

• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3

• Office of the Inspector General:  https://oig.ssa.gov/

• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360

• IRS: report email scams impersonating the IRS to [email protected]

• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398

Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit http://www.aarp.org/fraudsupport to learn more about the free program and register.