Cyber Security/online scams Weekly Briefing
April 27, 2023
Hacker’s Brief 5/1/2023
Wedding Anniversary Gift: A Sheridan citizen who owns a small business has been receiving similar emails every couple of months, asking for information about purchasing products for a gift for an anniversary, a new home, and similar themes. The email asks for some pictures and details about prices, but it’s the same message each time but from different sender addresses.
Donation & Support: A Wyoming non-profit received an email supposedly from Hy-Vee Construction, offering a donation but only through wire transfer. The link in the email was to the Hy-Vee Construction website, but the email sender address was from an iCloud account. CyberWyoming note: This scam has been reported by other non-profits. Never respond directly to an email offering a donation – always look up the company’s contact information and call them directly to verify the offer.
In 2022, U.S. consumers lost $8.8 billion to fraud. That’s up 30 percent from 2021. Wyomingite losses were $17 million, up $7 million from last year. Investment-related scams are almost half of the losses followed by imposter (usually romance) scams, online shopping, lottery scams, and business or job opportunity scams. At least a quarter of the thefts came from social media, and 1.1 million people were victims of identity theft. The actual numbers are probably higher because people are too embarrassed to report the thefts. CyberWyoming note: Always be skeptical of handing over money or providing your personal information. It’s better to lose out on some deal or risk embarrassment due suspicion than to be the victim of fraud. – Brought to you by FTC Consumer Alerts
6 Travel Scams to Avoid: As you make your travel plans this year, be cautious of free or rock-bottom deals as the website is mostly likely owned by scammers. These websites can be for airline tickets, rental cars, vacation rentals, tourist visas, and even TSA pre-check programs. CyberWyoming note: Scammers often use similar sounding names for websites (Expedite vs Expedia, .org vs .com, etc.). Be very careful, especially with sponsored ads when you search for the website. Last week we saw a sponsored ad for Facebook.com, but when it was clicked, it went to a completely different site (this has been reported to Google). Scammers purchase sponsored ads for travel sites as well. - Brought to you by AARP Fraud Network
Ransomware on Your Computer: Scammers have started to use popup messages to state that you have been hit with ransomware. They want you to call or click a link to give them money to access your device. Instead, take a picture of the message and then restart your device. If it restarts, it was a malicious fake message. -Brought to you by Scambusters
More Companies with Cyber Insurance Are Hit by Ransomware Than Those Without: Unexpectedly, companies that provide cyber insurance are finding their clients are hit with more ransomware attacks. It turns out that these companies are not on top of their security risks since they assume the insurance will take care of any problem. However, insurance will not fix the company’s reputation or the good will of the customers whose data has been breached, nor the hours or days in which the company’s network is inaccessible. Exceptional cybersecurity management is always an asset. -Brought to you by KnowBe4.com
It's Not Your Imagination: You really are getting more phishing emails – almost double the amount in the first quarter of 2023. The scammers are also getting more creative to get their emails sent to your inbox rather than the spam folder, and they are increasingly using sophisticated mirror images of Microsoft, PayPal, and other websites to make you think you’ve reached the correct web page. Stay alert, always check the sent email address and the entire URL before entering any personal information, and, if in doubt, don’t click. -Brought to you by KnowBe4.com
“Did you attempt wire transfer amount of $7500?” Scammers are sending text messages that present to be from your bank, asking you to “Reply Y if recognized, Or NO to stop fraud.” Unsuspecting people are getting their accounts wiped out by this scam. Remember – always call your bank or financial company if you get any messages by text, phone, or email. - Brought to you by SecureTheVillage.org
MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for PaperCut NG/MF, Novi Survey, Google Chrome, and Oracle. If you use these products, make sure the software (or firmware) is updated.
Data Breaches in the News: Medtronic MiniMed, Consumer Financial Protection Bureau, American Bar Association, CommScope CyberWyoming Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.
Please report scams you may experience to [email protected] to alert your friends and neighbors.
Other ways to report a scam:
• Better Business Bureau Scam Tracker: http://www.bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or [email protected]
• File a complaint with the Federal Trade Commission at https://reportfraud.ftc.gov/#/
• Report your scam to the FBI at https://www.ic3.gov/Home/FileComplaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: https://oig.ssa.gov/
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to [email protected]
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit http://www.aarp.org/fraudsupport to learn more about the free program and register.