Cyber Security Brief May 12 2023
May 11, 2023
Your business is owed a refund of $26,000 per employee: A Laramie citizen reported receiving a voice mail that a refund of the COVID Employee Retention Credit (ERC) was available for each employee. The citizen was to press 1 for more information. Unfortunately it’s a scam to obtain either personally identifiable information for identity theft or to charge for dishonest services. The IRS and the Better Business Bureau have been warning business owners about these scams – see https://www.bbb.org/article/scams/28551-bbb-scam-alert-stay-alert-to-employee-retention-credit-erc-scams-this-tax-season or https://www.irs.gov/newsroom/irs-opens-2023-dirty-dozen-with-warning-about-employee-retention-credit-claims-increased-scrutiny-follows-aggressive-promoters-making-offers-too-good-to-be-true.
Your healthcare order is ready for delivery: A Colorado citizen reported a voice mail that a healthcare organization was going to deliver an order, and to press 1 to schedule the delivery. Only the citizen had not ordered anything healthcare related. The name of the organization was mumbled in the message, but the citizen almost fell for the scam since the message mentioned his name. CyberWyoming note: The scammers are getting better at targeting scams, so don’t get lured in if they use your name or other identifying information in an email or voice message.
Gift Card Scams: It’s tempting to purchase a gift card from a rack in the grocery store, but many people report receiving or giving empty cards as they have been tampered with by thieves. Although you may be able to detect tampering, it is best to purchase gift cards either directly from the business that issues them or from a store that keeps gift cards behind the counter. – Brought to you by AARP Fraud Alert
Bank failures are bringing out the scammers: Scammers are impersonating bank officials and FDIC employees to get customers to send money to fake accounts or pay to increase your protection beyond the standard $250,000. America’s cyber defense agency, CISA, is warning people not to open any email or attachment that claims to be from your bank or the FDIC. CyberWyoming note: Always look up the number of the bank or FDIC separately and call to verify. Never use the phone number that is in an email, text, or voice mail. – Brought to you by Scambusters
WhatsApp Crypto Investing: If you use WhatsApp, you have probably been added to “investment” groups without your consent. These are fake groups, with messages from fake people, hoping to lure you into their investment scam (usually involving cryptocurrency). Block them as soon as you see them. – Brought to you by Security Boulevard
The Parking Meter Scam: The FBI has issued warnings about cybercriminals tampering with QR codes to steal users' login and financial information. After scanning a QR code, victims are redirected to a website that LOOKS like what you are used to seeing but isn't. Often these criminals will have one letter off, use a 0 (zero) instead of an O (oh), or have a [.]financial or [.]login in the website name. We were advised by the National Cybersecurity Center that this may even be a problem with parking meters. CyberWyoming note: If you use QR codes, check them closely before trusting them.
Bank name} Did you attempt wire transfer amount of $7500?” Scammers are sending text messages that seem to be from your bank, asking you to “Reply Y if recognized, Or NO to stop fraud.” Unsuspecting people are getting their accounts wiped out by this scam. Remember – always call your bank or financial company to verify if you get any messages by text, phone, or email. -Brought to you by SecureTheVllage.org
MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Google ChromeOS, Aruba products, Microsoft products, Mozilla Firefox, and other Mozilla products. If you use these products, make sure the software (or firmware) is updated.
Data Breaches in the News: Sysco, NextGen Healthcare, AT&T email accounts, AvidXchange, Western Digital. Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.
If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.
Please report scams you may experience to [email protected] to alert your friends and neighbors.
Other ways to report a scam:
• Better Business Bureau Scam Tracker: http://www.bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or [email protected]
• File a complaint with the Federal Trade Commission at https://reportfraud.ftc.gov/#/
• Report your scam to the FBI at https://www.ic3.gov/Home/FileComplaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: https://oig.ssa.gov/
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to [email protected]
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit http://www.aarp.org/fraudsupport to learn more about the free program and register.