Cybersecurity Brief Oct. 9
October 5, 2023
Hacker’s Brief 10/9/2023
An HR officer has a job for you: A Laramie citizen received an email that in exchange for her personal information, a job is waiting for her. The email address is suspicious, supposedly from Whole Foods, but with a bunch of extra characters in the address. CyberWyoming note: Job offer scams are increasing again. Beware of unsolicited job offers! If the potential employer makes you pay for a background check, upfront training, or applying, it’s a scam. Companies are often impersonated, so look up the legitimate company and call them to confirm there really is a job.
Speaking of job offers, need a virtual recruiter? A Laramie citizen received an email that might be legit or might be a scam, it’s hard to tell. Regardless, do you want to do business with someone who sends emails that look like a scam? CyberWyoming note: Add legitimacy to your marketing efforts and provide transparent links, proofread your message, and send requests from legitimate email addresses.
Looking for love online today comes with some risk: Practice these tips to find your new date safely:
• Look for a verified profile badge. Tinder, Bumble, Hinge and OkCupid have them. If they're verified, they're not using fake photos.
• Keep an eye out for photos that look overly edited. Try a reverse image search to see if the photo pops up somewhere else.
• Only talk to new matches through the app. If they want to immediately take things to text or another app, that's a red flag.
• Try to video chat with a match before you meet them in person.
• Avoid people who want to meet up immediately or don't want to meet at all.
• Always meet dates in public and let friends or family know where you are. Take your own transportation so you can leave if you feel uncomfortable. – Brought to you by The Current Tech News
Scammers are targeting online gambling: The popularity of online gambling is leading scammers to go after gamblers. Here’s how to protect yourself:
• Only deal with legitimate online gambling sites. There are several online sites that will help you identify whether a site is legitimate – do your research before you place a bet.
• Make sure you know what you're signing up for. Read the terms and conditions carefully, including the small print, to identify restrictions and bonus requirements.
• Check license details. All legit online casinos have to publish their license information on their site. If it's not there, don't use it.
• Don't click on tempting social media ads, pop-ups, or message links, and ignore anything that offers guaranteed winnings or money-back deals.
• Don't use public Wi-Fi networks to play - and ensure your own network is properly secured, including the use of Internet security software.
• Use strong and unique passwords on each site you use. Never share them with others. If multi-factor authentication is available, use it.
If you get scammed, always report it to online gambling regulators, consumer protection agencies (like ftc.gov) or law enforcement. – Brought to you by Scambusters
Banks are warning you about fraud: Banks such as Blue, U.S. Bank, and Wells Fargo have been sending emails and letters, reminding you that they will never contact you via phone, text, or email to request that you provide sensitive personal information such as:
• Your Online Banking Username or Password
• Personal Identification Number (PIN)
• Social Security Number
If you suspect fraud may have occurred on your account, call your bank, or go to the nearest branch for assistance.
Your social media photos can be used for deep fakes: The FBI is warning the public to exercise caution when posting or direct messaging personal photos, videos, and identifying information on social media, dating apps, and other online sites since the images and videos can provide scammers an abundant supply of content to exploit for criminal activity. This leaves victims vulnerable to embarrassment, harassment, extortion, financial loss, or continued long-term re-victimization. CyberWyoming note: It’s best to change your photos or profiles to private or to be seen only by friends and family. – Brought to you by The Current Tech News
MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Google Chrome, EXIM. If you use these products, make sure the software (or firmware) is updated.
Data Breaches in the News: DarkBeam, National Student Clearinghouse, Clorox.
Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.
Please report scams you may experience to [email protected] to alert your friends and neighbors.
Other ways to report a scam:
• Better Business Bureau Scam Tracker: http://www.bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
o Email [email protected]
• File a complaint with the Federal Trade Commission at https://reportfraud.ftc.gov/#/
• Get steps to help at https://www.identitytheft.gov/#/Info-Lost-or-Stolen
• Report your scam to the FBI at https://www.ic3.gov/Home/FileComplaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: https://oig.ssa.gov/
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to [email protected]
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit http://www.aarp.org/fraudsupport to learn more about the free program and register.