Cyber Security Weekly Brief for Oct. 13
October 12, 2023
Hacker’s Brief 10/13/2023
Employment Scam: A Laramie citizen received an email from someone claiming to be an HR officer with a records management specialist job opportunity. The email had the subject line of “Sunday, October 1 2023 at 08:22:48 AM”. The sender’s email ended with a1.net which is a German website, but you were supposed to send your full name, email address, phone number, and job experience details to a Gmail address to ‘receive a job link’. CyberWyoming note: According to the Better Business Bureau Scam Tracker Reports, employment scams are in the top 3 each year.
Posing as Antivirus Company: A Laramie citizen received an email from someone claiming to be Norton Antivirus asking for payment for their product. The email was suspicious because the citizen does not use Norton for their antivirus software and the email came from a Gmail address, instead of a business domain. The subject line of one was “Thank You#8204109699” and the subject line of another one was “No-reply#7849409903.” The citizen noted that she received one a day from different Gmail addresses and continues to receive them. CyberWyoming note: Beware! Don't click on links or download attachments from unknown emails. Verify the sender's legitimacy by contacting the official company directly. Keep your antivirus software updated. Trust your instincts – if it seems suspicious, it likely is. Stay cautious!
Hackers are increasingly targeting small businesses: Secure the Village (https://securethevillage.org/) is warning that small organizations are being threatened by cybercrime. Here’s an example:
‘Play’ Ransomware Group Targeting MSPs (managed service providers) Worldwide in New Campaign: Attackers use remote monitoring and management tools at MSPs to gain unfettered access to target networks. The fast-rising Play ransomware group that targeted the City of Oakland earlier this year is now hitting managed service providers (MSPs) around the globe in a cyberattack campaign to distribute ransomware to their downstream customers. … Play’s targets appear to be midsized businesses in the finance, legal, software, shipping, law enforcement, and logistics sectors in the US, Australia, UK, Italy, and other countries. Researchers who are tracking the campaign as PlayCrypt say the attacker is also targeting state, local, and tribal entities in these countries as well.
23andMe's Genetic Precautions: In a recent announcement from 23andMe, it was disclosed that certain profile information from user accounts, particularly within the DNA Relatives feature, was accessed without user consent. Although there is no evidence of a genetic data security breach within 23andMe's systems, the unauthorized access is believed to be linked to users reusing login credentials on various websites, some of which may have suffered past security breaches. In response, 23andMe has initiated an investigation, engaged third-party forensic experts, and alerted law enforcement. As a precautionary measure, they are requiring all customers to reset their passwords.
To protect your account, 23andMe recommends the following steps:
1. Reset your password to ensure it is unique and not easily guessable, and do not reuse it on other accounts.
2. Enable multi-factor authentication (MFA) for your 23andMe account to add an extra layer of security.
3. If you use Google or Apple single sign-on, you may not be prompted for a password change, but it's still recommended to enable MFA for your Google or Apple account to enhance security.
For more about the dangers of reusing passwords, check out this short video by a Wyoming CAN (Cybersecurity Action Network) committee member https://www.youtube.com/watch?v=zIriU1NL4v0&feature=youtu.be.
An Unfriendly Friend Request: Scammers might target you with a fake ad. Or they might try to sell you on a bogus investment opportunity (often involving cryptocurrency). Or they might send a friend request out of the blue and pretend to be a potential love interest. But then…they ask for money.
To protect yourself from these and similar scams on social media:
• Utilize your privacy settings to restrict who can access your personal information and view your posts.
• Refrain from responding to messages that request money or personal details, even if the message appears to be from a friend or family member. Their account could be compromised, so it's wise to contact them directly to verify.
• Before making a purchase, thoroughly research the company by conducting an online search using their name along with keywords like "scam" or "complaint."
o Brought to you by the Federal Trade Commission (FTC)
MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Adobe, Microsoft products, Atlassian, Google Chrome. If you use these products, make sure the software (or firmware) is updated.
Data Breaches in the News: Builders Mutual Insurance Co, Cisco, Microsoft SQL, CRM, 23andMe, Flagstar Bank,
Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.
Please report scams you may experience to [email protected] to alert your friends and neighbors.
Other ways to report a scam:
• Better Business Bureau Scam Tracker: http://www.bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
o Email [email protected]
• File a complaint with the Federal Trade Commission at https://reportfraud.ftc.gov/#/
• Get steps to help at https://www.identitytheft.gov/#/Info-Lost-or-Stolen
• Report your scam to the FBI at https://www.ic3.gov/Home/FileComplaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: https://oig.ssa.gov/
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to [email protected]
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit http://www.aarp.org/fraudsupport to learn more about the free program and register.