When Opportunity Texts, Think Twice:

A Laramie resident received a text from a Florida number claiming to offer part-time remote work with Randstad USA for "data optimization companies." The message, signed by "Eleanor," promised 1-2 hours of work per day, an income of $100-$600, and flexible locations for U.S. citizens aged 25 and older. The recipient was asked to reply with "A: YES" or "B: NO." CyberWyoming Note: The message is suspected to be an employment scam. Beware of unsolicited job offers via text, especially those promising high pay for minimal work. Never share personal information or reply to such messages; instead, research the company directly through official channels to confirm legitimacy.

Stamp Out the Scam:

A citizen reported scam emails impersonating the "U.S. Postal" and "The Postal Store," promoting heavily discounted First-Class Postage Forever® stamps with subject lines like "Collect More, Spend Less – New Year Stamps!" The emails claimed to sell real stamps at suspiciously low prices (e.g., $16.90 for 100 stamps), offered promo codes, and featured odd formatting, suspicious links, and no official logos. The sender admitted being an independent vendor unaffiliated with USPS but mimicked official branding. The listed address in Bangkok, Thailand, further raised doubts, confirming this as a phishing scam targeting individuals with counterfeit or non-existent stamps. CyberWyoming Note: Avoid clicking on suspicious links or buying products from unsolicited emails claiming to offer discounts, especially when they mimic official organizations. Always verify the sender and make purchases directly from trusted, official websites.

Subaru Update:

While we don't normally report on cars, a lot of Wyomingites drive Subarus, and they have a really important update if your car has Starlink. When cybersecurity researcher Sam Curry notified Subaru of a serious vulnerability that exposed their cars to remote hacking and a potential takeover of operations, Subaru released an update within 24 hours. Subaru does equal love! Here's the full article to determine if you should call your dealer to see if your car is affected:
‍securityweek.com/subaru-starlink-vulnerability-exposed-cars-to-remote-hacking/.

FTC Warning About Free Gifts Connection to Identity Theft:

The FTC has issued a warning about a new scam where fraudulent "gifts" containing malicious QR codes are sent to unsuspecting individuals. These gifts, which may include fake luxury items like rings or Bluetooth speakers, are part of an advanced brushing scam. (A brushing scam is a deceptive practice in e-commerce where sellers create fake orders to boost their ratings by shipping items to unsuspecting recipients.) By scanning the QR codes, victims are redirected to phishing websites that steal personal data or infect devices with malware. While it's not illegal to keep the gifts, the FTC advises individuals to be cautious, change compromised passwords, and monitor financial accounts for signs of identity theft. Report suspected identity theft at IdentityTheft.gov.
‍– Brought to you by Secure The Village & CyberNews
‍cybernews.com/security/ftc-issues-warning-about-dangerous-deliveries/

Cupid's Connection to Crypto:

Cryptocurrency scams have surged in the past two years, partly fueled by romance scams. Criminals form deep emotional connections with their victims online, convincing them to invest in crypto schemes. These scams exploit people’s lack of understanding of cryptocurrency’s volatility and lack of regulation. The key takeaway: if someone you only know online offers to help you invest in crypto, it’s likely a scam. Stay vigilant—recognizing scams is the first step in stopping them!
‍– Brought to you by AARP
‍states.aarp.org/south-dakota/cupids-connection-to-crypto

Charging do’s and don’ts:

When charging your phone in public spaces, it's important to be cautious of "juice jacking," where hackers use USB ports to upload malware or steal data. Avoid using public USB ports, especially overseas, and opt for power outlets with your own adapter instead. If wireless charging is available, use that to prevent data exchanges. Always bring a charge-only cable to prevent data transfers and never select the "trust" option on prompts when plugging into public chargers. A portable external battery is a great alternative to public charging stations, ensuring you’re always prepared.
‍– Brought to you by Kim Komando
‍komando.com/issue/mistakes-hackers-want-you-to-make/

A Growing Threat to Facebook Business Users:

A dangerous malware called Python NodeStealer is targeting Facebook Business and Ads Manager accounts, putting businesses at serious risk. This upgraded malware steals sensitive information like login credentials, credit card details, and autofill data stored in browsers, allowing cybercriminals to hijack accounts to run fraudulent ad campaigns. By abusing tools like Windows Restart Manager and extracting browser data, it poses a significant threat to businesses relying on Facebook for marketing. To safeguard your accounts, enable strong passwords, two-factor authentication, monitor account activity, and invest in robust cybersecurity tools. Don’t let your business fall victim to this sophisticated attack.
– Brought to you by TechRadar Pro & EvnTec
techradar.com/pro/security/this-devious-malware-is-targeting-facebook-accounts-to-steal-credit-card-data

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for SimpleHelp RMM, Google Android OS, and Trimble Cityworks. If you use these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

DeepSeek, Globe Life, Grubhub, Behavioral Health Resources, TD Bank, Community Health Care (CHC), Frederick Health, Phemex, and Smiths Group PLC. Note: If you have an account with any of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register