Gmail Red Flag:

A business in Laramie reported receiving a suspicious email from a company in a related field. The email was from a Gmail address, which raised concerns about its legitimacy. The sender offered a collaboration opportunity, proposing workshops and joint programs. However, the use of a Gmail address for business communication made the recipient wary, as legitimate businesses typically do not use Gmail for official correspondence. CyberWyoming Note: Businesses should avoid using Gmail addresses for professional communications, as they can seem unprofessional and raise legitimacy concerns. Always verify the sender's credentials and contact information before engaging in any business partnership.

A Refund to Avoid:

A Laramie resident received a scam text claiming to be from Amazon, stating that a recently purchased product was removed from the platform due to customer complaints, and the seller's account had been suspended. The message offered a full refund without requiring the product to be returned and included a suspicious link to log in and review the refund process. CyberWyoming Note: Be cautious of unsolicited messages with suspicious links, especially those claiming to offer refunds or account updates. Always verify such communications directly through official websites or customer service channels before taking any action.

Who is sending those scammy text messages about unpaid tolls?:

A new smishing scam is tricking people into paying fake toll violations. These texts demand small amounts, often under $25, while threatening penalties or registration suspensions. The real goal? Stealing credit card details. Cybercriminals, primarily linked to China-based infrastructure, are behind the scam, using tens of thousands of fake domains mimicking toll services like E-ZPass, SunPass, and FasTrak. Authorities, including the FBI, FTC, and FCC, are investigating, but the scam spreads rapidly across states and platforms, including iMessage and Android. To protect yourself: Don’t click links, block numbers, and report texts to 7726 (SPAM). Stay vigilant—these scams thrive on confusion and urgency.
‍– Brought to you by Cyber Scoop
‍cyberscoop.com/toll-road-text-message-scam-swells-nationwide-how-to-stop/

Phishing Alert for ISSA Members:

Information Systems Security Association (ISSA) warns members about phishing emails impersonating President Jimmy Sanders using false addresses like feminine686@gmail.com. Official emails from Jimmy Sanders will only come from his @issa.org account. For authenticity concerns, do not reply or click suspicious links—contact memberservices@issa.org for verification. Report phishing attempts impersonating ISSA board members or support staff to the same email. CyberWyoming Note: The Wyoming ISSA Chapter, a professional development club for technical providers, meets virtually the second Wednesday of the month at 1:30 p.m. wyomingissa@gmail.com for information.

Roblox Safety Concerns:

Roblox CEO Dave Baszucki advised parents to trust their instincts, stating, "if you’re not comfortable, don’t let your kids be on Roblox," amid safety concerns. The platform, popular among children, has been criticized in a lawsuit for failing to protect kids from predators, inappropriate content, and scams. Baszucki defended Roblox's safety measures, including monitoring for bullying and harassment and cooperating with law enforcement when necessary. To keep kids safe, parents can use Roblox’s parental controls to limit content, avoid using real names, manage friend requests and chat features, and ensure kids don’t move conversations off the platform. Educating children about online safety, playing games together, staying informed on updates, and keeping devices secure are also key steps.
‍– Brought to you by MalwareBytes
‍malwarebytes.com/blog/news/2025/03/dont-let-your-kids-on-roblox-if-youre-worried-says-roblox-ceo

$1.46B Hack Highlights VPN Importance:

Recent cyberattacks, including Bybit's $1.46 billion hack, emphasize the importance of VPNs in securing financial transactions and preventing data breaches. In February, a crypto lender lost $9.5 million, and 12 million records were stolen from a major firm. VPNs encrypt communications, protect sensitive data, and prevent unauthorized access, especially on public Wi-Fi. Key factors when choosing a VPN include AES 256-bit encryption, no-logs policy, secure protocols, and scalability. As cyber threats rise, businesses must prioritize VPNs to safeguard transactions and data.
– Brought to you by DesginRush
‍https://www.designrush.com/news/major-hack-highlights-importance-of-vpn-protection

Lessons Learned from the Change Healthcare Cyberattack:

A year ago, a ransomware attack on Change Healthcare impacted 190 million people and disrupted nationwide provider payments. David Bailey of Clearwater emphasized the need for better information-sharing and security preparedness in healthcare. He highlighted the importance of assessing risks not just from internal systems, but from external services, as the attack took down critical payment infrastructure. The incident spurred executives to push for increased cybersecurity investment, and Bailey warned that healthcare remains a prime target for cybercriminals, with attacks evolving rapidly.

– Brought to you by Fierce Healthcare
‍fiercehealthcare.com/health-tech/one-year-later-lessons-learned-change-healthcare-cyberattack

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for AMI MegaRAC Software, Veeam Backup & Replication, and Google Chrome. If you use these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Oracle Cloud, Genea, Oberlin Insurance Brokerage, Zacks Investment, Dove Healthcare, OrthoMinds, and Nice Healthcare. Note: If you have an account with any of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register