LinkedIn Login:
A Laramie resident reported receiving a suspicious email claiming to be from LinkedIn, which contained a concerning link. Utilizing the checkphish.bolster.ai website, the link was flagged as "Suspicious." The preview provided by the CheckPhish website showed an unofficial LinkedIn login screen. This means that clicking on the link could redirect people to a different website, presumably designed to capture email addresses and passwords. CyberWyoming Note: Use caution before clicking on suspicious emails and links, especially those requesting personal information or login credentials. Additionally, consider using multi-factor authentication to add an extra layer of security to your accounts.
Alphabetical Targets Redux:
A similar scam has surfaced in Laramie again, this time under the guise of a Geek Squad Invoice, purportedly from a sender named "Crystal Walker." The email, much like previous incidents, arrived with no subject line and featured a mysterious attachment with no preview, leaving recipients in the dark about its contents unless they clicked. However, what's particularly alarming is the strategic targeting strategy employed by the scammers: all recipients' email addresses begin with the letters "W" or "X," hinting at a systematic approach possibly based on alphabetical order. CyberWyoming Note: Stay vigilant against unsolicited emails, especially those from unfamiliar senders or containing vague subject lines. Avoid opening attachments or clicking links if you suspect any foul play, as they could be conduits for malware or phishing attempts. It only takes one to respond.
Crypto Cons and Stock Swindles:
The rise of online trading presents ample opportunity for investment, but it also attracts scammers eager to snatch your money. The US Commodities Futures Trading Commission warns against fake trading sites promising unrealistic returns. To protect yourself, thoroughly research any site, authenticate its legitimacy, and verify its regulation status. Be wary of promises of guaranteed returns, unclear contact information, and unsolicited endorsements. Trust your instincts, and if something feels off, steer clear. When it comes to cryptocurrency trading, exercise extra caution, ensuring platforms are registered with appropriate authorities. If you fall victim to a scam, report it promptly to potentially recover your losses and prevent others from suffering the same fate. – Brought to you by Scambusters scambusters.org
AI's Alarming Impact on Election Integrity:
Artificial intelligence (AI) is revolutionizing the landscape of election disinformation, posing significant threats to electoral processes worldwide. Unlike in the past, where creating fake content required considerable resources, AI now empowers individuals with basic tools to produce convincing yet deceptive material aimed at manipulating voters. This escalation in AI-generated deepfakes presents a pressing challenge as nations gear up for crucial elections this year. From regulatory responses to the proliferation of AI-driven misinformation, governments and organizations are grappling with this emerging threat.
– Brought to you by Secure The Village & The Associated Press
apnews.com/article/artificial-intelligence-elections-disinformation-chatgpt-bc283e7426402f0b4baa7df280a4c3fd
Roku Accounts Hacked:
Hackers have stolen 15,000 Roku accounts to sell on the dark web, prompting the company to notify affected users and take action. The breach occurred when hackers obtained user data from other breaches and used leaked credentials to access Roku accounts. While credit card information was accessed in some cases, sensitive personal data like social security numbers remained secure. Roku has required affected users to reset their passwords and is investigating any unauthorized charges. Despite Roku's measures, reports suggest that compromised accounts are being sold online for as little as 50 cents each. It's advisable for all Roku users to change their passwords as a precaution. This incident adds to a turbulent month for Roku, which faced criticism for enforcing new Dispute Resolution Terms requiring users to agree or opt out via physical mail. – Brought to you by Secure The Village & BGR
bgr.com/tech/hackers-stole-15000-roku-accounts-to-sell-on-the-dark-web
Cyber Insurance Moves from Safety Net to Specific Coverage:
A recent report on email security highlights a changing perspective among organizations regarding cyber insurance. While it was once seen as a safety net, many now recognize its limitations:
- 65% of organizations no longer view cyber insurance as a comprehensive solution to cyber threats.
- 66% are less reliant on cyber insurance due to policy restrictions.
However, the majority still maintain cyber insurance policies, albeit for specific coverages related to catastrophic events. Instead, organizations are bolstering security measures, focusing on email protection, defense against AI-based attacks, and user training.
– Brought to you by KnowBe4 blog.knowbe4.com/cyber-insurance-no-longer-seen-safety-net
MS-ISAC and CISA Patch Now Alert:
The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Google Chrome. If you use this product, make sure the software (or firmware) is updated.
Data Breaches in the News:
FortiClient EMS devices and Discord. Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.
Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.
Other ways to report a scam:
- Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
- Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
- File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
- Report your scam to the FBI at www.ic3.gov/complaint
- Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
- Office of the Inspector General: oig.ssa.gov
- AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
- IRS: report email scams impersonating the IRS to phishing@irs.gov
- Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
- Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register