Phony 'Kathy':

A resident reported receiving a scam text from an unknown number stating “Hey there, This is kathy from WHB. I'm getting in touch with you again regarding your place at [address]. When can we schedule a time to discuss this?”. Recognizing it as a scam, the resident promptly reported it. CyberWyoming Note: Be cautious of unexpected messages from unknown numbers. Verify the sender's identity before responding, and never share personal information. Block and delete.

The Irony of Authenticity:

A resident of Dubois reported receiving a highly convincing fraudulent charge via email purportedly from PayPal with the email address service@paypal.com. The sender's address closely resembled PayPal's official email domain, enhancing its trickery. It requested a payment of $298.00 USD for a “Norton renewal charge”. The subject line of the email stated "You've got a money request" and purported to be from someone named "eric houston," addressing the recipient by their email address rather than their name. Ironically, within the email, there was a disclaimer asserting that PayPal does not typically reach out to users via money requests and emphasized PayPal's commitment to preventing fraudulent emails. It further stated, "Emails from PayPal will always contain your full name," despite the fact that the email itself did not adhere to this standard. CyberWyoming Note: Always verify the sender's email address and refrain from clicking on suspicious links or making payments in response to unexpected requests, even if they appear to come from trusted sources like PayPal. Report PayPal impersonators to paypal.com/us/security/report-suspicious-messages.

Ticketmaster Data Breach: 560 Million Customers' Information Compromised:

Ticketmaster faced a major data breach affecting 560 million customers globally. The breach, reportedly discovered in April, led to the exposure of 1.3 terabytes of user data including names, emails, and payment details, now offered for sale online by hackers. Despite inquiries by Newsweek and involvement of authorities like Australia's Department of Home Affairs and the FBI, Ticketmaster has not provided details or commented on the incident. Cybersecurity experts advise affected users to practice "cyber hygiene" such as changing passwords regularly, given the potential risk of unauthorized access to personal information. – Brought to you by Newsweek newsweek.com/ticketmaster-data-breach-hack-2024-1906563

Mastering Router Security:

Guarding your gateway: Internet router tips emphasize the importance of securing routers, often overlooked despite serving as digital gateways for devices. Recent incidents highlight risks of covert hijacking by hackers.
Three key actions are advised:

1. Avoid "End of Life" routers: Devices lacking manufacturer support become vulnerable to exploits. Investing in supported routers ensures access to security updates and assistance.
2. Change default passwords: Generic credentials make unauthorized access easy. Strong, unique passwords and multi-factor authentication enhance security.
3. Keep routers updated: Regular updates patch vulnerabilities and bolster defense against cyber threats. Automatic updates ease the process and ensure timely protection.

By prioritizing router security, users fortify their digital defense against cybercriminals, making it akin to securing physical access points. Following these tips ensures routers safeguard users effectively.

– Brought to you by The National Cybersecurity Alliance
‍staysafeonline.org/resources/guard-your-gateway-internet-router-tips/

From Leaks to Legislation:

Two House lawmakers, Reps. Pat Fallon and Ruben Gallego, have urged Homeland Security Secretary Alejandro Mayorkas to provide more information about a cyberattack on a water facility in Texas suspected to have Russian government ties. The incident, which caused a tank to overflow, has raised concerns about the vulnerability of rural water systems, particularly in drought-affected regions like the American West. The lawmakers emphasized the potentially devastating impact of such hacks on water supplies and called for DHS to clarify its response, coordination efforts, and potential need for additional authorities to protect the nation's water infrastructure. This request follows similar concerns raised after a cyberattack on a water authority in Pennsylvania last year. – Brought to you by The Record
‍therecord.media/water-utility-cyberattacks-lawmakers-letter-to-dhs

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for PHP, SolarWinds Serv-U, Adobe Products, Mozilla products, Microsoft products, and Google Chrome. If you use any of these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

UwU Lend, Santander Bank, Snowflake Inc, JP Morgan, AT&T, CoinGecko, Colorado-based Panorama Eyecare, Adventist Health, New York Times, Pure Storage, Cylance, and Aldrich Services.

Note: If you have an account with any of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

‍

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register