info@cyberwyoming.org
www.wyocan.org
www.cyberwyoming.org/alliance
307-314-2188, PO Box 2332, Laramie, WY 82073

Responding to Cyber Threats in Office 365:

A Wyoming Microsoft Office 365 user received an email from a trusted contact asking him to sign a document, which required logging into MS 365 (2FA was enabled). After signing in, he found only a blank document. Soon, he began receiving texts and calls questioning why he had sent company-branded emails requesting document signatures. Realizing the problem, he warned others not to click. Checking his Sent folder, he discovered 400 emails sent, with his company firewall blocking all but 30. The company then contacted their IT provider, who logged out all devices connected to the 365 accounts and reviewed logs showing connections from various states. The IT provider changed the MS 365 password and examined which emails had been successfully sent. They discovered a hidden Outlook rule directing replies to a folder marked as "read," unbeknownst to the user unless all folders were checked. The company contacted the trusted contact's office that sent the initial email, which was aware of the issue but had not alerted anyone. They then informed the 30 recipients of the malicious email about the incident.

Linda's Tax Tango:

A scam was reported by a Sheridan resident where they received an email disguised as a request for tax filing assistance from a previous client named “Linda”. It claims that due to various life changes, “Linda” requires professional help with her tax filing for the current year. The email instructs the recipient to access a secure, password-protected file by right-clicking and entering a password to view “Linda's” tax documents and statements. However, this is likely a phishing attempt to trick the recipient into revealing sensitive information or installing malware. CyberWyoming Note: Beware of unsolicited emails requesting access to sensitive information or documents, especially if they contain instructions to click on links or provide passwords. Always verify the sender's identity through trusted channels before sharing any personal or financial information.

Free Flag Fraud:

A Wyoming citizen received a scam email from "Trump Flag" with the subject "Support Trump? Get Your Free 2024 Flag Now$" offers recipients a free Trump 2024 "Take America Back" flag. The email encourages recipients to show their support for former President Trump with a call to claim the free flag. CyberWyoming Note: Be wary of unsolicited emails offering free items, especially during election seasons, as scammers exploit political interests to deceive recipients. Free offers that seem too good to be true often are and can lead to phishing attempts or malware. Always verify the legitimacy of such offers by checking official websites or contacting the organization directly.

RockYou2024: 10 Billion Passwords Leaked:

The largest password compilation to date, RockYou2024, containing nearly 10 billion unique passwords, was leaked on a popular hacking forum. Discovered by Cybernews researchers, this leak poses severe risks, especially for users who reuse passwords. The data, posted by forum user ObamaCare, includes passwords from a mix of old and new breaches. This leak significantly heightens the risk of credential stuffing attacks (where attackers try to use user ids and passwords in rapid succession using a computer program). Cybernews advises impacted individuals to reset passwords, enable multi-factor authentication, and use password managers. The RockYou2024 leak follows the previous RockYou2021 leak and includes data from over 4,000 databases. – Brought to you by Cybernews
https://cybernews.com/security/rockyou2024-largest-password-compilation-leak/

Temu Trouble:

Temu, the e-commerce app known for its discounted merchandise, is now facing multiple class action lawsuits alleging privacy violations. Accusations include intentionally embedding malware and spyware in the app, giving the company access to user data without consent. Arkansas Attorney General Tim Griffin filed a lawsuit alleging that Temu’s mobile app spies on users, calling it “dangerous malware” that surreptitiously grants itself access to virtually all data on a user’s cellphone. Concerns also arise over the app's labor practices and potential use of products from internment camps. Despite denials from Temu, which claims the allegations are based on misinformation circulated online by a short-seller, customers are advised to take precautions, such as filing complaints with the Better Business Bureau and considering removing the app from their devices until safety concerns are addressed. – Brought to you by Green Matters & Malwarebytes
https://www.greenmatters.com/news/temu-lawsuit
https://www.malwarebytes.com/blog/news/2024/06/temu-sued-for-being-dangerous-malware-by-arkansas-attorney-general

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Adobe products, OpenSSH, Microsoft products, and Mozilla products. If you use any of these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Twilio's Authy app, HealthEquity, Bharti Airtel, Comcast, Roblox, Evolve Bank & Trust, Financial Business and Consumer Solutions (FBCS), Angel One, Neiman Marcus, and Kovack Financial.
Note: If you have an account with any of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Other ways to report a scam:

  • File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
  • Get steps to help at www.IdentityTheft.gov
  • Report your scam to the FBI at www.ic3.gov/complaint
  • Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
  • Office of the Inspector General: oig.ssa.gov
  • If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
  • AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
  • IRS: report email scams impersonating the IRS to phishing@irs.gov
  • Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
  • Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register

Other Blogs