Fake FedEx Feedback:
A Laramie resident reported receiving a suspicious email in their spam folder from "FedEx - fedexoffice@us.confirmit.com" with the subject "FedEx Office wants to know what you think." The email invited them to take a brief survey to improve their experience with FedEx Office and included a link to the survey. The message was undeniably a survey scam and was reported immediately. CyberWyoming Note: Be cautious of emails from unknown or suspicious addresses, even if they appear to be from reputable companies like FedEx. Avoid clicking on links in unsolicited emails and verify the sender's identity directly with the company before engaging with the content.
Phishy Accounting Offers!:
A suspicious email received by a Laramie resident from someone claiming to be Vinay Chauhan, using an Outlook email account. The email's subject was "Accounting, Tax & Bookkeeping Services" and it began with a casual greeting inquiring about the recipient's well-being. It offered accounting and bookkeeping services at supposedly reasonable rates. The email requested a chat or call to discuss further steps and urged a response, signed off with a professional title ("Trust Your Accountant Specialist and Business Consultant") and a note to decline politely if not interested. Upon receiving no response, "Vinay" followed up with another email asking if the recipient had reviewed the initial message and expressing readiness to provide more details or schedule a call. CyberWyoming Note: This type of email appears to be a phishing attempt, potentially aiming to gather personal information, financial details, or to engage in further scam activities under the guise of offering legitimate accounting services.
False Claims of Prior Communication:
A Laramie citizen received a suspicious email in their spam folder allegedly from someone named Jeanette Colebank using a Gmail account. The email falsely claimed that the recipient had a recent phone conversation with the sender and encouraged them to get in touch for further assistance. CyberWyoming Note: This is likely an attempt to trick the recipient into engaging in further communication or providing personal information, potentially leading to identity theft or financial scams.
New AT&T Data Breach:
AT&T has experienced a data breach affecting nearly all its customers. A threat actor illegally downloaded call and text records from a third-party cloud platform. The breach includes data from AT&T cellular and landline customers between specific dates in 2022 and 2023, showing phone numbers and interaction details. The breach did not include call and text content or personally identifiable information like Social Security numbers or dates of birth. However, it could still be used to map phone numbers to identities. AT&T is notifying affected customers and believes the data isn't publicly available. This follows past breaches, underscoring ongoing security challenges. – Brought to you by Cybernews
cybernews.com/news/at-and-t-data-breach-affects-millions/
Software Exposed 'Almost Every Apple Device' to Hacking:
Researchers found serious security flaws in CocoaPods, a tool used in over 3 million iOS and macOS apps. These flaws could let hackers add malicious code to apps. The most dangerous flaw allowed hackers to take over unclaimed software packages without checking ownership. While the issues have been fixed, it's uncertain if hackers exploited them. This incident shows the risks of open-source software and the need for better security measures. – Brought to you by PCMag
pcmag.com/news/flaws-in-open-source-software-exposed-almost-every-apple-device-to-hacking
Small Business Impersonation Scams:
Scammers are increasingly targeting small businesses by impersonating them online, using the businesses' own videos, logos, and social media posts to mislead customers into buying counterfeit products or simply taking their money.
- Tactics: Scammers replicate legitimate websites and social media content, outbidding real brands for top search results, making it difficult for consumers to distinguish between real and fake.
- Challenges for Small Businesses: Unlike large corporations, small businesses often lack the resources to continuously monitor and combat these scams.
- Responses: Companies like Amazon and Meta claim to use technology to detect and remove counterfeit listings, but small businesses find it hard to keep up with the volume of fakes and the associated legal costs.
– Brought to you by The Wall Street Journal
wsj.com/business/entrepreneurship/scammers-arent-just-selling-fake-gucci-theyre-impersonating-small-merchants-c882edf6
CyberWyoming Note: You can use immuniweb.com/darkweb/ to check to see if your company’s website is being impersonated, including on social media websites. It’s free!
MS-ISAC and CISA Patch Now Alert:
The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Google Chrome. If you use this product, make sure the software (or firmware) is updated.
Data Breaches in the News:
AT&T, mSpy, Advance Auto Parts, and Rite Aid. Note: If you have an account with any of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.
Other ways to report a scam:
- Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
- Wyoming Attorney General’s Office, Consumer Protection
- File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
- Get steps to help at www.IdentityTheft.gov
- Report your scam to the FBI at www.ic3.gov/complaint
- Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
- Office of the Inspector General: oig.ssa.gov
- If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
- AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
- IRS: report email scams impersonating the IRS to phishing@irs.gov
- Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
- Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register