info@cyberwyoming.org
www.wyocan.org
www.cyberwyoming.org/alliance
307.314.2188, PO Box 2332, Laramie, WY 82073

Alejandro Mayorkas Isn’t Contacting You:

The Secretary of Homeland Security, Alejandro Mayorkas, is a typical person for scammers to impersonate to gain legitimacy. A Sheridan citizen reported an email from a Gmail address claiming to be Mr. Mayorkas, warning her of an investigation of her communications with known fraudsters. This would definitely be below his pay grade and they misspelled his name Mayokas, without the ‘r’. Fake!

More from Tut.com:

If you receive an email spoofed as Walmart but really from a tut.com email address saying “Hi [your name], It’s your Lucky Day, Get a new Iphone 13 for free” note the odd capitalization and that the entire sentence is a link to a Christmas Card company in the UK. Don’t click on the link! Reported by a Sheridan citizen. Note that this citizen also reported two scams from the same email address with a surprise from Sam’s Club (and another one from Walmart with the same message), a different one spoofing Walmart just saying “3rd attempt,” a package delivery notification impersonating DHL, a thank you impersonating Ace, a reminder spoofing Lowes, and another one claiming to be from the 3 different credit agencies encouraging you to click on the link to check your credit score.

Shanel Wants to Buy Your Home:

If you receive a text from Shanel at a 307 number asking to buy your home, a Big Horn citizen wants you to know it is fake. The Big Horn citizen forwarded this scam to us saying “we haven’t owned that home since 1992” which was probably a comfort that the scammer didn’t have their current address.

Geek Squad and Norton Impersonation Scam:

An email with the subject line of “Your Order has been placed with Tracking Refrence: AKH-6002AKL” (note the odd capitalization and typo of reference) from Stuart from Geek-Squad Billing, but with an iCloud email address, was reported by a Sheridan citizen. The email claimed that it was time for your Norton360 Deluxe to be auto renewed for $599.99 and gave a fake 803 area code phone number to cancel or refund. Do not call the number! Reported by a Sheridan citizen. A Laramie citizen reported a similar Geek Squad (but called G Squad) scam from a .co (Columbia) email address. A helpful Wyoming citizen from Burns found this link explaining the Geek Squad Email Scam: geeksadvice.com/geek-squad-email-scam.

Password Reset Fake Notification:

A Laramie citizen reported a fake password reset that asked you to “Click and Keep the Same Password,” something no reputable company would ever tell you to do. The citizen was clued in because the email was from a Hotmail account and the subject line said it was 12:48 p.m. but the email actually came in at 6:48 a.m.

Support@[redacted company name] Scam:

It isn’t unusual for scammers to spoof your own company’s email address by creating a “support@” email address with your company’s name. It is a good idea to educate your users on this use of generic email addresses to spoof users. This scam was reported by a Laramie company and they researched it and found that the link went to a Russian server.

Bitcoin Transaction Through Cash.app Scam:

A Sheridan citizen received an email from cashapp@support.com asking her to download an attachment that contained an invoice to buy Bitcoin. The citizen doesn’t have a Cash.app account and didn’t buy Bitcoin.

AARP Alert – Grandparent Scam:

They will call, text, email, or message on social media claiming to be your grandchild or someone reaching out on behalf of your grandchild and they say that there was an accident and your grandchild is in jail. Then, the scammer asks you to send money right away through gift cards or a money transfer. CyberWyoming Note: Sometimes they even mimic your grandchild and you may swear it is then, so be sure to create a family password. If the person on the other end of the phone doesn’t know the password, then you can be assured it is fake. When in doubt, hang up and call another family member before sending money.

Good news:

Focusing, as we do, on the baddies makes it easy to overlook the fact that many organizations work tirelessly to protect us against scammers. So, it's nice to be able to report a significant step forward in the battle against illegal robocallers. The Federal Communications Commission (FCC) has just required small phone service providers to implement the same ID authentication process (known as STIR/SHAKEN) used by bigger outfits. Brought to you by scambusters.org.

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Samba, Grails Framework (the back end of Apache Groovy), Google’s Android operating system, Google’s Chrome browser, F5, and Cisco’s Small Business RV Series Router products. If you use these products, make sure the software (or firmware) is updated.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

  • Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
  • Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
  • File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
  • Report your scam to the FBI at www.ic3.gov/complaint
  • Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
  • Office of the Inspector General: oig.ssa.gov
  • AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
  • IRS: report email scams impersonating the IRS to phishing@irs.gov
  • Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
  • Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register

Other Blogs