Uh oh, my personal data has been stolen:
A Laramie citizen reported receiving a letter from HUB International that their personal information had been stolen, including social security number and driver’s license number. According to the news, 479,000 social security numbers could have been compromised. The letter recommended placing a credit freeze on the citizen’s accounts with the three credit reporting agencies: Experian, Equifax, and Trans Union. This is a free service that can be completed online. The Federal Trade Commission has additional advice to take immediate action if you’re notified of a personal information breach:
- Immediately change all your passwords. Why? Because we reuse passwords, and scammers know that. They will immediately try using your insurance password for your bank and PayPal and any other accounts they can find.
- Turn on multi-factor authentication for as many of your accounts as offer it. Sure, it’s a pain since you have to find your phone to get the code. But it’s better than having your identity stolen.
- Report on the FTC’s Identity Theft site (identitytheft.gov/#/Info-Lost-or-Stolen). This site provides you with steps to take to protect yourself depending on what was stolen.
Emails with subjects “You have won <various prizes>”:
A Nevada citizen continues to receive emails impersonating Ace Hardware, Kohl’s, and Lowe’s to join their loyalty programs for free. There are links to join, and you’ll be asked to enter your credit card to pay for the shipping for your “free” prize. (CyberWyoming note: Loyalty programs are always free! The email addresses are from domains like theinsaneturtle.com which is a giant red flag DANGER. This citizen received these near identical phishing attempts from different email addresses over the past couple of months, which probably means his email address was sold, possibly on the Dark Web. AARP has a fraud watch program with steps to take to prevent identity theft with your stolen personal information – see below.)
USPS cannot deliver the package:
A Colorado citizen received a text message that the USPS couldn’t deliver a package until the citizen clicked a link. Fortunately she knew to Ignore any text message she receives saying the United States Postal Service can't deliver a package. According to Scambusters, this is a common smishing (text) scam. For instance, it may say they don't have your house number. Victims are told to click a link or call a toll-free number where they're asked to pay a $3 fee to update records, using a credit card. USPS doesn't operate this way, and the scammers not only get your $3 but also your card number.
Keeping kids safe online:
The National Cybersecurity Association has some tips for parents and kids on how to stay safe online:
- Create long unique passwords for each account. Keep them safe in a password manager to help keep track of all those passwords. CyberWyoming note: This is a good teaching moment for your kids – you can make creating the passwords a fun family activity!
- Activate updates for all devices and software.
- Teach kids to be cautious with links and attachments.
- Kids need to know to never share personal information with people they meet online…and they need to be told what “Personal Information” means. Some kids don’t realize that their address is personal information.
- Frequently back up files.
- Make sure your kids know how to handle cyberbullying and that they feel comfortable telling you about it.
- Check out their resources and guides at staysafeonline.org/resources/k-12-cybersecurity-keep-kids-secure-from-kindergarten-to-graduation/
Home repair scams:
Summer typically brings out the home repair scammers. They just happen to have some leftover material from a nearby job or they offer to repair your home for a really low price. If you hire them, most likely they will either do a terrible job, fail to finish, or not do the job at all. Beware of anyone offering to do work unsolicited. Do your research – get referrals from family and friends and get multiple bids on the job. Also make sure the contractor is insured and licensed. – Brought to you by AARP Fraud Watch Network.
MS-ISAC and CISA Patch Now Alert:
The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Junos OS, Chrome. If you use these products, make sure the software (or firmware) is updated.
Data Breaches in the News:
DuoLingo, Seiko, Tesla, HUB International. Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.
Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.
Other ways to report a scam:
- Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
- Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
- File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
- Report your scam to the FBI at www.ic3.gov/complaint
- Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
- Office of the Inspector General: oig.ssa.gov
- AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
- IRS: report email scams impersonating the IRS to phishing@irs.gov
- Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
- Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register