info@cyberwyoming.org
www.wyocan.org
www.cyberwyoming.org/alliance
307-314-2188, PO Box 2332, Laramie, WY 82073

You can't phish me!:

A Cheyenne Citizen received a phone call from Crescent City, IL. They initially didn't answer but, due to a subsequent call, they decided to pick up. The caller, claiming to be from First Interstate Bank security, expressed concern about potentially fraudulent activity on the recipient's card, specifically a $224 charge at a Target in Atlanta, GA. The recipient opened their First Interstate Bank app to review their statement for any unusual charges. However, the caller asserted that such unauthorized charges wouldn't appear in the statement as they were in the process of stopping the authorization. The caller proposed enrolling in a Fraud Protection program. To validate their identity, the caller confirmed the last four digits of the recipient's phone number, which was correct. But they quickly recited the last four digits of "the account," and these numbers didn't match the recipient's account details. This inconsistency raised alarm bells. Realizing the potential threat, the recipient politely declined the offer, thanked the caller, and stated their intention to contact First Interstate Bank directly to address the issue. Before hanging up, they requested the caller's name, title, and received a reference number.

PayPal Poser:

A Nevada citizen has received multiple emails regarding a charge to their PayPal account for hundreds of dollars. This common fraudulent attempt is trying to deceive individuals into believing they have incurred unauthorized or erroneous charges through their PayPal account in order to get your personal information. CyberWyoming note: Don't click on links or download attachments from unknown emails. If you are worried, you can verify the sender's legitimacy by contacting the official company directly.

Medicare Season Is Scam Season:

During open enrollment (October 15 - December 7), Medicare fraud rises. Be cautious of offers from unfamiliar sources. Scammers may pose as providers, aiming to gather info for fraudulent billing. Only engage with trusted plans or requested contacts. Avoid sharing personal details with unsolicited calls or visits. Regularly review Medicare statements for potential fraud

Okta Breached Again:

Okta, a prominent identity management platform, recently reported a security breach in its customer support system. This breach affected certain Okta customers and has raised concerns due to its resemblance to a 2022 security incident. Customer support sessions were exposed and downloaded by bad actors. Another thing to consider is that 1Password, a password manager, was one of their clients, so experts are watching to see if this spreads. CyberWyoming Note: Organizations relying on Okta for identity management and access control should be vigilant. Ensure your security measures are robust and monitor for any suspicious activities. Consider reaching out to Okta for guidance on enhancing your security posture. Cyber threats are persistent, and taking proactive steps to safeguard your data and assets is crucial in today's digital landscape.

Younger doesn’t always mean more tech savvy:

Studies show that younger office workers from the Millennial and Gen Z generations tend to exhibit riskier cybersecurity practices in comparison to their older counterparts, specifically those aged 40 and above from the Gen X generation. “Gen Z and Millennial government workers are more than twice as likely to reuse passwords between home and work, and use the same password across multiple devices and logins. Employees in all industries and generations continue to use sticky notes, pet names, birthdays, and the favorite unbreakable code: ‘12345.’” -Brought to you by Help Net Security

Stay Cybersecure Throughout the Year:

In October, as part of Cybersecurity Awareness Month, AARP collaborates with the federal Cybersecurity & Infrastructure Security Agency (CISA), the National Cybersecurity Alliance, and other organizations to promote year-round awareness of cybersecurity.

  • How Scams Work: Scammers often use unsolicited emails, text messages, social media posts, online ads, and pop-up messages to engage in "social engineering." Their goal is to prompt swift action, such as clicking on a link or making a phone call, which can lead to credential exposure or malicious software downloads. The "internet of things" also poses risks due to default passwords, insecure communication between devices, and delayed or absent security updates.
  • What you should do: To protect yourself, be cautious of unexpected, emotionally charged, and urgent communications, set strong and unique passwords, use biometrics and multifactor authentication, enable automatic updates, avoid clicking on unfamiliar links, and verify suspicious messages through trusted means. -Brought to you by AARP

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Apple products, Mozilla’s Firefox ESR 115.4 and Firefox 119, and ChromeOS. If you use these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Airbnb, 23andMe, Casio, American Family Insurance, Okta, 1Password, and CoinFlip

Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Other ways to report a scam:

  • Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
  • Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov
  • File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
  • Report your scam to the FBI at www.ic3.gov/complaint
  • Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
  • Office of the Inspector General: oig.ssa.gov
  • AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
  • IRS: report email scams impersonating the IRS to phishing@irs.gov
  • Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
  • Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register

Other Blogs