A New Wave of Fraud:

A Wyoming resident reported receiving scam texts containing her home address, which were also sent to her father-in-law and sister in other states. This scam appears connected to a national data breach, where personal information, including home addresses, is exploited. The resident discovered that this particular scam had been reported as far back as June, suggesting that the fraudsters are recycling breached data to create more personalized phishing attempts. CyberWyoming Note: Stay vigilant—if you receive suspicious texts containing personal information, avoid responding and report it to authorities, as it could be linked to a data breach scam.

McAfee Email Mystery:

A resident of Laramie reported receiving a suspicious email with the subject line "MR." The email included an attachment titled "McAfee Order.txt" and was sent by someone named G. Perkinges from what appeared to be a personal Gmail address. The recipient found the email unusual due to its strange subject line and the fact that it claimed to be a McAfee order but was sent from a non-official email address. CyberWyoming Note: Be cautious of unexpected emails with attachments from unknown senders, especially those claiming to be order confirmations, and always verify suspicious messages directly with the company through official channels before taking action.

Brushing Scams: The Price of 'Free':

A recent scam called "brushing" involves receiving unsolicited merchandise, like Bluetooth speakers or other items, from online retailers. In this scam, third-party sellers use your personal information to ship items to you, making it appear as though you made a purchase. These items are often lightweight and inexpensive to ship, such as face masks or ping pong balls. The goal is to use your name and address to post fake, glowing reviews of their products, boosting their sales ratings. – Brought to you by The Better Business Bureau
‍bbb.org/article/news-releases/20509-amazon-brushing-scam-indicates-a-serious-problem-for-victims
CyberWyoming Note: This scam could indicate that your personal information has been compromised, and your details may be used for further fraudulent activities. If you receive such packages, do not plug in any devices, as they might contain malware or spyware. Report the incident to your state attorney general, the retailer, and the USPS. Also, check your online accounts for suspicious activity. You are allowed to keep the merchandise but use caution doing so due to the risk of spyware. Protect your identity by monitoring your accounts and considering a password change.

Instagram's New Shield for Young Users:

Instagram has introduced major changes to enhance safety for users under 18, amid growing concerns about child safety online. Key updates include making accounts of minors private by default, halting notifications to them from 10 p.m. to 7 a.m., and providing new parental supervision tools. Part of the "Teen Accounts" initiative, these features aim to address issues related to inappropriate contact and content. Adam Mosseri, Instagram's head, highlighted the importance of these updates in response to parental concerns. While these changes may improve privacy for teens, they could also impact Instagram's growth and engagement among younger users. The updates will begin rolling out immediately, with existing minor accounts set to private and new accounts automatically set to private based on age. – Brought to you by The New York Times
‍nytimes.com/2024/09/17/technology/instagram-teens-safety-privacy-changes.html

LinkedIn Admits to Using Your Data for AI:

LinkedIn has admitted to using user data for AI training without consent, allowing opt-outs only for future training while not permitting the removal of data already used. The new privacy policy will clarify data collection, which occurs whenever users interact with AI or post content. Users can opt out by adjusting their account settings, except for those in the European Economic Area, who are protected by stricter privacy laws. LinkedIn warns that opting out only affects future data collection and cautions users to verify the accuracy of AI-generated content. – Brought to you by Ars Technica
‍arstechnica.com/tech-policy/2024/09/how-to-stop-linkedin-from-training-ai-on-your-data/

Ford's Eavesdropping Cars:

Ford has filed a patent for an in-car ad system that uses trip data and passenger conversations to target advertisements. The system would monitor vehicle location, speed, and user preferences while eavesdropping on conversations to adjust ads based on detected keywords. Critics are concerned about privacy, as the car would spy on driving behavior and personal discussions. The patent lacks details on how Ford will secure this data. While Ford states that patent filings are exploratory, the proposal has raised significant concerns about intrusive advertising and privacy in vehicles. – Brought to you by Malwarebytes

malwarebytes.com/blog/news/2024/09/ford-seeks-patent-for-conversation-based-advertising

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Ivanti Endpoint Manager, Adobe products, Microsoft products, Google Chrome, and Citrix products. If you use these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Casio, Nokia, Mastercard, Standard Bank, and Hot Topic. Note: If you have an account with any of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register