Holiday Duplicates?:

A Laramie resident reported receiving a scam text from a 203 (Connecticut) number claiming to be from Amazon. The message stated that a duplicate order had been detected on their account and urged them to click a link to resolve the issue, warning of additional charges or shipping delays if not addressed. The recipient checked their Amazon account and found no duplicate orders. CyberWyoming Note: Scams like this tend to increase during the holiday season due to the surge in online orders, making it easier for attackers to exploit confusion or urgency. Always verify suspicious messages by checking your accounts directly through official websites or apps to avoid falling victim to phishing attempts.

Webpage Pop-Up Scam and Virus Warning:

A Laramie resident reported a scam experience involving a Virgin Islands website. While researching for work, the individual entered what looked to be a valid website address but was redirected to a malicious website, encountering multiple pop-ups claiming that a virus had infected their computer. Continuous browser pop-ups persisted, indicating a browser takeover. Feeling stressed out and after unplugging the computer from the internet, they called a co-worker to get instructions. The co-worker looked up resolution instructions which included clearing all browser data, resetting Microsoft Edge settings, and restoring Edge through Windows settings. Then, they ran a scan using Windows Defender and Malwarebytes antivirus software. To prevent future problems, the articles recommended enabling ad blockers on your browser of choice. CyberWyoming Note: We researched the URL in question using checkphish.ai and it is hosted out of Australia. The website is impersonating a well-known economic development agency in the Virgin Islands.

A Missed Call, A Malicious Link:

A Lander resident reported receiving a scam email from an address in their database, claiming to be from "Loring." The email, titled "Missed call from Loring," contained a suspicious link to "Play Here," along with a fake caller ID, call duration, and date. The recipient contacted the real Loring, who confirmed his email had been hacked, and the scam message had been sent to hundreds of people. CyberWyoming Note: It's important to remain cautious with unsolicited emails, especially those containing links or attachments. Always verify the sender's identity before clicking any links. In this case, we checked the link on VirusTotal, and it has been reported as malicious.

Tips if your email is hacked:

• If the email is linked to a company domain, contact your IT department for assistance.
• If it’s a Gmail account, reach out to Google Support, or if there’s a recovery email set up, contact that person for help regaining access.
• Once you can access the account, change the password and review the sent folder for any other scam messages.
• Contact all recipients, preferably by phone, to alert them about the hack. If you can’t regain access, inform those who may have received the email.
• For future protection, use strong passwords, enable two-factor authentication, and be cautious of suspicious emails.

Guarding Your Info Against Holiday Hackers:

The IRS has issued a warning about an increase in scams targeting individuals during the busy holiday and tax seasons, with fraudsters aiming to steal personal information such as Social Security numbers, bank details, and passwords, leading to identity theft and fraud. These scams include phishing and smishing (fraudulent emails or texts), spear phishing (targeted attacks on specific individuals), clone phishing (mimicking legitimate emails with malicious links or attachments), and whaling (targeting high-level employees with access to sensitive information). The IRS urges people to be cautious by avoiding suspicious links, shopping on secure websites, using updated security software, and employing strong passwords and multi-factor authentication to protect against these scams. – Brought to you by Secure The Village & Advance Local
al.com/news/2024/12/irs-issues-holiday-warning-what-is-whaling-and-clone-phishing.html

Messages Unsecured and Vulnerable:

U.S. officials, including the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), have issued a warning following a significant cybersecurity breach, urging Americans to avoid using texting and calling services that lack end-to-end encryption. Chinese hackers are believed to have targeted major telecommunications companies like Verizon, AT&T, and Lumen Technologies, gaining access to unencrypted communications such as text messages and phone calls. This threat is especially concerning for texts exchanged between iPhone and Android users, as these messages are not automatically encrypted. Authorities recommend using encrypted messaging services like WhatsApp and Signal, which protect communications by making them unreadable to hackers, even if the data is stolen. While the full extent of the breach remains unclear, officials stress the need for stronger encryption to safeguard sensitive information. – Brought to you by NBC News nbcnews.com/tech/security/us-officials-urge-americans-use-encrypted-apps-cyberattack-rcna182694

MS-ISAC and CISA Patch Now Alert:

The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Microsoft products, Adobe products, Google Chrome, Apple products, and Ivanti Cloud Services Application (CSA). If you use these products, make sure the software (or firmware) is updated.

Data Breaches in the News:

Dick’s Sporting Goods, Atrium Health, HDFC Life, Stryker Corporation, American Addiction Centers, Sabre GLBL, Rumpke, and Firebase. Note: If you have an account with any of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register