PayPal Trouble:

A Laramie resident received a scam email that appeared to come from PayPal, sent from a Gmail address with two different names, Denver Austin and Anna McCoy. The email subject claimed to be an update on a service request, with a reference number (SKK-21279-XFSDRSJ-66172). It included a vague message stating updates would be sent shortly, along with a suspicious invoice attachment. Notably, the email did not address the recipient by name, using a generic placeholder "[Client's Name]" instead. CyberWyoming Note: Be cautious of emails from unfamiliar sources, especially with generic addresses or vague messages. Never open attachments from unknown senders and verify communication through official channels.

Fake Social Security Notice:

A Big Horn resident reported receiving a scam email with the subject "Important: Social Security Case Inquiry-WE-604-KF." The email falsely claimed that the recipient's Social Security number was connected to narcotics trafficking and money laundering activities in New Mexico and Texas. It stated that the Social Security number was being canceled due to these illegal activities and included a suspicious attachment, purportedly an official Social Security Administration document. The recipient also reported the scam to the local sheriff’s office, which said they would watch out for similar scams and planned to issue a warning to the public. The recipient did not click on any links in the email, recognizing it as a scam. Interestingly, the recipient noted they couldn’t block the email since it appeared to come from their own email address. CyberWyoming Note: This email contained several red flags among its preposterous claims, including poor grammar, a sense of urgency, and a request to view it privately, all of which are common tactics used in scams. Never click on suspicious links or open attachments from unfamiliar sources, and always verify such communications directly with official agencies before taking any action. This same scam subject has also been perpetrated via phone calls.

Google Account Held the Keys to the Castle:

Scammers can exploit Gmail accounts, which often hold critical information, to steal large sums of money. First, they obtain your email address and phone number. Then, they create a Google Form that sends a fake confirmation message designed to look like a legitimate Google Alert. This email, appearing to come from google.com, warns that your account is being accessed from Germany (or another country) and includes a fake case number. Next, the scammers call you using a spoofed Google Assistant number, impersonating a Google support representative. With your email and phone number, they initiate Google’s account recovery process, causing a prompt to appear on your phone asking, “Is it you trying to recover your account?” Since the email and call seem legitimate, victims often click “Yes, it’s me,” unknowingly granting the scammers full access to their Gmail account. Gmail accounts often act as “keys to the castle” for digital security. In one case, a victim had stored a cryptocurrency wallet’s secret phrase in Google Photos and synced their Google Authenticator app to their Gmail. This gave the scammers everything they needed to steal $450,000. This tactic has been used multiple times and requires vigilance. If you didn’t initiate an account recovery process, never approve the prompt. Google will never ask you to validate your account this way. Instead, hang up on unsolicited calls, look up the correct contact number, and call back. For additional protection, disable the cloud sync feature on Google Authenticator to unlink it from your Gmail. You could also use a separate, secret Gmail account solely for syncing MFA codes. – Brought to you by Krebs on Security
krebsonsecurity.com/2024/12/how-to-lose-a-fortune-with-just-one-bad-click/

Service Fraud Prevention:

Fraud cost veterans, service members, and their families $477 million in 2023, according to the latest Federal Trade Commission (FTC) data. Scammers employ vet-focused twists on impersonation scams, investment fraud, and more. Criminals frequently impersonate the VA, often threatening to cut off benefits if you don’t provide sensitive personal information or pay bogus fees. They may also contact you about investment opportunities, with low fees or special offers just for veterans. They may also claim to be veterans themselves. The White House along with the VA unveiled new fraud prevention resources for veterans. Visit: Vsafe.gov online or reach out to the new call center at 833-38V-SAFE (833-388-7233).
– Brought to you by AARP & the FTC

Banks Battle a 1,000% Surge in Digital Scams:

US banks are facing a surge in digital scams, with social engineering scams increasing 1,000% in the past year, according to BioCatch. These scams trick victims into transferring money by impersonating trusted entities. In 2023, JPMorgan Chase, Wells Fargo, and Bank of America customers lost $166 million on Zelle, but 62% of claims were not reimbursed. Zelle’s parent company has attempted to address this, but only 44% of imposter scam claims were eligible for reimbursement. The report also notes a rise in AI-driven scams like deepfakes, while check and deposit fraud have tripled. BioCatch calls for better real-time fraud detection.

– Brought to you by The Daily Hodl
dailyhodl.com/2024/12/14/us-banks-witness-1000-surge-in-digital-scams-as-jpmorgan-chase-wells-fargo-and-bank-of-america-customers-lose-166000000-on-zelle-in-one-year-report/

New Year, New Weight Loss Scams:

Scammers follow the seasons, so beware of fake advertising around health and fitness products. With the new year, social media posts are sure to increase for seemingly miraculous weight loss pills, patches, or creams with glowing reviews and dramatic before and after pictures. Remember that if someone promises you that you can lose 30 pounds in 30 days, you don’t have to watch what you eat, or just take a pill and the weight will come off, it’s probably a scam. If you spot one of these scams, tell the FTC at ReportFraud.ftc.gov. To read more about these scams check out:
consumer.ftc.gov/consumer-alerts/2023/12/new-year-new-weight-loss-scams.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at reportfraud.ftc.gov
• Get steps to help at www.IdentityTheft.gov
• Report your scam to the FBI at www.ic3.gov/complaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: oig.ssa.gov
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
• Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register