Skip to main content

Tips, tricks and scam alerts

By
CyberWyoming, Hacker’s Brief 3/8/2024

Facebook Language Swap: A citizen experienced an unusual occurrence when their Facebook headings appeared to be in the Hindu language upon signing in. Concerned about a potential hacking incident, they shut down their computer and found the headings back to English the next day. Although they didn't receive any friend requests or open any links, they sought advice regarding the security of their account. As a precautionary measure, they were advised to change their Facebook password and enable two-factor authentication. Additionally, they were recommended to conduct a virus scan on their computer to ensure it wasn't compromised and causing the language change.
 
Relative Ruse: A citizen received a text regarding a distant relative that they haven't communicated with in years. Stating "Hi [Name], do you know [Relative's Name]? I am trying to contact them regarding a important business matter". This was deemed a scam for multiple reasons including bad grammar and the use of the relative's full name which they do not use. CyberWyoming Note: Scammers often exploit familial connections to manipulate victims, so remain vigilant and skeptical of such unsolicited communications.
 
Change Your OpenAI/ChatGPT Passwords!
 
A recent Group-IB report uncovers a major threat to ChatGPT users. Compromised credentials are being sold on the dark web, posing serious AI security risks, ransomware surges, and macOS vulnerabilities. With growing cybersecurity threats, it's crucial to take proactive measures. Change your ChatGPT passwords immediately and make sure you know how to recognize and respond to cyber threats effectively. Stay vigilant to protect yourself and your business from evolving cyber risks. https://www.hackread.com/massive-sale-of-compromised-chatgpt-credential…
 
Tackling Account Takeovers: According to Sift, a leader in Digital Trust & Safety, account takeover fraud experienced a staggering 354% surge in the second quarter of 2023. This alarming trend has been observed by CyberWyoming’s members as well, especially with social media accounts like Facebook.
 
What is it? Account takeover attacks involve unauthorized individuals gaining access to online accounts by exploiting security vulnerabilities or obtaining login credentials. For instance, if someone gains access to your Facebook account by using your credentials and locks you out, it constitutes an account takeover attack. The severity escalates when a business's social media accounts are linked to personal accounts, as attackers can misuse these platforms to post malicious content, remove other administrators, or engage in phishing attempts targeting followers.
 
What to do? It's imperative to review and strengthen your organization's multi-factor authentication (MFA) policy. Ensure that MFA is mandatory for all financial accounts and accounts susceptible to reputational harm, such as social media accounts vulnerable to account takeover attacks. By requiring MFA, you add an extra layer of security that significantly reduces the risk of unauthorized access and potential fraud.
Resources for dealing with account takeover:
 
· Federal Trade Commission (FTC) Guide: How To Recover Your Hacked Email or Social Media Account - https://consumer.ftc.gov/articles/how-recover-your-hacked-email-or-soci… · How to Take Back Control of a Social Media Account - https://staysafeonline.org/resources/how-to-take-back-control-of-a-soci… · Manage Your Privacy Settings - https://staysafeonline.org/resources/manage-your-privacy-settings/
 
Personalized Tech Help: Senior Planet, a program by AARP, is offering a free virtual tech tutoring service where individuals can receive personalized assistance with their technology-related questions. Participants can sign up for one-on-one sessions via Zoom, allowing them to address specific questions or challenges they encounter with their devices or software. This initiative aims to support seniors in navigating the digital landscape by offering tailored guidance and support from Senior Planet volunteers. https://seniorplanet.org/tech-help/
 
TurboTax's Transparency Trouble and H&R Block's Slippery Slope: There are concerns regarding privacy and data usage by TurboTax and H&R Block software. Users are prompted to share personal information, including financial details, which can be used for targeted marketing. Additionally, TurboTax's updated terms of service require users to create an Intuit account, granting permission to access and refresh credit information for marketing purposes indefinitely. This move, supposedly to combat piracy, has raised privacy concerns. Furthermore, H&R Block faces allegations of wiping out consumer tax data to push them towards pricier options, indicating unethical business practices. The increasing concerns over privacy and questionable practices suggest a decline in consumer trust in Intuit and its affiliated companies. · “How to File Your Taxes Without Selling Your Soul” - https://www.msn.com/en-us/money/personalfinance/how-to-file-your-taxes-…
 
· “TurboTax and H&R Block Want ‘Permission to Blab Your Money Secrets’” - https://news.slashdot.org/story/24/03/02/079232/turbotax-and-hr-block-w…
 
· “H&R Block wiped out the tax data of consumers trying to choose a more affordable option, FTC alleges” - https://www.ftc.gov/business-guidance/blog/2024/02/hr-block-wiped-out-t…
 
MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Apple products and Google Android OS. If you use this product, make sure the software (or firmware) is updated.
 
Data Breaches in the News:
 
Optum, Cutout.Pro, American Express, Mr. Green Gaming, Fidelity Investments, WordPress, and PetSmart.
 
Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.
 
Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.
 
Other ways to report a scam: · Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
 
· Wyoming Attorney General’s Office, Consumer Protection o Email ag.consumer@wyo.gov
 
o Complaint form https://attorneygeneral.wyo.gov/law-office-division/consumer-protection… · File a complaint with the Federal Trade Commission at https://reportfraud.ftc.gov/#/ · Get steps to help at https://www.identitytheft.gov/#/Info-Lost-or-Stolen · Report your scam to the FBI at https://www.ic3.gov/Home/FileComplaint
 
· Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3 · Office of the Inspector General: https://oig.ssa.gov/
 
· AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360 · IRS: report email scams impersonating the IRS to phishing@irs.gov
 
· Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register.

--- Online Subscribers: Please click here to log in to read this story and access all content.

Not an Online Subscriber? Click here to subscribe.



Sign up for News Alerts

Subscribe to news updates