Skip to main content

Tips, tricks and scam alerts

News Letter Journal - Staff Photo - Create Article
By
CyberyWyoming, Hacker’s Brief 8/16/2024

PayPal or Pay Up?: A Laramie resident received a suspicious email with the subject "Thank you for your order!" that included a fraudulent PayPal invoice attachment. The email, from an “Amina Nebay” at a Gmail address, claimed that funds from an order had been received and requested the recipient to review the attached invoice. The message also included a random alphanumeric code and urged a quick response.CyberWyoming Note: Beware of emails with urgent messages and attachments claiming to be from PayPal, as it is frequently impersonated in scams; always verify such communications through official channels before taking any action. 

The Too-Good-to-Be-True Job Offer: A Laramie resident received a flagged spam text from an unknown number offering a part-time video reviewer job that supposedly requires only 30 minutes of work per day for $150. The message promised a base salary of $1,000 for five days of work, with high income potential ranging from $50 to $10,000 per day. It also claimed flexible hours, guaranteed pay, and same-day payment. CyberWyoming Note: Be cautious of employment scams that offer unrealistic pay for minimal work, such as $1,000 for just 30 minutes a day. Always verify job offers through official channels and avoid sharing personal information or making payments to unknown contacts.  Sometimes these job offers can be high touch, presenting a real-looking website, interviewing you, getting you to fill out a job application and stealing your personal information, and then saying they will reimburse you for the cost of the background check.  If you have to pay to get a job, it is always a scam!


Desmond’s Donation Deception: A Laramie nonprofit received a suspicious email from "Desmond Smith" at a Gmail address saying “I want to make a donation to support people after reading how you help online, I need your wire transfer details to make a donation of 7k dollars”. CyberWyoming Note: This scam highlights the need for nonprofits to have secure online payment systems and serves as a reminder to be cautious of unexpected donation offers. The email’s implausible nature is almost amusing, but it underscores the importance of safeguarding against such fraudulent attempts.

The 2.7 Billion-Record Breach & How to Protect Yourself: A recent data breach involving the hacking group USDoD has reportedly exposed the Social Security numbers and other sensitive personal information of approximately 2.7 billion individuals, including records from the U.S., Canada, and the U.K. The leaked data, which has been offered for free on dark web marketplaces, poses a significant risk of identity theft and fraud. To protect yourself, experts recommend placing a credit freeze with the major credit bureaus, using identity theft monitoring services, and securing your accounts with strong, unique passwords and two-factor authentication. Additionally, be wary of phishing scams exploiting the breach, and always verify any unsolicited requests for personal information.

https://www.yahoo.com/news/hackers-may-stolen-social-security-100000278.html?guccounter=1 

A credit freeze prevents new accounts from being opened in your name and requires a unique PIN or password for future access. To protect yourself from identity theft following the recent data breach, place a credit freeze with all three major credit bureaus:

  • Equifax: Scroll down near the bottom of the main screen and click “Place or Manage A Freeze.” https://www.equifax.com/ 
  • Experian: Click the “Credit” tab at the top of the page, then select “Security Freeze” from the options in the middle of the screen under Credit Support.https://www.experian.com/ 
  • TransUnion: Scroll almost to the bottom of the screen and click “Credit Freeze & Unfreeze.” https://www.transunion.com/ 

 

What DDoS Attacks Could Mean for the 2024 Election: The FBI and CISA have issued a warning about potential distributed denial-of-service (DDoS) attacks targeting election infrastructure in the upcoming 2024 elections. These attacks could temporarily disrupt access to election-related websites, such as those for voter registration or result updates, but will not affect the security or integrity of the voting process itself. DDoS attacks work by overwhelming websites with excessive traffic, causing them to go offline for short periods. While they may cause minor disruptions and fuel misinformation, both agencies emphasize that these attacks are unlikely to impact the actual voting or ballot counting. Past incidents, like those affecting Mississippi state websites in 2022, demonstrate that while DDoS attacks can cause outages, they do not compromise election integrity. – Brought to you by Secure The Village & The Record https://therecord.media/ddos-attacks-2024-election-fbi-cisa-warning 

Skimmers Sweeping Across States: In Connecticut, officials are sounding the alarm over a surge in credit card skimmers, often installed as discreet overlays on terminals. These devices, which are hard to detect, are used by criminals with international ties, preying particularly on SNAP benefit users. Despite state efforts to combat these scams, including educating the public on spotting skimmers and urging caution with ATMs and gas pumps, the problem persists, with significant financial losses reported.  CyberWyoming Note: As skimmers increasingly move westward, from Connecticut to states like Wyoming, the challenge remains to stay ahead of these tech-savvy thieves who exploit vulnerable populations. – Brought to you by FOX61https://www.fox61.com/article/news/local/credit-card-skimmer-criminals-with-roots-overseas-are-preying-on-connecticut-victims/520-4a86c51c-b4dd-43a5-84f3-92da7eb571cd

MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Adobe products, Ivanti products, Microsoft products. If you use any of these products, make sure the software (or firmware) is updated.

 

Data Breaches in the News      

National Public Data (A Background Check Company), ADT, First Commonwealth FCU, and CSC ServiceWorks.  

Note: If you have an account with any of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register.

 

--- Online Subscribers: Please click here to log in to read this story and access all content.

Not an Online Subscriber? Click here for a one-week subscription for only $1!.