Good To Know 23 May 2025

Tips, tricks and scam alerts

News Letter Journal - Staff Photo - Create Article
By
CyberWyoming, Hacker’s Brief 5/23/2025

Unsolicited Afterpay Verification Codes: A Big Horn Citizen reported receiving a suspicious text claiming to be from the buy-now-pay-later company Afterpay, even though they didn't have an account with the company and were unfamiliar with it. The message contained a verification code and a phone number linked to Afterpay’s toll-free customer support line. After investigating, it was found that many people, both with and without Afterpay accounts, were receiving similar unsolicited text messages. Afterpay issued a statement confirming these were phishing attempts and assured users that such messages could be ignored. CyberWyoming Note: Even if a text appears legitimate, always be cautious of unsolicited messages, avoid clicking on suspicious links, and verify any requests for personal information directly with the company through official channels.

Boxed In: A Laramie resident reported receiving a scam email from a "Joel King" claiming to be a packaging expert at "Pacific Packagings LLC." The email promotes custom-printed boxes that supposedly enhance brand visibility and provide product protection, while also offering eco-friendly packaging solutions. The message encourages the recipient to discuss elevating their brand’s packaging. The recipient has received numerous similar emails from other services and products. This email is likely part of a scam attempting to trick the recipient into engaging with fraudulent services. CyberWyoming Note: Be cautious with unsolicited emails and avoid clicking links or sharing personal info without verifying the sender’s legitimacy. Look for signs of phishing, like strange language or unusual sender details.

19 Billion Compromised Passwords Now Available to Cybercriminals: A recent report reveals that 19 billion compromised passwords, obtained through breaches and leaks from 200 security incidents in 2024, are now publicly available on the dark web. The majority of these passwords are reused across multiple accounts and are often weak, with 42% being short and 27% consisting of only lowercase letters and digits. This large dataset poses a significant threat, enabling credential-stuffing attacks. Experts urge individuals to stop reusing passwords and adopt stronger, unique ones for each account. Additionally, SMS phishing (smishing) attacks, particularly by Chinese hacker groups, are rapidly growing and exploiting unsecured SMS systems, causing significant financial losses. Security experts are calling for improved defenses against this increasingly sophisticated threat. Brought to you by Forbes https://www.forbes.com/sites/daveywinder/2025/05/06/new-warning---19-billion-compromised-passwords-create-hacking-arsenal/

Cybercriminals Exploit Social Security Email to Install Malicious Software: A phishing campaign is tricking users into installing ScreenConnect, a legitimate remote access tool, by sending fake emails that appear to be from the US Social Security Administration. The emails, which offer access to a "Social Security Statement," contain links to malicious files that, when downloaded, give cybercriminals full remote control of the victim's computer. Once installed, attackers can steal sensitive information, including banking details and personal identification, to commit identity theft and financial fraud. The Molatori group behind this attack uses compromised WordPress sites to make the emails look legitimate, and the content is often embedded as an image to bypass email filters. Experts recommend verifying email sources, avoiding suspicious links and attachments, and using up-to-date anti-malware software to protect against these threats. – Brought to you by MalwareBytes https://www.malwarebytes.com/blog/news/2025/04/fake-social-security-statement-emails-trick-users-into-installing-remote-tool

Zoom Call Takeovers: A cybercrime group called ELUSIVE COMET is using Zoom to trick victims, including CEOs, into granting remote access that allows them to install malware and steal assets. Posing as media opportunities, the attackers lure targets into Zoom calls, disguise their remote control requests as coming from Zoom itself, and then take over the victim’s computer if permission is granted. One CEO spotted the scam in time, but another, Jake Gallen, lost over $100,000 in cryptocurrency and had several accounts compromised. To stay safe, experts recommend using Zoom in a browser and never granting remote control to unknown parties. – Brought to you by MalwareBytes https://www.malwarebytes.com/blog/news/2025/04/zoom-attack-tricks-victims-into-allowing-remote-access-to-install-malware-and-steal-money

Mail Scam Targeting Corporate Executives: The FBI warns businesses of a mail scam targeting corporate executives, with letters claiming to be from the "BianLian Group" – a ransomware group. The letters threaten to release sensitive data unless a ransom between $250,000 and $500,000 is paid via a Bitcoin wallet within ten days. The scam uses a U.S.-based return address in Boston, but no link has been found to the actual BianLian ransomware group. To protect against this, the FBI advises businesses to inform executives and employees about the scam, ensure their network defenses are up-to-date, and report any incidents to the FBI or the Internet Crime Complaint Center (IC3).

– Brought to you by the FBI’s Internet Crime Complaint Center https://www.ic3.gov/PSA/2025/PSA250306-2

MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Google Chrome. If you use this product, make sure the software (or firmware) is updated.

Data Breaches in the News: Coinbase and Legal Aid Agency (LAA). Note: If you have an account with either of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam: 

● Better Business Bureau Scam Tracker: www.bbb.org/scamtracker

● Wyoming Attorney General’s Office, Consumer Protection o Email ag.consumer@wyo.gov o Complaint form https://attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints 

● File a complaint with the Federal Trade Commission at www.ftc.gov/complaint 

● Report your scam to the FBI at www.ic3.gov 

● Get steps to help at www.IdentityTheft.gov

● Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3 

● Office of the Inspector General: https://oig.ssa.gov/scam-awareness/report-the-scam/

● If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.

● AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360 

● IRS: report email scams impersonating the IRS to phishing@irs.gov or https://www.irs.gov/privacy-disclosure/report-phishing

● Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1-800-856-4398

Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register.

 

--- Online Subscribers: Please click here to log in to read this story and access all content.

Not an Online Subscriber? Click here for a one-week subscription for only $1!.



Tags