Tips, Tricks and scam alerts

Faking It for Funds: A Wyoming-based organization received a scam email from an unrelated iCloud address impersonating someone from a nearby, similar organization. The email, titled "REQUEST", asked the recipient to assist with a vendor payment via Zelle or PayPal, claiming the Treasurer was unfamiliar with these platforms. The sender promised a refund check after the transaction and signed off as "Tina". CyberWyoming Note: This is a classic impersonation scam aimed at tricking the recipient into sending money. Always verify unexpected financial requests by contacting the sender through a known, trusted method, and never rely on email alone. Be cautious of urgent language and unfamiliar email addresses, especially those requesting money transfers.

Military ID Mystery: A Laramie resident reported receiving a suspicious text from an unknown Alaska area code. The message was incoherent, referencing the USGS, military ID, and repeating phrases like "lasd." Following the confusing text, the sender sent a photo of a U.S. Armed Forces ID card, suggesting a possible scam attempt involving impersonation of military personnel. CyberWyoming Note: If you receive incoherent messages or unsolicited images claiming to be from military personnel, do not respond or click on any links. Report the number and block it immediately. Scammers often impersonate officials to gain trust and extract personal information or money.

Fake Inheritance Email: A Wyoming resident received a scam email from a person claiming to be "Mr. Mark Fullmer," using a Comcast email address. The scammer posed as a personal attorney for a deceased relative, "Thomas [Last Name]," and claimed the recipient was due an inheritance. The initial message promised more details upon response. A follow-up email stated that the scammer had pledged to deliver the deceased’s valuables to a trusted descendant and included a vague description of the supposed inheritance. CyberWyoming Note: Inheritance scams like this are very common attempting to lure the victim into providing personal information or money and often target seniors by exploiting emotions and curiosity. Never respond to unsolicited emails about unexpected inheritances and verify any such claims through trusted legal channels.

Geek Squad Mimic: A Laramie resident received a scam email from an unknown Gmail address. The message appeared to come from "Geek Squad" with the subject line: "Transaction id YUFF-843-HEM payment confirmed." It falsely claimed the recipient’s Geek Squad membership was automatically renewed for one year at a cost of $520.00, referencing bogus transactions and ticket IDs. The email warned not to reply and included a suspicious phone number. CyberWyoming Note: If you receive an unexpected email about a payment or subscription renewal—especially from a generic Gmail address—do not click any links or call the listed number; instead, verify directly with the official company through their verified website or support line.

The Rise of Hack-for-Hire Cybercrime: Hack-for-hire services are turning cybercrime into a pay-to-play industry, where anyone can hire hackers for tasks ranging from cybersecurity to espionage. The market, valued at $12 billion in 2019, is growing rapidly, fueled by AI tools and economic pressures on tech workers. While some hackers offer legitimate services, many operate illegally, making it hard to distinguish between ethical and criminal activity. The lack of regulation and international standards allows cyber mercenaries to thrive. Governments and businesses must enforce stricter regulations, vet firms carefully, and cooperate globally to prevent further destabilization of digital security. 

– Brought to you by Forbes https://www.forbes.com/sites/emilsayegh/2025/03/11/how-hack-for-hire-mercenaries-are-reshaping-cybersecurity-crime/

Phone Porting Scam: Australian nurse Lee-Anne McLean lost her life savings and had loans fraudulently opened in her name after scammers hijacked her phone number through a 24-hour phone porting scam. Despite having security measures, the attackers accessed her email, social media, and bank accounts by tricking phone companies into transferring her number using personal information. Phone porting allows users to keep their number when switching carriers, but scammers exploit it to intercept texts and calls, bypassing security. To protect yourself, add extra security like port-out PINs, be cautious of phishing attempts, watch for sudden loss of cell service, and act quickly by contacting your carrier, bank, credit bureaus, and filing police or FCC reports. These scams happen fast and can cause severe financial damage, so proactive security and swift response are crucial. – Brought to you by Yahoo News  https://www.yahoo.com/news/aussie-nurse-loses-savings-just-131700144.html 

Healthcare Data Breach Hits 5.4 Million Patients: Episource, a U.S. healthcare tech firm, says hackers stole data from 5.4 million patients during a cyberattack between January 27 and February 6, 2025. Stolen info may include names, Social Security numbers, medical records, and insurance details—but no financial data. While no financial data was exposed, Episource urges affected individuals to monitor for suspicious activity. The breach involved data from multiple healthcare clients, though not all were affected. Notifications are being sent on behalf of these clients. 

– Brought to you by Bleeping Computer

https://www.bleepingcomputer.com/news/security/episource-says-data-breach-impacts-54-million-patients/ 

MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Citrix products. If you use this product, make sure the software (or firmware) is updated.

Data Breaches in the News: The MathWorks, Inc. and Ahold Delhaize USA. Note: If you have an account with these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: www.bbb.org/scamtracker 
• Wyoming Attorney General’s Office, Consumer Protection
  • Email ag.consumer@wyo.gov
  • Complaint form https://attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints 
• File a complaint with the Federal Trade Commission at www.ftc.gov/complaint
• Report your scam to the FBI at www.ic3.gov 
• Get steps to help at www.IdentityTheft.gov 
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General:  https://oig.ssa.gov/scam-awareness/report-the-scam/ 
• If you believe someone is using your Social Security number, contact the Social Security Administration’s (SSA) fraud hotline at 1-800-269-0271.
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to phishing@irs.gov or https://www.irs.gov/privacy-disclosure/report-phishing
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1-800-856-4398

Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register.