Hackers and scammers are relentlessly targeting you and your neighbors. Below are just a few current local examples from CyberWyoming that may be help you avoid being snared by a scammer.
New Employee at the IMF Impersonation Scam: A Sheridan resident reported an email that was well written stating that as the new Director of Finance, Dr. Bernard Lauwers found a document approving over $3 million. The email asks for your personally identifiable information, including your social security number. The email was from email@example.com and firstname.lastname@example.org with the subject line of Payment File No. #11083234. CyberWyoming Note: Never give out your personal information unless you are absolutely sure of the source.
Your Mom Isn’t Being Sued: A Sheridan resident reported a phone call from a private number, a legitimate sounding law firm, and a very eloquent speaker saying that they needed him to get a hold of his Mom because she was being sued.
PayPal Invoice Alert: If you receive an email from email@example.com with the subject line of “INVOICE” with PayPal branding saying you purchased bitcoin for over $1000, then it is fake. Look for the incorrect capitalization and grammar and don’t call the phone number. Reported by a Wyoming resident.
Logged In From a New Device Alert: If you receive an email from firstname.lastname@example.org impersonating BB&T (Branch Banking & Trust Company) that alerts you that someone has logged in from a new device or browser and urges you to click on the link to enable your 2 step verification process, know it was a scam. The BB&T bank does not own the domain friendsofkokohead.org. Reported by a Laramie resident. CyberWyoming Note: FriendsofKokoHead.org is a real organization raising funds for an elementary school. They have been notified that their info@ email account has been compromised.
Nonspecific Order Confirmation Email: If you receive an email from email@example.com with very little information but including a blue button with your user name asking you to ‘click here’ to confirm your order, know it is a scam. Reported by a Wyoming resident.
Government Stimulus Checks Scam: If you receive an email from firstname.lastname@example.org or email@example.com saying you have an unclaimed stimulus check with a link to see if you are eligible, please know that the IRS does not email you. This same scammer was also reported with a scam for 2021 tax debt relief. Reported by a Canadian resident.
Fake IRS Loophole Scam: If you receive an email from firstname.lastname@example.org about an IRS loophole to grow your retirement savings and invest in gold, it is a scam. Reported by a Canadian resident.
Microsoft Warns of Fake Payment Notification Scam: If you receive an email, phone call, or text supposedly from Microsoft’s call center support team, be very wary. It starts with an initial fake invoice with an option to call and cancel it. Then, the ‘support center team’ emails you a Word doc locked inside a password protected zipped file that is to be filled out to cancel the payment. But the zip file hides the fact that the Word document is malicious.
Beware of a New COVID Phishing Email: A company’s human resources office is impersonated and the scammers say that HR is requiring employees to fill out a COVID vaccination status form. The link to the ‘form’ is in the email and it takes the employee to a hijacked web page that impersonates the company or a trusted brand to try to steal the employee’s user id and password. (Note that some of the attacks have come from hijacked real company external accounts, so be sure to train your employees to verify that the email is real before they enter their user information.)
Home Wi-Fi Router, Wi-Fi Range Extender or Wi-Fi USB network adapter alert: According to Tom’s Guide, if you have a Wi-Fi Router, Wi-Fi Range Extender or Wi-Fi USB network adapter that is older than 2015, then you may want to get a newer model as there could be a flaw in it that allows for a remote takeover. For a list of affected devices check out the Tom’s Guide article: https://www.tomsguide.com/news/router-attack-botnet-realtek. CyberWyoming Note: be sure to update your home wireless router even if it is newer than 2015.
Scambusters.org Gift Card Scam Alert: A friendly reminder from Scambuster’s that if someone asks you to pay via a gift card, it is almost certainly a scam.
MS-ISAC Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Google’s Android operating system, Microsoft’s MSHML (which affects Internet Explorer and many Windows Server versions), and Mozilla’s Firefox and Thunderbird products. If you use these products, make sure the software (or firmware) is updated.
Please report scams you may experience to email@example.com to alert your friends and neighbors.
Other ways to report a scam:
- Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
- Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or firstname.lastname@example.org
- File a complaint with the Federal Trade Commission at https://reportfraud.ftc.gov/#/
- Report your scam to the FBI at https://www.ic3.gov/Home/FileComplaint
- Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3
- Office of the Inspector General: https://oig.ssa.gov/
- AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
- IRS: report email scams impersonating the IRS to email@example.com
- Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398
Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register.
Laura Baker is the Executive Director of CyberWyoming and the President of the CyberWyoming Alliance, both nonprofit organizations. She can be reached at firstname.lastname@example.org