The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust. Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.
A Laramie citizen reported an employment scam from Jinsanye Imp and Exp Co Ltd (but really from a Gmail address) saying they needed a part time company representative and their offer was ‘very attractive’. The subject line was CONTRACT OFFER (yes it was in all caps).
Windows Defender Firewall is free with your Windows operating system
A Sheridan citizen received an email with the subject line of “Order Confirmation” impersonating Microsoft as a Windows Defender Order (but was really from a Gmail address). The email charges a whopping $249.99 for Firewall Defender Premium Protection. Just delete the email. Windows Defender comes free with your operating system.
If you receive an email claiming they want to sell you a domain name for $250-$300, in this case the Laramie citizen said the name was WyomingITSecurity.com, it is most likely a scam. Oddly, this scammer, who contacted the citizen through a Gmail address, said “You can also get this domain from GoDaddy.” CyberWyoming Note: Usually when you purchase a domain from a provider like GoDaddy, it costs about $10-$20.
Website ranking scams
If you receive an unsolicited email saying “your website is not ranking well on Google”, a Laramie citizen wants you to know it is a scam. Do not respond to the Gmail address to get the proposal and pricing.
Best Buy & Geek Squad impersonation email
A Sheridan citizen received an invoice branded as Best Buy and Geek Squad, but from a notification.intuit.com email address, where Intuit is the company that legitimately owns Quickbooks, a popular accounting program. The invoice was for $399.99, claimed to be debiting your checking account, and claimed to be for “total tech protection.” The crook messed up and also listed a Gmail address to reply to as Geek Squad, but the email was otherwise very well crafted.
Notice!! Upgrade your email storage scam
If you receive an email from the generic “Email Administrator” saying your email storage has exceeded its limit and needs to be upgraded immediately, do not click on the link. The scammer is trying to get your personal information and credit card. Reported by a Laramie citizen.
FTC Employment scam alert for recent college graduates
It seems normal to get a request for your resume from a job recruiter, but the scammer says your resume format is ‘incompatible’ and you are asked to send your resume to a website to ‘reformat’ it, for a fee. Remember that legitimate companies don’t ask you to pay.
FTC Baby formula scam alert
Scammers are taking advantage of current events again. The FTC wants to remind you that if you are looking for baby formula do a Google search first like this “product name complaint scam” and if you spot a fake website, email or social media ad, report it to ReportFraud.ftc.gov.
FTC Tech support scam alert
Scammers often pretend they are from a known company like Apple or Microsoft and send you random notifications saying they have found malware on your computer or device. They say the problem is urgent and they encourage you to pay for tech support you don’t need. Just hang up.
FTC Student loan forgiveness alert
With the U.S. Department of Education announcing another extension through August 31, 2022 to pause student loan payments, student loans are back in the headlines and, thus a prime target for scammers. Note that the only student loan forgiveness programs are Public Service Loan Forgiveness and Teacher Loan Forgiveness, and neither charge you for help to qualify for the program. The FTC wants to remind you not to share your FSA ID with anyone.
MS-ISAC and CISA patch now alert
The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Google’s Chrome browser, the Google Android operating system, Meeting Owl Pro, Whiteboard Owl, Dominion Voting Systems ImageCast X, and Atlassian Confluence Server & Data Center products. If you use these products, make sure the software (or firmware) is updated.
Data breaches in the news
Online gun sites – Ranier Arms and Numbrich Gun Parts Corporation, Shields Health Care Group (Massachusetts), Transact Campus (student account holders), City of Alexandria (Louisiana) ransomware attack and possible data breach, Icare, Pegasus Airlines, Verizon Employee Access, Linn County (Oregon), Washington University School of Medicine, MGM Resorts, Texas Department of Transportation, Zola Wedding Registry Accounts, Regional Eye Associates (West Virginia), General Motors, Chicago Public Schools, Texas Department of Insurance, Omnicell (healthcare company), Mercyhurst University (Pennsylvania), RefuahHealth, and Parker Hannifin.
If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.
Other ways to report a scam: