The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust. Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.
Sam’s Club Reward
If you receive an email with the subject line of “SamsClub has a reward for You!” be sure to note the missing apostrophe, the missing space between Sam’s and Club, and the capitalizing the word “You.” These are all clues that this didn’t really come from Sam’s. The email asks you to play a game and ‘crack the egg’ and shows a picture of an Easter egg. Reported by a Michigan reader who believes that this same phisher is also mimicking CVS, Costco and Ace Hardware.
CVS winner scam
A Laramie citizen reported an email from natsirtworks.com impersonating CVS saying you are a March winner and click on the link to confirm your $100 reward. Don’t click on the link.
PayPal unusual login scam alert
Watch for an email with the subject of “MONTHLYBILL-PPLY77A7” impersonating PayPal’s billing confirmation but really from a gmail address. The email says that they noticed a login to your PayPal account from an unusual location and that you are being charged $421.99, but call if you have questions. Don’t call. Reported by a Sheridan citizen.
Don’t call the number
If you receive an email with the subject line of “Call [phone number redacted]” because an ‘unknown person’ is trying to claim your funds via an ATM card, asking you to pay the remaining balance of your ATM card, a Sheridan citizen wants you to know this is a scam. The email is from either Mr. Mike Kennedy or Mr. Williams Mark, using a gmail address.
International monetary fund impersonation scam
If you receive an email from Mrs. Kristalina Georgieva, managing director of the IMF approving a refund to you because of corrupt bank officials, BUT asking for a lot of personally identifying information from you, just ignore it. Reported by an Arizonan reader.
Consult LLC isn’t real
Sometimes scammers use generic, but real sounding company names to get you to engage with them. If you receive an email from consultllc.com, claiming to be a marketing consultant the Laramie citizen that reported it wants you to know that Consult LLC doesn’t show up even on a Google search.
Ordering birth certificates – beware of scams
A Florida citizen who reads this scam report ordered his birth certificate from his home state’s bureau of vital statistics and shortly thereafter received a scam email from “Living Proof Now.” This fake service charged his credit card company $47. CyberWyoming Note: Remember to only order your vital records from your state or county agency. These websites look very real.
LinkedIn impersonation scams
According to KnowBe4’s CyberHeist News, phishing attacks impersonating LinkedIn are up 232% in the last month. Some of these have been reported by Wyomingites. The attacks use familiar branding and typical LinkedIn wording like “you appeared in 4 searches this week,” “you have 1 new message,” or “your profile matches this job.”
More Russian-themed scams
Researchers at Malwarebytes warn that a phishing campaign is informing users that someone logged into their account from an IP address in Moscow. The email contains a button to report the issue, which “opens a fresh email with a pre-filled message to be sent to a specific email account.” If a user sends this email, the attacker will reply and attempt to rope them further into the scam.
Center for Internet Security Alert – beware of common tax scams
Whether you get a text, email or phone call here are the scams out there. 1. The IRS recalculated your refund and you overpaid so verify your account information here and we can deposit it to your bank account. 2. Our records indicate you haven’t claimed your stimulus payment, so please provide us with your personal information. 3. You owe us back taxes and can be charged with a federal crime so purchase these gift cards and send them to us and we will wipe your record clean. 4. Donate money to this legitimate charity that the scammer is impersonating. 5. Fake tax preparers – make sure you know the person you are working with is legitimate by asking them for their Tax Preparer Identification and then verify them through https://irs.treasury.gov/rpo/rpo.jsf at the IRS’s website.
MS-ISAC Patch now alert
The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Google’s Chrome browser, Apple (all the major operating systems and Garage Band, Xcode, and Logic Pro X), Schneider Electric APC Smart-UPS (SMT, SMTL, SMC, SCL, SMX, and SRT series), Veeam backup and replication, Adobe (Illustrator, Photoshop and After Effects), Mozilla’s Firefox browser, and Mitel (MiCollab and MiVoice Business Express) products. If you use these products, make sure the software (or firmware) is updated.