Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust. Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.
Voice memo scam with audio
A Laramie company reported a scam from a German (de) country code with the subject line “Audio Voice Note Received on Thu, October 20, 2022” with an attachment that appears to be an audio message. Do not open the message.
McAfee impersonation scam
A Sheridan citizen reported a scam from a tut.com email address spoofed as “||McAfee.Security||” with the subject line “Beware: Your device has been infected with (54) viruses.” Do not click on the link!
Invoice paid scam pretending to be Geek Squad
If you receive an email with an invoice from Geek Squad, claiming that you purchased “Geek Squad 360 Antivirus for PCs and Macbooks” for “$349.99”, do not open the attachment. The subject line is “Purchase Confirmation 12-21-14” and the email is from a Gmail address spoofed as “Invoice_56846”. Reported by a Sheridan citizen.
Powell citizen advises
Every time someone registers a new domain name for a website, they will receive in their mailbox one or two different letters telling them that they need to renew their website or they will lose it. It comes with some crazy dollar amounts and it’s 100% a scam, they look extremely official. Also, anything received by an email to renew a website domain is a scam.
“Truth, trust and honest” were requested from fraudsters
If you receive an email with the subject line “HELLO FROM FATIMA KAMARA” with a .jp country code email address asking you to reply to a yahoo.com email address, just delete it. Although Fatima says she wants someone she can confide in and help her access her late father’s funds, her faulty grammar is a dead giveaway. “But what I need from you is truth, trust and honesty.” Reported by a Laramie citizen.
What is a social media account takeover?
“My account has been hacked. Please ignore a friend request.” It may be of little comfort, but if you have ever sent or received such a message on, for example, Facebook or Instagram, you are actually among the millions of users who are affected every year by hackers on social media. It is one of the fastest growing and most alarming Internet crimes, with security experts estimating that somewhere between 20 and 40 percent of all social networking accounts have been compromised at some point. In the first three months of this year alone, the number of hacked accounts reported to the Internet Theft Resource Center (ITRC) easily surpassed the number for all of 2021, which itself was a sharp increase from the previous year. Brought to you by scambusters.org.
How to avoid social media takeover
Important actions you can take to protect yourself from social media account takeovers include the following. Brought to you by scambusters.org.
• If you receive a friend request from someone you’re already connected with, it’s almost certainly a hacking scam, so don’t click the “accept” button. And let your friend know.
• If the request comes from someone you know but don’t follow, again don’t click to accept. Contact the person independently and verify that they sent the request. And be extra careful about accepting friend requests from people you don’t know – they’re almost always scams.
• Always use a strong and unique password for each social media account and use a second passcode or other type of multi-factor authentication (MFA) such as those sent via text messages. Learn more about two-factor authentication from our previous issue: And never share your password or code with anyone.
• If you learn of a data breach affecting your social media account, change your password immediately.
• Do not download third-party apps promoted on your social media account. They can be used to hack your account.
What to do if your social media account has been hacked
You want to regain control of your account as soon as possible. If the hacker hasn’t changed your password and you still have access to the account, change it yourself immediately. And implement MFA (multi-factor authentication – where you get a text to confirm it’s really you.) If you’re blocked, you need to contact the network provider, eg Facebook. Different sites have different ways of handling it. Search for the phrase “My —— account has been hacked” (insert the media network’s name instead of the hyphens) and look for results that are actually from the network company. It’s also important to let your friends know, via email or a messaging service, to alert them. Which brings us back to where we started: “My account has been hacked. Please ignore a friend request.” Brought to you by scambusters.org.
MS-ISAC and CISA patch now alerts
The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published an update now (update your software) notice for Aruba EdgeConnect Enterprise Orchestrator, Oracle and Mozilla (Firefox and Firefox ESR ) Products. If you use these products, make sure the software (or firmware) is up to date.