Serving the Big Horn Basin for over 100 years

Hacker's Brief

The Geek Squad scam is making the rounds again: A Wyoming citizen reported that he received multiple invoices from The Geek Squad for hundreds of dollars…despite never having had an account with them. CyberWyoming note: Even if you have an account with The Geek Squad, either call or access your account through their portal after looking up the address in a web search. Never click on an attached invoice or click a link from an email.

Memorial Day Scams: As we spend the weekend commemorating all those who lost their lives serving our country, remember that scammers are using the holiday for cybercrime. They may try to take advantage using patriotic-themes or military appeals:

• Impersonate veteran or military charities to defraud donors (see the Wounded Warriors Family Support on how to protect yourself from fraud https://wwfs.org/wise-giving-memorial-day-contributions-protecting-yourself-from-check-fraud/)

• Offer “guaranteed military loans” that have extremely high interest rates or require up-front fees

• Offer military housing discounts to steal deposits

• Pose as service members to initiate a romance scam (see the U.S. Army’s website on how to spot these scams https://www.tradoc.army.mil/social-media-scams/).

• Brought to you by Bitdefender

Online shopping led to credit card theft: A massive network of 75,000 fake online shops called 'BogusBazaar' tricked over 850,000 people in the US and Europe into making purchases, allowing the criminals to steal credit card information and attempt to process an estimated $50 million in fake orders. The fake shops used legitimate online shops whose domains (names on the internet) had expired. Millions of credit card details were resold on the dark web. Consumers are warned to confirm a site’s legitimacy before shopping with these tips:

• Check for contact information, examine the return policy, check for trust seals, browse the website content in general, and check its social media presence. This will help you establish if the webpages were created with high professional standards.

• Read online reviews, follow the announcements of local consumer protection agencies, and check their social media accounts.

• Search the company name on the Better Business Bureau’s website: https://www.bbb.org/search.

• Brought to you by BleepingComputer and SRLabs

Reporting Cyber Crime Makes a Difference:

• An employee of a wastewater treatment plant in California installed software on the company’s and his computer that gave him remote access to the computer network. After resigning his position, he used that software to disable the monitoring system. He has been sentenced to house arrest, forfeiture of his computer, and ordered to pay a large fine.

• The FBI and Department of Justice have seized control of BreachForums, a dark-web market. A banner on the website says that it is now under the control of the FBI.

• Seven members of a cyber crime gang that specialized in gas pump skimming operations have been indicted. For ten years, the gang stole credit and debit card information from customers at gas pumps across the U.S.

• Brought to you by Immuniweb

Beware of these ancestry scams: You may attend a family reunion this summer and decide to do some ancestry research in advance. Be careful since scammers have repurposed some old scams aimed at people who are researching their ancestry:

• Hiring an ancestry detective can be dicey. Although most are professional genealogists, some are just con artists. There are several professional organizations, such as the Association of Professional Genealogists, who vouch for the skills of their members. To learn more about these organizations and how to verify claims of membership, see this article: What to Look For in a Genealogist You Contract With to Research Your Family Tree. http://genealogy.about.com/od/genealogists/qt/professional.htm

• A similar scam is to contact you and tell you that your family history has already been researched and a book is available. Again, beware of paying for something that may be about another family with the same name or just a general list of information that can be found with a web search.

- Brought to you by Scambusters

MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for D-Link routers, Ivanti, Solar Winds, Apple Safari, Google Chrome. If you use any of these products, make sure the software (or firmware) is updated.

Data Breaches in the News: Lemke Memorial Hospital (Kansas), Atlas Oil, Patriot Mobile.

Note: If you have an account with any of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to [email protected] to alert your friends and neighbors.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: http://www.bbb.org/scamtracker/us/reportscam

• Wyoming Attorney General’s Office, Consumer Protection

o Email [email protected]

o Complaint form https://attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints

• File a complaint with the Federal Trade Commission at https://reportfraud.ftc.gov/#/

• Get steps to help at https://www.identitytheft.gov/#/Info-Lost-or-Stolen

• Report your scam to the FBI at https://www.ic3.gov/Home/FileComplaint

• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3

• Office of the Inspector General: https://oig.ssa.gov/

• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360

• IRS: report email scams impersonating the IRS to [email protected]

• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398

Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit http://www.aarp.org/fraudsupport to learn more about the free program and register.