Hacker’s Brief

Hacker code. Stock image. Approved for reuse.

This week’s Hacker’s Brief from CyberWyoming is sponsored by Campco Federal Credit Union.


Facebook tracks browsing activity outside of platform:  A Wyoming citizen reported that when Facebook recently updated their software, a new setting to “Track off-Facebook activity” was activated. This means that Facebook can track other websites that you visit, like your bank, online shopping and more. If you would like to keep this information private, here’s how: Open your Facebook account and navigate to “settings.”  Choose “Your Facebook Information” from the left-hand column on the settings screen. Choose the “view” link next to “Off-Facebook activity.” Choose “Manage your off-Facebook activity,” then choose “Manage future activity,” then slide the button to turn off “Future off-Facebook activity.” Facebook does not make changing this setting easy. There are pop-up windows asking you if you really mean it in multiple places, and at one point, you also have to re-enter your password.


SAM registration reminder: For those businesses that apply for grants, SAM.gov is the federal government’s system for award management and requires a CAGE code for applications. Both are available at no cost. Many Wyoming businesses have received multiple expiration reminders from scammers asking for money to renew the SAM registration or the CAGE code. Only renew these at SAM.gov and do not follow a link in an email.


MS-ISAC Patch Now Alert: If you use Google Chrome or Bitdefender SafePay (a protected web browser designed to secure sensitive online transactions such as online banking and e-shopping), the Multi-State Information Sharing and Analysis Center wants you to make sure that the software has been updated (patched).


IRS Alert COVID scams targeting stimulus checks: The IRS would like to remind you that they never communicate via social media, text message, phone calls, and email to discuss stimulus payments. If you receive a message from the “IRS” via these methods, it is a scam.


Fake COVID-19 contact tracing apps infect Android phones: Researchers have found 12 Android applications disguised as official COVID-19 contact tracing apps, but their real purpose was installing malware onto the devices. Do not install a contact tracing app on your phone unless instructed to do so by a public health officer. Confirm that person’s identity to ensure you aren’t being scammed.


Netgear router alert: 79 Netgear router models can allow an attacker to take full remote control. Netgear is a popular home router brand. The fix for the vulnerability has not yet been published by Netgear, but please watch for it to be coming out soon.


Data Breaches in the News: Specialized dating apps (3somes, Cougary, Gay Daddy Bear, Xpal, BBW Dating, Casualx, sugarD, Herpes Dating and GHunt) chats and pictures have been breached, as well as MaxLinear (US Hardware manufacturing firm), Stat Informatics Solutions, Cognizant (IT services), Stalker Online (online game), Aspire News (domestic violence emergency distress messaging system), Sanitary Process Engineering and Components, ArgoMart Group, Preen.me (social media influencer firm) and OneClass (remote learning platform).


If you want to report a phone, email or text scam and let your friends and neighbors know about it, forward it, or send a description of the scam, to phishing@cyberwyoming.org.

Other ways to report a scam:
·       Better Business Bureau Scam Tracker
·       File a complaint with the Federal Trade Commission
·       Report your scam to the FBI
·       Report unwanted calls to the Federal Trade Commission’s Do Not Call Registration or call 1 (888) 382-1222, and select Option 3
·       Office of the Inspector General


Information provided by CyberWyoming Alliance, a 501c3 nonprofit affiliate of CyberWyoming.