Hacker’s Brief

Hacker's Brief
Hacker's BriefHacker's Brief

This week’s Hacker’s Brief is from CyberWyoming.

Amazon Order Confirmation Email Scam: A Sheridan citizen reported an email scam from “Order confermation<bhagwanji1923@gmail.com>” (note the misspelling) with the subject line of “Order ConfirmationDear Client.” The email purports to be from Amazon and has a PDF attached. Do not open the PDF or click on the links.

Credit Card Phone Scam: A Cheyenne citizen reported a phone scam saying his credit card had been compromised. The number came from (209) 684-6423 and the citizen noted that there were an extra four zeros at the end. (CyberWyoming note: usually when calls end with 0000 it is a clue that it isn’t a ‘real’ phone number.)

New Version of Amazon Email Scam: A Lander citizen reported a new version of an old Amazon scam. The email claims to be you order summary for products you obviously did not purchase. The email looks real with Amazon logos and buttons with Amazon-formatted order details, other product recommendations and more. The email is also well written. It requests that you call the fraud team at a non-Amazon phone number of 1 (702) 905-1852 if you did not order the listed products. (CyberWyoming research note: This phone number is associated with several phishing emails.)

CyberWyoming Alert: Scammers take advantage of chaos. Triple check any request for money or help that come through via phone, email, or text. It may be a scam taking advantage of the chaos in DC.

Adobe Flash End of Support Notice: As of Dec. 31, 2020, Adobe’s Flash Player product is no longer supported. CyberWyoming recommends searching your programs on your computer for Adobe Flash and, if it is present, following Microsoft’s instructions to uninstall. If you are using an Apple product, here are the instructions from Adobe to uninstall.

MS-ISAC Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Fortinet FortiWeb (firewall), Mozilla’s Firefox browser, Mozilla’s Firefox Extended Support Release, Mozilla’s Firefox for Android, Google’s Chrome browser and Google’s Android (smartphones, tablets & watches) products. If you use these products, make sure the software or firmware are updated.

Scambusters.org Investment Advice: The US Consumer Financial Protection Bureau has some great podcasts on investment scam risks.  Before you invest, be sure to check out the videos.

Not sure how to recognize an email scam?

Here are some seven tips from Scambusters:

Usually email scams impersonate organizations you know and can be quite convincing, then they set a trap spinning a convincing story to explain why they are contacting you.

Here are some common examples of which to be aware:

  • Suspicious activity has been spotted on your account
  • An unrecognized person has tried to log on to your account
  • There’s a problem with your account or payment details
  • You can get coupons or free stuff by clicking a link
  • You must pay your account immediately, often via a supposed invoice attachment
  • You have to register for a benefit, such as a government refund
  • Your account has been locked and you need to confirm personal info

If you want to report a phone, email or text scam and let your friends and neighbors know about it, forward it, or send a description of the scam, to phishing@cyberwyoming.org.

Other ways to report a scam:
·       Better Business Bureau Scam Tracker
·       File a complaint with the Federal Trade Commission
·       Report your scam to the FBI
·       Report unwanted calls to the Federal Trade Commission’s Do Not Call Registration or call 1 (888) 382-1222, and select Option 3
·       Office of the Inspector General

Information provided by CyberWyoming Alliance, a 501c3 nonprofit affiliate of CyberWyoming.