Hacker’s Brief

(Graphic: Richard Patterson, Flickr)
(Graphic: Richard Patterson, Flickr)

Information for this week’s Hacker’s Brief is provided by CyberWyoming Alliance, a 501c3 nonprofit affiliate of CyberWyoming. 

Fake Covid-19 Survey: With the current Covid-19 situation many scammers are trying to take advantage of the fear and chaos in today’s world. If you get an email saying congrats you’ve been selected to take a Covid-19 survey from hqrleswh@hqrleswh.79427952.hqrleswh.wa.gov.au this is a scam, and they are just trying to get information about you that could be used against you. Be wary when anyone sends you a survey and make sure you know the sender before clicking on any links in the email.

Netherland’s Banker Scam: If you receive and email from Annemiek Van Melick using the email address jason999@ms4.hinet.net saying he is a former banker from the Netherlands and that he wants to offer you a bonded bank account he isn’t a real banker, he just wants your money. This scam was reported by a Sheridan citizen.

Fake SharePoint Validation Request: This email says it is from sharepoint-REDACTED@aleaderboard.com and is very hard to decipher. Most of the email looks to be code that has been copied and pasted into the body of the email. The only understandable parts of the email are the words “keep or change password,” which is immediately followed by a link. The email isn’t clear so this link could take you anywhere, but it is most likely trying to steal your user id and passwords.

Fake Voicemail Email: A Boulder resident reported receiving an email from noreply@app.s1.cl claiming that they had a voice mail message waiting for them. The email gives details such as the time and date of the message, the duration, the number that called and the recipients email address. Voicemails are rarely sent to email addresses and you have to set this feature up so if you haven’t set it up, then you can be certain this email is fraudulent.

Copyright Infringement Scam: If you receive an email from Melshot568@yahoo.com claiming that the images you are using are copyrighted by him and he is going to take legal action against you if you don’t take them down this is a scam. His email includes a download link so that you can “verify” his claims for yourself. This is most likely a download of malware. According to the email he is a financial advisor and a professional photographer, and he is supposedly from Staten Island Arkansas which as we all know is “definitely,” a real place. This scam was reported by a Sheridan citizen.

Microsoft Fax Notification Impersonation: A Boulder resident reported an email claiming to be Microsoft notifying them of a fax that they’ve received but the email is from oaidq@bittobyte.org and is fake. Details on the email include your email address, personal or business, and how many documents you’ve have been faxed. These documents will be “attached,” to the email, however, do not click on them as they are most likely malware and they certainly aren’t from Microsoft.

Jim Yang Does Not Really Want to Give You $48.2 Million: A Laramie citizen reported an email from Jim Yang bap@btconnect.com with a subject line of “Good Day” saying that he wanted to with her to transfer money from the “Chine Citic Bank International in Hong Kong”. Jim is probably a money launderer.

Amazon Spoof: A Sheridan citizen reported an email with a malicious attachment supposedly from Amazon Web Service claiming his account was on hold and he needed to log in to “keep your records safe.” The email was from mail-attachmentvweys@71fox.venomgo.org and the subject line was long but contained “A͏c͏c͏o͏u͏n͏t͏ Service: Your ac͏c͏o͏u͏n͏t͏ paced on hold.”

Account Takeover: A Cheyenne citizen reported that her accounts had been taken over, quite literally overnight. What is an account takeover? When the hackers get into your accounts and you no longer have access to them. You can imagine how damaging this could be with bank accounts, online shopping, credit card sites, and social media. To protect yourself, make sure you use a different password for every online account, use the two factor authentication options available to you or password management software, and keep a credit freeze on your accounts (visit Experian, Equifax, and TransUnion for information on how to do this online).

Scambusters.org Tax Scams: If you receive a text message from the IRS saying your tax return has been rejected, a refund message from the Taxpayer Advocacy Panel (TAP), or a 1099-G when you didn’t claim unemployment benefits, these could be tax scams. The IRS doesn’t ever send texts. The TAP does not notify taxpayers about refunds. And if you get a 1099-G and should not have received one, call the Wyoming Department of Workforce Services, unemployment division.

Other tax scams seen this year include:

  • Ghost tax preparers – Fake tax preparers who don’t sign the forms they return are a red flag.
  • Transcript hooks – emails that claim to have a transcript of a conversation with the IRS.
  • Requests to pay a fee to get a stimulus check.
  • There is no Bureau of Tax Enforcement – this is a bogus agency made up by scammers.
  • For others, check out the IRS’s website at https://www.irs.gov/newsroom/dirty-dozen.

Scambusters.org Student Scam: If you are a student beware of a new advance fee or overpayment scam. The victim receives a fake check and before the check can be deemed fake at the bank, the victim has to return some of the money. Good rule of thumb: don’t wire money to someone you don’t know.

MS-ISAC Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Microsoft, Apple (macOS Big Sur, watchOS, iOS, Safari, and iPadOS), Google’s Chrome Browser, and Adobe (Connect, Creative Cloud Desktop App, and Framemaker) products. If you use these products, make sure the software (or firmware) updated.

Report scams to phishing@cyberwyoming.org.

Other ways to report a scam:
·       Better Business Bureau Scam Tracker
·       File a complaint with the Federal Trade Commission
·       Report your scam to the FBI
·       Report unwanted calls to the Federal Trade Commission’s Do Not Call Registration or call 1 (888) 382-1222, and select Option 3
·       Office of the Inspector General