Hacker’s brief

Shady dude on computer.

Information for this week’s Hacker’s Brief is provided by CyberWyoming Alliance, a 501c3 nonprofit affiliate of CyberWyoming. 

Security Renewal Notice Alert: A Sheridan citizen reported an email impersonating Norton’s antivirus software renewals from 31046952595953678611751837274@mail.vitelglobal.net. What is disturbing about this email is that it wants you to click on the button to download the latest version of the Norton software, but it probably installs malware instead. CyberWyoming Safety Note: Never download software from a link in an email. Instead, go to the legitimate website and download it there.

Fiji Car Wrap Scam: A Casper citizen wants you to know about two car decal scams including one for Fiji Water and another for Ice Mountain Water. The fake offer is for $500 a week to place the decal on your car and advertise for the water brands. The scammer sends you a fake check for the first week plus the cost of the decal, with which you are supposed to purchase money orders to pay for the decal. The money orders are sent overnight delivery before you find out the check the scammers sent is fake.

Alice Johnson and Kristalina Georgieva Scams: Don’t give your personal information to Ms. Alice Johnson (alicemrsjohnson@gmail.com), who claims to be a 75-year-old dying British woman that wants you to help her give away her money to charity. In addition, don’t give your personal information to Kristalina Georgieva (whitehousewashingtondc033@gmail.com or kristalinageorgieva570@gmail.com), who claims to want to give you $16 million through an ATM card. CyberWyoming Note: If it is too good to be true, it probably is. This scam was reported by Laramie and Sheridan citizens.

USA-Lottery Scam: If you receive an email from rory_angel@alice.it with the subject line of “Congratulations you have won” and an attachment with procedures to gain your winning prize information, it is a scam. Do not click on the attachment. This scam was reported by a citizen from Laramie.

-- Advertisement – Story Continues Below --

John Nooky and David Lamptey Are Not Transferring Money: If you receive an email from John Nooky at jnabbe38@gmail.com or David Lamptey at agentagent84@gmail.com asking for your name, address, and phone number to transfer some business funds to you, it is a scam. This scam was reported by a Laramie citizen.

Fake Newsletter@_____.com Offers: A Wyomingite reported fake offers impersonating TruGreen, SilverBills, HelloFresh, American Home Warranty, Anderson windows, Empire flooring, Quicken Loans, AmeriSave, Better Rate Guide, and ZippyLoans, a generic ‘luxury’ credit card offer with a premium rate, gutter cleaning by LeafFilter, lawyers for the Roundup weed killer cancer claims, walk-in tubs for seniors, senior online dating services, purchasing printer in & toners, a mortgage rate calculator, and an offer to lend for bad credit. The emails came from: Newsletter@formlig.com, newsletter@piessitem.com and others. CyberWyoming Note: If you haven’t signed up for the newsletter and don’t recognize the domain (ex formlig.com) then assume it is a phishing email.

Mohammed Gomaa Isn’t Really Interested in Investing: A Laramie citizen reported an email from Mohammed Gomaa at dr.davidwilliams74@gmail.com saying he represented a reputable consultancy firm in Saudi Arabia looking to finance new or existing projects in any industry.

DHL Express Shipment Impersonation: If you receive an email asking for delivery information from DHL Express containing two different attachments from jhonadmin@teachteck.co.uk, it is a scam reported by a Laramie citizen. CyberWyoming Note: Just assume delivery notifications on email or text are fake and if you are curious, go directly to the UPS, FedEx, or DHS websites to track a package or enter information.

Signed Purchase Contract on Microsoft OneDrive Alert: Dr. Erik Huffman, a Cybersecurity Researcher from Colorado Springs, reported a phishing email impersonating Microsoft’s OneDrive brand with very convincing graphics and showing a button to open a fake PDF called Signed Purchase Contract – 7.29.2021.pdf. Dr. Huffman notes that the attack uses the psychological principles of comfort and familiarity and that the email looks like it could be routine business for many organizations. CyberWyoming Note: Dr. Huffman is speaking at Wyoming’s Cybersecurity Conference on Oct 8. Register at cyberwyoming.org.

-- Advertisement – Story Continues Below --

Salesforce Configuration Alert: If your company uses Salesforce, specifically Salesforce Communities, a known misconfiguration could expose sensitive information. Double check the settings and pay particular attention to ‘unauthenticated’ or guest user access.

MS-ISAC Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) has published a patch now (update your software) alert for Google’s Chrome browser and Confluence Server & Data Center products. If you use these products, make sure the software (or firmware) is updated.

Please report scams to alert your friends and neighbors.

Other ways to report a scam:

Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by scam or fraud, called ReST. Visit aarp.org/fraudsupport to learn more about the free program and register.