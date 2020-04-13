The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust.

Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.

Laramie Smsishing Report

(Smishing is a text scam.) A Laramie citizen reported a new gift card text scam asking for Google Play gift cards. The citizen received the fake text from someone impersonating her supervisor. This scam has been prevalent in Wyoming, regardless of the type of gift card.

MS-ISAC (Multi States Information Sharing and Analysis Center) Patch Now Alert

MS-ISAC recommends patching your Google Chrome browser and Mozilla Firefox’s browser. There are some vulnerabilities where an attacker could view, change or delete data and these vulnerabilities can be exploited if a user visits or is directed to a specially crafted web page.

FBI Publishes Zoom Privacy Recommendations

A new malicious practice called Zoom Bombing is occurring were uninvited people gain access to a Zoom meeting and harass the participants or play pranks and later show the pranks on social media. The FBI has published recommendations to avoid this issue. https://www.bleepingcomputer.com/news/software/how-to-secure-your-zoom-meetings-from-zoom-bombing-attacks/

COVID Phishing Scam Looks Real

A Sheridan citizen reported a phishing scam in the news that was recently discovered by KnowB4. The email is supposedly from an official at a hospital and says that the recipient has been exposed to the coronavirus. The email instructs them to download an attached Excel spreadsheet and proceed to the nearest emergency clinic. The spreadsheet contains malware. COVID schemes are huge right now, when in doubt, call the sender to make sure the email is legitimate. (techrepublic.com)

Phishing Attack Targets SharePoint Users

The user receives an email from SharePoint, which is a Microsoft product that many companies use to share files and create an internal website. The email claims that a new file has been uploaded to a directory that the user has access to. The email is very realistic. When the user clicks on the View File link, it redirects them to a YouTube link and then redirects them again from the YouTube site to a phishing page hosted by Google but looks like a Microsoft login page to try to gain Microsoft credentials. Because YouTube is often a ‘safe’ link, most email protection tools will not catch this fake email. Hovering over the initial SharePoint email to ensure it goes to a known website is advised by TripWire who published the initial article about the scam.

Money Mule & Job Websites

Money mule scammers try to rope people into money laundering schemes under the pretense of a work-at-home job offer. With more people out of work due to the coronavirus, this widens the scammer pool. These scammers use legitimate job searcher websites, like Monster, but often create fake employer accounts. One example is vastyhealthcarefoundation.com or globalgiving.org. These websites say they help coronavirus victims, but they are scams. To verify a business is legitimate and the website is actually theirs, check with the Better Business Bureau or Guidestar.

CISA (Cyber & Infrastructure Security Agency) Alert Working From Home and the Coronavirus

Working from home can introduce vulnerabilities into your business network. CISA has said that companies that use VPN (virtual private network) software should make sure it is up to date with the latest software as volumes of telecommuters increase. They are also recommending enacting multi-factor authentication. Employees working from home should be hyper aware of phishing emails targeting teleworkers. CyberWyoming also recommends that teleworkers ensure they have up to date antivirus software, the Windows Defender firewall turned on, their Windows systems updated, and ensure that their wireless router updated and secured with a difficult password. Many home users forget to change the default administrator user ID password from the default and this is an open door to hackers.

Alert from the Director-General of the World Health Organization

If you receive an alert from the Director-General of the World Health Organization it is most likely a scam containing malicious keylogging software. Keylogging software tracks your key strokes and is often used to gain your user IDs and passwords.

New York Attorney General Asks Internet Domain Name Registrars to Crack Down on COVID related domains

With so many coronavirus scams on the internet, NY state officials have asked for help to identify scammers from six companies that register domain names: GoDaddy, Dynadot, Name.com, Namecheap, Register.com, and Endurance International Group which owns Bluehost, Domain, and HostGator. So far, only Namecheap has offered to take additional proactive measures. What this means to you? Only go to reputable websites for information about COVID.

Twitter, Coronavirus, and Hackers

Hackers have taken over a wave of Twitter accounts to aggressively advertise a website called Masks 2 U that claims to be selling face masks and toilet paper. (vice.com) Beware of any social media advertising related to shortages, stimulus checks, and the coronavirus.

Data breaches in the news:

Advantage Capital Funding/Argus Capital Funding, NutriBullet website (credit cards only), truefire.com, US Census Bureau, Norwegian Cruise Line, Oregon Department of Human Services, Tupperware.com (credit cards only), Total Quality Logistics (Cincinnati), Data Deposit Box, State of Georgia’s voter records, Social Bluebook, Campaign Sidekick (Republican canvassing app), Marriott (again), and Affordacare Urgent Care Clinic (Texas).

Report a scam

If you want to report a phone, email or text scam and let your friends and neighbors know, forward it or send a description to phishing@cyberwyoming.org.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam

• File a complaint with the Federal Trade Commission at ftc.gov/complaint

• Report your scam to the FBI at https://www.ic3.gov/complaint

• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration.

• Online at https://complaints.donotcall.gov/complaint/complaintcheck.aspx or call 1-888-382-1222, option 3

• Office of the Inspector General: www.oig.ssa.gov