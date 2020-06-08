The Hackers Brief from Cyber Wyoming is sponsored by First Federal Bank & Trust.

Be aware of the latest scams in Sheridan, Wyoming and the rest of the nation.

UW Warns of Email and Text Message Scams

Criminals are impersonating faculty, staff, or UW administrators and asking for the cell phone or if the person is available, but then end up asking the employee to purchase gift cards. The subject line is often ‘Quick Request’ and impersonates the Department Chair or an Administrator. Please note that gift card scams have been spotted all over Wyoming.

Chase Bank Account Deactivation Scam Reported by Wyoming Citizen

A scam impersonating Chase Bank from beandjxe@roadrunner.com with the subject line of “Account Alert: JPMorgan Chase & Co., Customer Service” has been reported. This email encourages you to add alerts to your account, but is poorly spelled and has poor punctuation, both clues that it isn’t really JP Morgan/Chase.

New Variation of Amazon Scam Reported by Wyoming Citizen

A new variation of an Amazon impersonation scam has been reported. Like other scams, it says your Prime membership is set to renew and that the card associated with your account is no longer valid. The subject line is AmazonBillingUpdate!! It asks you to click on a link and/or button to update your payment information. The link does not go to Amazon, and instead goes to https://911-324-6523-asd-amazon.com/TmcC7ge

New PayPal Email Scam Reported by Wyoming Citizen

A new PayPal impersonation scam is occurring saying that your PayPal account is temporarily limited because of unusual activity and asks you to log in to confirm your identity and recent account activity. The subject line is Reminder: [Informed Added Ac‎ti‎vi‎ty] Transaction Unusual Update – Thank’s for your a‎d‎d‎re‎s‎s update. The Log In Here button links to a non PayPal website http://trk.klclick3.com…etc. The email says it is from service@intl.paypal.com but is actually from csnoreplyaccserv-37et7c3reb@lukayangdalam.com.

MS-ISAC Apple Products Patch Now Alert

The Multi States Information Sharing and Analysis Center (MS-ISAC) posted an alert about updating software on Apple products affecting the iPhone, iPad, iPod Touch, the Apple Watch, Safari web browser, iCloud, Windows Migration Assistance, and the Apple operating system. Make sure your Apple systems get the update.

Google Alert

Google’s Threat Analysis Group say new ‘hack for hire’ firms impersonating the World Health Organization (WHO) using Gmail Accounts and You Tube Videos. Scams are targeting healthcare medical and healthcare professionals. (reuters.com)

Phone Scams for Stimulus Checks

Because some people have not received their stimulus checks, there is a new phone scam offering to ‘help’ in return for a fee. Please note that these calls are scams and if you want to see what is happening with your stimulus check you can go to the IRS’s website at https://www.irs.gov/coronavirus/get-my-payment.

REAL Texts coming from COVID.survey@census.gov

If you receive a text from the US Census Bureau asking for help understanding the coronavirus impact, it could be real. If the link is https://covid.census.gov, then it is more likely to be legitimate.

YouTube COVID-19 Video Alert

A BBC study (https://www.bbc.com/news/technology-52662348) of YouTube videos concerning COVID-19 found that 25% of the videos contained misleading and inaccurate information. Be skeptical of anything you read online and check sources. (scambusters.org)

Data Breaches in the News

Edison Mail app, EasyJet, Colorado Workforce Services (Pandemic Unemployment Assistance), MNS – Management and Network services (Ohio), Home Chef (meal kit delivery service), District Medical Group (Phoenix), Bank of America Paycheck Protection Program limited applicants, Ohio Department of Job & Family Services (pandemic unemployment), the Florida Department of Economic Opportunity (unemployment system), Mathway, EduCBA, LiveJournal, Arbonne International, Kansas University, Minted, Amtrak Guest Rewards Accounts, and Joomla.