Cyber scams, old & new

Bluehost Bluff: A resident of Laramie received a suspicious email allegedly from Bluehost, with the subject line “Payment Issues - Please update and use a new method!” Despite the sender’s email address bearing the name “Bluehost,” the recipient immediately recognized that this message was not legitimately from the company. The content of the email claimed an inability to process the recipient’s last payment and urged immediate action to rectify the situation. Additionally, the email conveyed a sense of urgency by warning of potential suspension of access to services if prompt action wasn’t taken, a common tactic employed in scam emails.

CyberWyoming Note: Be cautious of unsolicited emails urging immediate action or containing urgent requests for personal information or payment.

Silent Eavesdroppers: In a recently deleted blog post, Cox Media Group (CMG) admitted to using “Active Listening” technology to gather information from private conversations through smartphones, smart TVs, and other devices. The company, which owns numerous TV and radio stations, utilizes the collected voice data to provide advertisers with a targeted audience. CMG’s technology scans for keywords in conversations and offers advertisers insights into potential customers within a specific radius. So, if you’ve ever wondered why that auto collision advertisement came up after you were talking about a car accident with a friend, now you know that ‘they are listening’. What can you do about it? You can adjust the settings on your devices by following the advice in this Kim Komando article: https://www.komando.com/privacy/stop-smart-devices-from-listening/753004/. While it may not eliminate all issues, it serves as a beginning step.

– Brought to you by The Current

The Push for Enhanced Online Safety for Kids: The latest study from the New York Society for the Prevention of Cruelty to Children (NYSPCC) highlights escalating parental concerns regarding children’s online safety. An overwhelming majority, 82%, worry about children interacting with strangers online, a 10% increase from the previous year. Parents are alarmed about social media’s impact on children’s development (89%), and a new concern arises regarding artificial intelligence, with 77% expressing worries about increased internet safety risks. The survey underscores dissatisfaction with tech companies (76%) and government (73%) efforts to shield children from inappropriate online content, demanding stricter accountability. Furthermore, 75% of parents fear children accessing pornography websites, while monitoring internet activity remains a challenge for many parents, with inadequate control tools reported by 65%. Only about half of parents are aware of the severe internet crime called “sextortion,” emphasizing the need for continuous education to prevent sexual exploitation. Despite confidence in their children reporting online encounters, concerns persist about potential embarrassment or losing internet access. NYSPCC emphasizes ongoing education to mitigate risks and safeguard children against online threats. – Brought to you by PR Newswire

Be Careful With Your Signature: E-signatures are increasingly popular with banks and real estate companies. And with scammers.

Here are a number of red flags that signal a potential e-signature scam.

• An unexpected notification that you have a document to sign when you haven’t asked for one.
• You don’t know the sender. If you don’t recognize the name of whoever sent you a notification, it’s likely a scam.
• The link to review the document takes you somewhere unexpected, often with a name that’s very similar to a genuine e-sign provider. In the case of DocuSign, messages should come only from docusign.com or docusign.net, not any variation of these names.
• At the Cyber Cheyenne 2023 conference on August 17, Maggie Reisman from OneSpan explained that many businesses use the OneSpan digital e-signature software in the background. So, you may receive a request from your bank to sign documents that doesn’t have OneSpan or Docusign on it, but it is secured by OneSpan. If in doubt, call your bank and ask them if they sent you the notification, even if you are expecting an e-signature email!
• The message contains an attachment. DocuSign, which controls more than 80 percent of the electronic signature market, says it never uses attachments. Users have to visit its website to review documents.
• You get a pop-up box after opening an email. Again, the company says it never uses pop-up boxes because they’re not secure.

The message uses an impersonal greeting like “Dear DocuSign Customer” instead of the recipient’s name. - Brought to you by Scambusters

MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Apple products, Apache Struts 2, Atlassian products, Microsoft products, the Backup Migration Plugin for WordPress, and Mozilla Products. If you use these products, make sure the software (or firmware) is updated.

Data Breaches in the News: ESO Solutions, First American Financial Corporation, Ubisoft, Mint Mobile, Xeinadin, Linux SSH servers, Fidelity National Financial, and Panasonic.

Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian, and Equifax.

Please report scams you may experience to [email protected] to alert your friends and neighbors.

Other ways to report a scam:

• Better Business Bureau Scam Tracker: www.bbb.org/scamtracker/us/reportscam
• Wyoming Attorney General’s Office, Consumer Protection
• Email [email protected]
• Complaint form https://attorneygeneral.wyo.gov/law-office-division/consumer-protection-and-antitrust-unit/consumer-complaints
• File a complaint with the Federal Trade Commission at https://reportfraud.ftc.gov/#/
• Get steps to help at https://www.identitytheft.gov/#/Info-Lost-or-Stolen
• Report your scam to the FBI at https://www.ic3.gov/Home/FileComplaint
• Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at https://www.donotcall.gov/report.html or call 1-888-382-1222, option 3
• Office of the Inspector General: https://oig.ssa.gov/
• AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360
• IRS: report email scams impersonating the IRS to [email protected]
• Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398 ?? ??Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraudsupport to learn more about the free program and register.