HACKERS BRIEF from CyberWyoming Please report scams you may experience to phishing@cyberwyoming, org to alert your friends and neighbors. PAYPAL TROUBLE A Laramie resident received a scam email that appeared to come from PayPal, sent from a Gmail address with two different names, Denver Austin and Anna McCoy. The email subject claimed to be an update on a service request, with a reference number (SKK-21279-XFS- DRSJ-66172). It included a vague message stating updates would be sent shortly, along with a suspicious invoice attachment. Notably, the email did not address the recipient by name, using a generic place- holder "[Client's Name]" instead. CyberWyoming Note: Be cautious of emails from unfamiliar sources, especially with generic addresses or vague messages. Never open attachments from unknown senders and verify communication through official channels. FAKE SOCIAL SECURITY NOTICE A Big Horn resident reported receiving a scam email with the subject "Important: Social Security Case Inquiry-WE-604-KF." The email falsely claimed that the recipient's Social Security number was connected to narcotics trafficking and money laundering activities in New Mexico and Texas. It stated that the Social Security number was being canceled due to these illegal activities and included a suspicious attachment, purportedly an official Social Security Administration document. The recipient also reported the scam to the local sheriff's office, which said they would watch out for similar scams and planned to issue a warning to the public. The recipient did not click on any links in the email, recognizing it as a scam. Interestingly, the recipient noted they couldn't block the email since it appeared to come from their own email address. CyberWyoming Note: This email contained several red flags among its preposterous claims, including poor grammar, a sense of urgency, and a request to view it privately, all of which are common tactics used in scams. Never click on suspicious links or open attachments from unfamiliar sources, and always verify such communications directly with official agencies before taking any action. This same scam subject has also been perpetrated via phone calls. FROM STOCKING STUFFERS TO SMUGGLING A nationwide gift card scam, linked to Chinese organized crime, has been uncovered, involving gangs and "mules" across the U.S. The scam finances illegal activities like fentanyl production, human traf- ficking, and smuggling. Criminals hire people ("mules") to shoplift large quantities of gift cards, which are then tampered with, resealed, and returned to store shelves. By the time consumers purchase and attempt to use the cards, the funds are already stolen. This fraud operation has affected multiple states, with significant arrests made, including two Chinese nationals in Burleson, Texas, who were caught with 1,000 stolen gift cards. Authorities warn consumers to inspect gift cards carefully for signs of tampering and suggest using them immediately or transferring funds to digital wallets to avoid being scammed. Brought to you by CBS News https://www.cbsnews.com/ texas/news/buyer-beware-gift-card-fraud-is-now-a-global-crime/ GOOGLE ACCOUNT HELD THE KEYS TO THE CASTLE Scammers can exploit Gmail accounts, which often hold critical in- formation, to steal large sums of money. First, they obtain your email address and phone number. Then, they create a Google Form that sends a fake confirmation message designed to look like a legitimate Google Alert. This email, appearing to come from google.com, warns that your account is being accessed from Germany (or another coun- try) and includes a fake case number. Next, the scammers call you using a spoofed Google Assistant number, impersonating a Google support representative. With your email and phone number, they ini- tiate Google's account recovery process, causing a prompt to appear on your phone asking, "Is it you trying to recover your account?" Since the email and call seem legitimate, victims often click "Yes, it's me," unknowingly granting the scammers full access to their Gmail account. Gmail accounts often act as "keys to the castle" for digital security. In one case, a victim had stored a cryptocurrency wallet's secret phrase in Google Photos and synced their Google Authenticator app to their Gmail. This gave the scammers everything they needed to steal $450,000. This tactic has been used multiple times and requires vigilance. If you didn't initiate an account recovery process, never ap- prove the prompt. Google will never ask you to validate your account this way. Instead, hang up on unsolicited calls, look up the correct contact number, and call back. For additional protection, disable the cloud sync feature on Google Authenticator to unlink it from your Gmail. You could also use a separate, secret Gmail account solely for syncing MFA codes. Brought to you by Krebs on Security krebsonsecurity.com/2024/12/how-to-lose-a-fortune-with-just-one- bad-click/ SERVICE FRAUD PREVENTION Service Fraud Prevention: Fraud cost veterans, service members, and their families $477 million in 2023, according to the latest Federal Trade Commission (FTC) data. Scammers employ vet-focused twists on impersonation scams, investment fraud, and more. Criminals frequently impersonate the VA, often threatening to cut off benefits if you don't provide sensitive personal information or pay bogus fees. They may also contact you about investment opportunities, with low fees or special offers just for veterans. They may also claim to be veterans themselves. The White House along with the VA unveiled new fraud prevention resources for veterans. Visit: Vsafe.gov online or reach out to the new call center at 833-38V-SAFE (833-388-7233). Brought to you by AARP & the FTC BANKS BATTLE A 1,000% SURGE IN DIGITAL SCAMS US banks are facing a surge in digital scams, with social engineering scams increasing 1,000% in the past year, according to BioCatch. These scams trick victims into transferring money by imperson- ating trusted entities. In 2023, JPMorgan Chase, Wells Fargo, and Bank of America customers lost $166 million on Zelle, but 62% of claims were not reimbursed. Zelle's parent company has attempted to address this, but only 44% of imposter seam claims were eligible for reimbursement. The report also notes a rise in AI-driven scams like deepfakes, while check and deposit fraud have tripled. BioCatch calls for better real-time fraud detection. Brought to you by The Daily Hodl VICTIM SUPPORT: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit www.aarp.org/fraud- support to learn more about the free program and register. Hackers Brief from Cyber Wyoming brought to you by FIRST FEDERAL BANK & TRUST 307.674.0464 | www.efirstfederal.bank HACKERS BRIEF from CyberWyoming Please report scams you may experience to phishing @ cyberwyoming , org to alert your friends and neighbors . PAYPAL TROUBLE A Laramie resident received a scam email that appeared to come from PayPal , sent from a Gmail address with two different names , Denver Austin and Anna McCoy . The email subject claimed to be an update on a service request , with a reference number ( SKK - 21279 - XFS- DRSJ - 66172 ) . It included a vague message stating updates would be sent shortly , along with a suspicious invoice attachment . Notably , the email did not address the recipient by name , using a generic place- holder " [ Client's Name ] " instead . CyberWyoming Note : Be cautious of emails from unfamiliar sources , especially with generic addresses or vague messages . Never open attachments from unknown senders and verify communication through official channels . FAKE SOCIAL SECURITY NOTICE A Big Horn resident reported receiving a scam email with the subject " Important : Social Security Case Inquiry - WE - 604 - KF . " The email falsely claimed that the recipient's Social Security number was connected to narcotics trafficking and money laundering activities in New Mexico and Texas . It stated that the Social Security number was being canceled due to these illegal activities and included a suspicious attachment , purportedly an official Social Security Administration document . The recipient also reported the scam to the local sheriff's office , which said they would watch out for similar scams and planned to issue a warning to the public . The recipient did not click on any links in the email , recognizing it as a scam . Interestingly , the recipient noted they couldn't block the email since it appeared to come from their own email address . CyberWyoming Note : This email contained several red flags among its preposterous claims , including poor grammar , a sense of urgency , and a request to view it privately , all of which are common tactics used in scams . Never click on suspicious links or open attachments from unfamiliar sources , and always verify such communications directly with official agencies before taking any action . This same scam subject has also been perpetrated via phone calls . FROM STOCKING STUFFERS TO SMUGGLING A nationwide gift card scam , linked to Chinese organized crime , has been uncovered , involving gangs and " mules " across the U.S. The scam finances illegal activities like fentanyl production , human traf- ficking , and smuggling . Criminals hire people ( " mules " ) to shoplift large quantities of gift cards , which are then tampered with , resealed , and returned to store shelves . By the time consumers purchase and attempt to use the cards , the funds are already stolen . This fraud operation has affected multiple states , with significant arrests made , including two Chinese nationals in Burleson , Texas , who were caught with 1,000 stolen gift cards . Authorities warn consumers to inspect gift cards carefully for signs of tampering and suggest using them immediately or transferring funds to digital wallets to avoid being scammed . Brought to you by CBS News https://www.cbsnews.com/ texas / news / buyer - beware - gift - card - fraud - is - now - a - global - crime / GOOGLE ACCOUNT HELD THE KEYS TO THE CASTLE Scammers can exploit Gmail accounts , which often hold critical in- formation , to steal large sums of money . First , they obtain your email address and phone number . Then , they create a Google Form that sends a fake confirmation message designed to look like a legitimate Google Alert . This email , appearing to come from google.com , warns that your account is being accessed from Germany ( or another coun- try ) and includes a fake case number . Next , the scammers call you using a spoofed Google Assistant number , impersonating a Google support representative . With your email and phone number , they ini- tiate Google's account recovery process , causing a prompt to appear on your phone asking , " Is it you trying to recover your account ? " Since the email and call seem legitimate , victims often click " Yes , it's me , " unknowingly granting the scammers full access to their Gmail account . Gmail accounts often act as " keys to the castle " for digital security . In one case , a victim had stored a cryptocurrency wallet's secret phrase in Google Photos and synced their Google Authenticator app to their Gmail . This gave the scammers everything they needed to steal $ 450,000 . This tactic has been used multiple times and requires vigilance . If you didn't initiate an account recovery process , never ap- prove the prompt . Google will never ask you to validate your account this way . Instead , hang up on unsolicited calls , look up the correct contact number , and call back . For additional protection , disable the cloud sync feature on Google Authenticator to unlink it from your Gmail . You could also use a separate , secret Gmail account solely for syncing MFA codes . Brought to you by Krebs on Security krebsonsecurity.com/2024/12/how-to-lose-a-fortune-with-just-one- bad - click / SERVICE FRAUD PREVENTION Service Fraud Prevention : Fraud cost veterans , service members , and their families $ 477 million in 2023 , according to the latest Federal Trade Commission ( FTC ) data . Scammers employ vet - focused twists on impersonation scams , investment fraud , and more . Criminals frequently impersonate the VA , often threatening to cut off benefits if you don't provide sensitive personal information or pay bogus fees . They may also contact you about investment opportunities , with low fees or special offers just for veterans . They may also claim to be veterans themselves . The White House along with the VA unveiled new fraud prevention resources for veterans . Visit : Vsafe.gov online or reach out to the new call center at 833-38V - SAFE ( 833-388-7233 ) . Brought to you by AARP & the FTC BANKS BATTLE A 1,000 % SURGE IN DIGITAL SCAMS US banks are facing a surge in digital scams , with social engineering scams increasing 1,000 % in the past year , according to BioCatch . These scams trick victims into transferring money by imperson- ating trusted entities . In 2023 , JPMorgan Chase , Wells Fargo , and Bank of America customers lost $ 166 million on Zelle , but 62 % of claims were not reimbursed . Zelle's parent company has attempted to address this , but only 44 % of imposter seam claims were eligible for reimbursement . The report also notes a rise in AI - driven scams like deepfakes , while check and deposit fraud have tripled . BioCatch calls for better real - time fraud detection . Brought to you by The Daily Hodl VICTIM SUPPORT : The AARP Fraud Watch Network and Volunteers of America ( VOA ) created a new , free program to provide emotional support for people impacted by a scam or fraud , called ReST . Visit www.aarp.org/fraud- support to learn more about the free program and register . Hackers Brief from Cyber Wyoming brought to you by FIRST FEDERAL BANK & TRUST 307.674.0464 | www.efirstfederal.bank