Is ConsumerAffairs legitimate? A Las Vegas citizen received two unsolicited emails from ConsumerAffairs listing reviews of home warranties. However, the Better Business Bureau warns that their “reviews” are essentially paid advertising. Consumer protection groups are transparent in how they select products to review and whether there is any conflict of interest. Rather than click the links in a random email, it’s best to do your research and search for legit organizations such as Consumer Reports, Wirecutter, or CNET. 

Protecting children: “Dropped my daughter off at the mall today. She’s growing up so fast.” That might be something you want to share on social media, but you’ve now advertised that your unaccompanied daughter is at the mall. So now you know better, but do your kids? They will post something like “I’m at the mall! No mom for the first time!” They, too, need to be taught to think about the ripple effects of their posts — not to post about people they don’t know, never to share their location, and always tell their parents about messages from strangers (and block them immediately). — Brought to you by The Current Tech News

Escalating threat of check fraud: The prevalence of check fraud is on the rise as thieves employ increasingly sophisticated tactics to steal and manipulate checks, causing significant financial burdens for victims and banks. The black market for stolen checks, known as “glass,” is expanding, with stolen account numbers and identity theft becoming common. Postal workers are targeted and threatened, and stolen mail, including important documents like voter ballots, is discarded after checks are extracted. Thieves can sell your personal checks for $250 each, while washed business checks (everything except your signature are “washed” from the check) now sell for up to $650. Fraudsters offer additional personal information such as Social Security numbers and account balances. What can you do? The U.S. Postal Service advises to use online bill pay, take your checks into the post office to mail, and use gel pens to write your checks. — Brought to you by Axios and Scambusters

Businesses can use referral logs to detect phishing attacks: Web servers have logs that track each visit. Companies can use these logs to analyze traffic to their site to see the keywords used to find the site, which pages were accessed the most, etc. One benefit of these logs is that businesses can use them to preempt an attack because scammers have to ping a site before using links that make their site look more legit. Seeing suspicious activity in the log file can help companies stop the scammers from using their site. Reading these logs is laborious, but there are software apps to help. — Brought to you by Fraudwatch

Timely threat advisories for U.S. businesses: InfraGard is a nonprofit organization that serves as a public/private partnership between the Federal Bureau of Investigation and U.S. businesses. InfraGard provides its members with threat advisories, intelligence bulletins, analytical reports, and vulnerability assessments. Access to these advisories is through a members-only portal that ensures its members are properly vetted prior to them having access to the latest FBI intelligence. You can check it out at infragard.org/. — Brought to you by The National Cybersecurity Society

MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Apple products, ShareFile Storage Zones, MOVEit Transfer. If you use these products, make sure the software (or firmware) is updated.ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Apple products, ShareFile Storage Zones, MOVEit Transfer. If you use these products, make sure the software (or firmware) is updated.

Data Breaches in the News: 3CX, iOttie.

The MOVEit Transfer breach has affected the following organizations, with more to come:

State of Colorado Department of Health Care Policy & Financing

Gen Digital, the parent company of Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, CCleaner

U.S. Federal departments of Energy, Agriculture, Office of Personnel Management

State agencies in Illinois, Missouri, Minnesota, Oregon, Louisiana

Shell Energy

John Hopkins University, University of Georgia, University of Rochester

Note: If you have an account with one of these companies, be sure to change your password and consider placing a credit freeze on your accounts through the three credit reporting agencies: TransUnion, Experian and Equifax.

Please report scams you may experience to phishing@cyberwyoming.org to alert your friends and neighbors.

Other ways to report a scam:

Better Business Bureau Scam Tracker: bbb.org/scamtracker/us/reportscam

Wyoming Attorney General’s Office, Consumer Protection 307-777-6397, 800-438-5799 or ag.consumer@wyo.gov

File a complaint with the Federal Trade Commission at reportfraud.ftc.gov/#/ 

Report your scam to the FBI at ic3.gov/Home/FileComplaint 

Reported unwanted calls to the Federal Trade Commission’s Do Not Call Registration. Online at donotcall.gov/report.html or call 1-888-382-1222, option 3

Office of the Inspector General: oig.ssa.gov/

AARP Fraud Watch Network (any age welcome) Helpline 877-908-3360

IRS: report email scams impersonating the IRS to phishing@irs.gov

Call the Wyoming Senior Medicare Patrol (SMP) for assistance with potential Medicare fraud, abuse, or errors at 1 800 856-4398

Victim Support: The AARP Fraud Watch Network and Volunteers of America (VOA) created a new, free program to provide emotional support for people impacted by a scam or fraud, called ReST. Visit aarp.org/fraudsupport to learn more about the free program and register.