CHEYENNE, Wyo. — In its third year of collecting scam information, the CyberWyoming Alliance released the annual Wyomingite-reported scam statistics from the Hacker’s Brief, a weekly report of scams that are redacted and posted on Facebook groups, sent via email subscriptions and printed in community-minded newspapers.
The information is collected through firstname.lastname@example.org. Wyomingites self-report text, phone, email, mail and in-person scams to alert their friends, family and neighbors.
Studies show that prior knowledge of a scam reduces the chances of a potential victim engaging with the scammer.
Aligning with national statistics, Wyomingites reported email as the primary method for hackers to contact them, with 665 emails reported in the three years captured by the CyberWyoming Alliance. Phone reports were second at 83 and text messages were third at 33.
The largest category of scam reports, 345, were the Fakes, which are comprised of fake delivery notices, invoices, fraud alerts, offers and purchases. Account and business email compromise was the second largest category at 90.
Despite making headlines in 2022 when scammers were attempting to convince Medicare recipients that their cards were turning to plastic with brown and gold coloring, Medicare fraud was not reported as often by Wyoming citizens.
“Hopefully the lack of Medicare reports by citizens indicates that they can spot that scam, and our communication efforts along with the Wyoming AARP are working,” said Laura Baker, president of the CyberWyoming Alliance.
CyberWyoming Alliance partners with Wyoming AARP to publish scam alerts and send them to two-thirds of the senior centers in the state with the intent of tucking the alerts into delivered meals to seniors.
The most impersonated companies on the list include Amazon, 46; Norton products like Lifelock and antivirus software, 40; PayPal and other online payments, 33; Microsoft, 32; and federal government agencies like the IRS and the Social Security Administration, 29.
However, there was a rash of Geek Squad scams reported in late 2022 and early 2023 that almost tied with government impersonation.
Local Wyoming organizations weren’t immune to being impersonated online, primarily via fake emails.
Six reports included the construction industry, five included churches, five included chambers of commerce or economic development agencies, five included different state agencies and nonprofits and local law enforcement tied at three reports each.
In 2022, for the first time, reports of some individuals being impersonated, like Wyoming board members and CEOs, occurred.
“Because of the uptick in impersonations, it is a good rule of thumb to contact the organization or the individual out of channel to confirm they are really asking you for this information or money,” Baker said. “Businesses should examine their accounts payable processes and ensure that these checks and balances are included in their procedures, which is one of the steps we encourage in Wyoming’s Cybersecurity Competition for Small Business.”
Baker suggests that creating a security-aware culture in the family or business can combat scams and fraud. Creating the culture where “if you see something, say something” applies to online fraud as much as it does to terrorist activity. Families should discuss scams and scam tactics at the dinner table and companies should discuss them at staff meetings.
Erik Huffman, a cybersecurity researcher and cyberpsychologist, has identified 11 individual risk factors for clicking when you shouldn’t.
These include being impulsive, productive, good at social media, open to new experiences, younger, self-motivated, extraverted, agreeable, conscientious, emotionally stable and not inquisitive.
“If you look at Huffman’s individual risk factors, these are the roadmap for developing a security-aware culture. For instance, encouraging questions can reduce risk. In business, cybersecurity is a leadership and employee development issue,” Baker said.
Registration for Wyoming’s Cybersecurity Competition for Small Business ends on May 1. More information can be found on www.cyberwyoming.org/competition.
Now offering up to 35 CLE or CPE credits for completing the program, it is sponsored by community-minded companies and organizations including Campbell County Health, Capitol Communications, Casper College, Cheyenne State Bank, Computer Professionals Unlimited, DigeTekS, EvnTec, Factory IT, First Federal Bank and Trust, Gannett Peak Technical Services, HUB International, IECA, K2 Technologies, PDS, Rocky Mountain Cybersecurity, Sweetwater Technology Services, Team Networks and Wyoming Manufacturing Works.
A grant from the Gula Tech Foundation also made the competition possible.