Warnings against »disaster scammers« in the wake of hurricane Sandy

Every major disaster in the recent years like the Indian ocean tsunamis, hurricane Katrina, the Haiti earthquake and the the Japanese earthquake and nuclear disaster has attracted the attention of the lowest form of cybercriminals, the so called “disaster scammers” – people who try to make a profit on either those already victims of the disaster or those trying to help them out. Several US officials and even the FBI have already issued warnings to people about various forms of scams they could become victims of. Among the more common loansharks, fake builders or water-damaged car salesmen, a special mention also went to online scams.

Online, people are mainly targeted through

  1. “Shocking disaster news” or photos, messages or emails with links supposedly leading to yet unseen disaster footage, which usually direct to survey scams or infected drive-by malware download sites
  2. Search engine optimisation, since cybercriminals know people will use search engines to look for news on the topic, they will fill their malicious sites with buzzwords such as “Sandy”, “hurricane”, etc, to lure visitors to their sites, where they can get infected with drive-by malware.
  3. Through fake charities, donation sites, letters from disaster-stricken people, etc.

As an English speaking country, Ireland has been on the receiving end of these scammers in the past, so we expect it to receive its share of related spam this time around as well. Here’s some advice to prevent getting scammed (mostly courtesy of FBI):

  • Do not click on social media and email “shocking news” or “shocking video” links.
  • Do not go to untrusted websites for news.
  • Do not respond to any unsolicited (spam) e-mails, including clicking links contained within those messages because they may contain viruses.
  • Be sceptical of individuals representing themselves as surviving victims or officials asking for donations via e-mail or social networking sites.
  • Beware of organisations with names similar to but not exactly the same as those of reputable charities.
  • Be cautious of e-mails that claim to show pictures of the disaster areas in attached files, because the files may contain viruses. Only open attachments from known senders.
  • To ensure contributions are received and used for intended purposes, make contributions directly to known organisations rather than relying on others to make the donation on your behalf.
  • Do not be pressured into making contributions, as reputable charities do not use such tactics.
  • Do not give your personal or financial information to anyone who solicits contributions. Providing such information may compromise your identity and make you vulnerable to identity theft.
  • Avoid cash donations if possible. Pay by debit or credit card, or write a check directly to the charity. Do not make checks payable to individuals.
  • Legitimate charities do not normally solicit donations via money transfer services.

Stay safe and think before you click!

6 Responses to Warnings against »disaster scammers« in the wake of hurricane Sandy

  1. Pingback: Windows 8: there’s more to security than the Operating System | ESET ThreatBlog

  2. Pingback: Point2Security - Hailey Lynne McKeefry - Hurricane Sandy Creates Phishing Hole

  3. Pingback: IT Secure Site » Blog Archive » Windows 8: there’s more to security than the Operating System

  4. Pingback: Windows 8: there’s more to security than the Operating System

  5. Pingback: Monthly Threat Report: November 2012 « esetireland

  6. Pingback: SOME DETAILS ABOUT SCAM TECHNIQUES « sohommajumder

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 65 other followers

%d bloggers like this: