Beware of Haiti-Themed Scams and Attacks!
Our thoughts and prayers go out to all those affected by the tragedy in Haiti. To make matters worse, as is often the case with any incident that captures the attention of the multitudes, cyber-crooks are doing all they can to take advantage of the unsuspecting web browser looking for information of ways to help.
There are a large number of domains being registered and parked relating to the disaster. Not all of these are malicious naturally however if we learned anything from Hurricane Katrina, this is a precedent to cynical scams attempted to exploit the generosity of the unsuspecting. Scammers use a variety of means to drive traffic including promoting on social networks like Twitter, Facebook and MySpace, paid advertising, and search engine manipulation. Security Research Firm Websense reported that search terms relating to the earthquake are leading to a rouge anti-virus program. Since you should already have anti-virus software installed, updated and running on your computer, cancel out of any suspicious alerts and run a scan using your own anti-virus software. A video demonstrating search engine manipulation can be found here. Once on the site, attackers may also tempt users to download malware in the guise of video reports about the disaster.
Those looking to make donations will be well-advised to go directly to the web site of the International Federation of Red Cross and Red Crescent Societies. The FBI has also posted an alert warning of possible charity donation scams. The IRS also maintain a list of tax exempt charitable organizations. This can serve as a check as well.
|
About William: William McBorrough is co-founder and President at Washington, DC based Information Technology and Assurance Services Firm Secure Intervention, where he specializes in Security Assessments, Compliance Readiness, IT and Security Management and Cloud Computing Security for both public and private sector enterprises. He is also an Adjunct College Professor teaching Systems Architecture, Networking, Network Attacks and Defense, and Security Program Development courses. He holds CISSP, CISA, and CEH certifications and is pursuing a Phd in Information Technology with a concentration in Information Security and Assurance. |
Related posts:
- Beware of Chile Earthquake Scams
An 8.8 magnitude earthquake struck Santiago, Chile in the early hours of February 27th. Tsunami warnings, encompassing most of the Pacific Ocean, soon followed. These types of breaking news... - Another fake security software alert
I”ve previously warned of fake security software or scareware. Here’s a second helping. Beware of the following: XP Security Tool 2010 is a rogue virus protection program. It reports false... - If Microsoft can do it, why not McAfee?
Yesterday, a faulty McAfee anti-virus update labeled a critical Microsoft system file as a “virus” causing hundreds of thousands of computers around the world with Windows XP Service Pack 3... - Fake Security Software pose great risk
Desktop Security 2010 is the proverbial wolf in sheep’s clothing. It is a fake anti-spyware application that is promoted and installed through the use of malware , usually Trojan viruses....
[...] This post was mentioned on Twitter by William McBorrough, William McBorrough. William McBorrough said: Published: Beware of Haiti-Theme Scams and Attacks! @ http://bit.ly/6ZTHem [...]
Great post William. It's a terrible shame that it is necessary to be cautious when responding to pleas for help, but we should be mindful that in today's society there are those who have sunk so low as to take advantage of people's generosity in the wake of such destruction and loss. The FBI wasted no time in advising people to exercise caution when responding to e-mail requests for help.
Quite Right, John. In the middle of my class tonight I received one such email and took the opportunity to advise my students of the dangers you mentioned. Thanks for the comment.