Hurricane Harvey: Yet Again, Cyber Criminals Exploit Your Generosity
6 September 2017 10:26
Disasters are known to breed scammers, and with both Hurricane Harvey and Hurrican Irma, there’s no exception. Phishing emails and fake social media accounts have, unsurprisingly, been the weapon of choice - all targeting the generous donations of the public.
A cyber criminal's tendency to profit from disasters
When the terrible images came through of the horrendous damage Hurricane Harvey was inflicting on the poor resident of Texas, many of us were left with a great sense of sympathy and helplessness. But, there’s a certain breed of humanity that sees these terrible disasters as a window of opportunity...
Cyber criminals are rightfully seen as the looters of the internet, capitalising on the open hearts and open wallets of the generous public. This can especially be applied to the case for phishing criminals - and they’ve proven it yet again.
How they’re targeting Hurricane Harvey
When the seemingly endless rain showered over Texas, scammers looked to exploit the generosity of donations through the use of fraudulent emails… something that, unfortunately, is far from innovative.
These phishing emails would seem clearly malicious to most professionals within the IT world, containing suspicious links and attachments aiming to redirect us towards malware-plagued sites. But, to the majority of the public, these can seem legitimate enough to act upon.
(Similar read: The Real Reason Phishing Attacks Are So Successful)
Fake social media accounts
Perhaps a slightly more innovative approach these scammers are using is with the use of social media accounts. A host of suspicious Facebook profiles and personas were reported by Fortune just a few days into the disasters.
The red flags raised consisted of apparent ‘charities’ with unverified accounts, a small number of followers, no links to accredited charities, and no means of determining where the proceeds were actually going.
Further to that, Facebook pages supposedly dedicated to victim relief that contains links to malicious websites, tweets with links that claim to lead to charitable websites (but are actually spam links or lead to a malware infection), and phishing emails asking for donations to a “#HurricaneHarvey Relief Fund.
(Similar read: Donald Trump: The Social Media Security Risk)
How you can avoid the scam
- Review the Federal Trade Commission’s information on Wise Giving in the Wake of Hurricane Harvey;
- Be cautious when opening email attachments;
- Keep antivirus and other computer software up-to-date;
- Verify the legitimacy of any email solicitation by contacting the charity directly through a trusted contact number.