1 Comment

Cybercriminals Move Quickly To Capitalize On Haitian Disaster Relief Efforts

Today, I want to call attention to a very important article from ZDNet.  ZDNet is reporting that cybercriminals have “mobilized quickly” to capitalize on the Haitian earthquake disaster.  They are doing this in at least a couple of ways you should know about:

Rogue, Anti-Virus Software Downloads, or “Scareware”

First, cybercriminals have already unleashed several hundred compromised domains with “blackhat SEO (search engine optimization).”  These domains work like this:  when a user runs a search on some common terms one might associate with a certain thing (in this case, the Haitian earthquake), they are re-directed to a rogue anti-virus program.  These sites are already appearing in the first 10 search results on Google, so everyone should exercise the utmost caution.  Once re-directed, you will be subjected to very aggressive software attempting to get you to purchase the rogue anti-virus program.  The FBI has estimated that this scam has already cost consumers $150 million, and that an estimated 40 million people worldwide fall victim to rogue, anti-virus scams. You can link to an article discussing the FBI’s report here.

Moreover, in this case, the scam is particularly egregious inasmuch as it detours a well-intentioned individual from contributing to a worthy cause.  The cost to the disaster relief efforts by these tactics is inestimable.

ZDNet recommends that one of the best protections against these rogue sites is NoScript.  NoScript is a free, open source application that works with Firefox, Flock, Sea Monkey, and other Mozilla-based browsers by blocking certain types of applications from running except by a trusted web site of your choice.  If you are a user of the browsers just mentioned, you might want to look into NoScript.

If you are not a user of a Mozilla-based browser, and you find yourself faced with an anti-virus software program when you were looking for ways to donate to the Haitian disaster relief effort, exercise some diligence because you may be falling victim to the scam referred to here.

Impersonating Legitimate Donation Sites

The second tactic is for cybercriminals to simply impersonate an otherwise legitimate donation source.  As reported by ZDNet, and according to Symantec, “spam campaigns impersonating the British Red Cross are already in circulation, requesting Western Union payments to support the victims of the earthquake.”  These fake sites will often look very much like the authentic site, so again, exercise caution.  It’s not a new scam idea, but it is still effective.

Please take a moment to check out the ZDNet articles mentioned here.  Their January 14, 2010 article includes tips from the FBI to avoid being a victim of cybercriminals.  Another article, which you can link here, is entitled “The Ultimate Guide to Scareware Protection,” and includes many screenshots of rogue anti-virus sites that you can review to get a sense of the way cybercriminals use these sites to pull off their scams.

If you are looking for a legitimate link to a donation site, the you may want to check out the link here to Oxfam.  While I have no affiliation with Oxfam, as I was writing this article, I received a tweet on Twitter from former Vice President Al Gore (whom I follow) asking everyone to donate to the disaster relief efforts.  I followed the link and it is the legitimate Oxfam site, online donation form, with appropriate security.

Finally, I also urge you to share this information with your clients to protect their financial information and their assets.  Remember, they are victimized by cybercriminals, too, and often they don’t even realize it has happened at first.  Trust me, they will appreciate your concern for their privacy and their financial well-being.

Reblog this post [with Zemanta]

One comment on “Cybercriminals Move Quickly To Capitalize On Haitian Disaster Relief Efforts

  1. […] the legitimate Oxfam site, online donation form, with appropriate security.cyberesq.wordpress.com, Cyber-Esq., Jan […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: