Skip to main content

Cornell University

Cyberscams Capitalize on Tragic Events

Beware of scams that mention tragic events

This article applies to: Security & Policy

Unfortunately, malicious attempts to exploit high-profile events, anniversaries of significant events, emergencies, tragedies, and even major political events, are not uncommon:

  • New website domains are registered with keywords that relate to the event, like help, relief, disaster, fund, gift, support the victims, donate to police and fire, rebuilding fund, donations, or country/place names.
  • Fake donation websites mimicking legitimate relief and donation organizations, such as the American Red Cross and UNICEF, appear.
  • Twitter tweets, Facebook posts, and search engines fill the Internet with fraudulent links created by criminals meaning to capitalize on donations.
  • Email spam spikes, with phishing attempts that mimic legitimate organizations.
  • Scams ask you to download something to view content (you are more likely downloading a virus or keylogger).
  • Scams ask for personal information (name, credit card numbers, etc.), in an attempt to steal your money or identity.
  • Fake video footage, circulating on Facebook pages, tries to tempt you into clicking on it, then posts as something you "like" on your wall, thereby spreading itself when others click on it.
  • Fake YouTube pages, which request a Flash download, install malware on your computer instead.
  • "People search" scams offer to find loved ones for a fee.
  • Variants of Nigerian scams offering the "release" of large amounts of money tied up in the affected country's banking system.

How to protect yourself

  • Delete any unsolicited emails regarding such tragedies. Do not respond to or forward such emails. See the Phish Bowl for fraudulent email examples seen at Cornell.
  • Only donate to trusted organizations that already have established channels to receive donations, and are highly unlikely to create new domains for such purposes, such as the American Red Cross  or UNICEF.
  • Use trusted news channels for information and video footage of the events.
2024 Update: PhishAlarm, a new faster way to report suspicious email to the IT Security Office, is now available on all Gmail web and Outlook web, desktop, and mobile interfaces.


To share feedback about this page or request support, log in with your NetID

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.