Cyberscams Capitalize on Tragic Events
This article applies to: Security & Policy
Unfortunately, malicious attempts to exploit high-profile events, anniversaries of significant events, emergencies, tragedies, and even major political events, are not uncommon:
- New website domains are registered with keywords that relate to the event, like help, relief, disaster, fund, gift, support the victims, donate to police and fire, rebuilding fund, donations, or country/place names.
- Fake donation websites mimicking legitimate relief and donation organizations, such as the American Red Cross and UNICEF, appear.
- Twitter tweets, Facebook posts, and search engines fill the Internet with fraudulent links created by criminals meaning to capitalize on donations.
- Email spam spikes, with phishing attempts that mimic legitimate organizations.
- Scams ask you to download something to view content (you are more likely downloading a virus or keylogger).
- Scams ask for personal information (name, credit card numbers, etc.), in an attempt to steal your money or identity.
- Fake video footage, circulating on Facebook pages, tries to tempt you into clicking on it, then posts as something you "like" on your wall, thereby spreading itself when others click on it.
- Fake YouTube pages, which request a Flash download, install malware on your computer instead.
- "People search" scams offer to find loved ones for a fee.
- Variants of Nigerian scams offering the "release" of large amounts of money tied up in the affected country's banking system.
How to protect yourself
- Delete any unsolicited emails regarding such tragedies. Do not respond to or forward such emails. See the Phish Bowl for fraudulent email examples seen at Cornell.
- Only donate to trusted organizations that already have established channels to receive donations, and are highly unlikely to create new domains for such purposes, such as the American Red Cross or UNICEF.
- Use trusted news channels for information and video footage of the events.