\ Hurricane Charity Frauds Continue to Proliferate
Feature: Page (1) of 1 - 09/07/17

Hurricane Charity Frauds Continue to Proliferate

By Stu Sjouwerman, CEO KnowBe4


Hurricane Harvey hit Texas hard and with it, out came the scammers. The low lifes were expected to exploit the event and even the US-CERT (Computer Emergency Readiness Team) issued an alert warning of potential phishing scams.


The bad guys are using the hurricane disasters to trick people in clicking on links, on Facebook, Twitter and through phishing emails attempting to solicit charitable giving for the flood victims. Here are a few examples:
  • Facebook pages dedicated to victim relief contain links to scam websites.
  • Tweets are going out with links to charitable websites soliciting donations, but in reality, included spam links or links that lead to a malware infection.
  • Phishing emails dropping in a user's inbox asking for donations to #HurricaneHarvey Relief Fund.
Using events like Hurricane Harvey as a platform for a multitude of funky websites to orchestrate clever schemes is not new. Previous disasters have been exploited like this, and the bad guys are going at it again will all guns blazing. Be wary of anything online covering the Hurricane Harvey or Irma disaster in the following weeks.




The latest is another suspicious hurricane relief related email. The email and accompanying website (Harveydisasterrelief.com) look professional, but there is precious little info on who is behind this organization and how the money they collect will be used. Moreover, the domain for the website harveydisasterrelief.com was anonymously registered on 8-25-2017 through Domains by Proxy.

http://whois.domaintools.com/harveydisasterrelief.org

A quick Google search on the domain turns up some search results, but all are from Google's own crawl of the site -- not other sites linking to it. 

https://www.google.com/search?q=%22harveydisasterrelief.org%22&ei=dwevWZD2KsvKmQHYhbvAAw&start=0&sa=N&biw=1536&bih=686

In short, this web site and underlying organization behind it warrant zero trust.


Another example is an email received by KnowBe4 through its Phish Alert Button, a plug in it offers to organizations for no charge.

The From: line indicates the email hails from Info@redcross.us (which does belong to the Red Cross) but the Reply To: points to donations@uymail.com. That domain has been associated with all kinds of online scams:

https://www.google.com/search?q=%22uymail.com%22+scam&oq=%22uymail.com%22+scam&gs_l=psy-ab.3..0i22i10i30k1.17362.17912.0.18750.5.5.0.0.0.0.143.589.0j5.5.0....0...1.1.64.psy-ab..0.5.585...0j0i10i30k1j0i13k1j0i13i10i30k1.fv0mXJlIm60


Strangely, the signature block lists the organization allegedly behind this email as being based in Houston, yet the provided phone number is a (727) number -- Clearwater/St. Petersburg. Also, there is no link included. Apparently, willing dupes are expected to reply to the email or call the number.

With the largest hurricane ever to hit the Atlantic following in Harvey's wake, Irma is sure to generate a plethora of new schemers out to make a buck by taking advantage of generous but uneducated people who may not know how to recognize a realistic phish or social media pitch. Such a scam might also be used to get people to click on a link that could lead to something more harmful. 

Remember, don't feed the fraud and think before you click.

Stu Sjouwerman (pronounced "shower-man") is the founder and CEO of KnowBe4, LLC, which provides web-based Security Awareness Training (employee security education and behavior management) to small and medium-sized enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced security awareness training. KnowBe4 services thousands of customers in a variety of industries, including highly-regulated fields such as healthcare, finance and insurance and is experiencing explosive growth with a surge of 427% in 2013 alone. Sjouwerman is the author of four books, with his latest being Cyberheist: The Biggest Financial Threat Facing American Businesses.

Related Keywords:hurricane charity fraud

Source:Digital Media Online. All Rights Reserved

Our Privacy Policy --- @ Copyright, 2015 Digital Media Online, All Rights Reserved

Webmaster
Privacy.