|Natural disasters create windfall
opportunities for online fraudsters
by Alan Zisman (c) 2011
published in Business in Vancouver April 19-25, 2011 issue #1121 High
Disasters such as the recent earthquake, tsunami and nuclear crisis in
Japan can bring out the best in people, as folks worldwide try to help
the victims of the tragedy.
Unfortunately, disasters can also provide opportunities for scammers
hoping to take advantage of others’ generosity. And the ease of online
giving has provided new and improved online disaster scams.
Online disaster scams came of age following 2005’s Hurricane Katrina.
Many people received emails either claiming to be from hurricane
victims or mimicking the look of well-known charities. As email spam
filters have become increasingly effective, these sorts of messages are
less likely to appear in users’ inboxes, though an email falsely
claiming to be from UNICEF asking for money for Japan relief is
In addition, quickly following up on Japan’s disasters, scores of web
domain names have been registered that include phrases such as “Japan
relief” or “tsunami” or use common misspellings of legitimate relief
organization names. The hope is to attract web searchers looking for
ways to help.
Forbes magazine reported that domain names such as
www.redcrossjapan.com and www.japanshelp.com had been registered by a
Pittsburgh resident who admitted to the magazine that he had neither
connection with the Red Cross nor any experience in international
relief. Following the recent New Zealand earthquake, sites mimicked
PayPal and the Red Cross soliciting donations.
Not all of these sites are fraudulently collecting money; some include
links to legitimate relief organizations while earning money through
Malware authors have gotten into the act. A recent blog by security
company Trend Micro showed that web searches such as “most recent
earthquake in Japan” offered what appeared to be news articles.
Instead, web surfers got a “virus alert” that installed malware known
as FAKEAV. Trend Micro noted that the same malware had installed itself
along with bogus news reports of recent Moscow subway bombings and
more. (Ignore all security popups unless they are clearly from software
that you know is installed on your computer.)
Facebook pages – some appearing within minutes of the first reports of
the earthquake – have also been used to lure people to malicious
websites, while posting links to the sites on the victim’s firewall.
Antivirus provider Sophos has reported about fake YouTube pages
promising raw CNN footage that instead lead to online surveys. Sophos
warns users that if they enter a mobile phone number in these surveys
they should check for bogus charges appearing on subsequent bills.
In general: don’t donate in response to email messages, online
discussion forums or links on web pages or social networking sites;
even links appearing to be to well-known organizations can be spoofed.
(Let your mouse hover over a link to show the real target.)
Remember – even email messages that appear to be from people or
organizations you know might be spoofed; when in doubt, confirm them
Don’t respond to messages appearing to be directly from victims. (How
did they get your address?)
For news, video clips and the link, start at the source – www.cbc.ca,
www.cnn.com, www.biv.com, www.youtube.com – and search from there.
Similarly, to make a donation to an organization, go to the
organization’s web address directly. If you’re not sure of the web
address for a news organization or your preferred charity, a search
engine is your best friend. A Google search for “Canadian Red Cross,”
for instance, shows the address to be www.redcross.ca. (Watch out for
When you get to an online page to enter a credit card number, check
that the address starts with the encrypted “https” not the more common
(and insecure) “http” (for online purchases as well as charitable
Finally, charity scams aren’t all high tech. Phone calls and
door-to-door soliciting can also be used to take advantage of your
desire to help.