|
|
 |
Natural disasters create windfall
opportunities for online fraudstersby Alan Zisman (c) 2011 First published in Business in Vancouver April 19-25, 2011 issue #1121 High Tech Office columnDisasters such as the recent earthquake, tsunami and nuclear crisis in Japan can bring out the best in people, as folks worldwide try to help the victims of the tragedy. Unfortunately, disasters can also provide opportunities for scammers hoping to take advantage of others’ generosity. And the ease of online giving has provided new and improved online disaster scams. Online disaster scams came of age following 2005’s Hurricane Katrina. Many people received emails either claiming to be from hurricane victims or mimicking the look of well-known charities. As email spam filters have become increasingly effective, these sorts of messages are less likely to appear in users’ inboxes, though an email falsely claiming to be from UNICEF asking for money for Japan relief is currently circulating. In addition, quickly following up on Japan’s disasters, scores of web domain names have been registered that include phrases such as “Japan relief” or “tsunami” or use common misspellings of legitimate relief organization names. The hope is to attract web searchers looking for ways to help. Forbes magazine reported that domain names such as www.redcrossjapan.com and www.japanshelp.com had been registered by a Pittsburgh resident who admitted to the magazine that he had neither connection with the Red Cross nor any experience in international relief. Following the recent New Zealand earthquake, sites mimicked PayPal and the Red Cross soliciting donations. Not all of these sites are fraudulently collecting money; some include links to legitimate relief organizations while earning money through online advertising. Malware authors have gotten into the act. A recent blog by security company Trend Micro showed that web searches such as “most recent earthquake in Japan” offered what appeared to be news articles. Instead, web surfers got a “virus alert” that installed malware known as FAKEAV. Trend Micro noted that the same malware had installed itself along with bogus news reports of recent Moscow subway bombings and more. (Ignore all security popups unless they are clearly from software that you know is installed on your computer.) Facebook pages – some appearing within minutes of the first reports of the earthquake – have also been used to lure people to malicious websites, while posting links to the sites on the victim’s firewall. Antivirus provider Sophos has reported about fake YouTube pages promising raw CNN footage that instead lead to online surveys. Sophos warns users that if they enter a mobile phone number in these surveys they should check for bogus charges appearing on subsequent bills. In general: don’t donate in response to email messages, online discussion forums or links on web pages or social networking sites; even links appearing to be to well-known organizations can be spoofed. (Let your mouse hover over a link to show the real target.) Remember – even email messages that appear to be from people or organizations you know might be spoofed; when in doubt, confirm them first. Don’t respond to messages appearing to be directly from victims. (How did they get your address?) For news, video clips and the link, start at the source – www.cbc.ca, www.cnn.com, www.biv.com, www.youtube.com – and search from there. Similarly, to make a donation to an organization, go to the organization’s web address directly. If you’re not sure of the web address for a news organization or your preferred charity, a search engine is your best friend. A Google search for “Canadian Red Cross,” for instance, shows the address to be www.redcross.ca. (Watch out for misspellings!) When you get to an online page to enter a credit card number, check that the address starts with the encrypted “https” not the more common (and insecure) “http” (for online purchases as well as charitable donations). Finally, charity scams aren’t all high tech. Phone calls and door-to-door soliciting can also be used to take advantage of your desire to help.
|
 |
|