It doesn't take long for cybercriminals to exploit the latest human tragedy, according to SC Magazine.
The SANS Institute, a computer security training, certification, and research firm, noted a flurry of domain-name registrations related to hurricanes Gustav and Hanna. (You can view the list of those recently registered here, here, here, and here.) After hurricanes Katrina and Rita wrought destruction along the Gulf Coast, an onslaught of domains were registered for relief efforts, many of which proved to be malicious.
Marcus H. Sachs, director of SANS Storm Center, cautions donors to be on guard for phishing and spoofing scams. "Many of the domain names being registered are legitimate and are redirecting to sites that support law-abiding charities," he wrote on SANS Diary blog. " Unfortunately though, many more are either parked in a "for sale" status, or are associated with IP addresses known to host malicious software, spyware, or other hazardous content."
To better equip those that want to donate to hurricane relief efforts, the U.S. Computer Emergency Readiness Team provides this checklist to view before giving money online.
Users are encouraged to take the following measures to protect themselves from this type of phishing scam:
- Do not follow unsolicited Web links received in email messages.
- Review the Federal Trade Commission's Charity Checklist.
- Verify the legitimacy of the e-mail by contacting the organization directly through a trusted contact number. Trusted contact information can be found on the Better Business Bureau National Charity Report Index.