View Full Version : Disaster brings fakes, scams, malware pushed by hacks ...

2008-06-13, 20:34

Floods: More of the same...
- http://isc.sans.org/diary.html?storyid=4570
Last Updated: 2008-06-13 16:23:41 UTC - "As expected, we do see a number of domain name registrations referencing the floods and tornados in Iowa. At this point, we haven't seen any obvious donation scams. Most of the domains are just parked, others offer news summaries and appear to try to make some money with Google ads. Please let us know if you run into any scams. As usual, please donate to reputable organizations. Try to avoid organizations you never heard before. The IRS offers a database of tax exempt charities here:
* http://www.irs.gov/charities/article/0,,id=96136,00.html


2010-01-13, 20:38

Haiti earthquake domains...
- http://isc.sans.org/diary.html?storyid=7978
Last Updated: 2010-01-13 14:37:22 UTC - "While we, at the ISC, do not assume that the domains being registered are malicious in nature in any way, we always take note of domains being registered near a disaster. Simply from people parking the domains. However, inevitably, some of these domains wind up being malicious in nature, and while we don't assume that all of them will be, it does happen, and it's unfortunate that spammers and phishers prey on people attempting to provide relief for those in need. Especially during such a devastating disaster as this was. As I said, we are already seeing a bunch of domains being parked in relation to the Haiti disaster, and we are going to attempt to keep an eye on them all to warn our readers of anything possibly misaligned."

- http://www.fbi.gov/pressrel/pressrel10/earthquake011310.htm
January 13, 2010

> http://www.nytimes.com/2010/01/14/world/americas/14haiti.html?ref=world
January 13, 2010
> http://www.nytimes.com/slideshow/2010/01/13/world/20100113-HAITIQUAKE_index.html


2011-03-12, 00:09

Disaster brings fakes, scams, malware pushed by hacks ...
- http://isc.sans.edu/diary.html?storyid=10537
Last Updated: 2011-03-11 13:29:49 UTC - "There will probably be some emails scams and malware circulating regarding the recent Japanese earthquake that occurred overnight...
Be aware of:
Fraudulent Organizations: If possible, donate to organizations you know and trust, not to new organizations just set up for this particular event. The IRS maintains a list of tax exempt charitable organizations*. This list is not 100% up to date, and it takes a while for a new organization to be added. But it can serve as a first sanity check.
Malware: Malware may be advertised as a video report of the event or come under other pretenses..."

* IRS online charities search can be found here: http://www.irs.gov/app/pub-78/

> http://blog.trendmicro.com/most-recent-earthquake-in-japan-searches-lead-to-fakea/

> http://www.f-secure.com/weblog/archives/00002119.html

> http://www.us-cert.gov/current/#japan_earthquake_and_tsunami_disaster

:sad: :mad:

2011-05-17, 00:31

Disaster brings Scams, Fake AV, and Phishing attacks...
- http://www.us-cert.gov/current/#mississippi_flooding_disaster_email_scams
May 16, 2011 - "Users should be aware of potential email scams, fake antivirus, and phishing attacks regarding the Mississippi flooding disaster. Email scams may contain links or attachments that may direct users to phishing or malicious websites. Fake antivirus attacks may come in the form of pop-ups that flash security warnings and ask the user for credit card information. Phishing emails and websites requesting donations for bogus charitable organizations commonly appear after these types of natural disasters..."