Wednesday, April 18, 2007

Are Charity Fraudsters (Phishermen and Pharmers) preparing to exploit the Virginia Tech Disaster?

Internet criminals use disasters to get nice people to donate their hard-earned money to them, personally. Recent examples where this occurred have been the Katrina hurricane, Tsunami disaster and London bombings.

According to the Sans Internet Storm Center, we can probably expect the same activity to occur in the wake of the Virginia Tech Disaster.

Here is what they are reporting in their Handler's Diary:
There has been a flurry of domain registrations related to the Virginia Tech tragedy, as reported by GoDaddy and other registrars. While some of these are undoubtedly well-intentioned organizations joining in the outpouring of support for the friends and family of the victims, others are likely to be opportunists who want to cash in on the suffering of others.

Be on the lookout for a rash of spam & phishing coming from these leeches. If you receive a plea for donations, check the organization out closely before opening up your e-gold, Paypal, Visa or other account or providing any personal information. In some cases the phishers may use voice, fax, email and websites to dupe generous and thoughtful victims into disclosing valuable information.
Full diary post (with potential domains being grabbed), here.

As the SANS post aptly points out, giving out any personal, or financial information to one of these fraudsters (leeches) can have more consequences than giving your money away to the wrong place (identity theft).

Here are some investigative (due diligence) resources someone might take advantage of to make sure they are donating their money to a worthy cause:

Better Business Bureau Wise Giving Alliance

Charity Navigator

American Institute for Philanthropy

The Federal Trade Commission (FTC) has some information on how to make sure your money goes to the cause you intend it for, here. Also contained on this page is where you can report fraudulent activity to them, which is highly recommended.

No comments: