Spam and phishing scams try to capitalize on the Hurricane Katrina tragedy. Hurricane Katrina has set off a wave of online phishing and other scams that try to capitalize on the emotional response of Americans to the disaster, security experts warned Friday. The phishing efforts, fraudulent attempts to spoof sites to con users, include emails asking users to donate to victims of Hurricane Katrina by using fake news reports and heart-rending pictures. Money donated in this way does not go to any relief agency and is pocketed by spammers and con artists. We are seeing attempts similar to those we saw after the recent tsunami in Asia where some people do not respect a tragedy and instead try to exploit it, said Scott Petry, vice president of products and engineering at Postini, an enterprise email security and management company. Experts said that phishing attempts usually begin two to three days after a disaster, once public awareness about the event increases and there is widespread coverage of the incident. This makes the timing for the current wave of Katrina-related spam and phishing just right, said Susan Larson, vice president of global threat analysis and research at SurfControl of Scotts Valley, California. Just last night, President Bush brought the former Presidents Clinton and Bush on national television to start the relief campaign, said Ms. Larson. Once the money is flowing and the relief is legitimized, then the scams will prey on these sites, putting up spoofed ones and even trying to compromise the legitimate ones. Spam and phishing attempts in the wake of the Katrina tragedy have increased the demand for Internet domain names that contain references to the disaster. eBay currently lists a number of domain names related to Hurricane Katrina for sale with claims that proceeds will go for relief work. But Johannes Ullrich, chief research officer at Sans Institute, a computer security training and research company, said that more often than not it will be used by online con artists. We have seen an increase in the number of sites registered with the URL relating to Hurricane Katrina in some way, said Mr. Ullrich. A vast majority of this has happened in the last few days. Creative Crooks Online scammers are coming up with some creative ways to dupe users. Sophos, a United Kingdom-based IT security company, has issued a warning about a spam campaign that poses as a news report about Hurricane Katrina. The email entices readers with a fake news story and then asks them to click onto a link to read more. The link takes them to a fake web site that tries to infect their PCs with malware. Sophos says a typical example of this kind of email reads like this: Mississippi Gov. Haley Barbour said Tuesday that Hurricane Katrina killed as many as 80 people in his state, and burst levees in Louisiana flooded New Orleans. Just before daybreak Tuesday, Katrina, now a tropical storm, was 35 miles northeast of Tupelo, Miss., moving north-northeast with winds of 50 mph. Forecasters at the National Hurricane Center said the amount of rainfall has been adjusted downward Monday. Read More.. The Read More link pretends to have a more complete version of the story, but in reality tries to install malicious code to give hackers control of a victims computer, said Sophos. Receiving or reading the emails themselves does not mean you are infected, said Graham Cluley, senior technology consultant for Sophos. But clicking on the link could be dangerous, he said. There are not just attempts to solicit donations using the plight of Hurricane Katrinas victims. Enterprise security company SurfControl said it has seen web sites that foment religious intolerance and use that to ask for donations. We are seeing a lot of hate sites that characterize the disaster as the wrath of God and have asked users to donate to them, said Ms. Larson. This only shows that anytime there is a topical and emotional event it will be used by scammers to trigger people into an immediate response. On the Case FBI spokesperson Paul Bresson said that the phishing attempts and other Katrina-related scams have been noticed by the agency. It has come to our attention that there are some web sites that may be operating under the guise of being legitimate organizations trying to provide relief to victims of Hurricane Katrina, said Mr. Bresson. We are actively looking into tracing the owners of these sites. But until the FBI can accomplish that, security experts said that online users are better off following a few rules. If people want to donate money they should do it through the well-known organizations like the Red Cross or Project Hope, said Postinis Mr. Petry. Mr. Petry also suggested that in the wake of the widespread phishing attempts users should try and mail a check if they want to donate to an organization that they are not familiar with, instead of making an online donation. SANS Institute said those who do wish to donate via the Internet should check the charitys credentials through the IRS web site, which lists all the nonprofit organizations registered with it. For more information and articles visit: http://www.MagazineMillions.com
http://www.LanceGroom.com |
