Today’s tragic events of the 8.9 magnitude earthquake and resulting Tsunami, as sad as it is, is a dream for scammers and fraudsters around the world. Tragic events are always something scammers use to their advantage, helping them prey on and exploit innocent victims.
Charity scams have always been a favorite of fraudsters. After Hurricane Katrina, the FBI felt it necessary to issue a warning when over 4,500 web sites appeared, all attempting to collect donations to help hurricane victims.
The tragic earthquake that struck Haiti in January proved to be an incredible opportunity for scams. Millions of dollars were raised in relief efforts for one of the most deadly natural disasters of all time. Unfortunately, millions of dollars also ended up in the pockets of scammers. After the quake, fraudulent charity sites were up and running almost instantly, some appearing as new charities created for the Haiti earthquake, and some “fake” sites impersonating other well-known charities such as the American Red Cross.
Other scams surrounding the Haiti earthquake included phishing and malware scams as well as “people search” scams offering to find loved ones for a fee. Variants of the Nigerian scam regarding the “release” of large amounts of money tied up in Haiti in the wake of the devastation were also seen.
Scams are already spreading across Facebook, which started in a matter of minutes after the news broke of the earthquake in Japan. As I write this, scammers are hard at work, registering new domains and cranking out templates for their fake donation sites. This will be followed with massive volumes of email spam, Tweets through Twitter, and Facebook posts, as scammers gear up to solicit donations from around the world. Users also need to be aware that cybercriminals also use these events to help spread malware, via malicious links via spam, twitter and other fake Web sites.
Trend Micro noted that its researchers saw blackhat SEO attacks almost immediately after news of the earthquake broke. “One of the active sites that we saw used the keyword “most recent earthquake in Japan” and led to FAKEAV variants we currently detect as Mal_FakeAV-25,” Trend Micro noted in a blog post.