Hurricane Irene Scams: Be Cautious as Cybercriminals Look to Capitalize
As hurricane Irene makes landfall, we once again find ourselves on the brink of a natural disaster triggering millions of people to search the Web and social media channels for news and additional information, both out of necessity, and curiosity. Such events are prime opportunities for scammers and other cybercriminals to line their pockets.
As we’ve seen with other tragic events such as the earthquake and resulting Tsunami in Japan, as sad as it is, these things are a dream for scammers and fraudsters around the world. Tragic events are always something scammers use to their advantage, helping them prey on, and exploit innocent victims.
So, aside from typical precautions to take in the physical world as a hurricane approaches, here are a few things to keep in mind while online both ahead of, and following hurricane Irene.
Popular newsworthy events typically trigger malicious links to spread rapidly across Facebook, similar to what happened following the news of the earthquake in Japan and the killing of Osama Bin Laden. Users should be cautious of links promising remarkably interesting photos, videos and other information about hurricane Irene. It’s common in this situation that when users click on a link, they are brought to a malicious site where they are prompted to accept or download of a file, such as a codec to watch a video, when malware would be installed on the users computer. Such situations could even result in infection via drive by download where users blindly are infected.
Be cautious, and don't assume links and videos posted by friends on social networking sites are safe.
Charity scams have always been a favorite of fraudsters. After Hurricane Katrina, the FBI felt it necessary to issue a warning when over 4,500 web sites appeared, all attempting to collect donations to help hurricane victims. Expect similar scams to start showing up, asking for money to support victims of hurricane Irene. Do your research before making any donation and be cautious of fake sites impersonating other well-known charities such as the American Red Cross.
As I write this, you can be sure that scammers are hard at work, registering new domains and cranking out templates for their fake donation sites. This will be followed with massive volumes of email spam, Tweets through Twitter, and Facebook posts, as scammers gear up to solicit donations from around the world.
Other scams could include “people search” scams offering to find loved ones for a fee.
Search Engine Result Poisoning
While you may be inclined to search the Web for photos or videos of the storm, be cautious and try to navigate directly to reputable online news sources rather than blindly searching the Web. Similar to Facebook scams, cybercriminals typically use very attractive headlines to encourage users to click links and direct them to malware infected Web pages. Cybercriminals have already been at work to "poison" common search results hoping to gain access to people's computers and infect them with malware.
Social Media Networks such as Facebook and Twitter to continue to post a threat to businesses across the board. In 2010, one third of small-to-medium-sized businesses (SMBs) experienced a malware or virus infection via social networks, according to Panda Security’s first annual Social Media Risk Index.
Be smart and use common sense, cybercriminals will do everything they can to take advantage of these events, do your best not to fall into their traps.