Security Experts:

Connect with us

Hi, what are you looking for?



Victimized Twice: Cyber Criminals Target Natural Disasters

In the aftermath of recent fires in California, Spain and Portugal, hurricanes in Texas, Florida, and Puerto Rico, and recent earthquakes in Mexico and on the Iran-Iraq border, there has been a global uptick in the number of phishing scams aimed at stealing personal data and money.

In the aftermath of recent fires in California, Spain and Portugal, hurricanes in Texas, Florida, and Puerto Rico, and recent earthquakes in Mexico and on the Iran-Iraq border, there has been a global uptick in the number of phishing scams aimed at stealing personal data and money. Unfortunately, when disaster strikes cyber criminals are always right behind, ready to apply social engineering techniques to take advantage of both the victims and people wishing to help.

Broken Routines and Urgency Lay the Foundation

In these devastating situations, victims are obviously out of their routines and under pressure. Donors may be viewing the disaster’s impact live on television or on the internet, or even be in communication with friends and family in the area. Both victims and donors have their defenses down.

Using social media, email and even web browser searches, criminals can focus their attacks through every possible channel. Seemingly relevant social media posts on Twitter and Facebook may include malicious URLs that link back to a phishing site. Criminals will even go so far as to set up fake Facebook pages dedicated to supposed victims of natural disasters. The pages may host links to crowdfunding sites where donations can be made (and collected by the criminal); or contain malicious links to phishing and malware sites.

Criminals also send emails containing content on how to offer or receive help during a natural disaster, along with malicious links. Cyren has even found phishing URLs within the results of a Google search on natural disasters. In all these instances, victims click the malicious links and are taken to fake websites the criminals have set up to ostensibly collect donations, where the victim may enter all manner of financial and personal data, from their credit card information to their name, email address, and phone number.

Disaster Warnings — Before and After

In case you missed it, the amount of cybercrime in the wake of all these natural disasters has been growing to such an extent that the US Federal Trade Commission, the Federal Emergency Management Agency, and US-CERT all recently issued alerts on scams associated with recent natural disasters, calling out specific disasters with orientations like “exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Harvey….”

Most recently, as California wine country residents continue to sift through the remains of their homes and businesses, fake crowdfunding sites have appeared soliciting donations from unsuspecting but empathetic contributors. Right on cue, FEMA announced that they’ve detected thousands of fraudulent claims for disaster assistance from scammers impersonating legitimate victims.

Don’t Trust. Verify!

To avoid becoming the victim of a cyber-scam, beyond your automated security, as a first step you should only trust well-known and reputable charitable entities. If you are not familiar with the charity or website address and have no way to verify its authenticity, look for an alternative, better known option for assistance or your donation.

Having said that, relying on the presence of a brand name can also get you into trouble. We pulled a sample of four million phishing URLs and quantified the tendency to spoof well-known websites. Nearly 20 percent of the URLs were for spoofed web sites for just 11 brands. Amazon, eBay, Apple, Google, and Paypal very obviously among them, but also including less obvious payment sites such as ICS Cards and the Canadian Imperial Bank of Commerce. Disaster-related scams follow the same principle.

Which leads to the second step – if you’re going to get or give assistance, avoid clicking on links sent via email or on social media, even if the link appears to reference a well-known charitable organization. You should type the web address (for example, Red Cross or Unicef) directly into your browser.

Nothing Is Sacred

Basically, you need to assume that every natural disaster or public tragedy is being leveraged in a phishing scam somewhere. Phishing is on a dramatic upswing, and in surveys is cited repeatedly by IT managers as one of their top two security concerns (along with ransomware). Over the past 12 months, the number of active, malicious phishing URLs Cyren’s security cloud is monitoring has nearly doubled, from 5.4 million to 10.6 million.

Written By

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack


Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.