02:48 PM
Connect Directly

Government Cracks Down On Online Disaster Scammers

One case brought by the Hurricane Katrina Task force last November resulted in sentences of more than eight and nine years for two brothers who operated a fraudulent Web site.

More than 900 people who aimed to defraud disaster victims and their would-be benefactors have been swept up in a storm of litigation.

On Wednesday, the Hurricane Katrina Task Force, set up in September 2005 to fight disaster-related fraud, said that it had filed federal charges against 907 individuals in 43 federal judicial districts since its inception.

"Whenever a natural disaster strikes, there will always be unscrupulous people willing to take advantage of victim assistance and rebuilding efforts," said Matthew Friedrich, acting assistant attorney general for the Justice Department's Criminal Division and chair of the task force, in a statement. "Those who would try to profit from the misfortunes of disaster victims should know that the Department of Justice, federal investigative agencies, and inspectors general will continue their aggressive pursuit of disaster fraud."

One case brought by the Hurricane Katrina Task force last November resulted in sentences of more than eight and nine years for two brothers who operated a Web site that fraudulently claimed to be collecting money for Hurricane Katrina victims on behalf of the Salvation Army. According to the Department of Justice, the two brothers registered "Salvationarmyonline.org" on Sept. 3, 2005, less than a week after Hurricane Katrina swept through New Orleans. Their Web site directed visitors to donate through PayPal, and the brothers collected more than $48,000 for victims of Hurricane Katrina, and later Hurricane Rita, before authorities shut the scam down.

Cyber squatting -- the registration of domain names lawfully associated with other entities -- rose 38% in the second quarter of 2008, compared with the same period last year, according to MarkMonitor, a company that monitors brand abuse.

In July, the Internet Crime Complaint Center (IC3), a joint project operated by the FBI and the National White Collar Crime Center, warned that spate of disasters in May and June -- tornadoes, wildfires, and flood -- was likely to bring out scammers.

"Tragic incidents, such as 9/11, Hurricanes Katrina and Rita, and the recent earthquake in China, have prompted individuals with criminal intent to solicit contributions purportedly for a charitable organization and/or a good cause," IC3 said.

IC3 advises not responding to spam e-mail or clicking on links in unsolicited messages, not opening attached files from unknown senders, contributing directly to known organizations rather than through third parties claiming to represent such organizations, attempting to verify the legitimacy of charitable organizations, and refusing to supply sensitive personal or financial information to anyone soliciting donations.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Steve Morgan, Founder & CEO, Cybersecurity Ventures,  12/11/2017
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Gee, these virtual reality goggles work great!!! 
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.