02:08 PM
Connect Directly

US-CERT Warns About Phishers Scamming Disaster Donors

Since the earthquake in China last week and the cyclone in Myanmar, cyber criminals have been trying to capitalize on the tragedies, officials say.

The United States Computer Emergency Readiness Team (US-CERT) on Monday warned computer users to be wary of phishing scams related to recent natural disasters in China and Myanmar.

"Phishing scams may appear as requests for donations from a charitable organization asking users to click on a link that will take them to a fraudulent website that appears to be a legitimate charity," US-CERT said. "The users are then asked to provide personal information that can further expose them to future compromises."

Since the earthquake in China last week, cyber criminals have been trying to capitalize on the tragedy. The official Red Cross Web site in China was recently hacked in order to steal donations, according to a Chinese news report translated by Scott J. Henderson, who runs a blog called The Dark Visitor. And on Monday, Websense Security Lab reported about a phishing site that "poses as a representative of the Red Cross and provides multiple bank account numbers for donors to wire their donations to."

Jim Clausing, a security researcher at the SANS Institute's Internet Storm Center, observed on Saturday that scammers have been setting up fake sites to collect donations for years.

"Ever since Hurricane Katrina back in 2005, we've seen after every significant natural disaster, the scammers start registering domains and try to collect donations," he wrote in a blog post. "The last two weeks have seen Cyclone Nargis hit Myanmar and then the big earthquake in China and as expected, we've seen registration of domains related to those disasters."

Coincidentally, on Monday, the U.S. Department of Justice charged 38 individuals in the United States and Romania with computer and credit card fraud. Those charged are alleged to have participated in a variety of phishing and 'smishing' -- phishing via SMS -- schemes.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-09-19
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."

Published: 2014-09-19
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Enterprise 6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, or (3) Subject header or (4) body in an SMTP e-mail message.

Published: 2014-09-19
Cross-site scripting (XSS) vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Published: 2014-09-19
QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.

Published: 2014-09-19
Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) 3.6.x before 3.6.1 allows remote attackers to cause a denial of service (crash) via an unknown sequence of malformed packets.

Best of the Web
Dark Reading Radio