informa
/
Risk
Commentary

Hackers Now Preying on Your Sympathy

When tragedy strikes, small and medium businesses as well as individuals often reach into their pockets and help. Unfortunately, that willingness to offer assistance to others in their time of need is turning them into fodder for hackers.
When tragedy strikes, small and medium businesses as well as individuals often reach into their pockets and help. Unfortunately, that willingness to offer assistance to others in their time of need is turning them into fodder for hackers.In the aftermath of the Southern California wildfire tragedy, the Internal Revenue Service warned businesses about a scam scam that hackers had quickly concocted. The email ruse urges recipients to click on a link, which then opens what appears to be the IRS Web site. An item on the Web site urges donations and includes a link where individuals can make a donation. In an effort to appear legitimate, the bogus e-mail includes text from an actual speech about the wildfires by a member of the California Assembly.

Such tricks are disturbing on a number of levels. First, what twisted mind would think of such a scam? In California, thousands of people were losing their homes and crooks see it as a good time to line their pockets. Sounds pretty sick.

The level of intelligence exhibited underscores the challenges in combating hackers. They are at least paying attention to the news and understood that many would be touched by the crisis. Also adding text from a legitimate source talking about the fires to the email would make it seem more authentic. In sum, this ploy seems like a well thought hoax, one providing a good opportunity for a quick, easy, and potentially lucrative score.

We are about to enter the holiday season, which is a time that many feel thankful for all that they have received. This festive feeling often leads to companies being in a giving mood. During this season, small and medium companies need to be on guard against electronic submissions, especially those focused on national or local tragedies. Chances are good that hackers are on the other end of such solicitations.

Does your company give to any charities online? How secure do you think the process is? What steps do you take to avoid being scammed?

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5