Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Haiti Earthquake: Possible scams / malware InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Haiti Earthquake: Possible scams / malware

Published: 2010-01-12
Last Updated: 2010-01-13 00:08:30 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

Major news organizations reported earlier about a devastating earthquake in Haiti. Unlike the smaller earthquake a few days ago off the coast of California, Internet routing isn't our biggest concern right now. We may see another wave of on-line donation scams.

During Hurricane Katrina, we saw a lot of domains being registered with domain names targeting the disaster. Since then, the pattern in these schemes changes somewhat. Instead of domain registrations, we see more paid search engine placement ads and twitter "tag" poisoning. I just took a quick look, and didn't see anything obviously illegal. Just a few valid charities advertising their services to donors via modern social media techniques and keyword purchases.

Be aware off:

Fraudulent Organizations: If possible, donate to organizations you know and trust, not to new organizations just set up for this particular event. The IRS maintains a list of tax exempt charitable organizations [1]. This list is not 100% up to date, and it takes a while for a new organization to be added. But it can serve as a first sanity check.

Malware: Malware may be advertised as a video report of the event or come under other pretenses.
 

Please let us know if you come across any scams!

[1] http://www.irs.gov/app/pub-78/

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: earthquake haiti
0 comment(s)
Diary Archives