Feeds

Fraudsters target disaster searches again

The usual scumbag sucker-punch

  • alert
  • submit to reddit

The Essential Guide to IT Transformation

Adding to the public’s growing disaster fatigue following the Japan and New Zealand earthquakes, online fraudsters have been prolific in attempts to try and scam charity donors.

According to Symantec’s April report, phishers have been trying to take advantage of the situation in Japan and New Zealand by creating fake donation sites and sending spam donation emails.

The fraudsters using the New Zealand earthquake to their advantage also created a phishing site, based in Austria, spoofing the Red Cross website for New Zealand and requested help from end users. To make the donation, users were required to enter certain confidential information including email address, postal address, credit card number, three digit security number, card expiration date, four digit PIN code, driver license number, and date of birth. Upon entering the required information, the Web page redirected victims to the legitimate Red Cross website.

In the case of Japan, emails were sent containing an image with a link that leads to malware. Once the link is opened, the user is asked to download and install an executable file that is malware related to a Brazilian banking Trojan.

The malware gathers the user’s Internet banking credentials and other sensitive information. The scammers have also been exploiting the relief efforts by sending 419 scam emails that have been prevalent ever since the natural disaster took place, which include a Nigerian styled fake personalized messages that urge people to help the survivors of the earthquake and tsunami while the country is battling a nuclear crisis. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.