Scammers Capitalize on Disaster in Japan

How cyber criminals use current events to steal money and information
April 2011
by Robin Wark

An email asking people to donate to help the victims of the Japanese earthquake and tsunami states: "We humbly hope for your support and strongly believe you can save a life."

If you donate using the information in this email message, you will only be lining the pockets of cyber scammers. The email, which claims to be from the Salvation Army, is a fake.

"It's sad that there are people who would use this tragedy as an opportunity to take advantage of others. ... Also note that our legal department is working with the authorities to bring those who would commit fraud to justice," said Jeff Stanger, Development Director for The Salvation Army in Indiana.

This is certainly not the only scam that has popped up since the 9.0 magnitude earthquake on March 11 off the northeast coast of Honshu, Japan. ParetoLogic security analyst Jerome Segura said whenever there is a disaster or a major event, cyber criminals are quick to take advantage of it.

"Scammers are always looking for ways to quickly monetize their malicious schemes," said Segura, leader of ParetoLogic's Spyware Analysis Team (SWAT). "Big events naturally capture people's attention and spark their interest to know more about them."

Cyber criminals utilize dubious search engine optimization techniques to push their sites to the top of the rankings. These sites are used to push spyware and other malware on unsuspecting users.

News events are sometimes used in more direct scams. For example, Mary S. Elcano, general counsel and corporate secretary for the American Red Cross, explained that people have been asked to click on links in email messages.

"These scams may direct individuals to phony or fake websites, they may request donations of monies through money transfer companies such as Western Union, they may offer 'employment' for individuals to collect monies on behalf of the American Red Cross for a percentage, or they may request that individuals send monies to an email address," she said in a March 28 Laurinburg (N.C.) Exchange website article.

To avoid being caught in one of these scams, we suggest:

  • Make donations to trusted sources. "Although people like to find their own version of a particular event, it is much safer to go with reputable online sources," Segura said. It is best to log on to a well-known charity's website or make a donation in person.
  • Keep your info to yourself. Do not supply confidential information such as your credit card number or banking info in response to an email.
  • Watch for copycats. Cyber criminals try to make their websites look like the real thing. Make sure the name of the organization is exactly correct.
  • Be skeptical of those claiming to be victims. It sounds bad, but you need to be careful about helping people. Facebook and email messages have been received from people falsely claiming to be victims of the tsunami in Japan. Unless you know a victim personally, it is better to donate to a major organization.
  • Be spam aware. "Scammers leverage the power of disasters by sending spam and hoping to use people's natural curiosity in order to have them open malicious attachments or send personal information," Segura said. It is a good rule not to follow links in emails to make donations.
  • Don't trust links from your social networking friends. You should also be wary of links on social networking sites such as Facebook and Twitter. Of social networking, Segura said "Whether it be through dubious links or false apps, the bad guys could not be happier about a faster distribution vehicle."
  • It is not just donations! As discussed, cyber criminals also use big events to try to dupe people into downloading malware or paying for something they don't need. On his Malware Diaries blog, Segura detailed a website which encourages people to pay to download Google Earth to view in-depth satellite imagery of the tsunami. Google Earth is actually free.

We all want to help. We just need to ensure we are not taken advantage of when we try to assist.

Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries.