Boston Marathon Bombing Fraud

http://msisac.cisecurity.org/daily-tips/

When major incidents happen, there are always individuals who look to profit from it.  The Department of Homeland Security and Center for Internet Security have released a joint advisory describing threats that are starting to evolve surrounding the bombing of the Boston Marathon.

This threats include registrations of domain names and websites seemingly related to humanitarian efforts around the event, use of social media websites to spread hoaxes about charities and phishing emails requesting donations.

Here are the recommendations from the advisory:

  • Users should adhere to the following guidelines when reacting to large news events, including news associated with the Boston Marathon bombing, and solicitations for donations:
  • Be cautious of emails/websites that claim to provide information because they may contain viruses.
  • Do not open unsolicited (spam) emails, or click on the links/attachments contained in those messages.
  • Never reveal personal or financial information in email.
  • Do not go to websites that you are unfamiliar with to view the event or information regarding it.
  • Never send sensitive information over the Internet before checking a website's security and confirming its legitimacy. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net)

It is difficult in a time of crisis to determine the right thing to do, and it is ashame that there are those individuals ready to prey on those willing to help.  Be diligent in your search for proper ways to donate to the cause by researching charities before giving them your credit card number.

A good list of charity checking websites was reviewed in this article from About.com: http://nonprofit.about.com/od/fundraising/a/safegiving.htm