Katrina-related cyberscams surface

Web sites, e-mailers and online auctioneers claim to collect money for hurricane relief efforts. But their real motivation is to steal.

Updated Sept. 1 with details from the FBI and Sophos.

If you come across a Web site or e-mail that claims to collect money for those devastated by Hurricane Katrina, take care. Security experts warn that it may be a scammer out for your credit card number.

According to the Bethesda, Md.-based SANS Internet Storm Center (ISC), a number of fake e-mails and Internet domains have been set up to prey on those who want to donate to relief efforts underway in the gulf region -- where Katrina's Category-4 winds and rain left New Orleans underwater; countless homes in splinters; and possibly thousands dead. Scammers are also using eBay as a weapon.

"Some that we strongly suspect so far are katrinahelp.com, katrinarelief.com and katrinacleanup.com," ISC handler Pedro Bueno said in his shift diary. Such sites ask that money be sent through Paypal, but there's no way to confirm where the money is headed from there. "We got information that there are plenty of domains for sale at eBay related to the hurricane… While some are currently being used to get users' passwords, much can be done with these fake domains, from getting money through fake foundations, or even [by leading] you to install malicious software in the machine."

FBI spokesman Paul Bresson said the agency has received reports of online scams and is investigating. "Unfortunately, we always see these types of scams after a disaster, like the tsunami last year [in South Asia]," he said. "We've identified a number of phony sites and e-mails directing you to spoofed sites."

For now the FBI is tallying information and working with private companies and other law enforcement to shut down the scam operations. "It's important to just warn the public that these scams are out there," he said.

According to The Washington Post, eBay stopped an auction of several Katrina-related Web site names like ''ourtsunami2005.com." Bidding was to start at $15,000 and the seller promised to deliver half of the final winning bid amount to the American Red Cross, the Post reported, noting that eBay lets sellers dedicate a portion of their profits to charities but requires the seller either sign up for eBay's own giving program or obtain permission from the charity first.

Red Cross officials said no such permission was granted and eBay said it killed the auction because the seller didn't follow company rules on charitable giving, the newspaper reported.

Shutting down scam sites isn't as easy as one might expect. Bueno said ISC has tried to warn Web site administrators of companies that may be unwittingly hosting bogus sites. According to Bueno, one administrator said, "You'll have to take that up with Paypal… We don't govern that [sort of] thing… It is well known for scammers to benefit from disasters… but unless it's harming our network or [there's] solid proof that there is damage being done, there's not a whole lot we can do. I can't exactly turn a site off based on an assumption."

For those who wish to donate to relief efforts, the storm center recommended going to FEMA's Web site for a list of reputable agencies, or dealing with organizations that have proven trustworthy in the past.

Meanwhile, Lynnfield, Mass.-based antivirus firm Sophos is warning Web surfers to be careful of e-mails advertised as news on the hurricane aftermath.

Sophos' Web site said "a widespread spam campaign that poses as a breaking news report about the Hurricane Katrina disaster" is designed "to trick innocent computer users into visiting a bogus Web site which tries to infect their PCs with malware."

The Web site gives examples of the e-mail subject lines and messages being used.

This story originally appeared on SearchSecurity.com.

Dig deeper on Enterprise information security management

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCompliance

SearchHealthIT

SearchCloudComputing

SearchMobileComputing

SearchDataCenter

Close