FBI Warns of Bogus Haiti Online Donation Scams

The U.S. Federal Bureau of Investigation is advising people to be careful when evaluating donation programs related to the earthquake in Haiti as one security firm is already seeing scam e-mails circulate.

People should apply a "critical eye" to requests for financial donations following Tuesday's earthquake in Haiti, which caused an unknown number of deaths and severe damage to the country's infrastructure.

"Make contributions directly to known organizations rather than relying on others to make the donation on your behalf to ensure contributions are received and used for intended purposes," the FBI said in its advisory.

Scam e-mails are already emerging. Symantec noted a so-called 419-style e-mail that purported to come from the British Red Cross. A 419 scam, named after the number of a statute in Nigeria's criminal code banning the practice, is one in which an e-mail or a letter implores a person to send money for some bogus reason.

Although most people dismiss the appeals, people still do fall for them, especially when they're linked to events such as a natural disaster.

The fake British Red Cross e-mail uses the real London address of the organization, according to Mathew Nisbet, a malware data analyst with Symantec Hosted Services. The contact e-mail for the British Red Cross is wrong, however, and the organization doesn't collect donations using the Western Union money transfer service, either.

"Any money sent using the instructions in this e-mail would not help anyone in Haiti," Nisbet wrote. "It would end up in the pockets of a cybercriminal."

Other cybercriminals are using the tragedy in Haiti as part of a hook to trick people into visiting other harmful Web sites seeded with fake antivirus applications, according to another security vendor, Websense.

The scammers build a shell of a Web site loaded with, for example, information that purports to relate to the earthquake in Haiti. Using techniques generally banned by various search engines, the scammers are able to get their Web site returned on the first page of results when someone does a search.

Websense researchers show in a video on their blog that, at one point since the tragedy happened, typing "Haiti relief" in Google turned up some of those sites.

When clicked, the sites redirect to other sites hosting fake antivirus programs. Deceptive means are used to trick people into installing the applications. Also, security vulnerabilities can be exploited in order to install the programs. The programs then display pop-up messages and warnings in order to goad users into paying for the programs.

The fake antivirus application scam has become widely prevalent. Security vendor PandaLabs estimated last year that 35 million computers worldwide were infected with those kinds of programs per month.

Subscribe to the Security Watch Newsletter

Comments