In the wake of Hurricane Harvey, the Federal Trade Commission is warning users to be on the look for malicious cyber activity related to Hurricane Harvey targeting both disaster victims and potential donors.
Donors are reminded that emails requesting donations from fake charitable organizations commonly appear after major natural disasters. According to Walt Green, the former director of the Justice Department’s National Center for Disaster Fraud, every year people register the online domains for any storm names (or other natural disaster) the National Weather Service releases to scam people. Hurricane Harvey is no exception.
These scams aren’t just domains asking for money. They also come in the form of phishing emails to your inbox. Disaster-related phishing emails may trick users into sharing sensitive information. Such emails could also contain links or attachments directing users to malware-infected websites. Donors are urged to exercise caution when handling emails or any other type of solicitations that relate to Hurricane Harvey, even if those emails appear to originate from trusted sources. Green advises donors to never give money via link that someone sends to them, no matter how much they trust the person who sent it. The person who sent them the link could have been scammed as well. According to Green, the best way to donate to an organization is by typing their name in your browser and going directly to them. “That way you know you’re giving to who you think you’re giving to,” he says.
US-CERT encourages those planning to donate to exercise caution when opening email messages related to Harvey and take the following preventative measures to protect themselves from phishing scams and malware campaigns:
- Review the Federal Trade Commission’s information on Wise Giving in the Wake of Hurricane Harvey, which includes links to check if charity organizations are legitimate.
- Don’t open unsolicited web links or attachments in email messages. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. For more information on safely handling email attachments refer to the US-CERT Tip Using Caution with Email Attachments.
- Keep antivirus and other computer software up-to-date.
- Verify the legitimacy of any email solicitation by contacting the organization directly through a trusted contact number. You can find trusted contact information for many charities on the BBB National Charity Report Index.
- Take the time to verify any organization you plan on donating to. You can easily do that online by visiting sites that vet charitable organizations like Charity Navigator, Better Business Wise Giving Alliance, or GuideStar.
The Department of Justice lists a number of resources for reporting fraudulent activity and scam protection here.
The public can report disaster fraud related to Harvey to the Disaster Fraud Hotline at 1-866-720-5721 24 hours a day, seven days a week.
JPMerc & Co., Inc. has been delivering enterprise quality IT solutions to small and midsized businesses in the greater Boston area and beyond since 2005. Contact us and let’s discuss your company’s IT needs.