Katrina Aftermath Exploited to Hack PCs and Steal Money
Security analysts worry about possible online scams that exploit sympathy for those caught in Hurricane Katrina. Bogus e-mails that purport to have news on the aftermath already are circulating, experts said Thurs. Fraudulent messages seeking money also are cropping up. Similar hoaxes followed 2004’s Asian tsunami and 9/11 terror attacks in N.Y. and D.C.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Websense received multiple reports of a new e-mail scam seeking to lure visitors to a malicious website. The brief message about Katrina offers a link to the full story. The site contains encoded JavaScript that attempts to exploit 2 HTML help vulnerabilities. If that succeeds, the code placed a Trojan on the workstation that begins downloading a 2nd malicious virus, analysts reported. That Trojan creates a back door giving the attacker control of the PC.
The technique, exploit and Trojan used in this attack are nearly identical to an Iraqi News e-mail scam seen in early Aug., Websense said. The first site involved in the attack is hosted in Mexico; the 2nd, U.S.-based. Both remained active at the time of the security firm’s alert. A Sophos alert warned Internet users of the scams, some of which carry e-mail subject headers such as “re: g8 Tropical storm flooded New Orleans” and “re: q1 Katrina killed as many as 80 people.”
Scammers also exploit sympathy for disaster victims by sending out millions of spam messages requesting aid be sent to a particular bank account or donated through a website linked from the e-mail, security firm Eset said. By the end of the week, several hundred new websites requesting donations for Hurricane Katrina relief were online, Websense reported, noting that many such sites are thought fraudulent. “Criminals are so quick to take advantage of the suffering of the victims of tragedies and exploit genuine goodwill for their own gain,” Eset CTO Andrew Lee said: “Though it’s easy to be moved by the tragedy, we can’t let down our guard. People should use their heads as much as their hearts when looking to make a donation.”
Symantec Senior Engineering Dir. Alfred Huger told us he had seen fewer instances of relief scams after Katrina than after the tsunami. Still, he warned consumers to beware all Katrina-related e-mails and, if possible, to support entities they know. “These types of things have become commonplace,” he said, adding that “opportunists who use these kinds of events to part people from their hard earned cash” are becoming a standard post-disaster occurrence. The FBI is investigating hundreds of sites posing as online charities to obtain financial information, the National Cyber Security Alliance confirmed. The alliance offered a list of tips to help consumers thwart online relief scams and security attacks. The group recommended Web-based resources -- like the Network for Good and the Federal Emergency Management Agency -- to check entities’ bona fides.
Eset released flags for scam-spotting as well. Analysts said legitimate charities typically send appeals only to those who have agreed to receive e-mails from them. Unsolicited e-mails almost always are frauds, the firm said. And don’t be fooled by appearance, experts said. E-mails can acquire the appearance of legitimacy by copying a legitimate entity’s graphics and logo. Eset advised users not to click through to links in the bodies of e-mails that could be spoofed. The firm suggested typing the URL of a trusted aid group and follow the official site’s instructions on how to send donations.