Wednesday, August 31, 2005 4:41 PM
cmosby
SANS - Internet Storm Center - Donations for Katrina victims - be careful
SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System - Current Infosec News and Analysis
Donations for Katrina victims - be careful
We decided to start a new diary today, regarding the fake domains for donations to the Katrina Hurricanes victims.
We updated yesterday´s diary with the information of fake emails and domains being used to get donations for the Katrina Hurricane and Brian Krebs just updated the Security Fix blog, with new informations about these fake domains.
Some that we strongly suspect so far are katrinahelp.com , katrinarelief.com and katrinacleanup.com.
While trying to do our part, we try to reach the websites administrators. For our surprise, while talking to one of the hosting company of one of the sites, an administrator said:
"Youll have to take that up with paypal we dont govern that sorta thing...while it is well known for scammers to benifit from diasters but unless its harming our network or solid proof that there is damage being done, theres not a whole lot we can do :-/
I can't exactly turn a site off based on a assumption.."
We got information that there are plenty of domains for sale at eBay, related the Hurricane. A quick look at whois services for Katrina name can show you some interesting names...
While some are currently being used to get users/passwords, much can be done with these fake domains, from getting money through fake foundations, or even lead you to install malicious software in the machine.
If you plan do donate, we recommend that you refer to fema.gov for a list of reputable agencies or donate to organizations you trust and have past experience with.
Filed under: Security and Anti-Virus, In the News