<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="title" content="Security Awareness: Watch-Out for Hurricane Harvey Online Scams" />
<meta name="keywords" content="security,security blog,security disucssion,Security Awareness: Watch-Out for Hurricane Harvey Online Scams,scam,Hurricane,Infosec Island,Budget" />
<meta name="description" content="Security Awareness: Watch-Out for Hurricane Harvey Online Scams
As reported during previous natural disasters and global events, phishing is usually the path of least resistance for the bad guys to get the sensitive data they want without being detected. If they can become you, they can slowly steal the data over time and cover their tracks.  In phishing, the bait is a clever message and you are the fish. We fall for the phishing bait, because the phishers are masters of disguise. The bad guys play on our emotions and desires and appear to be from trusted sources.

In the case of Hurricane Harvey, watch for official looking appeals that go to unfamiliar places or web addresses that are a few letters off. Also, don’t donate to organizations that are not tax deductible." />
<meta name="robots" content="index, follow" />
<meta name="language" content="en" />
<meta name="msvalidate.01" content="9F9868A864D5E17CEC12780D21551E9A" />
<meta name="google-site-verification" content="xYkUOWBQc98dA0wmPnnl5A5blEO-BbIQgCL8sCwj7Mo" />
<title>Security Awareness: Watch-Out for Hurricane Harvey Online Scams</title>
<script src="/cdn-cgi/apps/head/mLIaP92wZqlwj7EOFBflWIvafXQ.js"></script><link rel="shortcut icon" href="/favicon.ico" />
<link rel="alternate" type="application/rss+xml" title="Infosec Island - Latest Articles" href="http://www.infosecisland.com/rss.html" />
<script type="text/javascript" src="/js/jquery.js"></script>
<script type="text/javascript" src="/js/ckeditor/ckeditor.js"></script>
<script type="text/javascript" src="/js/custom.js"></script>
<script type="text/javascript" src="/js/jquery.autocomplete.js"></script>
<script type="text/javascript" src="/js/expander.js"></script>
<link rel="stylesheet" type="text/css" media="screen" href="/sfCombine/css/key/dbade62bbb3c06cd3bee83347e14f066.html" />
</head>
<body>
<div id="top_wrapper" class="clearfix">
<div class="floatLeft">
<a href="/rss.html"><img src="/images/rss-small.gif" border="0" /></a>
<a href="http://www.twitter.com/infosecisland" target="_blank"><img src="/images/twitter-small.gif" border="0" /></a>
<a href="http://www.facebook.com/pages/Infosec-Island/239789931216?ref=ts" target="_blank"><img src="/images/facebook.gif" target="_blank" /></a>
<a href="http://www.linkedin.com/groups?home=&gid=2838730&trk=anet_ug_hm" target="_blank"><img src="/images/linkedin-small.gif" /></a>
</div>
<div class="floatRight search_bar">
<form id="form2" method="post" action="/q.html"> <span class="dropsearch">Search: </span>
<input type="text" name="q" id="textfield3" value="" class="input2" /> <input type="image" name="commit" src="/images/homepage34.gif" id="imagefield2" /></form>
</div>
</div>
<div id="wrapper">
<div id="header" class="clearfix">
<div id="logo" class="floatLeft">
<a href="/"><img style="padding-top: 2px" src="/images/Islandlogo-small.png" /></a>
</div>
<iframe id="bannerzone_top" src="/ajax/viewbanner/zone/4.html"></iframe>
</div>
<table class="menus">
<tr>
<td>
<ul class="menu">
<li class="">
<a href="/">Front Page</a>
</li>
<li class="drop">
<a href="/blogs.html">Blog Posts</a>
<ul>
</ul>
</li>
<li class="drop">
<a href="#">Resources</a>
<ul>
<li>
<a href="/documents.html">Downloads</a> </li>
<li><a href="http://whitepapers.infosecisland.com" />Whitepapers</a></li>
</ul>
</li>
<li class="drop">
<a href="#">Media</a>
<ul>
<li><a href="/videos/1.html">Videos</a></li>
</ul>
</li>
<ul class="menu">
<li class="">
<a href="http://whitepapers.infosecisland.com" />Whitepapers</a>
</li>
</ul>
<ul class="menu">
<li class="">
<a href="http://www.securityweek.com" alt="Information Security News" />Visit SecurityWeek.Com</a>
</li>
</ul>
</li>
</ul>

<ul class="menu" style="float:right">
<li><a href="/login.html">Login</a> </li>
<li style="border-right:0px"><a href="/register.html">Register for Free</a></li>
</ul>
</td></tr></table>
<div id="content" class="clearfix three-col">
<div class="floatLeft leftcolumn">
<h1>Security Awareness: Watch-Out for Hurricane Harvey Online Scams</h1>
<div class="viewdate">Monday, August 28, 2017</div>
<div class="viewavatar">
<label>Contributed By:</label><br />
<strong><a href="/userprofile/13453.html">Dan Lohrmann</a></strong>
<br />
<br />
<a href="/userprofile/13453.html"><img src="/images/../uploads/avatar/1fec6881fe864bc30369edb548ea22b1.jpg" alt="1fec6881fe864bc30369edb548ea22b1" /></a> </div>
<div class="post_text">
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">As the tragic events continue to unfold in Southeast Texas, the dark side of the Internet is already coming to life with a wide variety of online scams to trick global web surfers.</span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">While there are many good causes that need our immediate support, there have already been reports of both hurricane victims and potential donors receiving misleading information that is attempting to deceive. Sadly, both Texans in trouble and those who want to give from around the world, are falling for relief effort scams.</span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">Numerous <a href="http://www.kens5.com/news/local/beware-tropical-storm-harvey-victims-targeted-by-online-scam/468250184">media sites posted a toll free number</a> to call if you were in a state of emergency. However, the number called is for an insurance group.</span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">Meanwhile, all across the country, warning bells are sounding about scammers trying to trick people into giving to fake accounts. For example, the Office of the Indiana Attorney General&rsquo;s Consumer Protection Division is <a href="http://www.tribstar.com/news/indiana_news/helpful-hoosiers-should-also-be-vigilant-in-the-wake-of/article_8cd08254-8c15-11e7-bbff-0374d4c3e585.html">warning Hoosiers to be vigilant</a> in giving.</span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;"><strong>What Can You Do?</strong></span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">The Better Business Bureau is advising donors to <a href="http://www.courier-journal.com/story/news/local/2017/08/28/better-business-bureau-says-wary-pleas-help-victims-hurricane-harvey/607874001/">be wary of these techniques</a> which should set off alarm bells:</span></p>
<p style="margin-left: 40px;">
<span style="font-family:trebuchet ms,helvetica,sans-serif;"><strong>1. Don&#39;t fall for copycats.</strong></span></p>
<p style="margin-left: 40px;">
<span style="font-family:trebuchet ms,helvetica,sans-serif;"><strong>2. Be wary of emails and social media.</strong></span></p>
<p style="margin-left: 40px;">
<span style="font-family:trebuchet ms,helvetica,sans-serif;"><strong>3. Don&#39;t provide personal information. </strong></span></p>
<p style="margin-left: 40px;">
<span style="font-family:trebuchet ms,helvetica,sans-serif;"><strong>4. Do your homework.</strong>&nbsp;Visit <a href="http://give.org/">give.org</a>to review&nbsp;the BBB Charity Report and to verify that a charity meets bureau&nbsp;standards for accountability.</span></p>
<p style="margin-left: 40px;">
<span style="font-family:trebuchet ms,helvetica,sans-serif;"><strong>5. High pressure.</strong>Be leery of a charity that insists on immediate relief help. Legitimate charities will be glad to accept a donation later on.</span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">Also watch-out for Facebook pages or bogus &ldquo;Go Fund Me&rdquo; accounts that try to attract emotional support with pictures. They typically will use actual disaster photos from the storm to make them look official.</span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">The best advice I have is to give to the Red Cross using well-known and trusted channels. To contribute to the Red Cross, you can simply text the word&nbsp;<strong>HARVEY</strong> to&nbsp;<strong>90999 </strong>on your cellphone.&nbsp; Or visit their website,&nbsp;<a href="https://www.redcross.org/donate/hurricane-harvey?utm_source=scripps&amp;utm_campaign=hurricane_harvey" target="_blank">RedCross.org,</a>to donate by credit card.</span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">Additionally, be aware that personal appeals for money on crowdsourcing sites typically are not tax deductible, unlike the American Red Cross and Salvation Army.</span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;"><strong>Phishing Scams</strong></span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">As reported during <a href="http://www.govtech.com/blogs/lohrmann-on-cybersecurity/What-To-Do-About-Phishing.html">previous natural disasters</a> and global events, phishing is usually the path of least resistance for the bad guys to get the sensitive data they want without being detected. If they can become you, they can slowly steal the data over time and cover their tracks. &nbsp;In phishing, the bait is a clever message and you are the fish. We fall for the phishing bait, because the phishers are masters of disguise. The bad guys play on our emotions and desires and appear to be from trusted sources.</span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">In the case of Hurricane Harvey, watch for official looking appeals that go to unfamiliar places or web addresses that are a few letters off. Also, don&rsquo;t donate to organizations that are not tax deductible.</span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">Spear phishing is similar to phishing, except the attack is more targeted, sophisticated and often appears to be from someone you know such as a company colleague, your bank, a family member or a friend. The message may include personal information like your name, where you work, and perhaps even a phone number or other related personal information.</span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">During a crisis, you may receive items forwarded to you from friends or family. However, don&rsquo;t just assume that all is well. Check the details of where they are asking you to donate or what links you are clicking on.</span></p>
<p>
<span style="font-family:trebuchet ms,helvetica,sans-serif;">Finally, understand that this scamming trend is not new and not going away. As <a href="http://www.trendmicro.com/vinfo/us/threat-encyclopedia/web-attack/99/sports-as-bait-cybercriminals-play-to-win%20-%202011" target="_blank">Trend Micro pointed out several years ago</a>, cybercriminals have time on their side and are just waiting for you to let your guard down. If you don&rsquo;t fall for tricks surrounding this natural disaster, sadly, another major event is most likely just around the corner. Be prepared!</span></p>
</div>
<div class="sharebar">

<div class="addthis_toolbox addthis_default_style">
<a href="https://www.addthis.com/bookmark.php?v=250&amp;username=donwalrus" class="addthis_button_compact">Share This!</a>
<span class="addthis_separator">|</span>
<a class="addthis_button_facebook"></a>
<a class="addthis_button_linkedin"></a>
<a class="addthis_button_digg"></a>
<a class="addthis_button_delicious"></a>
<a class="addthis_button_twitter"></a>
<a class="addthis_button_email"></a>
<a class="addthis_button_google"></a>
</div>
<script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=donwalrus"></script>

</div>
<div style="padding-left:20px">
<span class="related">Possibly Related Articles:</span>
<ul style="padding-left:20px;list-style-type:disc; font-size: 1.2em">
<li style="font-weight:bold"><a href="/blogview/11110-Facebooks-Third-Biggest-Advertiser-Was-a-Spammer.html">Facebook's Third Biggest Advertiser Was a Spammer</a></li>
<li style="font-weight:bold"><a href="/blogview/10746-New-Fake-ATM-Keypads-Extremely-Difficult-to-Detect.html">New Fake ATM Keypads Extremely Difficult to Detect</a></li>
<li style="font-weight:bold"><a href="/blogview/22377-Lockheed-Martins-Rip-0ff-of-Your-IP-By-Contest-Entry.html">Lockheed Martin's Rip-0ff of Your IP - By Contest Entry</a></li>
<li style="font-weight:bold"><a href="/blogview/19290-The-Wheels-of-Justice-Turn-Slowly-But-Exceedingly-Fine.html">The Wheels of Justice Turn Slowly - But Exceedingly Fine</a></li>
<li style="font-weight:bold"><a href="/blogview/21828-Georgia-Man-Convicted-for-Role-in-Phishing-Operation.html">Georgia Man Convicted for Role in Phishing Operation</a></li>
</ul>
</div>
<div id="post_info">
<table>
<tbody>
<tr>
<td style="width: 120px;">
<label>Views:</label>
</td>
<td>
77669 </td>
</tr>
<tr>
<td>
<label>Categories:</label>
</td>
<td>
<a href="/blogcategory/46/Infosec+Island.html">Infosec Island</a> <a href="/blogcategory/38/Budgets.html">Budgets</a> <a href="/blogcategory/37/Enterprise+Security.html">Enterprise Security</a> <a href="/blogcategory/48/Policy.html">Policy</a> <a href="/blogcategory/39/Security+Awareness.html">Security Awareness</a> <a href="/blogcategory/47/Security+Training.html">Security Training</a> </td>
</tr>
<tr>
<td>
<label>Tags:</label>
</td>
<td>
<a href="/blogtag/292/scam.html">scam</a> <a href="/blogtag/4549/Hurricane.html">Hurricane</a> </td>
</tr>
</tbody>
</table>
</div>
<div class="rating">
<strong>Post Rating</strong>
<span id="ratingc" class="rating_likes">
<a href="/login.html">I Like this!</a>
</span>
</div>
<div class="commentsheading"><a name="comments">Comments:</a></div>
<div class="article_comment">
</div>
<div class="disclaimer">
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.
<br /><br />
<strong>Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.</strong>
</div>
<br />
<iframe id="bannerzone_bottom" src="/ajax/viewbanner/zone/5.html"></iframe>
</div>
<div class="floatLeft midcolumn">

<div class="box mostliked">
<div class="boxtitle">
Most Liked
</div>
<div class="boxcontent">
</div>
</div>
<iframe id="bannerzone_left_top" src="/ajax/viewbanner/zone/8.html"></iframe>
<br /><br />
<div class="box">
<div class="boxtitle">
Latest Member Comments
</div>
<div class="boxcontent">
<div class="homecomment">
<div class="bubblesmall">
<blockquote>
<p><i>&quot;<a href="/blogview/19399-Hacker-to-Release-Symantecs-PCAnywhere-Source-Code.html">Shifting costs from your capital expense with an operational one, the opportunity to scale along when necessary, as well as the Web-bas...</a>&quot;</i></p>
</blockquote>
<span class="comment_article">
<a href="/blogview/19399-Hacker-to-Release-Symantecs-PCAnywhere-Source-Code.html">Hacker to Release Symantec's PCAnywhere Sour...</a> </span>
<cite>
<a href="/userprofile/12155.html">Jerry Shaw</a> on 10-05-2015 </cite>
</div>
<div class="bubblesmall">
<blockquote>
<p><i>&quot;<a href="/blogview/24305-PoS-Malware-Kits-Rose-in-Underground-in-2014-Report.html">Fast And Furious 7 Full Movie Online Watch http://www.mastimovie.net/fast-and-furious-7-full-movie-online-watch/
Fast And Furious 7 ...</a>&quot;</i></p>
</blockquote>
<span class="comment_article">
<a href="/blogview/24305-PoS-Malware-Kits-Rose-in-Underground-in-2014-Report.html">PoS Malware Kits Rose in Underground in 2014...</a> </span>
<cite>
on 03-17-2015 </cite>
</div>
<div class="bubblesmall">
<blockquote>
<p><i>&quot;<a href="/blogview/24307-New-PCI-Compliance-Study.html">Fast And Furious 7 Full Movie Online Watch http://www.mastimovie.net/fast-and-furious-7-full-movie-online-watch/
Fast And Furious 7 ...</a>&quot;</i></p>
</blockquote>
<span class="comment_article">
<a href="/blogview/24307-New-PCI-Compliance-Study.html">New PCI Compliance Study...</a> </span>
<cite>
on 03-17-2015 </cite>
</div>
<div class="bubblesmall">
<blockquote>
<p><i>&quot;<a href="/blogview/24306-PCI-Security-Standards-Council-Statement-on-White-House-Cybersecurity-Summit.html">Fast And Furious 7 Full Movie Online Watch http://www.mastimovie.net/fast-and-furious-7-full-movie-online-watch/
Fast And Furious 7 ...</a>&quot;</i></p>
</blockquote>
<span class="comment_article">
<a href="/blogview/24306-PCI-Security-Standards-Council-Statement-on-White-House-Cybersecurity-Summit.html">PCI Security Standards Council Statement on ...</a> </span>
<cite>
on 03-17-2015 </cite>
</div>
</div>
</div>
</div>
<iframe id="bannerzone_below_tags" src="/ajax/viewbanner/zone/11.html"></iframe>
<div class="box latest">
<div class="boxtitle">
Latest Posts
</div>
<div class="boxcontent">
<ul>
<li class="mr_link"><a href="/blogview/25034-The-Only-Gold-Russia-Can-Win-at-the-Winter-Olympics-Is-for-Cyber-Hacking.html">The Only Gold Russia Can Win at the Winter Olympics Is for Cyber-Hacking</a></li>
<li class="mr_link"><a href="/blogview/25033-Think-GDPR-Wont-Affect-Your-US-Company-Guess-Again.html">Think GDPR Won’t Affect Your U.S. Company? Guess Again</a></li>
<li class="mr_link"><a href="/blogview/25032-Advancing-the-Usability-of-PKIs.html">Advancing the Usability of PKIs</a></li>
<li class="mr_link"><a href="/blogview/25030-The-Five-Secrets-to-Making-Security-Awareness-Work-in-2018.html">The Five Secrets to Making Security Awareness Work in 2018</a></li>
<li class="mr_link"><a href="/blogview/25029-Crypto-Mining-Is-the-Next-Ransomware-.html">Crypto-Mining Is the Next Ransomware </a></li>
<li class="mr_link"><a href="/blogview/25028-Increasing-Importance-of-Mobile-Makes-Malware-a-Priority-.html">Increasing Importance of Mobile Makes Malware a Priority </a></li>
<li class="mr_link"><a href="/blogview/25025-What-Global-Manufacturers-Need-to-Know-About-Security-in-the-Cloud.html">What Global Manufacturers Need to Know About Security in the Cloud</a></li>
<li class="mr_link"><a href="/blogview/25024-Security-in-Operational-Technology-Five-Top-Trends-in-2018.html">Security in Operational Technology: Five Top Trends in 2018</a></li>
<li class="mr_link"><a href="/blogview/25023-Bitcoin-in-the-Darknet-Ecosystem.html">Bitcoin in the Darknet Ecosystem</a></li>
<li class="mr_link"><a href="/blogview/25021-The-5-Motives-of-Ransomware.html">The 5 Motives of Ransomware</a></li>
</ul>
</div>
</div>
</div>
</div>
</div>
<div id="footer">
<div class="footertop">
<a href="/">Home</a> &nbsp;|&nbsp;
<a href="/articles.html">Articles</a> &nbsp;|&nbsp;
<a href="/documents.html">Downloads</a> &nbsp;|&nbsp;
<a href="/blogs.html">Blog Posts</a>&nbsp;|&nbsp;
<a href="/contacts.html">Contact Us</a>&nbsp;|&nbsp;
<a href="/messages/whyregister.html">Register for Free</a>&nbsp;|&nbsp;
<a href="/messages/about.html">About Us</a>&nbsp;|&nbsp;
<a href="/privacy.html">Privacy</a> </div>
<div class="footerbottom">
Copyright &copy; 2009 - 2018 Wired Business Media. All Rights Reserved.
</div>
</div>
<script type="text/javascript">

  var _gaq = _gaq || [];
  _gaq.push(['_setAccount', 'UA-1179289-2']);
  _gaq.push(['_setDomainName', 'infosecisland.com']);
  _gaq.push(['_trackPageview']);

  (function() {
    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
  })();

</script>
</body>
</html>
