Security Response: Scams emerge as Haiyan strikes the Philippines
Typhoon Haiyan, one of the strongest tropical cyclones on record struck the Philippines this week, leaving behind a trail of mass destruction. With more than 10,000 people dead, call for help has been raised by several NGOs and organizations worldwide. Donation requests have been posted on different social networks as well as some popular websites. Meanwhile, spammers have started taking advantage of the situation by sending email containing fake donation requests.
In the the example shown in this blog, the spammer has sent an email that seems perfectly fine at first glance, but when you take a closer look, you can see the email is sent from a different email ID with the subject line "HELP PHILIPPINES".
The spammer disguises himself as a professional anchor and reporter for a reputable news channel. The organization seems to be helping impacted victims from the affected parts of the Philippines. The spammer also speaks about transferring funds through a reputable bank. He provides another email ID, which is created using a free email service provider, for further correspondence. The overall feel and content of the email is presented in a very genuine and polite manner so that recipients won't notice that it's actual a scam.
Symantec recommends the following precautions in order to avoid such scams:
- Be extra vigilant while opening unsolicited emails
- Verify the authenticity of the organization to whom you are transferring donations
- Do not respond to emails that ask for personal and confidential information
Symantec also recommends updating anti-spam signatures regularly. Symantec is on the lookout for new tricks, including phishing attacks, malware, and social networking attacks, related to Typhoon Haiyan. We will continue to investigate such attacks to ensure that the best possible protection is in place and keep you regularly posted.
Source: Symantec
No comments: