After the tragic earthquake in Haiti on January 12, 2010, relief efforts have poured into the nation from all over the world. Spammers, on the other hand, have taken advantage of this opportunity to send various spam messages related to the disaster. Symantec researchers have found that spammers usually take advantage of such breaking news events just about 24-48 hours after the event takes place, and the earthquake in Haiti was no exemption.
Spammers started with 419 type spam, asking users to donate money to a charity. When users send their donation, the money disappears into an offshore bank account. Building off of this, spammers began to send phishing messages, pre-tending to be from a well-known lawful organization like UNICEF.
Spammers did not stop there. They also took advantage of this disaster to deliver malware. In the example (right), users download a Trojan when they click on the link to view the video.
Symantec suggests that users:
- Avoid clicking on doubtful links in e-mail or instant messages as these may be links to spoofed, or fake, Web sites.
- Never fill out forms in messages that ask for personal or financial information or passwords. A reputable charitable organization is unlikely to ask for your personal details via e-mail. When in doubt, contact the organization in question via an self-governing, trusted mechanism, such as a verified telephone number, or a known Inter-net address that you type into a new browser window (do not click or cut and paste from a link in the message).