Phishing scam plagues Ebola charities

emailWhen people are at their most trusting they’re at their weakest – which is why con artists routinely employ plausible-sounding sob stories to get unsuspecting innocents to hand over their money.

Since the rise of the Internet, humanitarian disasters have been exploited by fraudsters as a means of duping unsuspecting people into opening phishing emails that download malware, with the aim of stealing their information and money.

The likes of Google and Facebook have been fundraising, so it’s no great surprise that the Ebola epidemic is now being used by heartless opportunists for their own ends. But, in an unusual turn, instead of sending phishing emails linking to malicious sites, scammers are linking to legitimate fundraising sites. Needless to say, the money still doesn’t go to those who need it most.

According to BarracudaLabs, hundreds of thousands of spam emails have been sent out asking people to donate money to the fight against Ebola via the crowdfunding service Indiegogo. Barracuda’s Luis Chapettit is quoted by CSO as saying, “People generally want to do what’s good for others, and that’s why I think this is hitting so hard.”

Don’t let this put you off donating, but do check where your dollars are going: never click on links sent via email or shared on social media sites, and only donate via legitimate organizations.

If you’re concerned about your employees’ susceptibility to a phishing attack, you might be interested in IT Governance’s Employee Phishing Vulnerability Assessment. It will identify potential vulnerabilities among your employees and provide recommendations to improve your security, enabling you to have a broad understanding of how you are at risk, and what you need to do to address these risks.

Receive a free email phishing assessment when you purchase the Combined Infrastructure and Web Application Penetration Test.