Following the recent disasters in Burma and China, companies and charities are continuously asking for donations, which is quite a good thing considering the
recorded number of victims. However, US-CERT (United States Computer Emergency Readiness Team) warned that more and more phishers rely on these tragedies and attempt to get money from donors using traditional scams.
Just like previous attacks, phishers send spam messages posing as charities and asking for donations, most emails including links to malicious websites. Once the users reach the phishing websites, they are asked to give their bank account details which could be then used by attackers to siphon money.
"Phishing scams may appear as requests for donations from a charitable organization asking users to click on a link that will take them to a fraudulent website that appears to be a legitimate charity. The users are then asked to provide personal information that can further expose them to future compromises," US-CERT wrote in a warning.
As usual, users who receive such emails are advised to ignore the links included but, in case interested donors really want to donate some funds, there are two important guidelines to be followed. First of all, "review the Federal Trader Commission's Charity Checklist," US-CERT explains. Then, you should "verify the legitimacy of the email by contacting the organization directly through a trusted contact number. Trusted contact information can be found on the Better Business Bureau National Charity Report Index."
The number of computer attacks has been increased a lot in the past few days, especially since the Burma and China disasters. For instance, some hackers attempted to get into the Chinese branch of Red Cross in order to access the financial details belonging to people who had already donated money for the victims.