14 DAY TRIAL // Cybercriminals wasted no time in trying to exploit the 7.0 magnitude earthquake that struck Haiti two days ago to their own advantage. Security researchers warn of poisoned Web search results, while authorities advise caution when donating money to relief efforts.
On January 12, 2010, at 16:53:09 local time, stress gathered for the past 250 years between the Enriquillo-Plaintain Garden and Septentrional faults was released at a depth of 10 kilometers near Port-au-Prince, the capital of Haiti. The release of energy resulted in a devastating earthquake of a magnitude of 7.0 Mw and a series of aftershocks in the following hours.
A huge number of buildings in Port-au-Prince, including important governmental ones and hospitals, were damaged or completely leveled. The disaster affected over 3.7 million people and the death toll is estimated at tens of thousands, or exceeding 100,000 by some accounts. The fate of many more is currently unknown.
Governments from all over the world have reacted to the news and already started dispatching aid to the country. Meanwhile, charitable organizations have established relief funds and are accepting donations.
However, the FBI warns people willing to help the relief efforts to be careful who they give their money to. "Past tragedies and natural disasters have prompted individuals with criminal intent to solicit contributions purportedly for a charitable organization and/or a good cause," it says in a press release.
In this respect, the bureau gives several recommendations that include not opening links or attachments contained in unsolicited e-mails about the earthquake, being skeptical of individuals that pose as surviving victims, verifying the legitimacy of charitable organizations, as well as making their contributions directly to these organizations and not individuals who claim to be intermediaries.
Black hat search engine optimization (BHSEO) campaigns poisoning search results on the subject have also been launched, as expected with any major event. Security researchers from CA warn that searching for "Haiti Earthquake" can lead Internet users on websites pushing fake antivirus software, also known as scareware.
The pages display "the usual Fake Message that the machine is infected and it contains Viruses, Trojans etc., and redirects the user to a fake scanner page, which pops up 'your machine is infected' and other coercive messages in those lines to persuade the user to download the malicious payload," K K Sen, a CA research engineer, writes.