Big Hearts lead to Big Cybercrime

Aug 29, 2017 | by Angel Grant, CISSP

Times like this make me proud to be part of the Dell Technologies family. Having already committed $500,000 to support the American Red Cross, Dell recently announced the creation of the Rebuild Texas Fund where Michael Dell donated $36 million and will match $1 for every $2 donated with a goal to hit $100 million by the end of labor day weekend - because a “Texas-sized disaster requires a Texas-sized response!"  Also, as an employee, Dell matches every dollar donated up to $10,000 per team member, per year towards charitable causes.

However, what brings out the best in humanity also brings out the worst in cybercriminals. They know any time there is a natural disaster many of us are desperate to help and so they play on our emotions – and wallets. The Department of Homeland Security US-CERT issued a warning earlier this week that there will be Hurricane Harvey scams - and we have already started to see them.  RSA’s Anti Fraud Command Center typically sees a Phishing attack every 30 seconds.  During high profile media events the amount of Phishing attacks that surface dramatically increases.  We are seeing an uptick in chatter in the many fraud forums we monitor where cybercriminals are discussing various scams they are rolling out.  Many of these scams start with social engineering Phishing emails on:

-          Breaking news with claims of unseen video footage

-          Charities asking for donations – majority are fake

-          Sad story of family loss with desperate plea for help

-          Free loans targeting flood victims

The cybercriminal’s goal is to get you to click on a link, set up an account, get your credit card information or infect your device with malware or a form or ransomware.  Chances are you use the same password on most of your sites so it will be easy for them to access your other accounts and now that they have your credit card information they can easily use it to shop online or sell it in the dark web.   If you become a victim of ransomware you should immediately report the attack to the FBI at the Internet Crime Complaint Center.  www.IC3.gov

Also be aware that Phishing is not the only means cybercriminals are leveraging especially since social media has become such an important communication tool during natural disasters – cybercriminals know this too. We saw several fake posts urging people to share the wrong National Guard phone number, fake social media accounts impersonating charities and online funding pages. You should expect cybercriminals to continue to exploit these forums.

If you want to donate to a legitimate organization, the FTC gives solid advice on how to donate to charities that you know and trust.  If you follow these tips it will help ensure your money goes to the cause you want – and your credit card and other personal information is not being harvested by cybercriminals to conduct identity theft and account takeover.

Our thoughts go out to all impacted by the hurricane and we all must stay vigilant so that cybercriminals can’t take advantage of this disaster.

Spread the word and contribute to the conversation / awareness by following us on @RSAFraud

Author: Angel Grant, CISSP

Category: RSA Fundamentals

Keywords: Fraud, Phishing, RSA Fraud & Risk Intelligence Suite