Japan Earthquake and Phishing Scams

In the aftermath of the tragic earthquake in Japan, we can anticipate a swarm of fraudulent websites springing up offering video and opportunities to make contributions to victims. This might be a good time to warn everybody of the phishing risks. The bad guys have no morals, and you can expect your users to receive emails and be searching websites for videos.

The SANS Storm Center contains the following warning and advice:

There will probably be some emails scams and malware circulating regarding the recent Japanese earthquake that occurred overnight.

Be aware off

Fraudulent Organizations: If possible, donate to organizations you know and trust, not to new organizations just set up for this particular event. The IRS maintains a list of tax exempt charitable organizations [1]. This list is not 100% up to date, and it takes a while for a new organization to be added. But it can serve as a first sanity check.

Malware: Malware may be advertised as a video report of the event or come under other pretenses.

You might want to alert your users to be particularly vigilant during this period, both at work and at home.