Sophos Cloud Optix
As we’ve seen on far too many occasions before, scammers think nothing of capitalising off human misery. And the disaster which has struck Japan in the last few days is no different in that regard.
Naked Security reader Andrew got in touch, to share with us an email he had received:
The email pretends to come from the British Red Cross, using the subject line “Japan Tsunami Appeal | British Red Cross” and what appears to be a legitimate British Red Cross email address.
But it asks you to send money – via MoneyBookers – to a rather shady-looking personal Yahoo email address.
It’s not exactly likely that the Red Cross are accepting donations in this way, is it? You’re much better off visiting the British Red Cross’s official website if you wish to help the people of Japan recover from the terrifying earthquake and tsunami which has hit their country.
Everybody is stunned by the news reports, personal stories and pictures that have come from Japan. But it’s important for those of us not directly impacted not to lose our common sense.
That means:
* Taking care when searching for news about the disaster. Hackers often poison search engine results to exploit breaking news, in order to spread malware. Visit legitimate news websites only if you want to keep up-to-date on developing news stories.
* Making sure to donate via legitimate charity websites. In the past, scammers have often take advantage of a natural disaster. This not only benefits criminals, but deprives the people who need financial support the most from receiving charitable donations.
* Being cautious of links which offer you dramatic video footage of a news story. Malicious hackers and scammers know that the public finds it hard to resist clicking on such links and can plant malware and scams at the end of them.
Apart from the last 3 lines, its quite convincing though. You can see how alot of people might be caught out by this one. The scammer has even taken the time to check his English and spamming which is nice to see. There's nothing worse than bogus emails with poor spelling and grammar, there's no excuse 😛
My understanding is that the bulk of the email is lifted from the real Red Cross website.
The bad guy just added his contact details to receive the money. Not just a scammer, then – but a lazy scammer!
I believe that for something outside of your country you would contribute to the International Red Cross. All contributions entitled by your country would go to that country. Also unless you are on an email list with the Red Cross you will not get an email soliciting money. I hope this helps anyone who might be approached for a scam.
The scammer is using an email address that does not have the name of the Red Cross in the address. There may not be much we can do for people who will not use common sense. Also, when one passes a cursor over a website link, one can see the actual URL information down on the command line (?) at the bottom of one's browser. So, the caution is that people should become a bit more savvy about computers and how they work before parting with their cash. As to the punishment for this scammer? One day of hard labor picking up trash for every dollar he collected sounds about right.
How about sending him to Japan to help out?
Spoofed SMTP. Not surprised people are doing this, but I am surprised he didn't take it one step further and just have a link to click taking victims to his donate page (not sure if it's even possible though with moneybookers).
Thanks for the heads up.
Put the ''scammers" into bright, orange, prison jumpsuits. Stencil the phrase "I am a Scammer" in big block, black letters on the back. Then place them into the heart of the devistation zones and let them work for a min of 10hrs per day recovering victims from beneath the rubble. Yup. I reckon a touch of reality is good for anybody. Hands-on is even better. IF they are that lazy and hateful to scam hard-earned money donated with hearts and prayers to a devistated country, I think a LARGE DOSE of reality is just what the doctor might order.
Graham, I'd like to thank you for work you do everyday, letting us know about all this malware.
I'm a Mac user and I'm running Sophos AV free which is a great product.
Greetings from Italy 🙂
_Niko_
everyone is making money out of this japan disaster
it's a fact everyone profits from tragedies