On the day after the tsunami devastated Japan, Anand Mahindra, vice-chairman and managing director of the Mahindra Group, wrote on his Twitter page: “Received numerous mails purportedly soliciting funds for Japanese tsunami victims. Genuine, or is the ‘vulture’ business model alive and well?”
With the Japanese still under shock after the quake-cum-tsunami, people around the globe are working to provide help. Unfortunately, cybercriminals are exploiting the tragedy and the sympathy.
According to a report by internet security vendor Symantec, e-mails marked URGENT, requesting for help by appealing to the humanity in every internet user, or urging consumers around the world to offer donations to those affected, are doing the rounds. It also said over 50 domains with the names of either ‘Japan tsunami’ or ‘Japan earthquake’ emerged within hours of the event. These domains are either parked, available for sale, or are linked to earthquake sites.
“Previously, when such disasters occurred, we had seen a sudden surge in virus attacks in the form of nasty attachments and .zip files embedded in spam sent from attackers. Use caution when opening forwarded messages related to the Japan earthquake and tsunami, and any other tragedy or event that stirs international news coverage, legitimate and otherwise,” said Shantanu Ghosh, vice-president, India product operations, Symantec. The company has also observed a classic 419-message, targeting the Japanese disaster.
According to Symantec, other methods the cyber mafia uses during such events include search engine poisoning. With several internet users searching for earthquake-related news and information online, cybercriminals can ‘poison’ search results, for malicious websites to appear at the top of the results. “Users who click on these links, assuming the information will help them make sense of the tragedy, may end up downloading malware instead,” it added.