When Tragedy Arises, Scammers Rise To The Occasion
By: Jim Stickley and Tina Davis
December 12, 2022
Scams surrounding crisis situations or high-profile events never cease. Taking advantage of current events and crises are a lure many cyberthieves cannot wait to take advantage of for their own gain. Natural disasters, such as the earthquake in Papua New Guinea and the fundraising surrounding it opens a door for scammers to steal donations from those who give to provide relief for those in need. Others such as the recent death of Queen Elizabeth II are also fair game for cybercrime.
Over the years, we’ve learned that scams using the news of celebrity deaths is an unfortunate side effect when there is a notable death or when disaster strikes and humanity steps up to help. Scammers use any number of tricks to achieve their goals, no matter where in the world a crisis takes place. Fake fundraising social media pages, GoFundMe sites, phony accounts pretending to belong to a celebrity asking for donations. This has happened to many including Robert Downey Jr., Blake Shelton, Derek Hough, and even Facebook’s Sheryl Sandberg and Mark Zuckerberg. Additional popular tools of this trade are business email compromise (BEC), texts, phone calls, and letters. Nothing is off limits including pretending to be a victim of a crisis.
Unfortunately, the scams continue to get more sophisticated over time and they are getting harder and harder to detect. One example involving BEC scams included bogus emails being sent to a company’s suppliers, stating their bank was closed due to a natural disaster. “Alternative” bank accounts were offered by the scammers to help invoices get paid. Hackers also set email rules so that company employees were not copied on the emails and could not be made aware of the scam. This is not a single event. Things like this happen all the time and no company is immune and everyone is a potential target; even and especially, the CEO. Phishing using current events and tragedies is a crime that isn’t fading with time.
Government officials and cybersecurity experts continue to remind those who receive email using any current event, such as a celebrity death as a lure, to be extra cautious and don’t click on links or attachments without verifying they are indeed legitimate. Even if they look like they came from a person or organization you know, take the extra time to check and recheck. Anyone can make a message, whether text or email, look like it comes from anyone else.
If a disaster strikes and you want to donate to a cause, thoroughly check into a charity to make sure it’s registered and legitimate. To avoid BEC crimes, especially if you’re in a department that deals with paying invoices or performing wire transfers, verify information if you get an unexpected notice of an account or payment address change. Your executives will thank you if it turns out their identity was used for a scam.