Haiti earthquake themed blackhat SEO campaigns serving scareware
Cybercriminals quickly mobilized following the news of a massive earthquake that hit Haiti on Tuesday. The blackhat SEO campaigns are only the tip of the iceberg. Here's what else to look for, and how to make sure you're donating money to the right organization.
Naturally, the blackhat SEO campaigns are only the tip of the iceberg. Here's what else to look for, and how to make sure you're donating money to the right organization.
What's particularly interesting about the blackhat SEO campaign serving scareware (Setup_2022.exe; install.exe), is that a huge percentage of the sites are hosted within the network of Heart Shared hosting (heartinternet.co.uk), indicating some some of automatic exploitation of its customers.
The same practice of relying on compromised legitimate domains within a particular ISP was also evident in blackhat SEO campaigns that were analyzed over the last couple of months.
Do not respond to any unsolicited (spam) incoming e-mails, including clicking links contained within those messages.
Be skeptical of individuals representing themselves as surviving victims or officials asking for donations via e-mail or social networking sites.
Verify the legitimacy of nonprofit organizations by utilizing various Internet-based resources that may assist in confirming the group’s existence and its nonprofit status rather than following a purported link to the site.
Be cautious of e-mails that claim to show pictures of the disaster areas in attached files because the files may contain viruses. Only open attachments from known senders.
Make contributions directly to known organizations rather than relying on others to make the donation on your behalf to ensure contributions are received and used for intended purposes.
Do not give your personal or financial information to anyone who solicits contributions: Providing such information may compromise your identity and make you vulnerable to identity theft.