Phishing for Misfortune: Disaster Fraud

disaster fraud

As seasons change, so too does the weather. Hurricanes, lengthy storms, catastrophic flooding, uncontrollable wildfires and more — all cause devastation and destruction. Unfortunately, when victims of disasters need help the most, cybercriminals and scammers are very quick to step in and take advantage of both the vulnerable and the compassionate. Here are some ways they exploit unfortunate situations:

Disaster fraud is when cybercriminals and scammers target victims of a regional disaster by posing as aid provided by government agencies or reputable relief organizations. They contact victims directly via email, phone or even text messaging, asking for personal information such as social security numbers, credit card details, names and addresses. Once obtained, the scammers can use the information for identity theft or credit card fraud.

Tech support scams are common in the aftermath of disasters, especially when essential infrastructure such as phone lines or water and electrical equipment need repairing. A tech support scammer targets victims of a disaster with the promise of getting them back on track and online as quickly as possible. Always be wary of unsolicited tech support calls — especially in dire circumstances like a natural disaster. They are almost always phishing — never fixing.

Charity phishing occurs when cybercriminals and scammers create fake charities that allegedly raise money for victims of a disaster. They attempt to tug at heartstrings with emotion and feelings of helplessness when people are at their most vulnerable. Charity phishing scams target more than just victims of disaster — and before you can report them to law enforcement, they’ve disappeared. Before committing to a donation, always verify the legitimacy of a charity by using search engines and charity scam watchdogs.

Four things you must know to protect yourself from disaster fraud:

  1. Government relief agencies will not contact you directly via email, phone, or text to ask for your financial or social security information.
  2. Government relief agencies will never compel you over the phone to hastily accept or do anything. If the call sounds off, hang up and report it to local law enforcement.
  3. Government officials never ask for money in exchange for the relief services they are obligated to provide its citizens.
  4. Never enter your email address and password into forms that appear to be from government agencies without verifying its legitimacy first. Always use a unique password and, if possible, a unique username to protect your other accounts.
Contact Global Learning Systems today to learn more about our security awareness and anti-phishing training to help your employees learn best practices to keep your information safe at home, work and on the go.
GLS Logo

Enjoying our cybersecurity blogs?

Try out our weekly security awareness tips, sent directly
to your inbox.
GLS Logo

Your download is complete!

Need more training?