Fake donations phishing scam for New Zealand earthquake victims appear

Phishing scammers are looking to capitalise on the recent earthquake that struck Christchurch, New Zealand
Phishing scammers are looking to capitalise on the recent earthquake that struck Christchurch, New Zealand

According to Mathew Maniyara, security response lead for Symantec's Pune, India-based operation, fraudsters are taking advantage of the quake by sending spam mails that request donations.

In January, he said, phishers had used the same ploy of asking for fake donations for victims of the Serrana floods.

Analysing the scam, Maniyara says that the phishing site spoofed the Red Cross website for New Zealand and requested help from end users.

"Firstly, the phishing site gave details of the earthquake, highlighting the extent of the damage in the city. Secondly, details on how to make a secure online donation were given. Users were notified that upon making an online donation, the user would receive a receipt by email for tax purposes. There were three credit card services to choose from", he notes in his latest security blog.

To make the donation, Maniyara says that users are required to enter certain confidential information.

The first field is a drop down menu from which the user had to select the cause for which the donation would be made. The causes included New Zealand Earthquake 2011, Annual Appeal 2011, Australian Floods Fund, Landmine Appeal, Pacific Disaster Preparedness Fund, and General Fund Appeal, he added.

And here's where it gets nasty, because, as well as trying to rip internet users off, the scam also attempts to persuade users to provide all manner of payment card credentials, Infosecurity notes.

The confidential information required in the RFI, says Maniyara, includes the usual email address, postal address and credit card number, but also asks for the three-digit security number, card expiration date, four-digit PIN code, driver's licence number, and date of birth.

"Upon entering the required information, the Web page redirected victims to the legitimate Red Cross website", he says in his security blog, adding that the phishing site is being hosted on servers based in Wien, Austria.

To counter these types of scams, Maniyara advises internet users to follow best practices when using the net:

  • Do not click on suspicious links in email messages.
  • Avoid providing any personal information when answering an email.
  • Never enter personal information in a pop-up screen.
  • Frequently update your security software.

What’s hot on Infosecurity Magazine?