FBI Issues Warning on Boston Marathon Fraud
The FBI issued a warning on Boston Marathon fraud after complaints of trickery via social media and e-mail scams. Since the April 15 explosions, cyber-criminals took advantage of human generosity and started to spread donation scams and spam loaded with malware.
Soon after the explosions, a Twitter account that resembled a legitimate Boston Marathon account lured users into donating a dollar each to victims. Though the account was suspended, scammers are likely to use the same method to register new fraudulent accounts.
“While Americans feel the need to assist or contribute to those affected by this tragedy; criminals see it as a way to exploit contributor’s kindness,” IC3 representatives said. “History has shown criminals utilize disasters to take advantage of those wanting to assist.”
Over 125 dubious domains were also registered within hours of the Boston Marathon explosions. The FBI suspects these are fraudulent websites created from scratch, because cyber-criminals have registered fake websites following other disasters too. Police also warn that links appearing as legitimate, including fbi.gov, could be hyperlinked to redirect victims to malicious web sites.
At the same time, the FBI received reports about compromised e-mails reading “Boston Marathon Explosion.”The spam contains links to a compromised web page that shows a series of videos of the attack site.
The Better Business Bureau also warned of charity scams speculating the Boston explosions, and gave advice on how to avoid them.
“Tragedies inspire people to give, but tragedies – whether natural disasters or manmade catastrophes – also inspire scammers to take advantage of that generosity,” BBB Wise Giving Alliance CEO H. Art Taylor said. “Social media, in particular, makes it very easy to reach a lot of people quickly, when emotions are running high and people feel the need to take action, any action, to help.”
A Bitdefender study showed that, within hours of the Boston bombing, related keywords spread to 20% of spam. The antivirus leader also identified malware spreading with fake YouTube videos about the explosions. The RedKit exploit pack downloaded Trojan.GenericKDZ.14575 to steal users’ credentials directly from their browsers.