US CERT is warning of potential Hurricane Harvey Phishing Scams

After the Hurricane Harvey hit Texas causing deaths and destructions, authorities are warning of potential Phishing Scams.

The US CERT is warning of Potential Hurricane Harvey phishing scams, the experts fear crooks may start using malicious emails purportedly tied to the storm.

“US-CERT warns users to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Harvey. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Harvey, even if it appears to originate from a trusted source.” reads the advisory issued by the US CERT. “Fraudulent emails will often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations commonly appear after major natural disasters.”

US-CERT is advising users to remain vigilant when receiving unsolicited emails with attachments or links purporting to be related to the Hurricane Harvey that recently hit the Texas killing at least five people and injuring a dozen of people over the weekend.

US experts warn of phishing emails requesting donations from allegedly charity organizations, a tactic observed after other major disasters and incidents.

Typically these messages used malicious attachments or embed links to websites hosting exploits or to phishing pages.

A good practice to avoid scams is to contact the charity organizations by calling them directly.

US-CERT encourages users and administrators to use caution receiving messages linked to the Hurricane Harvey and adopt the following best practices:

Review the Federal Trade Commission’s information on Wise Giving in the Wake of Hurricane Harvey.
Do not follow unsolicited web links in email messages.
Use caution when opening email attachments. Refer to the US-CERT Tip Using Caution with Email Attachments for more information on safely handling email attachments.
Keep antivirus and other computer software up-to-date.
Refer to the Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
Verify the legitimacy of any email solicitation by contacting the organization directly through a trusted contact number. You can find trusted contact information for many charities on the BBB National Charity Report Index.

Cyber criminals have no scruples and often exploit any tragic event in their favor.

In October, as the Hurricane Matthew was battering the South Carolina coast, authorities warned of a series of cyber attacks against residents.

In the past crooks exploited the media interest in tragic events like the Boston Marathon attack and the crash of the flight MH17 of Malaysian Airline, they used the news as bait themes for massive spam attacks and spear phishing campaigns.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Hurricane Harvey, phishing)

[adrotate banner=”12″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.