It is a well-known fact that events of a global interest are exploited by cyber criminals for financial gain. Natural disasters are a golden opportunity for cyber criminals and cyber vandals, whose main aim is to make profit, even if it means exploiting other people’s misery. —Eugene Kaspersky
You have got to love the bad guys. They come up with the most inventive ways of scamming normal users of the internet. From apple picking in New York (stealing a mobile phone—usually an iPhone—from someone who has it held up to their ear) to high-end and targeted spear phishing attacks, they are the most inventive people around. But the most telling example of their ingenuity is the scams they deploy during times of widely publicized disaster or tragedy.
Hours after a tragic event, spammers can be hard at work crafting malicious software to take advantage of would-be philanthropists (not to mention aid workers, disaster victims and their friends and relations). In the days that follow, fraudulent e-mails, Facebook posts and websites appear when people are most upset and least critical. This is why it's a mistake to try to predict cyber criminals' tactics based on what you'd do in their place. The criminals are more ruthless and devious than you'd ever be—that's why they chose their line of work.
Recently I was doing some research for a presentation I was doing for a group of Rotarians, and I came across some interesting information concerning the Fukushima Nuclear Power plant Disaster and what happened on the internet.
The power plant had major problems after the March 11, 2011 tsunami. Along with a failure of the cooling system on March 14, there were numerous other failures of the plant's protective mechanisms. Plant employees worked heroically to minimize the damage, and around the world, observers watched in sympathy. What people did not understand is that on the internet, it was a different story.
This is the timeline of what happened on the internet while people were fighting for their lives and others were trying to help:
March 11: The earthquake hit and the tsunami rolled across the Japanese mainland.
March 12: First and initial life jacking occurrences appear on Facebook. (A life jacking is a way to upload malware to other people’s Facebook timelines; anyone who clicks on the link can then get infected with malware.)
March 13: New and better-written Life jacking posts appear on Facebook, linked to non-existent tsunami videos.
March 14: Massive “black hat” SEO campaign strikes the internet—1.9 million infected web pages are removed by Google. Hackers controlled the first three pages of tsunami-related Google search results before the sites were removed from Google’s search.
March 15: The Geiger crowd project is set up, demanding universal access to radiation information. This project was driven by a criminal organization. Fake donation groups start to appear on Facebook.
March 16: Huge email campaign through bot nets and infected computers requesting donations through links to malicious URL links.
March 17: Fake twitter accounts offer links to non-existent videos of events inside the disaster.
March 18: Second wave of spam email requesting donations for affected Japanese. Huge airline ticketing scam uncovered, offering tickets either to people wanting to get out or helpers wanting to get in—all associated with fake criminal web sites.
March 23: Appearance of scam emails that appear to come from UK Red Cross asking for donations.
From the start of the disaster to the time of the criminal world's greatest involvement, four to six days passed. Just think, of the millions of people who were infected with malware, lost money through bogus donations or had personal information including credit cards, if one percent of these criminal activities deliver profit, then the perpetrators are making millions of dollars.
The internet is rarely what it seems to be. A large proportion of what's out there is inaccurate, incorrect or just plain wrong, and some of it is put there to attract you.
Cyber criminals are smart. But a criminal does not have to be a genius to turn a profit; they just have to be slightly smarter than their target. On the internet, that is not hard. A large proportion of internet users are unaware, uneducated or unprepared for what can happen in cyberspace. The dangers are real, and most of them are only a click or two away from us any time. The solution is to keep your guard up at all times, no matter how good the cause or how important that video looks. Remember—paranoia is your best protection.