Tips to Avoid Japan Earthquake Phishing Scams
In the wake of the devastating 8.9 magnitude earthquake that hit Japan today (March 11), the global online community is banding together to offer support and donations through charities' websites like the Red Cross.
Unfortunately, as with any significant issue that attracts widespread attention, online scammers are likely to put their dirty hands in the pot and create their own fraudulent donation sites to profit on your sense of civic duty.
Here are a few ways to make sure your charitable donation reaches the right people and doesn't leave you victimized.
Check for URL spelling mistakes
Often, cybercrooks will set up donation websites that appear legitimate. As seen following the February earthquake in New Zealand, scammers will mimic the logo and design of trusted sites like PayPal or the Red Cross to gain your trust.
One way scam artists carry out their tricks is by creating domain names that are similar to commonly visited sites, but are misspelled, such as faecbook.com or twitr.com. The trick, called typosquatting , is especially effective when events such as the Japan earthquake are sure to draw loads of Internet traffic to specific sites like the Red Cross.
Hackers are very smart at making fake URLs look real, like, say, Credits.com for Credit.com, wrote Ondrej Krehel, chief information security officer for Identity Theft 911 in a blog post.
To ensure you're putting your money in the right hands, double check the spelling of the website, and don't accept unsolicited e-mails asking you to donate.
Don't get misdirected
If you are going to donate money through a website, make sure there aren't other parties involved.
Online financial phishing scams that appear real will frequently direct you to a third-party website that asks for your credit card information.
If you see that you're being redirected to a site that doesn't look right, or notice the URL link contains characters other than normal, disconnect, wrote Krehel.
A Fight Identity Theft blog post supports Krehel's point, and warns about the dangers of links embedded in rogue e-mails and scam sites.
The text of a link can say anything. Where it points to can be completely different. Don't pay any attention to the link text. You have to pay attention to the address bar in the URL browser, the post reads.
Avoid the social pressure
A successful Internet scam works because it preys on a huge amount of people. So if you see a website that appears suspicious, do some research.
You might not be the only one who was targeted. Google the number or e-mail address to see if there's a larger scam and possible means to report it, Krehel wrote.
And never trust messages and links spread through Twitter and Facebook. Both social networking sites are hotbeds for scammers looking to make some quick cash.
To make sure you're not getting worked over by an online criminal, never give out your PIN code, driver's license number, phone number of date of birth. None of that information is required by legitimate sites such as the Red Cross or Disaster Donate.