Several internet security firms have reported phishing scams and Trojans disguised as news reports and donation requests following the cyclone in Burma and the earthquake in China.
"There are number of requests for companies to donate funds to disaster relief organisations being sent via email," said David Hobson, managing director at Global Secure Systems.
"Unfortunately, most of these email appeals are actually phishing requests. Anyone 'donating' via the suggested sites may find themselves asked for a variety of personal and/or company information which could be used for identity theft."
Sophos has seen cases of spammers going beyond phishing attacks and using emails to infect PCs with a Trojan.
"We have already seen several examples of cyber-criminals trying to exploit the disasters in China and Burma. It seems that there is no end to their tactics," said Graham Cluley, senior technology consultant at Sophos.
"To avoid falling victim, computer users need to use their common sense and not open emails from people they don't know.
"By deleting them straight away, you are cutting the fraudsters off before they even have the chance to trick you into giving them money as they pose as victims of the tragedy, or try and install malware on your computer."
Security expert Jim Clausing said in a diary entry for the SANS Internet Storm Centre: "These may not all be scams, but we repeat the advice we first gave nearly three years ago.
"If you wish to donate money to help the victims of these disasters, stick to the established charities (such as the Red Cross or Church World Service) through their main web pages or the phone."
Spammers exploit tragedies in China and Burma
By Staff Writers on May 26, 2008 7:43AM