Category Archives: Sunbelt

Haiti Relief Scams

It’s been a while since I talked about Haiti.

First of all, I’m delighted to report that Jeff’s father turned up very much alive.

Less happily, Tom Kelchner of Sunbelt has flagged a story in USA Today that claims that more than 170 complaints have been received by federal law enforcement agencies relating to earthquake relief scams. Scams specifically mentioned include:

  • SEO poisoning directing search-engine users towards sites laced with rogue anti-malware
  • Door-to-door collectors for fake charities
  • 419-type emails from alleged victims or officials
  • SMS scams where text messages invite potential victims to ring a number to get more misinformation
  • Similar scams using social networking sites such as Twitter and Facebook.
  • Fraudulent charity web sites.

One fake charity I found particularly galling, as a Brit, was the one that claimed to be a British affiliate of the American Red Cross. Come on, guys, we’ve had our very own Red Cross since 1870 (some years before the foundation of the American Red Cross), though it wasn’t called called the British Red Cross Society until 1905. Of course, there’s no particular reason why most Americans should know about the British Red Cross as a matter of general knowledge, but this does illustrate the importance of checking the validity of a charitable organization before you contribute to it. Of course, you also need to be sure that where the charity is real, the collection mechanism is also genuine!

USA Today recommends Charity Navigator (http://www.charitynavigator.org/) and the American Institute of Philanthropy (http://www.charitywatch.org) as a means of checking the charitable status of an organization.

David Harley FBCS CITP CISSP
Security Author/Consultant at Small Blue-Green World
Chief Operations Officer, AVIEN
ESET Research Fellow & Director of Malware Intelligence

Also blogging at:
http://www.eset.com/threat-center/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com
http://macviruscom.wordpress.com

Resources

A quickie (don’t get too excited!)

A tweet from Alex Eckleberry sent me to the Sunbelt blog (always worth monitoring) and hence to the Securosis blog. The blog that caught Tom Kelchner’s eye and ultimately mine was this one: “I’m tired of this whole ‘security is failing, security professionals suck’ meme” (http://securosis.com/blog/friday-summary-november-13-2009).

However, my gaze travelled over several other interesting pieces to get there: some fairly specialized like this:

http://securosis.com/projectquant/project-quant-database-security-process-framework

Others, thought-provoking opinion pieces like this one:

http://securosis.com/blog/critical-infrastructure-60-minutes-and-missing-the-point,

 Worth a look: http://securosis.com/blog/

So, was it good for you?

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://dharley.wordpress.com/
http://www.eset.com/threat-center/blog
http://blogs.securiteam.com
http://blog.isc2.org/