Approximately two hours after an 8.9 earthquake hit northeast Japan we spotted the first potential donation scam site. We’ve seen this before of course, but for a scam site to appear in just two hours–indexed and with content–is pretty damn quick in my experience. Hundreds of domains that could be related to the disaster have been registered so far today; we’re keeping an eye on them.
Please ensure that when you donate to victim relief efforts, that you do so through legitimate sites.
1. .Org domains are cheap. Registering does not authenticate charitable status in any way. Verify that the organization is actually a registered charity.
2. Domain solicitations that arrive by unsolicited email, especially those sounding overly urgent or desperate, are very likely to be scams
3. The same goes for advertising banners
4. If you’d like to help, I recommend you support one of the major international organizations that have a “most in need” fund
The types of scams to expect are fake donation and charity sites (including charity phish), 419 variants, fee based loved-ones locators, tweets pointing to scams and, of course, exploit-laden search-engine optimized sites installing malware.
This post from our cybersecurity mom, Tracy Mooney, charitable giving may also be of use.