I’d like to think that everyone reading these words is smart enough not to fall for this crap, but a couple years of answering comments and emails from some of you people and even more years of being alive have taught me that my hopes are way too high, and that some of you need to be told, repeatedly I might add, that things aren’t always as they seem. So, for the benefit of all of you who probably don’t know who you are, as well as for those of you who have the smarts to investigate things like this, here’s a warning:
If you get an email asking you to donate money to the Hurricane Katrina relief effort or telling you that you can click on a link for the latest breaking news about the situation, for the love of God just delete it and go on with your life! If you want to give money or time or follow the latest developments there are plenty of reputable ways to do both of those things, none of which involve unexpected emails from complete strangers or email forwards from Bob in Accounting.
Yes, I know you should be able to trust that people wouldn’t take advantage of such a grave disaster for the sake of personal gain, but quite simply, you can’t, so it’s up to all of us to be careful.
If you want to read up on some of the dangers involved in opening the help the hurricane people emails, click
I’ll paste the most important points below in case the link decides to stop working.
Phony Web sites and e-mails, purporting to offer help to hurricane victims or provide more news on the destruction, are making their rounds on the Internet, security experts said Thursday.
One spam campaign that’s circulating offers breaking news reports but tricks people into clicking a link that takes them to a bogus Web site,
according to security firm Sophos.
The site attempts to exploit vulnerabilities in Internet Explorer and install malicious code, including the Troj/Cgab-A Trojan horse, on a victim’s system Sophos said.
Some of these e-mails carry subject headers such as “re: g8 Tropical storm flooded New Orleans” and “re: q1 Katrina killed as many as 80 people.”
“If users click on the link contained inside the e-mail, they will be taken to a malicious Web site which will try and infect their computer,” Graham Cluely, senior technology consultant for Sophos, said in a statement. “Once infected, the computer is under the control of remote criminal hackers who can use it to spy, steal or cause disruption.”
Other bogus e-mails are circulating that ask people to aid hurricane victims and their families by clicking on a PayPal button to make a donation, said Johannes Ullrich, chief research officer for the Sans Institute.
“They’re using PayPal because it allows them to be more anonymous. But if you reply and ask them for their address to mail the check, they don’t respond,” Ullrich said, noting that in many cases it is difficult to ascertain whether the e-mail is legitimate.
Note from Steve: If you’re not clicking the button from a website that you’re positive you can trust, there’s about a 99.9% chance that it’s not legitimate. In short, if it comes in an email and you don’t know how it got to you, it’s probably crap. And even if it isn’t, why rely on an unknown third party to deliver the funds when it’s much safer to donate to an established charity on your own terms? Why not make the validity of the email or website in question a non-issue? It just makes sense.
He advised people to ask the organization for its nonprofit tax ID before making a donation. That ID number can be checked against the
database housed by the Internal Revenue Service.
Consumers should also review the list of reputable nonprofit agencies posted on the
Federal Emergency Management Agency Web site,
And while we’re doing the whole warning/advice thing, I figure this is as good a time as any to revisit the whole
run a safe computer and watch what you click on