We talked with @RAbrams about what to be on the lookout for during a natural disaster and he had this to say:
Natural disasters are natural phishing bait. While greed and fear are strong emotions to exploit, perhaps compassion is the strongest of all. The most common post-natural disaster phishing attacks use social engineering attacks to exploit this emotion by claiming to be seeking money to help the victims of a natural disaster. The victim of the phish will never know that the money did not go to a charity, and the victims of the disaster will not receive the benefits of your compassion and generosity. Here are a few tips.
- Before donating to a charity look up the charitable organization at https://www.charitynavigator.org/
- Do not click on links in an email request for charity. They may take you to fake websites that look legitimate but are not
- Many charities are on Facebook. There will almost certainly be posts that indicate where to donate.
- Look at the actual email address from the sender. A legitimate email from a charity is not likely to contain a person’s name in the from field.
- Be especially cautious of requests to send an SMS code to donate.