Katrina aftermath: Beware of e-looters

Looters are going outside the streets of New Orleans, Hurricane Katrina’s hardest-hit US city, and setting up shop on the Internet where potential prey abounds.

E-looters are using known methods such as phishing and spam e-mail, but hiding them under Katrina’s cloak to rip off unsuspecting victims, according to Christopher Faulkner, president and CEO of CI Host, a Dallas, Texas-based Web hosting and data management company.

He said since the disaster struck weeks ago, there have been over 1,000 domain names registered containing the terms Katrina or Hurricane Katrina. Most of these domains are either used to set up malicious Web sites or are being auctioned off to bidders for a price of up to $50,000.

“Hurricane Katrina has a lot of people glued to their televisions and their PCs wanting to help. They have their guard down and they are clicking on e-mails thinking they’re donating to a good cause, but in reality it’s not going anywhere near New Orleans,” said Faulkner.

There are several types of scams happening, he said. One is phishing-related, where Web sites are set up masquerading as Katrina relief or donation sites. These sites would ask people intending to make a donation to enter their personal and financial information. Scammers would then use the information to steal people’s money or their identity.

Katrina-related spam e-mails contain some text about the devastated area with URL links that claim to have more information or pictures, but clicking the links would actually release viruses, Trojans or spyware infecting the victims’ computers, said Faulkner.

One particular type of spam, called fee-based spam, details information about private organizations claiming to have “rescue teams” based in Alabama, Mississippi and Louisiana. For a fee that ranges from $500 to $1,000, they would deploy their people on-site to locate lost loved ones, said Faulkner. “But they don’t [actually] do anything, but take the money and run.”

Internet service providers and Web hosting companies have taken down some of the malicious Web sites, including hurricanekatrinapix.com, hurricanekatrinarelief.com and katrinadamage.com. Faulkner said these three sites were owned by a certain Bruce Henry, a New Orleans resident.

CI Host has been conducting spam filter testing for Katrina-related spam e-mails and phishing activities for its 220,000-hosted Web sites. The company has been blocking between 8,000 and 10,000 Katrina spam or phishing e-mails per hour, said Faulkner.

While technology is being used as a scamming tool, many legitimate organizations are using it to extend help to Katrina’s victims. And while scammers may be making a few hundred extra bucks through unscrupulous use of technology, hurricane victims are getting millions of dollars worth of help in return, thanks to modern technology.

Sun Microsystems, based in Santa Clara, Calif., has deployed its own people and equipment to Cajun Dome in Lafayette, Louisiana to provide IT and communications support to the Katrina-affected areas.

Sun technicians have been setting up Internet access points and other infrastructure to expand communications capabilities in surrounding areas for evacuees. The company is also assisting disaster-affected businesses on their data recovery and continuity efforts, according to Shirley Horvat, director of marketing, Sun Microsystems Canada Inc.

“[The equipment deployed] includes everything from servers to clients – whether Sun Rays or workstation-type of technology – and [we’re] providing services and networking equipment required to connect everything together,” Horvat said.

This initiative will allow people in the affected areas to connect with loved ones through e-mail, search for missing friends and relatives and simply use the connectivity to share information.

Through the company’s Sun Foundation, monetary donations will also be extended to the disaster-stricken area. Personal donations from Sun employees will be matched – dollar for dollar – by the foundation. Last year, the company raised US$1.2 million for the Tsunami relief efforts in Asia, Horvat said.

With all the scams proliferating over the Internet, it is always good practice to ensure the legitimacy of a charitable organization before making any donation, said Faulkner.

“Legitimate charities don’t usually e-mail people to solicit donations. So, if you get an e-mail from a charity saying, ‘help, give me money,’ nine out of ten times, it’s not going to be legitimate,” he said.

The best defense against e-looters, said Faulkner, would be to use common sense. “Don’t take an e-mail at face value. Don’t just trust what you read in an e-mail and send money via Pay Pal.”

Related Download
A Guide to Print Security for Canadian Organizations Sponsor: HP
A Guide to Print Security for Canadian Organizations
IT security vulnerabilities are a growing cause for concern for organizations trying to protect their data from printer breaches.
Register Now