Stay Safe While Being Charitable in the Cloud

The earthquake and resulting tsunami near Tokyo last week caused widespread damage across the region. My heart goes out to all of those affected by this tragedy. Like many others, when disaster strikes, I look for ways to help those in need.

Even as images and news of the devastation still roll in, scammers are looking ways to take advantage of the situation. Past disasters, such as the 2010 earthquake in Haiti have resulted in scammers creating phony donation web sites and using phishing attacks to steal money, obtain credit card numbers and spread malware. US-CERT has already issued a warning about scammers using the earthquake disaster to be cautious.

Scammers use social engineering tactics to take advantage of events like the Tokyo earthquake. Knowing that people are charitable and caring, scammers try to reach victims on an emotional level to get them to take an action – click on a link in an email, view a video or donate to a cause.

Clicking on the wrong link or donating to the wrong “charity” can cause big problems.

People, however, should not be deterred from making charitable donations to causes. Using common sense and following some simple guidelines will help keep data secure while helping people who need it.

Six guidelines for staying safe while being charitable:

1. Go directly to the web site of the charity to which you want to donate and make sure they actually have a presence in the area you’d like to help. To donate to the American Red Cross, visit www.redcross.org.
2. Don’t click on ads for charities asking for donations. Scammers use search engine advertising and banner ads to lure victims to fraudulent sites.
3. Research a charity before donating. Some good sites for researching charities are FBI.gov, BBB.org and Charitywatch.org.
4. Do not respond to email pleas for donations. Many of these emails are sent by spammers using phony charities or the names of legitimate charities with phony web sites.
5. Don’t donate directly to individuals you don’t know personally. Scammers use sob stories to solicit donations from unsuspecting people.
6. If someone you know asks you for money via email, Twitter,

Facebook or another online source, confirm that it actually is your acquaintance asking for the help. Some Facebook accounts were hacked in 2009 and scammers sent phony messages to users’ Twitter friends asking for money to be wired abroad.

Crises may also be used to spread malware. Scammers use times of crisis to lure victims to watch video footage of a recent event, then infect the victims’ computer with malware when they visit the site. Be aware of links to videos and “breaking news” updates online and those sent by email. Go to known, trusted news sites to obtain information about current events.

Charities need donations to function in times of crisis. They depend on our generosity to provide needed services. While I encourage people to be vigilant and wary of scams, I don’t want to discourage them from giving to legitimate charities. I urge you to be charitable, but be safe.