When a major disaster strikes, scammers are never far away to try and profit from people’s generosity. Unfortunately, this has been the case for many years, and especially in recent years with the rise of digital crime. In fact, in 2005, as many as 4,000 charity sites with Hurricane Katrina in their name had been set up before the hurricane had even made landfall. Scammers also stole $4 million from donors in the weeks after 9/11. These threat actors will stop at nothing to accomplish their mission even if it means taking advantage of others regarding tragic events.
In fact, a couple findings by our GroupSense team show that a threat actor was actively trying to scam those who were willing to donate during the Australia bushfire crisis:
Figure 1- Threat actor looking for scamming tips
The threat actor was looking for help in carrying out this scheme, but faced harsh criticism from other posters on the dark web forum. According to the threat actor, they had setup six different pages that would allow donations to be sent by cryptocurrency as well as through PayPal. Interestingly, this appears to be the first time this threat actor is carrying out a scam. Still, the fact that the threat actor was able to set up the scamming pages so quickly and easily shows it doesn’t take too much skill to attempt to defraud others.
GroupSense researchers found a Telegram account that is strongly correlated to the same threat actor from the posts above:
Figure 2- The Telegram channel setup by the threat actor to defraud donors
Figure 3- The message sent by the threat actor to those in the group chat
The threat actor uses sobering stories and descriptions to appeal to the crypto community’s emotions. The threat actor also provides a link in their Telegram channel that redirects users to the below website:
Figure 4- A fake website created by the threat actor behind the Telegram group chat
The links to each payment method were not associated with any well-known charities indicating that this was an active attempt to defraud people of their donations. However, The International Animal Rescue & Welfare agency bears some resemblance to the International Animal Rescue organization, which is a legitimate charity. This is just one of the many methods threat actors use to deceive well-meaning donors.
Tips to Spot Charity Fraud
Scammers are unfortunately more prevalent after disasters occur, so it’s good to keep this in mind when researching potential charities. When choosing where to donate, remember these tips and techniques:
- Make contributions directly to the charity rather than through an intermediary or third-party vendor. Be weary of donating over the phone as well.
- Donations through PayPal or cryptocurrency is an immediate red flag (as is paying by direct wire transfer or gift card). These methods can be harder to track and therefore the preferred methods for scammers.
- Be aware of charities who use copycat names, such as the one above. They may try to ride on well-known charities’ reputations.
- Most legitimate charity websites use .org, NOT .com.
- Scammers will snatch up URLs of disaster names or storm names. An example would be helpkatrina.com, which would be easy to register and has virtually no way of being verified.
- Research the charity beforehand by searching the charities name and adding either “review,” “rating,” “scam,” “fraud” or “complaint” to the end of the query.
- Keep a record of all donations and review your statements to make sure there are no recurring donations or donations you didn’t agree to.
Charities Have a Stake in the Fight
While the above tips focus on how people can help protect themselves from charity fraud, charities themselves need to focus on protecting their digital assets and preventing fraud as well. With the costs of a data breach in the international market varying between 300 pounds and 100,000 pounds, a breach could cripple a charities efforts or even collapse it.
According to the Cyber Security Breaches Survey, phishing emails sent to charity staff or volunteers contributed to 81% of all cyberattacks or breaches. For example, in late 2018, an employee of the charity Save the Children Foundation fell victim to a phishing attack that cost the organization $1 million. Luckily, about 90% of those funds were able to be recovered, but this isn’t always the outcome.
Control Your Digital Risk
Actively monitoring for cyber threats, in particular brand misuse and breaches, can not only save time in acting against the threat, but can also save a charity’s reputation and the valuable funds it needs to carry out its mission. GroupSense can help charities mitigate digital risk and prevent fraud through our cyber reconnaissance services. Contact us to learn how you can take the offensive against cybercrime.