|
|
|
|
|
|
|
| Tsunami Aid: 'Phishing' For Donations |
| Millions are generously donating online to help in South Asia. But criminals have already caught on |
|
Todd Thacker (internews)  |
 Email Article
 Print Article
|
|
|
|
Published 2005-01-03 17:24 (KST) |
|
|
|
Tragedy brings out the best and worst in people.
Last week's deadly Asian tsunami has prompted many governments to pledge millions of dollars of immediate and long-term aid.
Citizens, too, have stepped up to donate to various international relief funds. Last week, Britons were donating one million pounds an hour; their collective generosity (around 60 million pounds as of Sunday) outstripped even their government's initial 50 million pound contribution.
But given the urgent outpouring of aid, it was just a matter of time before online criminals started exploiting people's concern, bilking them of their donations. It's not difficult to do.
| | | What is Phishing? | | | |
E-mails using company logos and familiar language reporting a problem and asking you to update your account information by prompt return e-mail or by filling out a Web site form.
HTML links in e-mails that may resemble those of a legitimate business and direct you to Web sites that use company logos or otherwise appear to be authentic.
E-mails with attachments asking you to install software so that fraudsters can use it to record your key strokes and online activity.
E-mails that contain typographical or grammatical errors. Spelling errors allow fraudsters to bypass spam filters used by Internet Service Providers.
Windows that pop up over a legitimate company's Web site asking you to enter personal information. / Phishing FAQ | | | | |
Less than a week after the tsunami disaster, this reporter received an unsolicited email in an old, spam-ridden yahoo account from a U.K. children's "charity."
Someone was "phishing" for my donation.
Phishing is a method of getting sensitive information, such as passwords or bank information, by masquerading as a trustworthy institution.
Fortunately, netizens have an arsenal of tools they can use to protect themselves. Search engines, reverse IP (Internet Protocol) lookup sites and Better Business Bureau black lists are readily available to help track down the salient details of an institution.
The phishing email immediately triggered numerous red flags. It landed in the Yahoo bulk folder and was rather hastily written; it misspelled the name of the main trustee.
Going to the Web site, more problems became apparent immediately. Its front page was indeed hosted in the U.K. and bore an official looking ".org" domain, but every link on that site directed elsewhere -- with a numeric IP address and the charity acronym listed after the backslash in the form of "http://12.345.678.90/abcd/donations.html."
(Holding the mouse pointer over the Web site button for a moment will prompt the browser to display a full address popup or list the address in the status bar at the bottom of the screen.)
In this case, a quick Google search produced a number of reverse IP lookup sites (see notes), into which the numeric IP could be inputted. It turned out to be a generic ".com" domain hosting service in the United States The numeric address was used to hide the different domain.
One twist was that the site also listed a U.K. registered charity number. Another Google search turned up a genuine registration site that included a search function.
Inputting the charity number turned up the institution-in-question's status, including when it originally registered and its financial history. It had not been updated in years, and the only gross income it reported was in 1998, to the tune of just over 2,000 pounds.
Google also revealed some disturbing information about the main trustee listed in the email and on the Web site. Ostensibly a famous philanthropist from India, Google turned up in the first page of results a 2002 Times of India story reporting the trustee's being granted bail in an alleged fraud case.
 |  | |  The details of this "charity" have been obscured. -- Ed. | | | In the face of all this damning evidence, it is not hard to imagine that most netizens would simply walk away. There are numerous well-known, reputable organizations working on collecting relief aid. The BBC has a comprehensive list posted on its Web site.
For those who are alarmed by these scams and who want to go to the next level by reporting potential abuse, there are a number of relatively quick avenues to take.
One is to copy and paste the text of the unsolicited message and address of the dubious organization and email it to the "abuse" address of the site's domain. Every hosting service has an abuse address listed in the DNS (Domain Name Server) information when you do a reverse IP search.
Domestic Better Business Bureaus or police-run Web sites for reports of Internet fraud also have anonymous Web forms that concerned individuals can post to anonymously, in addition to the usual channels via email.
|
|
 |
|
Here are four reverse IP directories to keep in mind when looking for more information on a institution's site:
APNIC (Asia Pacific Network Information Centre) - Asia/Pacific Region
ARIN (American Registry for Internet Numbers) - North America and Sub-Sahara Africa
LACNIC (Regional Latin-American and Caribbean IP Address Registry) - Latin America and some Caribbean Islands
RIPE NCC (Reseaux IP Europeens) - Europe, the Middle East, Central Asia, and African countries located north of the equator |
|
|
©2005 OhmyNews
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
 |
How worried are you about the H1N1 influenza virus? |
|
 |
| * Vote to see the result. |
 |
|
 |
|
|
|
|
|
|
|
|
|
RSS
Del.icio.us
Digg 
reddit
Y! MyWeb
Comments Note: Kindly refrain from personal attacks and profanity.
.jpg)
