Cyber Threat Actors Anticipated to Leverage Hurricane Florence - Beware of Fraud
Be aware that cyber threat actors (CTA) generally take advantage of public interest during natural disasters and other high profile events in order to conduct criminal activity. We expect that this trend will continue with attempts to conduct financial fraud and spread malware during and after disaster relief activities.
In the past malicious actors have used links to fake charities and fraudulent websites to solicit donations for victims or to deliver malware during and after high profile events including Hurricanes Harvey, Matthew, the Boston Marathon bombing, and the Tennessee wildfires. Because scams and malware campaigns are likely, users should exercise caution before opening related emails, clicking links, visiting websites, or making donations to Hurricane Florence relief efforts. Please educate your employees on the below recommendations to remain safe during the impending hurricane and the remaining hurricane season.
- Users should exercise extreme caution when responding to individual pleas for financial assistance such as those posted on social media, crowd funding websites, or in an email, even if it appears to originate from a trusted source. When making donations, users should consult the National Voluntary Organizations Active in Disaster website at https://www.nvoad.org for a list of vetted disaster relief organizations.
- Be cautious of unsolicited phone calls, emails or websites that claim to provide information, pictures, and videos.
- Do not open unsolicited (spam) emails or click on the links or attachments in those emails.
- Never reveal personal or financial information in an email or to an untrusted website.
- Do not go to an untrusted or unfamiliar website to view the event or information regarding it.
- Malicious websites often imitate a legitimate website, but the URL may use a variation in spelling or a different domain (e.g., .com vs .org)
- If you believe you have received scam email please report it to email@example.com
Information provided by State of North Carolina ITS.
Disclosure is not limited. Subject to standard copyright rules, TLP: WHITE information may be distributed without restriction.