We recently wrote about how the FBI has warned computer users of potential Haiti Earthquake Donation Scams and now security researchers have joined forces to investigate these fraudulent activities to bring the perpetrators to justice.
A possible Haiti Earthquake email scam campaign from a French source has been one of the sources of investigation in finding out who the culprits are behind these inhumane crimes. It is one thing to steal money from a person off of the street and another to take the money that comes from those willing to give to the unfortunate victims of the Haiti Earthquake. It does not get much lower than this.
Shown in figure 1. below, is an example of what appears to have been a scam email sent from a French source asking for donations in assistance of families in Haiti. In the message it asks for donations to a Paris address with banking account information provided. After researchers shared this particular email among other colleagues, they were able to search the internet for possible identification of the source.
Figure 1. - Haiti Earthquake Donation Scam Email Message - Avertlabs
During the investigative efforts, a researcher was able to identify a person on the internet that managed an online car sales service, which was found to be a scam as well. The same individual was sought out by the French banking industry’s Computer Emergency Response Team. The individual and possible source of the Haiti Earthquake scam email, was previously sentenced in 2009 for using false insurance certificates and fake bank guarantees.
Not letting this astounding discovery go to waste, the information gathered from the security research investigation was all forwarded to the proper authorities to hopefully catch the person responsible for this particular email scam.
Below is an update to the FBI's warning on scams related to the Haiti Earthquake with new guidelines that every computer user should take note of.
Before making a donation of any kind, consumers should adhere to certain guidelines, including the following:
- Do not respond to any unsolicited (spam) incoming e-mails, including clicking links contained within those messages.
- Be skeptical of individuals representing themselves as surviving victims or officials asking for donations via e-mail or social networking sites.
- Beware of organizations with copy-cat names similar to but not exactly the same as those of reputable charities.
- Rather than following a purported link to a website, verify the legitimacy of non-profit organizations by utilizing various Internet-based resources that may assist in confirming the group’s existence and its non-profit status.
- Be cautious of e-mails that claim to show pictures of the disaster areas in attached files, because the files may contain viruses. Only open attachments from known senders.
- To ensure contributions are received and used for intended purposes, make contributions directly to known organizations rather than relying on others to make the donation on your behalf.
- Do not be pressured into making contributions, as reputable charities do not use such tactics.
- Do not give your personal or financial information to anyone who solicits contributions. Providing such information may compromise your identity and make you vulnerable to identity theft.
- Avoid cash donations if possible. Pay by debit or credit card, or write a check directly to the charity. Do not make checks payable to individuals
If you believe you have been a victim of fraud from a person or an organization soliciting relief funds on behalf of Haitian earthquake victims, contact the National Center for Disaster Fraud at . You can also fax information to or e-mail it to firstname.lastname@example.org.