WORLD: Tsunami aftermath includes crooks phishing for funds

Inboxes filled with phony requests for relief, websites in Canada, Australia, US, England, Singapore and China are cyber crime

The Times of India
Wednesday, January 19, 2005

By K. V. Ramana

HYDERABAD: Taking advantage of the outpouring of sympathy for tsunami victims, Internet con artistes are angling in cyberspace to ease relief dollars out of people's pockets. According to IT industry sources, mail boxes round the world are being spammed with relief requests - many of them by fraudulent groups practising a variant of phishing, the con trick of sending emails to net users with the intention of luring them with fantastic promises.

Though the scam has not yet been reported in India, internet users interacting with websites and clients in Canada, Australia, US, England, Singapore and China are reporting phishing. "Thousands of recipients of such emails have fallen for the relief pleas," a source involved in antispam activity said.

According to an anti-virus company tracking phishing, the same shadowy groups that tried to hook netizens with promises of millions of Nigerian dollars may be behind this scam. Most of the tsunami e-mails have similar text: "Please donate at least $100 to help give food and medical treatment to two million forced immigrants, 500,000 homeless and 33,000 victims of the South Asian tsunami."

A spokesman for anti-virus company Trend Micro said, "This message was an e-mail from Nigeria that impersonated a Singapore charity." Apart from phishing, the Internet is witnessing much action in terms of worms using tsunami-related photographs.

According to a recent report by the Anti-Phishing Working Group (APWG), online phishing scams, mostly originating in America and Asia, grew 28 per cent in the last four months. Combining social messages with Trojan programmes, these scams are difficult to identify by the average user.

To avoid these traps, experts advise entering addresses manually rather than clicking on links, being wary while opening attachments, downloading a fake website detector and using anti-phishing software.

Date Posted: 1/19/2005