Although far from the Boston Marathon bombings and ensuing violence, feelings of anger, frustration and helplessness continue to sting us on Maui. How are we to affect change in a seemingly insane world? To find some relief, we may seek to express in actions what we can't adequately express in words. We want to help.
But the catastrophic occurrences in Massachusetts do not just mean an increased threat level across the country and globe. This senseless destruction has also spawned both new and recycled Internet scams. Sadly, major incidents like these tend to attract malicious individuals who use others' suffering for their own gain, developing schemes to lure those longing to do something to offset evil.
A forwarded message from Maui County Civil Defense Agency states that Internet watch groups and cyber security experts have already identified multiple fake domains/Websites and charity efforts to capitalize on these acts of terrorism.
Based on previous tragedies, more fraud will follow in the coming days, so Internet users need to apply a critical eye and conduct due diligence before clicking on links, visiting Websites or making donations.
Over 125 domain names associated with the Boston Marathon bombings and victims appeared within the hours after the incident. The majority of these new domains, which use a combination of the words "Boston," "Marathon," "2013," "bomb," "explosions," "attack," "victims" and "donate," should be scrutinized.
In addition to fake domains, phony social media accounts with similar intent are also being created and being used to spread hoaxes, including information regarding the purported death of several child runners (children are not allowed to participate in the Boston Marathon), and runners injured in the marathon who were participating for a variety of charities and causes.
Multiple counterfeit charities were created on social networking Websites within minutes of the explosions, professing to collect funds for victims.
For example, the Twitter account @_BostonMarathon was created shortly after the explosions took place. The account stated it would donate $1 for each retweet, and was crafted to closely resemble the legitimate Boston Marathon Twitter account @BostonMarathon. (Source: National Cybersecurity and Communications Integration Center.)
Phishing emails may provide links to malicious Websites purporting to contain information, pictures and video, or may contain attachments with embedded malware. Clicking on the links or opening the attachments may infect the computer and put it in jeopardy for further malevolent activity.
Users should always adhere to the following guidelines when reacting to large news events, including news associated with the Boston Marathon bombing and solicitations for donations:
Be cautious of emails/Websites that claim to provide information because they may contain viruses.
Do not open unsolicited (spam) emails or click on the links/attachments contained in those messages.
Never reveal personal or financial information in email.
Do not go to un-trusted or unfamiliar Websites to view the event or information regarding it.
Never send sensitive information over the Internet before checking a Website's security and confirming its legitimacy. Malicious Websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).
(Source: Center for Internet Security www.CISecurity.org.)
Sorry to be the bearer of more bad news. It is discouraging to know that the unscrupulous capitalize on tragedy, but it's just another facet of harsh reality in today's angry world.