Hurricane Florence cyber security scams

September 25, 2018

It would seem that Cyber Criminals have no sense of self-respect or humane characteristics after all. As Hurricane Florence rips through North and South Carolina in the US, scammers and threat actors will very likely look to exploit this natural calamity for financial gain or other malicious purposes, as warned by an interstate cyber security organization.

Florence’s devastation – and the ensuing batch of storms that follow – are expected to “propel the materialization of new and innovative scams involving financial fraud and malware attacks,” the Multi-State Information Sharing and Analysis Center (MS-ISAC) said.

Hurricane Florence made landfall in North Carolina just Friday morning. Though classified as a Category 1 storm, Florence has brought flash flood warnings and already caused more than 600,000 reported and confirmed power outages in North Carolina, according to the state’s department of public safety.

In recent days there have been a significant increase in registered domains related to Hurricane Florence with words like “compensation” “relief” “donation” and “funds,” indicating possible fraud, MS-ISAC said. Thirteen (13) domains associated with Florence were registered on Monday, and that number jumped to fifty-one (51) on Tuesday and 65 on Wednesday, the threat-sharing center added. This significant rise indicates that scammers and fraudsters are wasting no time and are not resting, all for the sake of making money while people suffer their demise from nature’s wrath.

The MS-ISAC, which includes representatives from all 50 states, also predicted that malicious computer users will send phishing emails related to Florence that contain embedded malware or attempt to redirect users to infected malicious websites. The phishing and scamming attempts are expected to continue as the Carolinas recover from the storm.

“It is highly likely that more scams and malware attacks will follow over the course of the recovery period,” the advisory says, cautioning internet users to be careful where they click. New Jersey’s cyberthreat-sharing agency also circulated the notice.  North Carolina’s Department of Information Technology has also warned computer users of phishing expeditions tied to the disaster, as has the Department of Homeland Security’s threat-sharing center.

Scott Aaronson, Vice-President of security and preparedness at trade group Edison Electric Institute, urged electronic customers to “be wary of criminals impersonating electric company employees.”

Opportunistic scammers will try to exploit natural disasters, Aaronson told CyberScoop, adding that electronic customers should know that utilities “do not require payment to restore electricity after a natural disaster or other related outages.”


About the author

Leave a Reply