Earthquake/Tsunami (Anti-)Scam Resources

[Update 2: an initiative by Bing that I don’t feel I can leave off this page, but can’t feel comfortable with either, as explained in a subsequent blog at http://wp.me/pOMVc-7M.]

[Update: further commentary at ESET on Disaster Scams and Resources, in response to Phil Muncaster’s post at http://www.v3.co.uk/v3-uk/news/2033668/google-twitter-facebook-step-help-japan-earthquake-survivors?WT.rss_f=Phil+Muncaster+-+V3.co.uk&WT.rss_a=Google%2C+Twitter+and+Facebook+step+up+to+help+Japan+earthquake+survivors&utm_source=twitterfeed&utm_medium=twitter. A useful post, but I felt obliged to point out that Twitter and Facebook, though useful secondary messaging media, are also easily abused in this context.]

I’ve already blogged at ESET on the inevitability of the Japanese earthquake and consequent tsunamis as a hook for BHSEO (Black Hat Search Engine Optimization), in order to lure people searching for more news onto site pushing fake AV and other unpleasant criminal backscatter.

 Here are some further resources addressing some of the maggots that crawl out and feed off the misery of others whenever there is a high-profile disaster:

• Urban Schrott of ESET Ireland on do’s and don’t’s for safe browsing and disaster scam avoidance: http://esetireland.wordpress.com/2011/03/11/security-warning-japanese-earthquake-scams-will-send-tremors-through-the-web/
• Paul Ducklin at Sophos on clickjacking by ibuzzu.fr: http://nakedsecurity.sophos.com/2011/03/12/japanese-tsunami-video-exploited-by-clickjackers/
• Norman Ingal at Trend with some detail on observed BHSEO and fake AV: http://blog.trendmicro.com/most-recent-earthquake-in-japan-searches-lead-to-fakea/ 
• Robert Slade at Securiteam with an older post (from the time of the Haiti earthquake – but still relevant) on training for disaster: http://blogs.securiteam.com/index.php/archives/1346
• More analysis from Kimberley at stopmalvertising.com: http://stopmalvertising.com/blackhat-seo/recent-japanese-earthquake-search-results-lead-to-fakeav.html
• Paul Roberts at Threat Post: http://threatpost.com/en_us/blogs/experts-warn-japan-earthquake-tsunami-spam-031111?utm_source=Newsletter_031111&utm_medium=Email+Marketing&utm_campaign=Newsletter&CID=
• Guy Bruneau at Internet Storm Center: http://isc.sans.edu/diary.html?storyid=10537&rss
• Sean at F-Secure: http://www.f-secure.com/weblog/archives/00002119.html 
• Mike Lennon at Security Week: http://www.securityweek.com/massive-influx-scams-surrounding-japans-earthquake-and-tsunami-expected
• spamwarnings.com is showing examples of spam related to this event: http://www.spamwarnings.com/tag/devastating-tsunami 
• IRS online charities search: http://www.irs.gov/app/pub-78
• Charity Navigator offers independent evaluation of charities: http://www.charitynavigator.org/
• Google’s crisis response page: http://www.google.com/crisisresponse/japanquake2011.html
• An old but much-to-the-point article on disaster scams from PC World: http://www.pcworld.com/article/61946/beware_of_online_scams_for_disasterrelief_funds.html

David Harley CITP FBCS CISSP
Small Blue-Green World
ESET Senior Research Fellow