Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Haiti Earthquake: Possible scams / malware - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Haiti Earthquake: Possible scams / malware

Major news organizations reported earlier about a devastating earthquake in Haiti. Unlike the smaller earthquake a few days ago off the coast of California, Internet routing isn't our biggest concern right now. We may see another wave of on-line donation scams.

During Hurricane Katrina, we saw a lot of domains being registered with domain names targeting the disaster. Since then, the pattern in these schemes changes somewhat. Instead of domain registrations, we see more paid search engine placement ads and twitter "tag" poisoning. I just took a quick look, and didn't see anything obviously illegal. Just a few valid charities advertising their services to donors via modern social media techniques and keyword purchases.

Be aware off:

Fraudulent Organizations: If possible, donate to organizations you know and trust, not to new organizations just set up for this particular event. The IRS maintains a list of tax exempt charitable organizations [1]. This list is not 100% up to date, and it takes a while for a new organization to be added. But it can serve as a first sanity check.

Malware: Malware may be advertised as a video report of the event or come under other pretenses.

Please let us know if you come across any scams!


Johannes B. Ullrich, Ph.D.
SANS Technology Institute

I will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANS London June 2022


4479 Posts
ISC Handler
Jan 13th 2010

Sign Up for Free or Log In to start participating in the conversation!