Online fraudsters phish for American Red Cross donators, Sophos reports

September 05, 2005 Sophos Press Release

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned internet users of a spam campaign attempting to steal money intended to go towards the American Red Cross Hurricane Katrina relief fund.

The phishing attempt takes the form of an spammed email that contains official-looking Red Cross logos and images. Its message describes that those affected by the storm are starting the process of rebuilding their homes and asks email recipients to donate to its hurricane relief efforts by clicking on the link in the email.

If recipients open the web page, they are redirected to a bogus online donation form that looks very similar to the Official American Red Cross Hurricane Katrina relief donation page.

The scammers have set up a bogus website, pretending to be the official American Red Cross website.

"This is not the first time we have seen immoral opportunists take advantage of a natural disaster to fill their pockets with money meant for victims," said Carole Theriault, security consultant at Sophos. "Phishing attempts do not download viruses or other threats - instead, they use the message and images to dupe the recipient into giving away money, usernames and passwords."

Although many phishing sites are almost impossible to distinguish from the real site they are imitating, this particular phish displays some marked differences. For instance, the official American Red Cross site displays a number of different ways you can donate besides filling in the online form, such as by phone and post, whereas the bogus site has cut out this information offering you only the online donation form.

Sophos reminds users to be wary of unsolicited emails, and has published information about how individuals can learn how to protect themselves against this and other phishing attacks.

Organizations concerned about being fraudulently represented in phishing campaigns can sign up to the Sophos early warning system, Sophos PhishAlert.