Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have reminded computer users of the dangers of identity theft as a 20-year-old man is charged in relation to a phishing website which claimed to collect money for victims of Hurricane Katrina.
Jovany Desir of Miami, Florida, has been accused by a federal grand jury in in Western Pennsylvania of creating a bogus American Red Cross website, as well as phony banking, auction and online payment sites, in an attempt to steal names, addresses, credit card numbers, bank account numbers, passwords, Personal Identification Numbers and other information.
According to prosecutors, 20-year-old Desir packaged the websites into phishing kits and sold them for approximately $150 each to other potential scammers. Bogus websites said to have been created by Desir between July and October 2005 included ones associated with Hurricane Katrina relief efforts, PNC Bank in Pittsburgh, eBay, PayPal, and two Canadian financial organizations - Banque Nationale and Desjardins Credit Union. Prosecutors claim that the fake Banque Nationale website was visited 8500 times by users apparently hunting for the real site.
In September 2005, Sophos reported about a bogus website which posed as part of the American Red Cross' Hurricane Katrina relief efforts.
"Internet scammers have no qualms on feeding on other people's misery in their pursuit of money," said Graham Cluley, senior technology consultant for Sophos. "It's claimed that 56 different people downloaded Jovany Desir's Hurricane Katrina phishing kit, presumably with the intention of conning good samaritans out of money. Everyone needs to be on their guard against identity theft and remain alert to the latest internet threats. This isn't the first time that criminals have taken advantage of a natural disaster, and sadly it won't be the last."
Sophos experts have revealed that Hurricane Katrina was not the first disaster to have caught the eye of cybercriminals. Earlier this year, the FBI warned that scammers were preying on internet users touched by the mining accident in Sago, West Virginia. In January 2005, the VBSun worm was spread via email posing as a plea for money to help victims of the Indian Ocean tsunami.
Sophos recommends companies protect themselves with a consolidated solution which can defend businesses from the threats of spam, spyware and viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.