We have received information indicating that Internet domain names are being created that could be used to lure unwary users into visiting potentially malicious web sites.

Relief and charity efforts for the victims of Hurricane Katrina began immediately after the hurricane devastated the Gulf Coast area. Shortly thereafter, web sites began to appear which were designed to defraud unsuspecting users. Some of the activities include soliciting donations for seemingly charitable purposes, attempting to collect personal information through phishing scams and also spreading malware to unsuspecting users. Over the past few days, domain names that redirect users to malicious web sites have appeared online, in addition to email scams requesting donations for those impacted by the hurricane. While some of these sites and messages may be legitimate, many are not.  Please be aware that the following domains are reported to be suspicious and access through Company systems has been blocked:

katrinahelp.com

katrinacleanup.com

katrinarelief.com.

Please note that this is not an exhaustive list.

 

We recommend that if you are considering making a donation that you validate the relief fund or charity through a known reliable entity.  Please refer to the FEMA link for a list of reputable disaster relief resources for Hurricane Katrina at http://www.fema.gov/press/2005/resources_katrina.shtm
As a reminder, Security Mutual will have a one day campaign for employees to contribute money to the Red Cross for hurricane victims. Monies collected will be matched by the Company up to $5,000. All money collected will be donated to the American Red Cross disaster relief fund. Please refer to the Staff Bulletin dated today for additional details.

 

In addition to fraudulent web sites, opportunists may use this event as a vehicle for other types of online attacks.  For example, email messages that claim to contain attachments with photos, video, or other information about Hurricane Katrina may actually contain viruses, worms, or other malware.

 

While at the office and at home, we recommend that you avoid opening email messages and attachments that claim to contain video, photos, or other information relating to relief solicitation for Hurricane Katrina.

 

 

Phishing defined:

The term phishing arises from the use of increasingly sophisticated lures to "fish" for users' financial information and passwords. A phishing scam is an identity theft scam that arrives via email. The email appears to come from a legitimate source such as a trusted business or financial institution, and includes an urgent request for personal information usually invoking some critical need to update an account immediately. Clicking on a link provided in the email leads to an official-looking website. Personal information provided to this site, however, goes directly to the scam artist. The best way to protect yourself from phishing scams is to avoid supplying personal information to an email request.

Malware defined:

Malware is a software program designed to fulfil any purpose contrary to the interests of the person running it. Examples of malware include viruses, spyware and worms.