Cybercriminals exploit disaster relief efforts to target vulnerable individuals and organizations in Florida, compromising the integrity of relief efforts. Learn more about FEMA claim scams, phishing attacks, and malicious files disguised as FEMA documents.
As Florida recovers from Hurricane Helene and braces for Hurricane Milton, a Category 5 storm expected to hit Tampa on October 9, 2024, a new challenge emerges in the online world: Cybercriminals are taking advantage of the disaster victims and relief organizations, exploiting the confusion and urgency of the moment for financial gain.
Veriti, a cybersecurity research firm, recently uncovered three disturbing cybersecurity threats that have surfaced amid the disastrous situation. These scams, which target both individuals and organizations, involve fraudulent Federal Emergency Management Agency (FEMA) claims, phishing campaigns, and malware disguised as legitimate FEMA documents.
Phishing Using FEMA
While FEMA claims scamming is a direct attack on disaster victims, phishing campaigns are another method cybercriminals are using to exploit the hurricane’s aftermath. Veriti researchers have reported a spike in newly registered domains that appear to be linked to hurricane relief efforts.
These websites, with names like hurricane-helene-relief(.)com and hurricanehelenerelief(.)com, are designed to trick users into providing sensitive data such as Social Security numbers and financial information.
These fake websites often create a sense of urgency, offering immediate relief or grant opportunities, which makes victims more likely to fall for the scam. The phishing campaigns are typically carried out via email, where recipients are directed to these fraudulent sites under the guise of applying for aid. Once victims enter their personal information, the attackers either sell the data or use it for financial fraud.
Fake FEMA Assistance Providers
According to Veriti’s blog post shared with Hackread.com ahead of publishing on Tuesday, October 8, cybercriminals are posing as FEMA assistance providers and creating fake FEMA claims to steal personal information and disaster relief funds from vulnerable storm survivors.
One such cybercrime forum is BlackBones, where scammers have openly shared strategies for tricking victims, with one user going by the alias “brokedegenerate” even posting detailed instructions on how to submit fraudulent FEMA claims.
Malware in FEMA Documents
Cybercriminals are also disguising malware as legitimate FEMA documents, adding an extra layer of danger for those seeking aid. In one instance, a file called fema_grants_manager_user_manual.pdf was uploaded to VirusTotal, a virus-scanning service. While it appeared to be a legitimate FEMA document related to disaster recovery, Veriti researchers discovered that it contained malicious code.
The file, which referenced official FEMA grant systems like the Grants Manager and Grants Portal, aimed to lure users into trusting it. However, hidden within the document was a malicious payload that would redirect users to a suspicious website, infecting their systems with malware. Although no active infections have been reported yet, the existence of such files indicates that cybercriminals are ready to strike whenever disaster relief efforts are in full swing.
Nevertheless, as Florida residents work to rebuild their homes and lives after Hurricane Helene, cybercriminals are grabbing the opportunity to take advantage of the situation. Staying aware of these threats and taking steps to protect yourself can help keep these scams from making an already tough situation worse.
RELATED TOPICS
- Hackers Dropping Malware in Fake “terror alert” Emails
- FEMA leaks sensitive details of 2.3 million disaster survivors
- Online Scam Alert Associated with the Nepal Earthquake Disaster
- Hackers Sending Fake Ebola Virus reports in emails with Malware
- Fancy Bears Hacked MH17 crash investigators with phishing attack
