Boston Marathon bombing

The bombing of the Boston Marathon, 15 April 2013, does not just mean an increased threat level across the country and globe, but includes new and recycled Internet scams. Major events tend to attract malicious individuals who use the event for their gain.

Internet watch groups and cyber security experts have already identified multiple fake domains/websites, and charity efforts taking advantage of the Boston Marathon bombing. Based on previous tragedies, more scams will follow in the coming days. Internet users need to apply a critical eye and conduct due diligence before clicking links, visiting websites, or making donations.

Users should adhere to the following guidelines when reacting to large news events, including news associated with the Boston Marathon bombing, and solicitations for donations:

  • Be cautious of emails/websites that claim to provide event-related information.
  • Do not open unsolicited (spam) emails, or click on the links/attachments contained in those messages.
  • Never reveal personal or financial information in email.
  • Do not go to websites that you are unfamiliar with to view the event or information regarding it.
  • Never send sensitive information over the Internet before checking a website's security and confirming its legitimacy. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net)

Resources:

Integrated Intelligence Center -- Cyber Intel Advisory
Sophos Sick malware authors exploit Boston Marathon bombing with Trojan attack