US-CERT Advises Users on Possible Post Tsunami Internet Scams

March 16, 2011 - PRLog -- Cybercriminals always explore new ways to target Internet users, inject and execute malicious code and malware in computer systems, extract confidential information, gain control of computers and use compromised systems for perpetuating crime. Festive seasons, international sporting events, economic crisis and natural disasters, all provide more opportunities for attackers to devise new mechanisms to defraud people.

Recently, United States Computer Emergency Readiness Team (US-CERT) cautioned Internet users against possible e-mail scams, fake anti-virus solutions and phishing e-mails designed to take advantage of the catastrophic earthquake and Tsunami in Japan. The fraudsters are trying to take advantage of the panic and grief among the people by sending fake e-mails. The e-mails may appear to come from seemingly legitimate but fake charity organizations and seek donations for providing relief to people affected by Tsunami. They are also sending malicious e-mails containing fake death notices of friends and relatives. Cybercriminals may try to extract confidential information such as name, addresses and credit card numbers through scam e-mails. Cleverly crafted phishing e-mails may try to convince users to open attachments, which may execute malware or malicious code on their computer systems. The e-mails may also contain links, which may redirect users to seemingly legitimate but fake website, where users are urged to enter personal information. Alternatively, the fake websites may install malware on computer systems of unwary visitors.

Internet users may also be targeted by displaying fake pop-up alerts, which flash security warning urging them to purchase fake anti-virus solutions. The pop-ups may seek credit card information for installing the fake security software. Attackers may also disseminate fake anti-virus solutions through e-mails, website advertisements, social networking sites and search engines. They may also spoof e-mails and make them appear as originating from legitimate government domains. Security professionals may regularly update their technical know-how, and gain insights on evolving modus operandi of attackers through online IT degree and e-learning programs, webinars, seminars and conferences.

User awareness is crucial to reduce instances of cybercrime. Cyber security education could be provided to users through online IT courses, video tutorials, e-brochures, guidelines on ATM transaction slips, print and online advertisements. Users must install anti-virus software directly from the vendor’s website. Users interested in donation must contact legitimate charitable organizations listed on the national charity reports and those listed on recognized charity organizations on concerned government websites. Users must avoid trusting unsolicited e-mails, avoid clicking on suspicious links, filter spam messages and be vary of opening e-mail attachments from unknown sources.

Hiring professionals qualified in IT degree programs and security certifications may help organizations in timely identification of threats, issuing security guidelines and initiating mitigating actions.

Contact Press

EC-Council
Website:  http://www.eccouncil.org
Email:  iclass@eccouncil.org
Tel:  505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.

# # #

iClass is EC- Council's online training delivery platform. Students can attend live, or recorded training sessions for courses such as Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA) or Computer Hacking Forensic Investigator (CHFI).