In The Wake Of Harvey, Irma And Equifax – 3 Strategies Criminals Are Using To Run Scams

Over the past month we have experienced three separate and horrific disasters. Hurricanes Harvey and Irma caused catastrophic flooding, widespread destruction and death. The Equifax hack left 143 million people vulnerable to financial devastation.  As if these losses aren’t tragic enough; sadly, disasters are a prime time for criminals to run scams. As Colleen Tressler, Consumer Education Specialist at the FTC stated in a recent post, “One thing we’ve learned at the Federal Trade Commission (FTC) is that scams often follow the news – especially when there’s a natural disaster, like Hurricane Harvey, in the headlines.” In fact, the FTC has an entire page dedicated to current scam alerts.

While different types of scams appear after a disaster, criminals seem to employ similar techniques to attempt to con victims:

Charities / Donations: The Department of Justice’s National Center for Disaster Fraud issued a statement to the public to be aware of fraudulent activity related to relief operations and funding for victims.

    • As of September 7th, The Center for Internet Security had observed the registration of more than 743 domain names containing the phrase “Irma” and most include a combination of the words “help,” “relief,” “victims,” “recover,” “claims,” or “lawsuits.” They go on to state that some appear malicious and the domains themselves appear suspect, so it warned that these domains should be viewed with caution. They believe more domain registrations related to Hurricane Irma are likely to follow in the coming days.
    • Be on the watch for bogus crowdfunding pages to raise money for the victims . Although some are legitimate, and sites like GoFundMe have protection policies in place, some crowdfunding sites do little to vet their fundraisers, and there are obviously scams that get through.
    • Watch out for fake copycat charities. Scammers can create websites to mirror those of legitimate charities, or they use a name that is similar to a legitimate charity, but not exact.
    • What to do:
      • Always exercise caution before opening related emails, clicking links, visiting websites, or making donations to hurricane relief efforts.
    • Research the organization before donating. Try to contact them, check if they are listed on the Better Business Bureau website or ask people you trust if they are familiar with the charity. You can also check give.org or charitynavigator.org.
    • Avoid cash donations if possible.  Rarely will a legitimate charity require cash. Pay by credit card or check. Always make checks payable to the charity, not to individuals.

Imposters: The opportunities for criminals are limitless here. But the intent is always the same; they pretend to be an official of some sort to con you out of money and/or personal information.

  • Scammers may attempt to con you by posing as insurance representatives, a bank official, the Federal Emergency Management Agency, the SBA or law enforcement.
  • Police in Florida are warning of an actual scam where two men posing as power company workers stole nearly $13,000 in jewelry from a 95-year-old woman.
  • Following a hurricane, scammers often show up offering to help with tree removal and home repair work.
  • What to do:
    • Never give out personal or financial information to someone you don’t know. This goes for over the phone as well as in person.
    • If someone calls requesting money or information, ask for their name, title and a number where you can call them back . Most con artists will hang up here. If they provide this information, do your research before returning their call.
    • If someone comes to your house offering home repair or tree removal after the hurricane, verify their license and insurance and research the company before hiring them. Be sure to get multiple estimates and never pay the full amount or a large deposit upfront.

Phishing Emails: Unfortunately, phishing emails are something we deal with on a regular basis, but the threat increases after a big news event or disaster. NY Attorney General Eric T. Schneiderman warned New Yorkers to remain cautious about hacking and phishing attempts by cybercriminals following the Equifax data breach. “In addition to taking measures to protect their credit cards and bank accounts, New Yorkers should also think twice before clicking on any suspicious links claiming to be from Equifax or financial institutions,” Schneiderman said in an announcement. Several current phishing scams related to the Equifax hack to look out for are:

    • Phishing emails that claim there is a problem with a credit card, your credit record, or other personal financial information.
    • Phishing emails that claim to be from Equifax, where you can check if your data was compromised.
    • What to do:
      • Don’t respond to unsolicited emails and avoid clicking on any links they contain.
      • Only open attachments from senders you know and trust.
      • If an email appears to come from Equifax, do not click on any links. Instead, type the web address directly into your browser or call the company directly.

If you’ve already been a victim of one of these scams, below are resources that can help:

  • Victims of identity theft can report it on the FTC’s IdentityTheft.gov site.
  • Various scams and complaints can be reported on the FTC Complaint Assistant site.
  • Report crimes and file complaints at the  National Center for Disaster Fraud, established after Hurricane Katrina by the U.S. Department of Justice to investigate prosecute, and deter fraud.
  • Internet-based fraud and crimes can be reported to the FBI’s Internet Crime Complaint Center at www.ic3.gov.