In recent years, US-CERT has received reports of an increased number of phishing
sites set up in the wake of tragedies and natural disasters. US-CERT reminds users
to remain cautious when receiving unsolicited email that could be a potential
phishing attempt.

Phishing emails may appear as requests for donations from a charitable organization
asking the users to click on a link that will then take them to a fraudulent web
site that appears to be a legitimate charity. The users are then asked to provide
personal information that can further expose them to future compromises.

Users are encouraged to take the following measures to protect themselves from this
type of phishing attack:

  • Do not follow unsolicited web links received in email messages.
  • Contact your financial institution immediately if you believe your
    account and/or financial information has been compromised.
  • Verify the legitimacy of the email by contacting the company directly
    through a trusted contact number.
  • Visit the Anti-Phishing Working Group for more information on known phishing
    attacks.

For additional information regarding phishing, US-CERT recommends reading the
following documents:

  1. Technical
    Trends in Phishing Attacks
  2. Recognizing
    and Avoiding Email Scams
  3. Avoiding Social
    Engineering and Phishing Attacks