Analysis by: Fjordan Allego

The disastrous 7.8-magnitude earthquake in Nepal last April 25 made global headlines. People all over the world started to send donations and volunteered to help the victims. And as the world prayed in unison, spammers took this opportunity to take advantage of those who are willing to help via donations.

In the past few days, we observed scam mails leveraging the tragic event in Nepal. One such example is this email message that asks recipients to send how much they’re willing to donate to the victims in Nepal. The mail made use of phrases that carries the words ‘Nepal earthquake’ and ‘Help Nepal’ both on the sender email address and the signature of the mail. This is done to trick users into the email message is legitimate. Once the users reply to the spammed email, they will receive an information on how to send money.

Cybercriminals are quick to jump at tragic news and events and use it for their social engineering lure. As such, users are advised to be extra cautious when entertaining such donation campaigns online. If you’re willing to donate money, it’s advisable to directly contact known organizations who have known good track records.

  • ENGINE:7.5
  • PATTERN:21524