August 7, 2019

DHS warns of El Paso and Dayton shooting-related cybercrime campaigns

By Luke Christou

The Cybersecurity and Infrastructure Security Agency (CISA), part of the Department of Homeland Security (DHS), has issued a warning to internet users to be aware of possible cybercrime campaigns designed to trick the public into handing over money, personal information or to download malicious files onto their devices, in the wake of the El Paso, Texas, and Dayton, Ohio, mass shootings.

CISA has urged the public to exercise caution when responding to emails related to the shootings, even when these emails appear to have been sent by reputable organisations, such as charities.

It is unclear whether this warning has been issued following the detection of such malicious campaigns. However, CISA has said that scams are “common” following tragic events, as criminals attempt to capitalise on their victims’ heightened emotions.

Likewise, CISA also says to be wary of similar tactics used on social media, over the phone, on specific websites, and during door-to-door solicitations.

“Cybercriminals might pose as charities, activists, news media, support groups, or some other organisation related to the shootings,” Paul Bischoff, privacy advocate for Comparitech.com, says. “They send messages over email and social media in order to fraudulently solicit donations, trick victims into giving up personal information, or distribute malware.”

It isn’t uncommon for cybercriminals to use social engineering techniques to dupe victims into handing over money. These campaigns are particularly concerning due to the fact that in many cases it is vulnerable groups, such as the disabled or elderly, who fall victim.

According to digital services company Accenture’s latest The Cost of Cybercrime report as much as $5.2tn could be at risk from cybercrime over the next five years.

How to avoid falling victim to such scams

“To avoid falling victim to these scams, treat any unsolicited email or message with scepticism,” Bischoff warns.

If you receive a message urging you to click on a link, you should first check that the URL being linked to belongs to the organisation that the email claims to be from. Cybercriminals will often set up websites with domain names that appear similar to those used by legitimate organisations to trick unsuspecting victims.

“In many cases, phishing involves getting the victim to click on a link that leads to a fake website. This website might look identical to a legitimate website, but in fact it is meant to steal passwords, credit card details and other information,” Bischoff explains.

Likewise, you should also check that the sender is using an email address that belongs to the organisation they claim to be from.

If you’re unsure, do not click the link, do not download any attachments and do not hand over any personal information.


Read more: Cloudflare drops 8chan as thorny topic of online freedoms returns


Verdict deals analysis methodology

This analysis considers only announced and completed artificial intelligence deals from the GlobalData financial deals database and excludes all terminated and rumoured deals. Country and industry are defined according to the headquarters and dominant industry of the target firm. The term ‘acquisition’ refers to both completed deals and those in the bidding stage.

GlobalData tracks real-time data concerning all merger and acquisition, private equity/venture capital and asset transaction activity around the world from thousands of company websites and other reliable sources.

More in-depth reports and analysis on all reported deals are available for subscribers to GlobalData’s deals database.

Topics in this article: ,