Hurricane Katrina Internet/E-Mail Scams Alert

Print This Page

Administrative Applications

Clinical Applications

Enterprise Services

Student Services

Support

Teaching & Learning

Important Message Regarding Hurricane Related Fraud

Dear Faculty, Staff and Students:

Hurricane Katrina has already been listed as one of our nation's greatest disasters. Unfortunately, online criminals have already begun to exploit this disastrous situation. E-mail is again being used by criminals from around the world to exploit honest, caring individuals who want to help the disaster victims. These unscrupulous criminals often use "phishing" schemes to gain the trust of the public. Phishing schemes have become much more complex and harder to spot. Many phishing e-mail messages you receive will come addressed to you by name and can be highly personalized. The personalization comes from data gleaned from various sources. The criminals attempt to use their possession of that information as leverage to trick you into revealing even more valuable information.

The combination of a personalized e-mail with a link to what "appears" to be a legitimate site (e.g. Red Cross, Salvation Army, etc.) tends to pull at the heart strings and pocket books of unsuspecting, caring individuals. There are many ways to help in this and other disaster situations. Responding to e-mail messages containing links to web sites generally only lines the pockets of the criminals. You should avoid visiting sites linked through e-mails from individuals you do not know. It is easy to set up a site that "looks" like a legitimate support organization and gain your confidence. Site names that "sound" legitimate (e.g. Katrina Relief Fund) may in fact be fraudulent. If you wish to donate using an online site, go to official sites that you may already be familiar with, (e.g. www.RedCross.org or www.salvationarmyusa.org or www.catholiccharitiesusa.org etc.).

*What is Phishing?*

Phishing is a method used to get you to reveal personal information to fraudulent sources. Phishing has usually been accomplished by sending e-mail to you in an effort to persuade you to log in to a supposedly reputable site to provide or "verify" your confidential account information or other confidential personal data.

*What can you do to protect yourself?*

Do not respond to an e-mail message requesting you to provide or "verify" your personal information. Financial institutions and other legitimate businesses generally will not send e-mail requesting that type of information. If you believe that such a message could be legitimate, check by calling the company or institution in question at a phone number that you know to be legitimate. Suspected phishing can be reported to abuse@jhu.edu or you can simply delete the message from your mailbox.

*More Information*

Go to these Web pages:

Anti-Phishing Working Group: http://www.antiphishing.org/

Federal Trade Commision: http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm

Federal Emergency Management Agency: http://www.fema.gov/news/newsrelease.fema?id=18473

Sincerely,

Mike McCarty

Untitled Document