In the wake of Sunday's tragic event in Las Vegas, US-CERT warns users to be watchful for various malicious cyber activity targeting both victims and potential donors. Users should exercise caution when handling emails that relate to the event, even if those emails appear to originate from trusted sources. Event-related phishing emails may trick users into sharing sensitive information. Such emails could also contain links or attachments directing users to malware-infected websites. In addition, users should be wary of social media pleas, calls, texts, fraudulent donation websites, and door-to-door solicitations relating to the recent tragic event.
To avoid becoming victims of fraudulent activity, users and administrators should consider taking the following preventive measures:
- Review information from the Federal Trade Commission on Charity Giving, which includes links to check if charity organizations are legitimate.
- Review information from the Federal Bureau of Investigation on Building a Digital Defense Against Charity Fraud.
- Use caution when opening email attachments, and do not click on links in unsolicited email messages. Refer to the US-CERT Tip on Using Caution with Email Attachments.
- Refer to US-CERT's Tip on Avoiding Social Engineering and Phishing Attacks.