By Brian Krebs
Special to The Washington Post
Saturday, September 24, 2005; D01
In a spree mirroring the online gold rush that accompanied Hurricane
Katrina, online speculators are scooping up hundreds of Hurricane
Rita-related Web domain names, and Rita-themed Internet auctions have
begun.
Scammers often use such Web sites to trick people into making
donations, authorities said. The quick proliferation of questionable
activities spurred the federal government to work with Internet
service providers, computer security companies and anti-spam groups to
shut down and prosecute owners of fraudulent sites, according to
several participants in the ad hoc task force.
The group has already closed more than 40 Web sites falsely claiming
to raise money for relief organizations, said Tom Liston, a security
consultant with Washington-based Intelguardians.com and an incident
handler with the SANS Internet Storm Center, a nonprofit group that
tracks online-hacking trends. Internet 'vigilante' groups closed down
a few others on the very day they opened for business.
Liston began tracking new Web site registrations containing the word
"Rita" on Monday and as of yesterday had found more than 1,100 such
sites, he said.
On Thursday, someone used eBay to begin auctioning off a burnt piece
of toast with the meteorological symbol for a hurricane and the word
"Rita" scraped onto it, promising to donate 40 percent of the final
auction price to storm victims. EBay shut down the auction later that
day. An EBay official said that was a very revolting auction item.
Several Rita-related domain names were for sale on eBay yesterday,
including one for RitaAid.net that started the bidding at $10,000. The
auction did not claim that any of the proceeds would benefit relief
efforts.
"I expect we're going to probably see just as many attempts at fraud
with Rita as we did with Katrina, and the fact that both of these
hurricanes hit at the same time is going to increase amount of scams
out there," Liston said. "Because [the hurricane] is such a newsworthy
issue and people constantly have this in front of them, unfortunately
that's going to help these lowlifes out there to succeed in what
they're doing."
Organizations that said they were members of the ad hoc Rita task
force working with the Department of Homeland Security's Computer
Emergency Readiness Team, or US-CERT, include the SANS Internet Storm
Center, the Spamhaus Project, the Anti-Phishing Working Group and San
Diego Internet-security firm Websense Inc.
Officials of the Homeland Security Department did not respond to
interview requests for this story.
After Katrina, scam artists set up dozens of Web sites asking for
PayPal donations but offering little or no information about what they
planned to do with the money. As the massive storm neared land,
registrations of new Internet domain names containing the name
"Katrina" skyrocketed, and hundreds of Katrina-related auctions
emerged on eBay that flouted the auction site's rules for charitable
giving.
Virus writers also took advantage of the disaster by e-mailing
malicious attachments posing as photographs of the storm's
devastation. "Look what the storm did to our family's home," said one
such virus attachment.
The scams prompted U.S. Attorney General Alberto R. Gonzales to
outline anti-fraud priorities for the FBI and the Justice
Department. State attorneys general in Florida and Missouri also sued
people who were fraudulently accepting donations for hurricane
victims.
Krebs is a staff writer for washingtonpost.com.
Copyright 2005 The Washington Post Company
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily.
Additional news available at http://telecom-digest.org/td-extra/nytimes.html
Brian Krebs (washpost@telecom_digest.org)