January 14, 2010

The earthquakes that have wrought so much devastation and death in Haiti this week are moving many to donate to various relief efforts. But security experts and the FBI are warning people to be on the lookout for ghoulish criminals scams that invariably spring up in the wake of such natural disasters in a bid to siphon funds from charitable organizations.

In an alert published today, the FBI urged people not to respond to spam messages asking for donations, and to be skeptical of people pretending to be surviving victims or officials asking for donations via e-mail or social networking sites.

Currently, there are a large number of Tweets coursing through Twitter urging users to donate to relief efforts using various text message short codes. While most of these may be promoting campaigns tied to legitimate charities and relief organizations, it’s probably safest to ignore incoming suggestions to donate this way. If you’d like to donate to the Red Cross International Relief Fund, you may send a $10 donation using your mobile phone by sending a text message with the words HAITI to the number 90999. The charge will be added to your monthly phone bill. Social media news site Mashable says the text-donation campaign, which is backed by the U.S. State Department, has already raised more than $1 million.

The FBI also warns against opening e-mails that claim to show pictures or videos of the disaster areas in attached files, as such ploys have been used extensively to distribute viruses and worms in the wake of previous disasters.

If past disasters are any indication, we also are likely to see thieves using search engine manipulation tactics to jack up the ranking of malicious Web sites, so that consumers searching for news about the current situation in Haiti stumble upon a site foisting malware. UPDATE, 2:25 p.m. Web security monitoring firm Websense reports that criminals already are gaming the search engines for Haiti-related terms to point Web searchers to domains pushing rogue anti-virus products.

The SANS Internet Storm Center says it is keeping a close eye on new domain name registrations to watch for bogus relief Web sites and other scams.

“While we, at the ISC, do not assume that the domains being registered are malicious in nature in any way, we always take note of domains being registered near a disaster,” writes SANS incident handler Joe Esler. “However, inevitably, some of these domains wind up being malicious in nature, and while we don’t assume that all of them will be, it does happen, and it’s unfortunate that spammers and phishers prey on people attempting to provide relief for those in need.  Especially during such a devastating disaster as this was.”

UPDATE, 12:56 P.M. ET: McAfee’s Chris Barton just shared with me a list of nearly 200 new Haitian-related domains that have been registered in the past few days. It’s important to note that their inclusion on this list  doesn’t mean these domains are fraudulent. But it would be nice if a few eagle-eyed readers took it upon themselves to keep tabs on these domains. If you find something suspicious, drop a line in the comments. The list is available at this link here.

Original post:

Hurricane Katrina brought scammers out of the woodwork; dozens of domains were set up overnight asking for Paypal donations on behalf of the victims or different relief organizations, but there was no way to verify that the money would go to the promised destination.  After the 2004 tsunami in South Asia, a survey by MasterCard International and security firm NameProtect Inc. found more than 170 tsunami-related scam sites being used to misdirect donations to relief efforts.


58 thoughts on “FBI: Beware Haitian Quake Relief Scams

  1. Big Geek Daddy

    It’s sad that people need to be warned of scams like this but I’m thankful that there are people like you that provide accurate information. Keep up the good work!

  2. scams xposed

    It would be great if every one took a a few minutes to research a charity before donating any money. There are many great charities that have been operating in Haiti for many years. I would be very skeptical of any new charity that has popped up to respond to this crisis.

    Here are my suggestions for avoiding charity scams:
    1) Use the BBB.org website or others to validate that a charity is trustworthy.
    2) Do not pay with cash. Use a credit card or check.
    3) get a receipt.

  3. xAdmin

    Those of us who frequent sites like this are by and large not at risk of these scams. We are by nature wary of such things. It is the ignorant masses who are at risk. And they for the most part are not visiting these types of sites or becoming more aware. Hate to sound so cynical, but I deal with it every day at work. The shear ignorance out there by a majority of people is simply mind boggling. You can preach from the hill tops with the loudest of voices, but there will always be many many people who will still fall victim time and time again. In the words of the great Ron White, “You can’t fix stupid!” The most we can do is continue to try to spread the word and help those who will listen. Albeit, sometimes it just feels like an echo chamber and an uphill battle with the continuing decline of critical thinking skills in the general population.

  4. wahnula

    I went to donate through yele.org yesterday but saw the “Donate” link was not https…that has been fixed today. Wyclef states that 100% of the money will go to Haiti, I believe him.

  5. John Lafferty

    Students and I from Howard Community College have questions about the following web sites.

    http://haitidonations.com/

    I don’t like this one from “Portada, a company based in the Dominican Republic” because the contact us tab just pops up an HTML mailto in our email client. No address information.
    Graphics don’t seem related to a company.

    http://haitiearthquakedisaster.com/
    looks unprofessional and they are using the PayPal account of http://www.GiftsbasketsNgifts.com

    http://haiti-help.com
    No digitial certificate or SSL

    http://haiti-earthquake-relief.com
    Problems with Pay Pal

    http://haitiancharities.com/
    This is a web hosting service that claims they are sending a crisis response team to Haiti

    http://haitirescuemission.com/donations.html
    This looks like a man trying to use Haitian relief to build his church. Self-designed web site.

    http://haitiquake.homestead.com/
    Phrased in terms of a chain letter hoax to text a donation to Yele. But as noted in another message, we have questions about the Yele web site’s professionalism.

    http://haitirescue.com/ AND http://haitianquake.com
    Not sure about these two. Looks like it might be trying to developing a missing persons registry for other purposes.

    http://www.haitiupdate.com/
    Here is a questionable site under development.

    1. John Lafferty

      UPDATE: http://www.haitirescuemission.com;

      Has improved the design of his web page with better graphics and Haitian music that plays by default. But purpose of the fund raising not clearly stated. States that he is located in Miami, FL, but only provides a PO Box. Another “middleman” web site.

    2. John Lafferty

      UPDATE: HaitiDonations.com redirects a browser to: (https) // HopeForHaitiNow.org

      Additional info to message posted below about the new web site. Claims on FAQ page that donations can be made by texting “Give” to a number that begins with five.

      Claims to be supported on a pro bono basis by the Entertainment Industry Foundation, and that that foundation is holding the Hope For Haiti Now Funds.

      Claims that it was helped by the “Bridgespan Consulting Group” to choose the 7 groups it will help raise money for.

      From my previous comment posted below in reply to “Alejandro” defending Portada.

      This web site has several red flags also. It claims it will distribute funds to 6 large organizations. It includes gif images on the left of the web page, but without them being links to UNICEF etc. There is no contact information, author information, or sponsor information. Even if it did what it said it would do, it would be acting as a middleman site. They claim on an FAQ page that 100 percent of the money will go to Haiti Relief.

      The English language web page has a link to the web site in Espanol.

      The graphics are much better than on the previous web site, haitidonations.com. They can easily deceive the uneducated.

  6. AlphaCentauri

    Starting with the first domain on that list (by IP address),
    haitidonations.com
    is collecting donations via PayPal and text message. They are registered by a company called Portada (portada.com) in the Dominican Republic. That isn’t a charity — it appears to be a webdesign company. The screenshot of portada.com at who.is indicates they were exploiting Michael Jackson’s death as well, though I didn’t enable Flash to see what their current site looks like.

  7. BrianKrebs Post author

    Thanks, Alpha, for your vigilance. I will ask a couple of sources who can do something about this to investigate, and if need be, take action.

    1. John Lafferty

      Yes, we had questions about
      haitidonations.com from Portado also for other reasons.
      sites. — See above.

      the Contact Us tab just pops up an HTML mailto in our email client. No address information.
      Graphics don’t seem related to a company.

      1. BrianKrebs Post author

        Hi Jeremy. Sounds like it might be best to let people know a little bit about yourself on your blog, and to make it abundantly clear that you’re a good guy.

        I realize it is probably frustrating to have people lump you in with a bunch of scammers, but the more information you have about what you’re trying to do and how, the better for everyone concerned, IMHO.

        1. J Horton

          Hi Brian, Thanks for taking the time to write and I appreciate your advice. I may do a page on the site explaining why it was created and so on. A far as a blog, I don’t have one and I would rather the site not be “about me” in any way. I think the site is pretty clear, I added a few pages yesterday and hopefully it may help to get donations. I am sticking with Yele until somebody proves something because I don’t believe that. I am more concerned with the text money and the phone companies holding until the bill is paid. I may remove that part, I don’t know. Thanks for your time.
          Jeremy

          1. John Lafferty

            Thank you for posting the video clip on your haitiquake.homestead.com web site from yesterday’s press conference by the Wyclef Jean foundation spokesman answering several questions that have been raised in recent days.

            The math on the first page of your website is correct about $5 donation and asking 5 friends. Often this math is used in email chain hoaxes. But contacting friends and spreading the word can be better done through social networking, e.g. MySpace, Facebook, LinkedIn

        1. John Lafferty

          Alejandro,

          Will you please respond here to our questions and observations about your Haiti Relief web site at haitidonations.com.

          1. Alejandro

            Let me try to answer your concerns,

            We are a web design private company based in Santo Domingo, Dominican Republic, so we are not charity.

            We are using Paypal because is a secure way to make online transactions.

            We are NOT collecting donations trought text message. Those are two big private companies from Dominican Republic, called “Claro (www.claro.com.do)” and Orange (“www.orange.com.do”).

            Contact Us with mailto: We don’t know what is wrong with it. If you need complete information you can whois “haitidonations.com”.

            More info about donations is available in the Website.

            Why “haitidonations.com”? “haitidonations.org” was available too, but we are not charity so we just registered the “.com” domains to launch the project.

            Why we are raising funds? We want to help in some way. The only real way to help Haiti in Dominican Republic is buying relief supplies (food, water and medicine) for Dominican Civil Defense, because it requires military presence.

            If you have another questions, we will be pleased to help you.

          2. John Lafferty

            UPDATE: HaitiDonations.com redirects a browser to: (https) // HopeForHaitiNow.org

            This web site has several red flags also. It claims it will distribute funds to 6 large organizations. It includes gif images on the left of the web page, but without them being links to UNICEF etc. There is no contact information, author information, or sponsor information. Even if it did what it said it would do, it would be acting as a middleman site. They claim on an FAQ page that 100 percent of the money will go to Haiti Relief.

            The English language web page has a link to the web site in Espanol.

            The graphics are much better than on the previous web site, haitidonations.com. They can easily deceive the uneducated.

      2. J Horton

        Hi John,
        Thank you for the advise, I will add something for social networking as you suggested. Anyone with good advise like John’s can submit on the site as well http://www.HaitiQuake.com. I would really appreciate it.

  8. AlphaCentauri

    haitianrelieffund.com is also accepting PayPal donations. They claim to be organizing a relief effort. At least with javascript disabled, there’s no indication who they are, and the domain is registered with privacy protection.

    Hosted at the same IP address is haitirescuemission.com
    which accepts PayPal donations and has its domain registered with a post office box in Florida and a cell phone number.

    There is also haitiquake.com which is registered in the name of an individual at an address in a residential cul-de-sac and links to legitimate organizations for donations, though it is collecting email addresses. The IP is for homestead.com, so I doubt there is any relationship between the sites.

    1. J Horton

      I own and designed Haiti Quake with no advertising and no links to my business. Directly linking to a lot more sites than Yele for donations and yeah I live on a cul de sac. I don’t collect e-mail addresses, I simply have a space if commentors want it to appear like the gentleman on there looking for his family.
      You know, just trying to help in the way that I know how.

      1. BrianKrebs Post author

        Jhorton — Thanks for stopping by, and for leaving the comment. Have you got an “About me” page somewhere on your site?

        1. J Horton

          No, I wanted to do this without trying to promote myself. This just brought me to attention seeing myself lumped with a bunch of scam sites. I didn’t put ad bars or anything on it.
          Thanks, Jeremy

  9. AlphaCentauri

    haitifoundation.com looks legitimate, listing their EIN number and accepting major credit cards via fundraisingbynet.net. But although the site describes a long term project involving building a clinic for which they already have plans drawn up, the domain was registered Jan. 13 with privacy protection.

  10. AlphaCentauri

    haitirescue.com is collecting PayPal donations for “Haiti Rescue” but it doesn’t appear the donations go for anything except to support the website itself, which is embedding the Google person locator from haiticrisis.appspot.com

  11. NATIVE BLOOD

    I had some concerns about the following website.
    haitiaidsociety.com/

    The site has a unprofessional design that looks like information was copied and pasted onto a blank background with photos added. I decided to do some innocent digging to determine if the site was legitimate. The Google maps link for the address given on site is below,

    http://www.realtor.com/property-detail/6289-Selborn-Dr-SW_Atlanta_GA_30331_1bb6e106 .

    Looked up the Haiti Aid Society (H.A.S.) for the Atlanta, Georgia chapter and found link for a blog, which is below

    junglejem45.blogspot.com/2010/01/haiti-aid-society-has-atlanta.html.

    This site doesn’t ask for donations using PayPal like first site. A friend in Georgia checked out the drop off address on the website and found that it was for the Haiti Aid Society (H.A.S.) for the Atlanta, Georgia chapter.

    1. NATIVE BLOOD

      P.S. The Google maps link for the address given on site shows that the address is just a dirt lot.

  12. NATIVE BLOOD

    http://www.haitiearthquakedonations.com/?page_id=2

    The site above raised some questions due to the fact that the donations page of the website didn’t appear to be to secure. There was no https in front of the URL in the address bar and there was no lock symbol displaying the certifications/identifications of the site anywhere. Plus there is no way to contact anyone from website except by email.

    1. John Lafferty

      The authors claim that http://www.haitiearthquakedonations.com is sponsored by GlobalGiving.com. But the first link on their page goes to: http://www.kqzyfj.com/click-3784063-10718521

      The first page also has a link to a page with Tips to Avoid Scams.
      http://www.haitiearthquakedonations.com/?p=135

      On that page, they provide a recommendation from the BBB to avoid “middlemen” web sites, so more of your donation will go to the relief effort. Yet, even if this website were legitimately sponsored by Globalgiving.com, Global Giving appears to be a middleman site itself. They claim to “vet” relief web sites.

  13. James Millican

    This comment is not about a questionable website, however I believe it is still important for people who wish to donate.

    I have found some articles about the text messaging donations. They state that donations made using text messaging are not paid until the phone bill is paid, and thus is not sent to the charity until the end of the billing period. Some of the articles even report that it will take up to 90 days AFTER THAT before the charities receive their donations.

    More information can be found here:

    http://consumerist.com/2010/01/text-message-donations-for-haiti-may-be-delayed-up-to-3-months.html

    http://www.inquisitr.com/57404/haiti-earthquake-victims-text-message-donations/

  14. NATIVE BLOOD

    //haitianrelieffund.com/index.html

    The site above raised some questions because the link for the contact us page displays no information. Plus, the website doesn’t really have a professional look.

  15. Jennifer Moffatt

    This website was designed and created no more than 3 days ago. It gives zero information on where the money is going to other than “Haiti!!!”. There is no information on this company anywhere on the Internet other than it’s run by two Carson City residents with all proceeds going to the “Red Cross”. There is no way to guarantee that your whole donation will make it to the Red Cross.

    Also, I found this link on a fan page on Facebook called “We Will Donate $00.01 to Haiti for Every Person That is a Fan.”

      1. John Lafferty

        The spokenmindcothing web site has a banner ad to another web site also selling Haiti relief T-shirts as a fundraiser. http://www.cafepress.com/haitirelief

        This other web site has more specific information about the dates that they will be donating the profits from sales (until the end of January, 2010), the organization that they will donate the money to (United States Fund for UNICEF), and the names of the artists making the shirts.

  16. ted richter

    You’re retarded if you donate outside redcross or another respectable company. There are plenty of charities/companies that match your donation too. I donated thru my work since they match 100%

    https doesn’t matter on these sites because the transaction site where u put ur cc# is secure

  17. Peg

    Might I suggest that to help mitigate the chances of damage from landing on questionable websites – Haiti relief spoofs or otherwise – that Firefox users at least consider the following extensions:

    http://noscript.net/
    http://www.mywot.com/

    The latter is of course a collaborative effort and therefore far from foolproof, but it can give a helpful heads up about known bad actors. There is an version available for IE as well.

  18. Phil

    I am in John Lafferty’s class and one thing I found interesting was the use of PayPal accounts on what either seemed to be a scamsite or one that wasn’t very well-made. I am now wondering if the greater threat stems from data interception to normal DotComs or the abuse of the confidence-invoking PayPal service. Check out the 1st website @ http://haiti-relief.org/ and then check the 2nd website – the apparent sponsor @ http://heartlineministries.org/default.aspx
    Both sites use PayPal but the account names don’t even match. What do you think? Poorly made or scam? My gut says the later.

    1. John Lafferty

      Yes Phil,

      “I am now wondering if the greater threat stems …(from) the abuse of the confidence-invoking PayPal service.” This is what Brian Krebs wrote in his original post on this blog topic. That’s why we are trying to do is identify those web sites that might be doing that.

      Here is the original post from above.

      “Hurricane Katrina brought scammers out of the woodwork; dozens of domains were set up overnight asking for Paypal donations on behalf of the victims or different relief organizations, but there was no way to verify that the money would go to the promised destination. After the 2004 tsunami in South Asia, a survey by MasterCard International and security firm NameProtect Inc. found more than 170 tsunami-related scam sites being used to misdirect donations to relief efforts.”

  19. harlan1s

    I think I may have found another questionable Haiti website–

    Samaritanspurse.org.

    They claim that they are a charity. I could not find any information on this to verify. In the contact info there is only a phone number and PO Box. There is not street address. It could be someones cell phone.
    When you click on the green box, there is a certificate but it says it belongs to unknown. The graphics are very poor also and some of the pull downs don’t function properly.

    There is no working logo or way to verify for BBB or Charity Finder which is a legit organization that shows you the breakdown of where they spend their money, the ceo,the officers, how much they take in and how much they spend.

    Also, all though they are https secured, and have a certificate, there is no lock anywhere on the webpage.

    I am not saying right now that they are bogus, but their website certainly is suspicious.

    1. John Lafferty

      Your analysis of the SamaritansPurse.org website is not correct.

      They provide a lot of information about their organization sponsor, their guiding principles, an audit report for 2008, a Federal 909 form, and disclosure of information required in many states within the US.

      Their digital certificate is legitimate. Although I don’t see the lock icon in my version of Firefox, it is displayed in IE. Furthermore, the certificate information from Thawte explains the encryption.

      Although the website does not display assurance provider logos, they claim they are members of Evangelistic financial stewardship organizations. This information can be checked out.

  20. Alex K.

    i went through the list of 200 websites today and found the following 10 monetary scam websites:

    http://haitionfund.com/
    http://haitionearthquake.com/
    http://www.haitiquilt.com/
    http://haitimemorial.com/
    http://haitifeedthechildren.com/
    http://haiticanada.com/
    http://haitianrelieffund.com/
    http://haitianearthquake.net/
    https://www.hopeforhaitinow.org/
    http://haitianhero.com/

    some of these websites are quite easily identifiable as scams, but others are simply very suspicious.

    1. Alex K.

      P.S.
      Here are my reasons for labeling these sites as suspicious. Feel free to comment/critique as I very new to this sort of thing, and would like to learn more.

      http://haitionfund.com/ along with http://haitionearthquake.com/ and http://haitianearthquake.net/

      the sites haves the following for the contact information, which tells me that the site is completely fraudulent:
      Address:
      sample add
      Some City
      FL 12345
      Phone:
      12345678

      http://www.haitiquilt.com/
      tells the reader that they are “still trying to figure out which one” on the information page regarding to which charity the money will go, which makes the reader think that the money will not be going to any charity of any sort.

      http://haitimemorial.com/ and http://haitifeedthechildren.com/ and http://haiticanada.com/
      do not have a telephone number, and the address provided is just a house in a housing development in Canada. The site also says that 100% of the donations will go to helping children in Haiti, which doesn’t make sense, as the organizations have to support themselves somehow, and usually take a percentage from the donations to keep the organization going. These three sites are all exactly the same, which make me think that they are pre-packaged sites that were quickly customized for use to scam people with little effort needed to designing and maintaining the sites.

      http://haitianrelieffund.com

      the site has almost nothing on it, and would have taken only an hour at most to create. The ”contact us” page has nothing on it, and the only thing on the site that works besides the YouTube video is the paypal link. No mention of how the money is getting to Haiti is ever mentioned.

      https://www.hopeforhaitinow.org/

      the site has many symbols and urls of well-known organizations listed, but none of the pictures or the urls are links to the main websites of those organizations. This seems the mean that he site creator does not want to make it too easy to go to a professional organizations website, where they would actually be donating their money to help Haiti, and not to a random website owner.

      http://haitianhero.com/

      The site screams of someone taking advantage of both a Haitians celebrity status and of the Haitian disaster. The address given is for a house in LA, and I don’t think that someone as important as Jimmy Jean-Louis would use his home address as the base for funding relief operation in Haiti, more likely he would simply get together with a organization like the red cross and raise funding that way.

      1. Sam Douglas

        Please retract or correct the “scam” status on HaitianHero.com

        The site is officially a part of HUFH, Hollywood Unites For Haiti, Jimmy Jean-Louis’ non-profit. Go to HUFH.org and verify the “sister site” link back to HaitianHero.com

        Also, note the link and mention at Roddenberry.com where Rod Roddenberry is involved.

        I appreciate the cautious eye, but be careful to simply assume.

        Thanks!

        Sam (the web guy for HaitianHero.com)

        1. Sam Douglas

          Also note the HaitianHero.com address in the HUFH youtube videos. Some of which I put up.

          Again, I appreciate your effort to point out scams, of which there are many, but please make sure to follow up with the sites you deem scams.

          Also, go to ZacharyQuinto.com and see his own news, where he links to our site. Zachary is Jimmy’s fellow castmate from Heroes. (he’s also the new Spock)

          Thanks!

    2. John Lafferty

      haiTIONfund.com and haiTIONearthquake.com have domain names that mispell “haiTIAN” by putting an “o” between the “i” and the “n”.

      Registering a domain name with a common spelling error is another way unscrupulos web developers get people to their site.

  21. Alex K.

    p.p.s
    about the haitianhero site:
    the address listed says that it is in
    “5338 Hillcrest Drive, Suite 2
    Los Angeles, California 90043 USA”

    but the address can be seen to be a house, and not a very large one at that in this like (right click on the marker and then click “street view”) you can see that there’s no way it could be house with two suites.

    http://tinyurl.com/yhftw8b

    the link is to google maps.

  22. Stephen N.

    I thought http://yele.org/ was a questionable website. Although the website looks professional I thought it was questionable how in the “Contact Us” link they didn’t list any useful contact information. Basically they just had a contact Us box to fill out and a P.O. box address with no phone number.

  23. Stephen N.

    http://haitidonations.com/

    I thought this was a questionable bad site. It’s a Web solutions company based in Santo Domingo, Dominican Republic that claims they are raising funds to help Haiti. First of all when you try to view their contact information the link they have posted sends you to an E-mail box that is addressed to them. That is sketchy and sounds like false advertising. On the site the Homepage and News links are the same exact page. Then on their homepage they list other sites to donate to if the user doesn’t feel comfortable donating on their site. I don’t think I would trust giving my money to a web solutions company either.

  24. Stephen N.

    http://haiti-earthquake-relief.com/

    I thought this website was questionable. It doesn’t give any legitimate info about their organization theres no phone number, theres only a P.O. box address that they state you can mail “donations” to the address because it says they are resolving issues with pay pal seems like a scam.

    1. John Lafferty

      I disagree with you on haiti-eathquake-relief.com. If you read their blog, you will see that they have an organization in Haiti that has been working with local people on developing sustainable agriculture, aquaculture, and raising goats and chickens. Two of their schools and some medical clinics were destroyed by the earthquake. But they do have a problem with paypal that they say they are working on.

      They work with churches in Florida. So their blog web site may be primarily a means of communication with people who know them. However, they provide information about their Haiti project and another in India that can be researched.

  25. PH Test :

    there are always scam everywhere so we should always be very careful when dealing with others,;”

Comments are closed.