We’ve noted in other posts that events like natural disasters are inevitably used as phishbait by scammers. The Atlantic hurricane season, which breeds storms like the recent and very destructive hurricane Florence, provides lots of opportunities for this unusually repellent form of fraud.
Fraudsters are phishing with bogus charity donation sites hoping to entrap those who would like to help the unfortunate victims of the storm. This always happens in the wake of disaster: legitimate charities and drives find themselves intermingled with scams.
The moral is to check the charity before you donate, and be especially wary of following links in emails that solicit donations. A useful guide to finding reliable charities may be seen here: https://www.nytimes.com/2013/11/08/giving/how-to-choose-a-charity-wisely.html.
This kind of social engineering takes advantage of people’s better impulses. Any organization can help its employees recognize this problem through some timely, interactive awareness training. KrebsOnSecurity has the story: https://krebsonsecurity.com/2018/09/beware-of-hurricane-florence-relief-scams/