Cyber Criminals May be Using Explosions in Boston for Profit
Historically, scammers, spammers, and other malicious actors capitalize on major news events by registering domain names related to the events. Malicious actors may attempt to exploit the April 15, 2013 explosions at the Boston Marathon in this way. Some may use fake domains to take advantage of those interested in learning more details about the explosions, or target individuals looking to contribute to fundraising efforts.
In addition to fake domains, malicious actors may also create fake social media accounts with similar intent. For example, Twitter account @_BostonMarathon was created shortly after the explosions took place. The account stated it would donate $1 for each retweet, and was crafted to closely resemble the legitimate Boston Marathon Twitter account (@BostonMarathon). This account has since been suspended by Twitter; however, the likelihood that similar social media accounts will surface remains high.
DHS recommends that all persons looking to donate money in support of those affected by the events rely on official fundraising charities. Exercise caution when clicking on links or interacting with social media accounts that claim to represent the best interests of those involved in this incident. Additionally, when searching for updates on the story, it is safest to go directly to trusted news sources rather than conducting general search engine queries.