2025 Foundational Application of Social Engineering

Natural Disasters and the Social Engineer

Share This Post

In between presidential debates and mass marketing, there are news stories about natural disasters all over the globe.  Hurricanes, typhoons, earthquakes, landslides – just to name a few.  Many of us have friends or family that live or travel to these locations and when we see these news reports, we are filled with fear. 

Even if you have no family there, the loss of human life affects us and we are deeply saddened.  Recently when hurricane Matthew hit Haiti and the Bahamas then North Carolina – you probably felt like we did.  Watching the number of those who died was upsetting and emotionally difficult to handle. 

But not everyone feels the same way. 

Enter The Social Engineer 

Sadly, not everyone who sees these horrors feels empathy for their fellow man.  Some decide it is the very time to try and steal.  Local papers warned about scammers using various methods, as you can see in the linked article, but we felt it was important to outline what we have seen attackers capitalize on during disasters. 

  1. Phishing – when disasters hit, it is not uncommon to see fake charity scams asking for donations, generally made via credit card or bank transfer.
  2. In person – as the article mentioned above states, people will come out and actually knock on doors of folks, asking for money or assistance, claiming it is for the victims of the disaster.
  3. Vishing – the phone scam has definitely increased drastically this year and natural disasters give a very realistic pretext for attacks. 

For those of us that are normal human beings, it is hard to fathom someone using 700+ deaths for self-gain, but this is exactly what they do and it works. In 2015, there was over $800 million lost due to cyber scams alone, according to a report that quoted the FBI. 

What Can You Do? 

There is no 100% fix for this, but there a few things you can do: 

  1. Critically think – does the person on the phone or at your door really represent the charity?  How can you know? Well, you may not be able to tell, and a badge or a phone number isn’t enough.  So we suggest if you want to donate, go to the official website, get the phone number, and donate via the web or on a phone you know is legitimate.
  2. Don’t ignore your gut – if your internal sensors make you feel like something is not right, report it. Do not give your bank details and stop the interaction quickly. 

Final note is if you feel you already did something that could have compromised you, call your bank or credit company, and put a watch on your account. 

Stay safe. 

More To Explore

Soft Skills for Cybersecurity Professionals
General

Soft Skills for Cybersecurity Professionals

As cyber threats continue to increase, so does the need for cyber security professionals. Some of the skills needed to succeed in the field of cyber security are programming skills,

Social Engineering

Keeping it Simple in Cybersecurity 

Today, the cybersecurity industry focuses a lot more on complicated solutions and tools. Companies are always looking to improve their security measures with the latest technologies. However, attackers often choose