MasterCard warns of Tsunami Donation Thieves

MasterCard and leading digital fraud detection company NameProtect are volunteering their services to help federal law enforcement agencies to stop scam artists from stealing donations to tsunami relief efforts.

Recently, many law enforcement agencies and consumer advocacy organizations issued warnings that con artists were using “phishing” attacks to prey upon the outpouring of generosity for victims of the Indian Ocean tsunami. In these attacks, fraudulent e-mails disguised as e-mails from seemingly legitimate tsunami relief agencies are sent to unsuspecting consumers, attempting to trick them into going to a fraudulent Web site designed to steal credit card and other personal information.

MasterCard and NameProtect are collaborating to use NameProtect’s industry-leading Internet detection technology and systems to quickly identify these phishing attacks for the federal law enforcement agencies to investigate. To date, the companies have found 133 potential tsunami-related phishing sites that the federal law enforcement agencies are now investigating.

“Sadly, we have identified numerous phishing Web sites that are trying to take advantage of people’s compassion – but we are working with federal law enforcement to shut them down,” said Sergio Pinon, senior vice president of Security and Risk Services for MasterCard International. “By clearing out the scam artists, we hope people will continue to donate to legitimate relief efforts. However, we recommend that people do so by directly making their donations on the official Web sites of the relief agencies instead of responding to unsolicited e-mails.”

"The global community has stepped forward in this difficult time. We are pleased to assist federal law enforcement efforts to prevent criminals from preying on donors’ generosity. Sergio and I are committed to purging fraud in the online environment as we strive to ensure confidence in the relief efforts,” said Mark McLane, CEO, NameProtect.

Consumers are encouraged to safeguard themselves against phishing by following the tips provided below:

• Be wary of phishing e-mail. Banks do not contact customers to ask them to provide sensitive information such as passwords and PINs online. Look for indications such as spelling and grammatical errors that expose the e-mail as being not genuine

• Do not click hastily on links appearing in incoming e-mails and provide payment card or other personal information. Make it a practice to connect to an institution’s Web site only by directly typing the institution’s valid Web address into the Web browser.

• Notify your bank and local law enforcement authorities promptly by forwarding suspicious phishing-type e-mails. This action will help shut down the fake Web site and to take action against the criminals.

• Monitor the transactions appearing on your statements, and quickly report suspicious transactions to your bank.

• Change passwords and PINs periodically.

• Install anti-spam and firewall software on your personal computer to stop receiving spam and to prevent unauthorized access.

• Turn off your computer when not in use, to avoid criminals gaining access and misusing it for fraudulent purposes, which includes launching phishing attacks.

• If you suspect that you have become a victim of a phishing attack and already have divulged your sensitive account information to fraudsters, please contact your bank immediately to discuss the appropriate remedial action.

• Continue to monitor your statement for unauthorized transactions, if your account is not closed.

• Regularly obtaining personal credit reports from all three credit reporting agencies and carefully reviewing the information. Question – and correct – any inaccuracies.

In June 2004, MasterCard and NameProtect united to aggressively combat illegal online activities such as phishing, identity theft schemes and the brokering of illegally obtained credit card numbers in the online environment. The partnership calls for the companies to work together to identify sites established solely to steal personal information and then squash illegal activity before people’s accounts and information are compromised.

See other recent news regarding: MasterCard, Tsunami