It shouldn’t come as a shock given what we’ve seen before — but it likely will. A genuine hacking disaster is heading for Gmail, Apple Mail, Outlook and other email users. But thanks to a new security report, you will at least know what to look out for. Just make sure you don’t fall victim to this, making a nightmare situation even worse.
A new report from Veriti has just warned that “as California grapples with devastating wildfires,” with entire communities affected, “those disasters are serving as fertile ground for cybercriminals seeking to exploit chaos and uncertainty.” The teams says it has identified “alarming trends in phishing scams linked to the ongoing disaster, highlighting the need for heightened cybersecurity awareness.”
The threat will come by way of emails with convincing URLs, which you can click through to get help, to find out more or even to donate. “In just 72 hours,” Veriti says it “identified multiple newly registered domains linked to the California fires.” The URLs are quite clearly targeting victims of the fires, which is unsurprising. By hitting those in need of urgent help and support, the campaign will hit its mark.
Some of those domains can be seen here:
- malibu-fire[.]com
- fire-relief[.]com
- Calfirerestoration[.]store
- fire-evacuation-service[.]com
- Lacountyfirerebuildpermits[.]com
- Pacificpalisadesrecovery[.]com
- boca-on-fire[.]com
- palisades-fire[.]com
- palisadesfirecoverage[.]com
The team gave one specific example of “a subdomain suggesting a phishing attempt designed to lure victims under the guise of fire-related assistance. Such tactics prey on people’s goodwill and desire to support recovery efforts.”
While 2025 is predicted to be the year where such scams will turn more to AI, with more compelling copy and imagery being more likely to successfully defraud people, the use of these simple URLs is decidedly old school. We will no doubt see the same with TikTok’s imminent ban and will continue to see campaigns oriented around global hotspots, mixing charity campaigns with offers of assistance.
“The California wildfires,” Veriti says, “underscore the dual tragedy of natural disasters and cyber exploitation. As hackers continue to refine their techniques, awareness and vigilance are critical in preventing against their attacks. By understanding the methods and tools used by cybercriminals, individuals and organizations can take proactive steps to minimize the risks.”
We have seen repeated warnings in recent weeks, as the holiday season spawned record numbers of attacks and scams targeting users across almost every conceivable email, messaging and browsing platform they might be using. Ultimately, though, successful attacks are all about the lure. And this one has all the right components.
Just don’t click through from any emails or download and open any attachments. If you want to find or offer help or assistance, use a search engine to find the website for organizations you’re familiar with or can find through trusted sources.
Read the full article here
