Officials with the N.C. Department of Information Technology (N.C. DIT) are urging North Carolinians to be cautious of cybercrime and social media scams associated with Hurricane Dorian.
Cybercriminals take advantage of natural disasters such as hurricanes to solicit personal information and to take advantage of vulnerable infrastructures, disaster victims and volunteers by using social engineering techniques like phishing. Phishing is when a criminal sends out an email, text message or phone call pretending to be a reputable and legitimate source in order to obtain personal information such as credit card and Social Security numbers. Phishing can occur through social media platforms. Be aware of social media posts asking for donations through a personal mobile payment app, or wire transfers and not through a verified charity or federal aid organization.
Phishing emails and phone calls may also try to pose as official disaster aid organizations such as the Federal Emergency Management Agency (FEMA). FEMA and other federal representatives will never ask for personal banking information, Social Security number or registration number.
“Cybercriminals will use every tactic in their arsenal to trick citizens out of their personal information for their financial gain,” said Chief Risk Officer Maria Thompson. “Residents should take necessary precautions to protect themselves. Think of it as preparing an emergency kit for your personal data.”
Take these steps to help prevent being the victim of cybercriminals:
- Carefully look at email and web addresses. Cybercriminals will make them look as legitimate as possible, often using variations of spellings. The URL may have a different domain, such as .net instead of .gov.
- Do not click on links in emails and social media posts from anyone unless you know and have verified the sender or social media account.
- Take time to look at the sender’s email address. Do not click on any links until you are certain the organization is legitimate. Validate the organization’s website for its contact information, and use sites such as www.charitynavigator.org to verify a charity organization.
- Make sure anti-malware software is up-to-date, and you’ve implemented anti-phishing capabilities if available
- Do not provide personal information or information about your organization