Skip to main content
Protect Yourself

Natural Disasters and the Social Engineer

By November 22, 2016August 23rd, 2025No Comments

In between presidential debates and mass marketing, there are news stories about natural disasters all over the globe.  Hurricanes, typhoons, earthquakes, landslides ā€“ just to name a few.  Many of us have friends or family that live or travel to these locations and when we see these news reports, we are filled with fear. 

Even if you have no family there, the loss of human life affects us and we are deeply saddened.  Recently when hurricane Matthew hit Haiti and the Bahamas then North Carolina ā€“ you probably felt like we did.  Watching the number of those who died was upsetting and emotionally difficult to handle. 

But not everyone feels the same way. 

Enter The Social Engineer 

Sadly, not everyone who sees these horrors feels empathy for their fellow man.  Some decide it is the very time to try and steal.  Local papers warned about scammers using various methods, as you can see in the linked article, but we felt it was important to outline what we have seen attackers capitalize on during disasters. 

  1. Phishing – when disasters hit, it is not uncommon to see fake charity scams asking for donations, generally made via credit card or bank transfer.
  2. In person – as the article mentioned above states, people will come out and actually knock on doors of folks, asking for money or assistance, claiming it is for the victims of the disaster.
  3. Vishing ā€“ the phone scam has definitely increased drastically this year and natural disasters give a very realistic pretext for attacks.Ā 

For those of us that are normal human beings, it is hard to fathom someone using 700+ deaths for self-gain, but this is exactly what they do and it works. In 2015, there was over $800 million lost due to cyber scams alone, according to a report that quoted the FBI

What Can You Do? 

There is no 100% fix for this, but there a few things you can do: 

  1. Critically think ā€“ does the person on the phone or at your door really represent the charity?Ā  How can you know? Well, you may not be able to tell, and a badge or a phone number isn’t enough.Ā  So we suggest if you want to donate, go to the official website, get the phone number, and donate via the web or on a phone you know is legitimate.
  2. Donā€™t ignore your gut – if your internal sensors make you feel like something is not right, report it. Do not give your bank details and stop the interaction quickly.Ā 

Final note is if you feel you already did something that could have compromised you, call your bank or credit company, and put a watch on your account. 

Stay safe. 

Tags:

Security Assessment Case Study
Learn more about the importance of a Social Engineering Risk Assessment.
Download Now
Security Assessment Case Study
Learn more about the importance of a Social Engineering Risk Assessment.
Download Now
What Makes Us Different
At Social-Engineer, we pride ourselves on what we do and how we do it. We are a security services provider, focusing on four primary attack vectors. This case study will go through how we can protect your company and what makes us different.
Download Now
What Makes Us Different
At Social-Engineer, we pride ourselves on what we do and how we do it. We are a security services provider, focusing on four primary attack vectors. This case study will go through how we can protect your company and what makes us different.
Download Now
Woman vs Machine
Technology is providing new, more innovative ways to enhance our world. Scientists are constantly developing smarter, faster and more intelligent machines, systems and robots. There is no doubt that each of these has evolved beyond their clockwork origins.
Download Now
Woman vs Machine
Technology is providing new, more innovative ways to enhance our world. Scientists are constantly developing smarter, faster and more intelligent machines, systems and robots. There is no doubt that each of these has evolved beyond their clockwork origins.
Download Now
Vishing and Phishing Must Be Ongoing to Be Effective
Most companies have a security awareness program in one form or another. If they donā€™t, it should be on the short list of programs to start as soon as possible. In our experience, many of these programs take the form of computer-based training.
Download Now
Vishing and Phishing Must Be Ongoing to Be Effective
Most companies have a security awareness program in one form or another. If they donā€™t, it should be on the short list of programs to start as soon as possible. In our experience, many of these programs take the form of computer-based training.
Download Now
A Case Study in Vishing
Vishing (voice-based phishing) has been a problem for quite a long time. There are many vendors in the marketplace that offer vishing services. However they tend to use robo-callers or call centers for large volume engagements. If they are using trained humans to make calls, it is likely in very low numbers.
Download Now
A Case Study in Vishing
Vishing (voice-based phishing) has been a problem for quite a long time. There are many vendors in the marketplace that offer vishing services. However they tend to use robo-callers or call centers for large volume engagements. If they are using trained humans to make calls, it is likely in very low numbers.
Download Now
Benefits of a Social-Engineering Risk Assessment Engagement
Your company is important. Indeed, the data you hold for your clients or employees is very valuable and attackers seek to capitalize on that data any way they can. This is where a Social Engineering Risk Assessment (SERA) engagement can help uncover possible vulnerability to attackers.
Download Now
Benefits of a Social-Engineering Risk Assessment Engagement
Your company is important. Indeed, the data you hold for your clients or employees is very valuable and attackers seek to capitalize on that data any way they can. This is where a Social Engineering Risk Assessment (SERA) engagement can help uncover possible vulnerability to attackers.
Download Now
The Business Value of the Social-Engineer Phishing Service
Cybercriminals are targeting the human element of organizations. Additionally, they are developing techniques to use an organizationā€™s employees as the first point of entry. According to the 2021 Verizon DBIR report, of the 3,841 security breaches reported using social engineering, phishing was the key vector for over 80% of them.
Download Now
The Business Value of the Social-Engineer Phishing Service
Cybercriminals are targeting the human element of organizations. Additionally, they are developing techniques to use an organizationā€™s employees as the first point of entry. According to the 2021 Verizon DBIR report, of the 3,841 security breaches reported using social engineering, phishing was the key vector for over 80% of them.
Download Now