Boston calls for fraudulent giving

Should online Charities do more to protect their customers?This week the world watched on with morbid fascination as the disturbing events unfolded in real time in Boston. Whilst the vast majority of us tried to reason with why such a tragedy happened, a small minority of people were already planning  to profit from the terrorist attack.  In the space of a few minutes following the explosions, the first of many domain names relating to the incident were registered.   Why people would decide to take such action is beyond me.

In the wake of such events, many organizations will set up charitable funds or trusts to provide financial aid to those who have been affected, but the concept of setting up an entire website is probably a long way from the immediate thoughts of  charitable intent. These domains are simply another means of the old adage "speculate to accumulate".  The Time magazine even reported that a number of these names are now appearing on auction sites.  If that isn't profiting from human tragedy then I don’t know what is.

The reason why these people have rushed to snap up relevant domain names?  Well savvy “domainers” know that people will be searching for news on topical events and thus will rush to register keyword rich domains to capture that traffic, hoping to gain a cent or two from click-through traffic.  They may even hope that a more charitable cause will compel the charity organization to offer to buy the domain name from the domainer, at a nice tidy profit of course.

There is also the danger that fake websites  being set up under these domains, suggesting they are legitimate charities, and with the option  to take donations online.  Some websites may be genuine, many wont be.  But how does a good donating Samaritan know  this? It's not as if you will ever see an end product one way or another.  Most genuine charitable or donation websites do not pass on the funds raised  straight away. So whilst you may think your cash will be given to those in need, in the case of a fraudulent website, it may actually end up in someone else’s back pocket.

The Social Media giants of Facebook and Twitter were also quickly populated with fake sites and accounts.  One such account on Twitter offered to donate money for every retweet.  A noble gesture, or one simply to build a profile very quickly that could then be used for illegal activity.  Fortunately, Twitter soon uncovered the account as fake and closed it down.

So what can be done to protect us from being duped? Today it's a mixture of prevention and common sense.  There normally tends to be one or two official front line charities, which will be quite visible.  For humanitarian disasters the Red Cross is always one of the first seen springing into action.  But how do you know it isn’t a fake one? If you do find yourself on a website of a charity that wants your donations, it may be worth taking a few simple steps to check if it is a genuine website.

Most donation websites will use an SSL certificate to give donors trust that they are dealing with the right organization.   SSLs are simple and cheap to implement, and  is hard for cyber criminals to mask their true identity. For web visitors, it only takes a few seconds to check whether the website is genuine or not.  Organizations such as NetNames partner with the world’s leading SSL authority, to provide security solutions that both protect genuine organizations as well as their customers who visits  their websites.

If ICANN (The Internet governing body) has its way, there will soon be another level of protection.  Numerous law enforcement bodies have been putting pressure on the Internet regulator for years, to improve the current Whois provisions that places very little emphasis on proper verification of every domain name holder, and thus makes it all too easy for rogue individuals to quickly and anonymously set up domains that are solely designed to divert revenue, customers and traffic away from genuine websites or charitable causes.  Whilst there is still a lot of i's to be dotted and t's to be crossed before the internet changes become reality, it is a big firm step in the right direction for the industry.

Slowly but surely the ability of bad actors to profit on the good name or causes of others is being eliminated.  The Internet needs to be a safer place for all and we all have to play a part to make it so. Fortunately the authorities have moved to stop some of the domain names being used to dupe unsuspecting good Samaritans. The FBI have now seized a few of them, redirecting them to their news feed on the incident as well as to the registered US charity Limbs for Life. Our thoughts are of course with those affected by the events in Boston and we hope to see more genuine efforts made to help and donate responsibly online.
Written by Stuart Fuller, Director of Communications, NetNames

23 April 2013