As Ice Bucket Challenge Goes Viral, Scams Follow

Beware of phishing, malware, spam and other online scams based on the extremely popular ALS Ice Bucket Challenge.

At this point, the ALS Ice Bucket Challenge has reached the “planking” level of virality. So it should come as no surprise that reports are beginning to emerge of cybercriminals using the campaign to spread malware and other bad things.

Ice-bucket-challenge

Amyotrophic Lateral Sclerosis – or ALS – is a neurodegenerative disorder. In the U.S., the disease has been popularly known as Lou Gehrig’s disease ever since the six-time World Series champion and seven-time All Star died of the disease at 37 in 1941.

As WebMD so delicately puts it, ALS “is a disease in which certain nerve cells in the brain and spinal cord slowly die.” The disease is rare, but it eventually causes people with it to lose control of critical motor skills, like walking, eating and breathing. Most die within three to five years of diagnosis.

Like all popular things on the Internet, criminals have moved in to make money.

The ALS Ice Bucket Challenge has been an insanely popular Internet campaign to raise awareness about, and research funding for, the deadly disease. It goes something like this: someone dumps a bucket of water on his or her head, then challenges others to either donate money to ALS relief or dump a bucket of water on their heads. Those people then challenge more people and so on and so forth until your Facebook feed consists entirely of people dumping buckets of water on their heads.

Like all popular things on the Internet, criminals have moved in to make money. The good news is that the groups perpetuating these scams are low-level. They don’t have zero days; they don’t have unknown malware.

They are very likely using automated toolkits that are completely useless against a fully patched machine with an up-to-date anti-malware engine. So, run an antivirus product on a patched machine with a patched browser and you are safe from most malware-based scams.

As always, you’ll need to be careful about phishing schemes. Don’t go clicking on any old link or video that pops up in your email or on your Facebook feed. Look out for fake forms that will try to pilfer personal and login information.

More importantly, look out for fake donation payment portals that are designed to steal payment information. If you plan to donate to ALS, don’t do so by following a link from an email or social network (or even from this article!). Navigate directly to the website of the group you’d like to donate to. Once you have decided who you’d like to donate to, do some research: make sure the group is legit. Popular charitable causes very often attract groups who will create fake charities for their own personal gain. Once you are sure a group means well, make sure their payment portal is protected by a trusted certificate issuer (click on the padlock in the address bar). Follow our credit card safety tips and you’ll be okay.

If you’re not familiar with the ALS Ice Bucket Challenge, our friends at Kaspersky Lab accepted the challenge en masse (and donated money to ALS research), which you can watch in the video embedded below.

[youtube https://www.youtube.com/watch?v=YnzRy0rqfcw&feature=youtu.be&list=UUGhEv7BFBWdo0k4UXTm2eZg]

I have to think ALS awareness is at an all-time high right now – perhaps second only to when Lou Gehrig died of the disease. Dumping buckets is okay, but donating to ALS research is probably better.

If you feel like ALS research is getting plenty of attention, Doctor’s Without Borders is fighting Ebola in Africa and any number of other global health problems around the world. The UNHCR is responding to refugee crises affecting the lives of nearly 34 million people in 125 countries. You could also donate to JDRF, which contributes money to Type 1 Diabetes research, as well as countless other local, national or international charities.

Tips

Cybersecure Christmas

Many hacks have started during Christmas holidays. A few simple tips will reduce the chances of your company becoming the next victim.