The continuing devastation of the California wildfires has given rise to another threat—cybercriminals seeking to exploit the disaster. These malicious actors are leveraging the chaos, using sophisticated phishing tactics to deceive those impacted by the fires.

New Domains Mimic Legitimate Services

Researchers at Veriti have discovered a proliferation of newly registered domains designed to mimic legitimate relief services. These include deceptive names such as "malibu-firecom" and "fire-reliefcom." By imitating official resources, scammers aim to lure victims with false promises of evacuation assistance, recovery permits, and more.

Phishing Tactics and Social Engineering

The phoniness of these sites serves a larger scam aimed at obtaining sensitive information. These domains are likely fronts for phishing attacks, aiming to harvest personal details like login credentials and financial information. Cybercriminals use social engineering tactics to instill fear and urgency, manipulating individuals into clicking malicious links or downloading harmful software. For instance, a scam might pose as a subdomain offering “fire-related assistance,” yet its true purpose is to install malware on unsuspecting users' devices. This exploitation underscores the particular vulnerability of individuals and organizations during emergencies.

Active Monitoring and Prevention Tips

Although Veriti Research has not yet observed email campaigns linked to these domains, they continue to actively monitor for malicious activity. Their team advises vigilance, urging individuals and entities to stay informed about such threats. Education on cybercriminal tactics is essential for reducing the risk of falling victim to these schemes.

Veriti has compiled a list of domains identified within 72 hours:

fire-reliefcom

malibu-firecom

boca-on-firecom

palisades-firecom

Calfirerestorationstore

palisadesfirecoveragecom

fire-evacuation-servicecom

Pacificpalisadesrecoverycom

Lacountyfirerebuildpermitscom

By understanding the nature of these threats, communities and organizations can bolster their defenses and protect themselves more effectively during these critical times.

The link has been copied!