I received this email and felt the need to share with everyone..

Debra Reiger, the State’s Information Security Officer asked that we share this with all staff.

~~~~~~~~~~~~~~~

In the aftermath of the hurricane damage, many people are eager to help by sending donations to various charities.  There are many good and reputable charities, but this is a heads-up that some disaster relief donation requests are not legitimate.

Please be advised that there are numerous scams already in place to take advantage of potential givers.  Some of these are email, some involve fake web sites, and some are phony charities (and various combinations of all of these).  In some cases the scammers are after credit card numbers or other personal information to be used for identity theft; in other cases they just want to take your donation. (Not all of the disaster relief scams are internet based - you may see people collecting money on street corners and in front of markets and I don't know of any way to identify which ones are there for what reasons.)

There are numerous legitimate web sites and mail addresses for disaster relief donations.  Please use your good judgment in deciding what to do. (There is a link below to the FEMA web site, with a list of reputable charities.)

Below is a clip from the SANS Institute's web site, indicating that there may also be a danger of worms, viruses, and spyware in hurricane-related emails.

~~~~~~~~~~~~~~~

Fake Hurricane emails
Like after similar events in the past, we do expect scams and viruses to take advantage of this situation. Please be careful with e-mails containing 'hurricane videos' as attachments, or e-mail asking for donations. Refer to fema.gov for a list of reputable agencies (http://www.fema.gov/news/newsrelease.fema?id=18473) or donate to organizations you trust and have past experience with.

~~~~~~~~~~~~~~~
Please encourage your department's computer users to avoid opening hurricane video attachments and to be cautious about email solicitations for donations.  These represent not only a privacy risk to the computer users, but possibly a security threat to the state.

Regards,

Debra Reiger
State Information Security Officer