This post is also available in:
עברית (Hebrew)
As the devastating wildfires continue to wreak havoc in Los Angeles, cybercriminals are seizing the opportunity to exploit the chaos, targeting both victims and well-meaning donors with fraudulent schemes. A new report from cybersecurity firm BforeAI has revealed a surge in domain registrations and scams designed to deceive people and steal sensitive data or funds.
Between January 8th and January 13th, 2025, the peak of the wildfire crisis, 119 new domains were registered, many using keywords such as “LA fire,” “wildfire,” “relief,” “fund,” and “rebuild.” These domains were strategically crafted to capitalize on trending topics and lure individuals who were looking to help those affected by the disaster. Half of these domains were registered through GoDaddy, while others were hosted on platforms like Namecheap, Register, Ionos, Hostinger, and Squarespace.
Scammers relied on familiar, trusted domain extensions like “.com” to create the illusion of legitimacy. BforeAI flagged some domains, such as “helplafire[.]com” and “fundlafires[.]com,” which appeared to be designed for financial fraud and potentially to collect personally identifiable information.
Additionally, many fake GoFundMe campaigns emerged during the wildfire crisis, targeting donations for non-existent causes. One such scam involved a fraudulent campaign for an injured dog purportedly harmed by the fires, using a recycled image from a completely different fundraising page. These campaigns aimed to exploit the emotional toll of the disaster, convincing people to donate to fake causes that provided no real assistance.
Scammers also set up counterfeit online stores, claiming to sell merchandise that supposedly supported wildfire victims, including fraudulent items linked to the Los Angeles Fire Department. Cryptocurrency schemes surfaced as well, promising financial gains while leveraging the wildfire crisis to reel in unsuspecting investors. These scams were often promoted via social media, allowing them to spread quickly and deceive a wide audience.
In conclusion, the combination of trending keywords, high emotions, and the urgency of disaster relief efforts makes this a perfect storm for cybercriminals, who are exploiting the wildfire tragedy to manipulate well-intentioned individuals.
