BOOKMARK
PRINTH1N1
Scamming on Swine Flu
Wed, 12/02/2009 - 09:14 — Josh Bourne — PermalinkWe received an email recently to the company’s general contact address from a sender posing as the Center for Disease Control. The email stated that the reader needed to complete a person H1N1 Vaccination Profile on the CDC’s Web site, regardless of whether or not he or she has been vaccinated, because that profile would be used for a “registering system” of who had and had not been vaccinated. A link that supposedly led to the CDC Web site where the reader could create his or her profile was included at the bottom of the page.
To a trained eye, it is clear that the email was a phishing scam. Instead of the CDC Web site, the link actually led to online.cdc.gov.yhnbam.im - .IM is the ccTLD for Isle of Man, a small British Crown dependency located in the Irish Sea between the United Kingdom and Ireland. The site had been set up to trick Internet users into disclosing personal and financial information, which the site owner then steals.
I tried to follow the link to see just what kind of information the site was trying to obtain, but was instead greeted by a warning message that said, “This web site at online.cdc.gov.yhnbam.im has been reported as a web forgery and has been blocked based on your security preferences.”
Phishing has been and remains a very serious and dangerous problem online. What is truly despicable is how phishers exploit the public’s concern over issues in order to dupe them into handing over information. H1N1 remains a very worrisome and serious issue, especially here in the U.S., for cybercriminals to take advantage of people’s distress or fear is abhorrently opportunistic.
Be on the lookout if you receive this email. The sender appears as the CDC with the address info@cdcmails.com, so it may seem legitimate at first, but it is indeed a scam.
Virginia Dept. of Health Gets Clever Domain to Promote H1N1 Vaccine
Tue, 10/27/2009 - 15:30 — Josh Bourne — PermalinkI was watching television the other night and a commercial came on about H1N1 flu vaccines. H1N1, or Swine Flu as it is commonly referred to, has been a hot topic recently, especially as we move into flu season. The advertisement mentioned the importance of good hygiene practices to prevent the spread of the flu, but what really caught my attention was the domain name announced at the end of the spot: h1n1get1.com.
I visited h1n1get1.com and found a simple Web site urging that the H1N1 vaccine is safe and works to prevent the flu, as well as tips on how to prevent spreading the disease and links to the Departments of Health in Virginia, Maryland and Washington, D.C. Atop the page was the catchy little slogan, “It’s up to you to prevent the flu.” But nowhere on the page was there any mention of an affiliation – I was expecting to see the logo of a health authority like the CDC.
After doing a little digging, I learned that h1n1get1.com is registered to Emily Greenwood, who, according to the email address listed in the WHOIS information, is an associate at Fultz Marketing, a marketing firm out of Richmond, VA. As it turns out, the Virginia Department of Health (VDH) is a client of Fultz’s. The connection between the two became more obvious when I followed the link to Twitter on h1n1get1.com and saw the account was named @VDH_H1N1.
This campaign is an interesting example of how domains can be used. The domain h1n1get1.com is catchy and memorable (plus there is little chance that Internet users will think that the “ones” are written rather than numerical), and it can serve as a means for the VDH to inform the public about H1N1 and ways to treat and prevent it. However, I think it would be better for the VDH to show that it is clearly behind the message and the Web site itself. Not including any reference to the VDH risks making the site appear illegitimate or amateur. Any site can link to the CDC, and wary Internet users might be turned off if they cannot identify the site’s affiliation with a health authority.
The Virginia Department of Health and Fultz have all the tools they need: a catchy domain, a tie-in with social media, and even a TV advertisement for the site. But in order for this campaign to really take off, they should focus on better Web site development in order to utilize the domain name to its full potential.
