IE 11 is not supported. For an optimal experience visit our site on another browser.

Careful! Hundreds of scams abound online after Boston bombing

Boston Marathon malware
Kaspersky Lab
Screenshot of Boston Marathon Web link malware
An example of the kind of Boston Marathon-related malware that's out there, as shown by Kaspersky Lab.Kaspersky Lab

Scammers, crooks and spreaders of computer malware have wasted little time in trying to play off the public's sympathy for the victims of the Boston Marathon tragedy, prompting warnings from the Massachusetts attorney general and computer security companies to be extremely wary about donating money to unfamiliar charity websites, and clicking on unsolicited Web links.

Massachusetts Attorney General Martha Coakley said Wednesday in a statement that potential donors need to "protect themselves from fundraising scams claiming to benefit those affected by this week's tragedy."

"Most charities that solicit donations during this time are reputable and worthy of financial support from the public, like The One Fund Boston," she said. "Some, however, may engage in questionable tactics or mislead the public about the use of donations."

Barbara Anthony, Massachusetts undersecretary of consumer affairs, said that Twitter accounts also have been created to seek money from the public.

"It is unspeakable that anyone would sink to capitalize on Boston’s sorrow as we recover from this tragedy," she said in a statement. "We remind consumers to exercise caution and do their homework before reaching out to help."

In the last 48 hours, more than 100 websites have been created with names that use the words "Boston marathon." Some of the owners of these sites may be seeking to get your cash, but not help anyone but themselves, says Michael H. Berkens, editor-in-chief of The Domains, a domain industry news site.

"Just minutes after the reports of the explosions hit the news, (website) domain names related to the bombings were already registered and some parked by people looking to make money off the tragedy," wrote Berkens.

"While we don’t know every registrant's intention, we do know historically that many of the domain names registered immediately after were done to get traffic and make money parking domains or worse."

Due to concern over the nature of the websites, we are not listing the domains here, but suffice it to say, anything that has "boston bombing" or "boston marathon bombing" in the actual domain name should be treated with suspicion, Berkens says.

Not all the websites with these domain names may be seeking to make a buck; some say they are trying to do good.

NBC News reached the owner of one of these newly registered domain names, Brian Stroka of Florida.

He said in an email that he is not sure what he is going to do with the website name, "but if I if somehow make any money from building a website or selling the domain I will donate it to the victims' families from the tragedy."

The Massachusetts Attorney General's Office says if you want to donate money via a website, take the time to check websites such as and, "where you will find additional information to help you understand a large number of charities."

Meanwhile, in addition to websites that may be trying to get your money, scammers may be trying to get your information or spread malware. Avoid clicking on Web links in Facebook or in emails that purport to show explicit video of the explosions.

"While many are still in shock after the Boston Marathon bombings ... it didn't take long for cyber criminals to abuse that tragic incident for their dirty deeds," wrote Michael Molsner, Kaspersky Lab expert, on the company's blog.

He noted the influx of emails with Web links to "malicious locations with names like 'news.html.' These pages contain URLs of non-malicious YouTube clips covering the recent event. After a delay of 60 seconds, another link leading to an executable file is activated." (Not all Web links that include "news.html" as part of them are automatically malware, but right now, it's especially good to pay close attention to those.)

Graham Cluley, senior technology consultant at Sophos security, corroborated in a blog post that scammers are indeed using this tactic.

"Messages spammed out by attackers claim to contain a link to video footage of Monday's terrorist activity in Boston, with subject lines such as '2 Explosions at Boston Marathon,'" he wrote. Other subject lines in emails include the words "Aftermath to explosion at Boston Marathon," "Boston Explosion Caught on Video" and "Video of Explosion at the Boston Marathon 2013" or variations of these.

Sophos example of malware attempt
Email subject lines such asSophos

"If you make the mistake of clicking on the link, however, you are taken to a website which — while showing you genuine YouTube videos of the the horrific incident — attempts to infect your computer with a Windows Trojan horse that Sophos products detect as Troj/Tepfer-Q," he wrote.

The Massachusetts AG's office said individuals with questions or complaints about charitable solicitations should call the Attorney General's Non-Profit Organizations/Public Charities Division at 617-727-2200 x2101 or can access the complaint form online.

"Clearly, there are no depths to which cybercriminals are not prepared to stoop in their hunt for victims," wrote Cluley.

"The sick truth is that malware authors and malicious hackers lose no sleep about exploiting the deaths of innocent people in their attempt to infect computers for the purposes of stealing money, resources and identities."

Check out Technology, GadgetBox, TODAYTech and InGame on Facebook, and on Twitter, follow Suzanne Choney.