By Jeremy Ventura, Field CISO, Myriad360
As wildfires rage across Los Angeles, affecting thousands of people and properties, it's crucial that individuals remain vigilant and aware of emergency notifications. The chaos of smoke, destruction and evacuations create an environment of constant flux. Every emergency alert feels critical – until one didn't.
An erroneous evacuation notice sent out during the fires wasn’t malicious, but it caused panic. People panicked, unsure where to go or if their homes were at risk. Corrections flew all over social media. It was a vivid reminder that in moments of crisis, clarity is everything, and confusion can carry its own dangers.
In my years studying cybercrime, I’ve learned that this confusion isn’t always accidental. Scammers thrive in environments of chaos and fear. They know how to exploit desperation, weaponizing emotions to push people into quick, unguarded decisions. Their most powerful tool isn’t a sophisticated hack—it’s our own human nature.
Scammers understand one fundamental truth: fear, urgency, and trust can override caution. This isn’t just true for everyday individuals—professionals, even those in security, are vulnerable in high-pressure situations. A concept called availability bias explains why. When we’re overwhelmed or emotional, our brains rely on recent or striking information to make decisions. It’s why, in the heat of the moment, a phishing email or a scam text feels plausible.
That’s the heart of their strategy. By playing on emotions, scammers push us into acting before thinking. Whether it’s a fraudulent text about wildfire evacuations, a fake donation page after an earthquake, or an email pretending to help you process an insurance claim, the underlying tactic is the same: keep you emotional and make you act fast.
Text messages are a lifeline during disasters. They’re where we turn to check on loved ones, follow emergency updates, and coordinate plans. That trust in SMS makes it an incredibly effective tool for attackers.
A friend of mine learned this the hard way. After evacuating during the LA fires, he received a text from a “lawyer” offering to help expedite his insurance claim. It looked official, it felt urgent, and it carried the weight of authority. But it was a scam—a clever one designed to prey on the fear and disorientation disasters create.
Scammers know this. Text messages boast a 98% open rate, with 90% of texts read within minutes. That immediacy, combined with the deeply personal nature of SMS, makes it an ideal channel for bad actors. During disasters, scammers know their fake messages will mix in with real updates, capitalizing on the urgency and stress victims already feel.
Disasters don’t just bring out the worst in scammers; they exploit the best in people. After the Turkey-Syria earthquakes in 2023, scammers set up fake donation pages on platforms like PayPal and Twitter, siphoning funds intended for relief effort.
It’s a tactic we’ve seen time and again. Fraudulent GoFundMe pages mimic legitimate campaigns, leveraging emotional appeals like “Donate now to save lives!” These messages are designed to trigger immediate action, bypassing the logical part of our brains that might ask, “Is this real?”
The urgency to help during a crisis creates the perfect environment for these scams to thrive. And because these platforms are associated with good causes, people often trust without verifying. It’s a sobering reminder to double-check even the most well-meaning efforts.
During the last California wildfires, fraudulent schemes exploiting the chaos and urgency of disaster recovery efforts surfaced. For example, the Federal Emergency Management Agency (FEMA) reported scams involving fake offers of state or federal aid, where attackers impersonated official agencies. These phishing emails appeared legitimate, leveraging the stress and desperation of affected individuals to extract personal information or payments.
This tactic, known as domain spoofing, is one of the most common methods scammers use during crises. It thrives because, under stress, people rarely scrutinize email addresses or URLs carefully. When you’re desperate to secure aid or find safety, even the smallest sign of legitimacy—such as a familiar logo or a convincing email signature—can lower your guard.
Domain spoofing is particularly insidious because it exploits both trust and urgency. In disaster scenarios, stakes are high, and the perceived window for action feels perilously small. Scammers rely on this emotional vulnerability to push victims into revealing sensitive data or downloading malicious files, further compounding the devastation of an already critical situation.
While scammers’ tools are evolving, their reliance on emotional manipulation remains their biggest advantage. By understanding their tactics, we can better protect ourselves and others.
In moments of crisis, slowing down can feel counterintuitive. But that pause—taking just a few seconds to verify—can make all the difference.