On Saturday a massive earthquake devastated the Himalayan nation of Nepal, and the dust had barely settled before scammers and con artists started using the tragedy to fleece money out of people, either by establishing fake charities ostensibly to help earthquake victims, or posing as legitimate charities to send out phishing-bait messages.
Give.org is the website maintained by the Better Business Bureau's “Wise Giving Alliance,” which essentially rates charities same way the BBB rates businesses. Yesterday, the WGA issued a warning “advis[ing] donors to avoid being taken advantage of by questionable solicitations or wasting their money on poorly managed relief efforts” connected to the earthquake.
Along with the warning, Give.org posted an alphabetized list of BBB/WGA-accredited charities currently collecting contributions for relief efforts in Nepal. If you want to donate to a charity, check first to see if that charity is on the list.
In addition, you must also take all the standard precautions against phishing scams. “Phishing” is basically the online-scam equivalent of “impersonation”: a phisher will send you an email claiming to be from somebody else — anybody from your bank to Netflix to the IRS or some other government agency — in hope of tricking you into handing over your money, or your passwords or other confidential information.
The best way to defend yourself against phishers is to follow the communication rule “Don't call me; I'll call you.” Suppose, for example, you think there might be a problem with your Netflix account. Under those circumstances, you should definitely contact Netflix and speak to a representative about it. But if you get an out-of-the-blue email, purportedly from Netflix, warning you about a problem you didn't even know you had — don't believe it. That message almost certainly is not from Netflix, but from a phisher.
A similar “Don't call me; I'll call you” applies to charitable giving. If you want to donate to a charity helping Nepalese earthquake victims, you should reach out to contact that charity (after first confirming it's on the WGA/BBB's accredited-charity list). However, do not respond to any emails or text messages purporting to seek donations on behalf of any such charity, and if you receive such messages, do not click on any links or download any attachments they might have. (Better yet, don't open such messages at all; just delete them immediately.)