Slideshow: Tornadoes ravage Plains

/

Destroyed vehicles lie in the rubble outside the Plaza Towers Elementary school in Moore, Okla., on Tuesday.

Launch slideshow

For many, it's impossible to view the heartbreaking stories coming out of Oklahoma and not feel an overwhelming urge to do something. But following your first impulse to help could just lead to more heartbreak, as many charitable givers often fall prey to scams in the wake of national tragedies.

Authorities are warning would-be donors to think carefully before they donate, and before they click.

"There is always a high probability for con-artists or 'travelers' to pop-up in the state following a storm, pushing quick-fix repair schemes and charity scams," Oklahoma Attorney General Scott Pruitt said in a press release. He urged Oklahomans to stay alert.

Scam artists crawl out of the woodwork only hours after the first pictures of death and destruction emerge. Like clockwork, spam emails, fake Facebook pages, telemarketing phone calls — even full-fledged websites that accept credit cards — pop up, all claiming falsely that they are collecting money for victims. Virus writers also get into the act, sending around booby-trapped emails that appear to come from charities, but are designed to invade victims' computers.

Pruitt said people around the country should donate to "reputable" organizations such as the Salvation Army or Red Cross. "The first scam we typically see after devastation like this is charity fraud,” he said

Pruitt also said his department has already sent 30 investigators into the tornado-ravaged area to stop local scams, fraud and price gouging.

For a detailed list of ways to help Oklahoma victims, visit NBC News' How to Help page.

Attorneys general in several other states, from Washington to South Carolina, have also issued charity fraud warnings.

Even consumers who wouldn't normally fall for scams are at risk in the aftermath of major disasters because the overwhelming sadness of the events, and the urgency of the need, can override a giver's natural sense of skepticism. The same urgency force is at play whenever a scam artist insists that a supposedly great deal is only available for a short time.

Federal Trade Commission spokesman Frank Dorman said he didn't believe his agency had received any complaints about Oklahoma-related scams yet, but that's not unusual: victims wouldn't yet realize they'd been scammed, he said.

The agency does offer an extensive set of tips for evaluating charities.

Consumers should beware anyone who:

• Uses high-pressure tactics like trying to get you to donate immediately, without giving you time to think about it and do your research.
• Refusing to provide detailed information about its identity, mission, costs and how the donation will be used.
• Won't provide proof that a contribution is tax deductible.
• Uses a name that closely resembles that of a better-known, reputable organization.
• Thanks you for a pledge you don’t remember making.
• Asks for donations in cash or asks you to wire money.
• Offers to send a courier or overnight delivery service to collect the donation immediately.

Follow Bob Sullivan on Facebook or Twitter. 

Related content:

• National Guard: 'Words can't describe' the Okla. damage
• 'She was always happy': Families grieve tornado victim
• The latest on the aftermath of the Oklahoma tornado
• Tornado victim separated from spouse: 'The house totally disappeared'

Symantec Corp.

This pop-up screen appears to come from the FBI.

Computer users around the globe are being hit by a new kind of virus that freezes their computer and accuses them of committing heinous crimes, like distributing child porn. The threats sound real enough that victims are coughing up $200 to pay a "fine," and virus writer gangs are netting millions, security firms say.

The message that flashes across infected computer screens sounds downright scary:

"You have been viewing or distributing child porn ... violating article 202 of the Criminal Code of the United States of America," says one version, allegedly sent by the FBI. A virus victim supplied the message to NBC News.

In each case, the accusation appears on a pop-up screen while the virus simultaneously disables the computer. The message often shows the user's IP address and city, and sometimes, recent websites visited by the victim.  The most alarming version activates the victim’s webcam, takes his or her picture, and displays it on the warning.

"They are saying, 'we know who you are, where you are, and what you were doing,'" said John Harrison, a security researcher with Symantec. "They attempt to scare the heck out of you."

The victim is then offered an option: pay a fine within 72 hours, and the charges will be dropped, while the computer will be restored. 

Symantec Corp

In this version of the scam, the virus activates the victim's webcam and displays an image from it on the screen, making the warning even more unnerving

The malicious software is so cleverly crafted that it comes with 30 to 40 versions packed inside. It displays in the appropriate language for victims — English, Spanish, Russian, etc. — and invokes the local federal authorities. A U.S. victim might get a notice from the FBI's Internet Crime Complaint Center, while a Canadian victim gets one from the Royal Canadian Mounted Police.

The message is fake, of course — and even those who pay the "fine" still have a broken computer. But victims worldwide are falling for it. Harrison said for one version he tracked, roughly 3 percent of victims actually paid up. The criminals behind that virus netted $5 million, Symantec estimates.

With results like that, other virus gangs have been quick to copy the profitable formula. Symantec believes that gangs who spent the past couple of years making money tricking consumers into paying for fake antivirus software have all taken up the fake criminal charges and fine scam.

"So many of these folks have jumped on the bandwagon," Harrison said. "They have really transitioned into this."

The general technique is called ransomware — a virus disables the computer, allegedly holding it hostage until a ransom is paid — and it's not new. But the clever combination of an abrupt interruption, the localization trick, and the severity of the accusation catches many victims unaware, and they let their guard down enough to pay the fine.

There are no hard numbers on the frequency of ransomware, but there's plenty of anecdotal evidence it's on the rise. In February, Europol busted a multi-national crime ring involving a Russian programmer arrested in the United Arab Emirates, and 10 others arrested in Madrid, Spain. There were victims across 30 countries.  Authorities in Spain said 700,000 Spaniards had contacted the government asking for help after becoming infected.

The agency issued another warning about the scam on April 11.

“Fraudsters are deploying extortion techniques using Europol's identity and logo to con EU citizens out of money,” the warning says. “Variations of this con, using the identities of other international and European agencies, are also in circulation.”

It's possible the problem is even worse than security firms realize, because many victims may not be reporting the infection, Harrison said.

"If you were at work and there was a message on your screen that said you were viewing child porn, would you run to get your IT department?" he said.

Most victims pick up the virus by visiting booby-trapped web pages that surreptitiously install software on victims' machines through "drive-by” download, or by downloading free software from disreputable sites.  In fact, some variations of the virus accuse victims of violating copyright law, knowing that is likely true.

Victims shouldn't pay the fine, Harrison said, but they should know that various software tools — including free tools available at Symantec — can rid their machines of the virus.

Follow Bob Sullivan on Facebook or Twitter.