Internet users are being targeted by scams using the Indian Ocean tsunami disaster as a ploy to obtain funds illegally or to spread damaging worms.On Monday, FBI agents arrested a Pittsburgh, Pa. man and charged him with fraud for initiating a mass mailer worm that posed as an appeal for aid for tsunami victims.Matthew Schmeider, was charged in U.S. District Court for the Western District of Pennsylvania, according to court records. Schmeider accessed image files from the Mercy Relief Fund and used an HTML editing program and a Web hosting tool to put the images into an e-mail message he composed, according to the U.S. Attorney’s office. Schmeider set up an e-mail account in his own name and linked it to a PayPal account also in his name. He used a “harvesting” program to gather about 800,000 e-mail addresses and used a spam program called “Bulker” to send the e-mail through about 2000 “proxy” computers to the addresses, the U.S. Attorney’s Office said.“It’s unfortunate that unscrupulous people are exploiting the tsunami disas-ter to commit fraud,” May Beth Buchanan said in a statement. “We will aggressively pursue those who would victimize philanthropic individuals and capitalize on the grief of the tsunami survivors.”“He basically sent out a mailing to look like e-mail, but it was an account from PayPal,” said Eric Block, a spokesman for Mercy Relief Fund. “He used the graphics from our homepage. Pretty crafty.” In another tsunami-related Internet fraud, Sophos warned of a new mass mailing worm that masquerades as an appeal for tsunami aid, IDG News Service said.The worm carries the subject line “Tsunami Donation! Please help!” and the text message “Please help us with your donation and view the attachment below! We need you!” The attachment, labeled “tsunami.exe,” spreads the virus to other Internet users, Sophos said.“Duping innocent users into believing that they may be helping the tsunami disaster aid efforts shows hackers stooping to a new low,” said Graham Cluley, senior technology consultant at Sophos, said in a statement on the Sophos Website. “This gruesome insensitivity is a despicable ploy to get curious computer us-ers to run malicious code on their computers. Everyone should be wary of unsolicited email attachments, and visit the established charity websites instead if they wish to assist those suffering as a result of the disaster.” Although there have only been a small number of reports of the worm, called, W32/VBSun-A worm, Sophos recommended computer users ensure their anti-virus software is up-to-date, and that companies protect themselves with a consoli-dated solution which can defend them from the threats of both spam and viruses, IDG News Service said.Running the attached file also launches a denial-of-service (DOS) attack against German hacking site www.hacksector.de, said Sophos Chief Technology Con-sultant Graham Cluley. The site appeared to be down Monday morning when Sophos researchers tried to access it, Cluley told IDG News Service. Sophos has received a small number of reports of the worm, VBSun-A, being found in the wild. It appears to be part of a new trend in Internet hoaxes that seek to take advantage of the tsunami tragedy, Cluley said. Sophos, based in Abingdon, England, warned last week of a number of e-mail scams related to the tsunami, and similar to the seemingly ubiquitous Nigerian letter scams which seek money from their recipients. Still, 2005 has started as a relatively slow year for new Internet viruses, Cluley said. The most prevalent at the moment is Netsky.P, which was first dis-covered nine months ago, he said. David Freund, practice leader for information architecture with IT analysis company, Illuminata, said the Tsunami worm followed a typical pattern.“It exploited the weakest link in any IT chain, human beings,” he said. “The way you get a lot of people to open things up is you convince them the e-mail is from a buddy or that it matters to them.” Technology Industry