0Shares
The scams spotted by Tessian typically attempt to collect donations intended to support Ukrainian humanitarian efforts to fight Russia’s attack. Find out how these exploits work and how to avoid them.
Cybercriminals who run phishing campaigns and similar scams sometimes use news events to capture the attention of unsuspecting victims. And if they can play on your sympathies at the same time, so much the better. A new series of phishing attacks analyzed by email security provider Tessian aim to steal cryptocurrency under the guise of asking for charitable donations to the Ukrainian cause.
In a report on Tuesday, Tessian said he discovered an increase in the number of suspicious Ukraine-related emails, spam campaigns appearing just a day after the initial invasion from Russia. At the same time, the number of new website domains containing the word “Ukraine” has increased by 210% this year compared to 2021. Of the 315 new such domains seen every day since February 24, more than 75% of them look suspicious. , according to Tessian.
The phishing emails observed by Tessian capitalize on the old donation scam tactic but use the invasion of Ukraine as a draw. As the war continues under heavy Russian attack, many humanitarian groups are seeking donations to help Ukraine, making it a region ripe for exploitation. Donation scams vary from basic emails with a short message asking for help to entire websites set up to impersonate charities such as the British Red Cross.
SEE: Cybercriminals are targeting Ukrainian sympathizers, what can you do to stay safe? (TechRepublic)
A phishing email impersonating the Australian Council for International Affairs asks for donations to Ukraine in the form of Bitcoin cryptocurrency. The message contains a Bitcoin address that you can click on and a barcode to scan. Anyone who takes the bait is encouraged to install a bitcoin payment app called Cash App. From there, the criminals behind this campaign steal the amount of cryptocurrency you donate.
Another phishing campaign sent from a new domain impersonates the Red Cross in Ukraine. The email includes a link to a website with details about the dispute and steps on how to donate cryptocurrency to help Ukraine. Clicking on the link takes you to the site with three links for different types of cryptocurrency payments – Bitcoin, Ethereum, and Tether. Again, all donations go into the pockets of scammers.
Beyond these donation scams, criminals are adopting other themes. In one notable campaign, spam emails containing links to suspicious e-commerce sites appeared a day after the initial attack. The sites sell several items, including t-shirts that say “I stand with Ukraine.” Reviewers of one particular site accuse it of running a scam, claiming that people who pay for the items do not receive any product.
How to Find Legit Donation Sources
Donating to the Ukrainian effort is certainly a worthy cause. But how do you make sure your donation is going to a legitimate source? Tessian offers some advice.
- Beware of emails asking for cryptocurrency donations. Some charities accept cryptocurrency donations. But beware of unsolicited emails asking for donations to support Ukraine’s humanitarian effort, as these are likely scams.
- Check the provenance. Before responding to a Ukrainian-themed email, check the source and header of the email to make sure the sending organization is legitimate.
- Go straight to the source. If you want to donate money to support Ukraine, it is best to go directly to the websites of specific charities. A list of these organizations from CNET can help you find the legitimate ones.
To help protect your users from tactics such as the phishing tactics described here, review this TechRepublic Premium Security Awareness and Training Policy.
Source
0Shares
