Scammers Imitate Ukrainian Government By Appealing For Donations To Help In The War Against Russia
Within just a couple of days of the Russian invasion of Ukraine, a number of Ukrainian nongovernmental organizations and volunteer groups successfully raised more than $5 million in cryptocurrency donations.
This led to the Ukrainian government taking to Twitter to launch their own appeal to help in the fight against the Russian military.
As of March 2nd, it has been widely reported that they had already raised $52 million, covered in this article by Forbes.
This immediately inspired cybercriminals to run similar email campaigns impersonating various well-known humanitarian organizations such as The United Nations and The Red Cross, employing emotionally manipulative tactics.
This past week, Mesh has intercepted several thousand of these scam emails - below we highlight 4 examples.
In this example, the attacker uses a display name “United Nations Ukraine” with the subject line “Humanitarian AID & Military Support for Ukraine War Victims”. The provide a Bitcoin address along with the line “donate to Ukraine’s main charity fund bitcoin address”.
Similarly, this example uses the colors of the Ukrainian flag as its background with another request for Bitcoin, purporting to come from the “Ukraine Red Cross”.
Here we see a slightly different approach to the scam. The display name is “Ukraine Embassy” and the sending domain is registered in Morocco, while the reply-to address is a Gmail account. They request donations in multiple cryptocurrencies - Bitcoin, Ethereum, and Tether.
Finally, in this case, the scam contains a lot more information than in the other examples and therefore, is potentially more convincing. It makes references to both a children’s’ clinic and an orphanage as being the recipients of the donations. It provides a name, job title, email address, and mentions LinkedIn in an attempt to create authenticity. Again, the request is for payment in Bitcoin.
4 Simple Ways In Which You Can Help Your Clients
Due to the deteriorating situation in Ukraine and escalating tensions between Russia and the rest of the world, it is highly likely we will see a further increase in the scale and volume of cyber attacks in the coming weeks and months.
Your clients will look to you for guidance.
1 - Engage
Remind them to remain vigilant at all times when opening emails, especially when they are unexpected or are contain appeals for donations.
2 - Reassure
You are there to help. If they are unsure about the legitimacy of an email, encourage them to contact your team for assistance. It is always better to be safe than sorry.
3 - Advise
If they are going to make donations, to only do so via the proper channels.
Pay extra attention and care to the URLs and domains - ensure that they are genuine.
Here are 3 such examples:
UNICEF - https://www.unicef.org/ukraine/en
Red Cross - https://www.icrc.org/en/donate/ukraine
Global Giving - https://www.globalgiving.org/projects/ukraine-crisis-relief-fund/
4 - Assess
Now is the right time for you to discuss cybersecurity with your clients. Do they have adequate protections in place? What security gaps can be identified? Have employees received specific training relating to email threats?
For more information on how Mesh can help protect your clients against new and emerging threats, contact us today for a demo or a free trial.