Friday, December 6, 2024

Beware of Charity Scams Exploiting War In Ukraine

Times of crisis may bring out the best in you, but they also have a way of bringing out the worst in scammers. They, too, follow the headlines and will go into overdrive in their attempts to part people from their money. We’ve seen this time and again during the COVID-19 pandemic, and just a few days into it the war in Ukraine is no different.

If the crisis has you worried and you’re looking to support humanitarian work on the ground through a donation, make sure your money goes to the right cause.

ESET researchers have spotted a bevy of websites that solicit money under the guise of charitable purposes. They tend to riff on a similar theme, making emotional but nonetheless fake appeals for solidarity with the people of Ukraine or urging the public to help fund the country’s defense efforts.

Samples Of Scam Websites

Scam Website
Scam Website

The websites make very vague claims about how the ‘aid’ will be used. It should also be obvious – upon closer inspection, anyway – that none of them represents a legitimate organization.

Some domains to be wary of include:

  • help-for-ukraine[.]eu
  • tokenukraine[.]com
  • supportukraine[.]today
  • ukrainecharity[.]gives
  • ukrainesolidarity[.]org
  • ukraine-solidarity[.]com
  • saveukraine[.]today

Found a suspicious domain? Submit it to us for further analysis.

Also, stay alert for emotional pleas for help that may land in your email. A Reddit user has shared one such fake tug at the heartstrings (see below). Other similar ploys that aim to get the victims to cough up some Bitcoin are floating around on Twitter and other social media. Generally speaking, in the age of common account takeovers and ongoing cyberattacks against Ukrainian targets, it may be difficult to verify ‘solely digital’ information. While social media sites often play a major role in getting the word out about a charitable cause in a time of crisis, they are also fertile ground for fraud.

How to avoid charity fraud

If you’re looking to pour out support through a donation, here’re a few tips for how to do it safely:

  • Check carefully before giving – you’re best off sticking to well-known organizations that have a history of work in the field and have some presence or partners in Ukraine.
  • Donate your money via the organization’s website or approach the charity directly for guidance.
  • Be wary of requests to wire money or send gift cards. Charities don’t normally request this kind of ‘donation’.
  • Avoid clicking on links or downloading attachments in unsolicited emails or social media messages, particularly from unknown sources and those that add to the sense of alarm. They may attempt to lure you into unwittingly downloading malware onto your device.
  • In fact, be wary of messages even from trusted sources unless you verify that the message is authentic. To do this, contact said source by other means than the one by which you received it, e.g., by phone if you got it by email, etc.
  • Be skeptical of social media posts that promote a charity unless you verify that the organization is legitimate. The friend recommending it may not have done their research and the number of likes for a social media post doesn’t say much about its legitimacy, either.
  • Don’t give in to undue pressure – fraudsters will attempt to use the urgency of the situation to rush you into donating.
Recommended:  WP-UserOnline Stored Cross-Site Scripting (XSS) PoC - 2.87.6 <=

Legitimate ways to support the efforts in Ukraine

Here’s a non-exhaustive list of major international organizations that provide emergency assistance in Ukraine:

As the crisis remains front-page news all over the world, scammers will continue to look for ways to exploit the misery of the people affected by the war for their own gain. Perhaps the worst thing is that falling for a charity scam doesn’t just affect you – it also means the intended recipients are losing out on the assistance, which makes this sort of fraud all the more deplorable.

You may also enjoy reading, Q4/21: Sees More DDoS Attacks Than Ever Before

Got to Cybersecurity News

Go to Homepage

Go to Cybersecurity Academy

Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for RiSec Weekly Cybersecurity Newsletter Today

Remember, CyberSecurity Starts With You!

  • Globally, 30,000 websites are hacked daily.
  • 64% of companies worldwide have experienced at least one form of a cyber attack.
  • There were 20M breached records in March 2021.
  • In 2020, ransomware cases grew by 150%.
  • Email is responsible for around 94% of all malware.
  • Every 39 seconds, there is a new attack somewhere on the web.
  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
Bookmark
Please login to bookmarkClose
Share the word, let's increase Cybersecurity Awareness as we know it
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

Steven Black (n0tst3)
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK. I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated... I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK. I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

more infosec reads

Subscribe for weekly updates

explore

more

security