There are no lines too red for crooks to cross as cybercriminals steal donations meant for a country at war.
The scamming business is as agile as it gets. Several weeks have passed since Russia invaded Ukraine, and scammers have already set up phishing websites to steal donations meant for the attacked country.
According to researchers at McAfee Labs, unidentified crooks launched a crypto donation scam, a type of fraud where threat actors set up phishing websites and emails that contain cryptocurrency wallets asking for donations.
Researchers discovered a phishing site, ‘Ukrainehelp.world,’ asking for donations for UNICEF. The request is titled ‘Donate to protect children in Ukraine.’ The website is decorated with a BBC logo, followed by several crypto wallet addresses to create a sense of trustworthiness.
A further investigation revealed that the final wallet in which the funds eventually end up has 313 Ethereum (ETH) coins worth over $850,000. The phishing website states that ‘donations’ amount to $114,000. In any case, hundreds of thousands of dollars meant for Ukrainian children ended up in the pockets of crooks.
Another crypto scam site discovered by researchers, ‘Ukrainethereum.com,’ is set up with more attention to detail. There’s a fake chat box and a fake donation verifier.
The researchers have also observed phishing emails floating around with requests for donations to bitcoin wallet addresses that belong to scammers.
Other phishing emails and websites ask victims to enter their credit card data. Once entered, the information is sent to crooks that either sell it on the dark web or use it for their own nefarious purposes.
Researchers advise users always to check the domain from where the emails were sent since attackers try to masquerade it. Before transferring any funds, a thorough web search of any crypto wallet address is also a must. If there are few or no results on the crypto wallet, it’d be best not to trust it.
Grammar errors, and suspicious logos, are also major red flags in an email requesting donations. The same goes for phishing websites, as they often have slight alterations to original and well-known website names.
More from Cybernews:
In the metaverse, the attack surface expands to your brain – interview
Stress prompts employees to break cybersecurity policies
Viasat cyberattack linked to Russian state-sponsored hackers
As tech giants decide to remain in Russia, their employees get eager to protest
Hive ransom gang hacks major US health group
Subscribe to our newsletter
