Threat actors impersonate Russian dissidents and ask for financial assistance both for themselves and Ukraine.
Criminals are applying the Nigerian Prince scam to drain victims’ wallets. They pose as Russian opposition leader Alexei Navalny and impersonate other dissidents, too.
Alexei is allegedly asking for help withdrawing money from a Turkish bank account. According to the email, 25% of the money will go to the email recipient; 75% will help displaced Ukrainians.
This March, cybersecurity company Avanan found this new twist on a classic scam. Essentially, a scammer claims to be in a position of influence or notoriety and needs to get a large sum of money out of their country. If you help them, you’ll get a large piece of the pie.
Scammers organize mass phishing campaigns. To get into the victim’s inbox, they send emails to a legitimate address based out of Shanghai. Doing so satisfies minimal requirements for SMTP, improving the chance of acceptance by all recipients. The rest of the emails are BCC’d.
“Like all social engineering scams, the malicious party will continue to email until they get what they want. In this case, that could be a number of things. Likely, they will continue to work their funnel, continuing to act authoritatively. At the end of the rope, there will likely be instructions with wiring information, a Bitcoin address, or some form of payment that–once sent–cannot be revoked,” Avanan explained.
They do not include any malicious links in the email, banking on the fact that the recipient will respond.
According to Avanan, Nigerian Prince Scams still fool users despite their ubiquitousness.
“The hope of this particular attack is that the appeal to help Ukrainians will move users to act.”
The Nigerian Prince scam remains a popular one, garnering over $700,000 a year.
More from Cybernews:
Subscribe to our newsletter