As the conflict in Ukraine continues, Alvarez Technology Group continues to monitor scam activity related to the crisis. While most people are aware of the various email scams and online fraud schemes, other types of scams are often overlooked. These campaigns exploit people’s fears and vulnerabilities related to the current situation in Ukraine.
Threat actors are constantly coming up with new ways to exploit the situation and take advantage of people’s goodwill. There’s no limit to what scammers will do to get your money. They’ll pose as family members in need, soldiers stationed overseas, or anyone else they think you’ll want to help.
Here’s how it works: The scammer contacts you and asks for money to help with their “mission” in Ukraine or Russia. They might say they need money for food, supplies, or transportation. They might even say they need money to get home. Threat actors are using current events to generate credible-looking emails, websites, and social media profiles to run their scams. They may show you fake photos or videos. They may also use real news stories as a way to add legitimacy to their claims.
This activity is not new. Scammers have been using current events to run their scams for years. However, the increase in conflict-related scams is a cause for concern. Alvarez Technology Group found several types of scams related to the Ukraine conflict. These include:
- Donation and charity scams
- Phishing emails
- Malicious websites
- Social media scams
- Investment scams
Donation and Charity Scams
Donation and charity scams are the most common types of scams related to the Ukraine conflict. In these scams, the perpetrator will contact potential victims and ask for donations to support the victims of the conflict. The scammers will often use fake or stolen identities to make their requests seem more legitimate. They may also pose as representatives of charities or other organizations.
- Be suspicious of unsolicited requests for donations.
- Do not donate to charities that you are not familiar with.
- Research the charity before you donate.
- Do not give out personal or financial information to anyone who solicits a donation from you.
Phishing emails are another common type of scam related to the Ukraine conflict. In these scams, the perpetrator will send an email that appears to be from a legitimate organization or individual. The email will often contain a link that leads to a malicious website that has been designed to trick victims into entering sensitive information.
- Be suspicious of unsolicited emails that contain links or attachments.
- Do not click on links or open attachments from unknown senders.
- If you are unsure about the legitimacy of an email, contact the organization that it claims to be from.
Malicious websites are another common type of scam related to the Ukraine conflict. In these scams, the perpetrator will create a website that looks like a legitimate website. However, the website will be designed to trick victims into entering their personal information, such as passwords or credit card numbers. The websites may also contain malware that can infect the victim’s computer.
- Be suspicious of websites that ask for personal or financial information.
- Do not enter your personal or financial information on websites that you are not familiar with.
- Make sure that the website is legitimate before you enter any information on it.
- Install an anti-malware program
Social Media Scams
In social media scams, the perpetrator will create a social media profile that looks like a legitimate person or organization. The profile will be used to friend or follow potential victims. Once the connection is made, the scammer will send messages that contain links to malicious websites or phishing emails.
- Be suspicious of social media profiles that friend or follow you.
- Do not click on links from people or organizations that you do not know.
- If you are unsure about the legitimacy of a social media profile, contact the organization that it purports to be from.
In investment scams, the threat actor will contact potential victims and offer them the opportunity to invest in a new business venture. The scammers will often use fake or stolen identities to make their requests seem more legitimate. They may also pose as representatives of legitimate businesses or organizations.
- Be suspicious of unsolicited requests for investment.
- Do not invest in businesses or organizations that you are not familiar with.
- Research the business or organization before you invest.
- Do not give out personal or financial information to anyone who solicits an investment
How Can Your Business Mitigate The Threat of Cyberattacks?
To mitigate against the increased threat of cyberattacks during the ongoing Russia/Ukraine conflict, organizations in Salinas should make sure that their employees are aware of the scamming techniques that are being used. They should also have policies and procedures in place to deal with suspicious emails and websites. In addition, organizations should consider investing in cyber security solutions, such as anti-malware software and firewalls. Everyone should also realize that threats can be external and internal. An employee can be an organization’s weak link in the real world and the online world.
While the situation in Ukraine continues to evolve, the cyber threats that individuals and organizations face are evolving with it. Individuals and organizations should remain on high alert for any attempt by cybercriminals to exploit the war. These Russia-Ukraine-related scams will not be the last that we’ll see. Malicious actors will continue to use any current global crisis to make money.
As always, Alvarez Technology Group advises users to never open emails from unknown sources, never click links and/or attachments from unknown or unsolicited sources, never donate money to unfamiliar sources, and always be suspicious of unknown sources who contact you.
While taking proper safety measures can mitigate the risk of an attack, there’s still a chance that a ransomware attack can happen. This is one of the reasons why we encourage organizations to have an incident response plan, monitor their network, and invest in reliable data protection to ensure that they can respond quickly to a threat.
For more information on how your business can mitigate the threat of cyberattacks and protect its valuable and confidential information, contact us today.