{"id":18686,"date":"2022-04-06T04:10:02","date_gmt":"2022-04-06T12:10:02","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2022\/04\/06\/news-12419\/"},"modified":"2022-04-06T04:10:02","modified_gmt":"2022-04-06T12:10:02","slug":"news-12419","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/04\/06\/news-12419\/","title":{"rendered":"Beware Ukraine-themed fundraising scams"},"content":{"rendered":"<p><strong>Credit to Author: Christopher Boyd| Date: Wed, 06 Apr 2022 11:16:07 +0000<\/strong><\/p>\n<p>Unfortunately scammers continue to focus on the invasion of Ukraine to make money. A flurry of bogus domains and scam techniques are spreading their wings. They appear to focus on donation fakeouts but there\u2019s a few other nasty surprises lying in wait too.<\/p>\n<h2>The lowest of the low<\/h2>\n<p>There are few lower tactics than fake fundraising during times of crisis. It was rife during the <a href=\"https:\/\/www.britannica.com\/event\/Japan-earthquake-and-tsunami-of-2011\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">earthquake and tsunami of 2011<\/a>, with bogus Red Cross websites and email addresses set up to part people from their money. Money that could have been life-saving was diverted into the pockets of thieves. So too does history repeat itself during the invasion.<\/p>\n<p>Reports indicate a big run on phishing and scams. According to email security firm Tessian, registrations of domains containing \u201cUkraine\u201d have <a href=\"https:\/\/www.tessian.com\/blog\/phishing-campaigns-pick-up-in-the-wake-of-the-ukraine-invasion\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">increased by 210%<\/a> compared to last year. Perhaps that\u2019s to be expected\u2014the question is how many are genuine and how many are potential rip-off efforts. Tessian&#8217;s stats suggest that three quarters are suspicious:<\/p>\n<blockquote class=\"wp-block-quote\">\n<p>An average of 315 new Ukraine themed domains have been observed per day since the 24th February. 77% of these domains appear to be suspicious based on early indicators.\u00a0<\/p>\n<\/blockquote>\n<h2>Fake it to make it<\/h2>\n<p>The tactics used match those deployed in 2011, and pretty much every other major catastrophe. Liberal use of official organisation logos and design which matches the real deal are all common. Where scams sometimes diverge from real fundraising sites is in requesting payment via cryptocurrency. There\u2019s even some QR codes thrown into the mix.<\/p>\n<p>One example given leans into the <a href=\"https:\/\/www.tessian.com\/blog\/phishing-campaigns-pick-up-in-the-wake-of-the-ukraine-invasion\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">pressure angle<\/a>, providing supposed commentary from a 16 year old. Given the horrendous scenes of devastation, this is bound to spur some folks into donating. Unfortunately it\u2019ll only be lining the pockets of scammers.<\/p>\n<p>There\u2019s also word of sites selling Ukraine-themed products, such as t-shirts and other items. While those items aren\u2019t likely to turn up, this is (potentially) less devastating than the donation sites given how much more people may be willing to send to charities.<\/p>\n<p>This is, of course, all very bad. There are things you can do to lessen the risk from awful scams such as the above.<\/p>\n<h2>Tips to avoid donating to scammers<\/h2>\n<ul>\n<li>If you receive a fundraising email out of the blue, don&#8217;t respond. Consider that reputable charity organisations won\u2019t fire missives at you unless you\u2019ve agreed to receive them. Instead, check with the organisation&#8217;s website directly\u2014without using any links in the email.<\/li>\n<li>While cryptocurrency is being used for some forms of genuine donation, it\u2019s a bear-pit out there, and this should be a red flag. Cryptocurrency scamming is rampant. As above, make your way to the official site of your chosen service and see what they\u2019re doing in terms of donating.<\/li>\n<li>A sneaky trick donation scammers use is to ask you to reply to [insert scammer\u2019s address], but also CC the mail of the target charity. This is to make it all look very genuine. They may claim the real address is overwhelmed, so you need to use the backup instead. It\u2019s not a problem for the scammer to include a genuine mail as a CC, because they\u2019re banking on the charity being so overwhelmed they won\u2019t see it anyway. By the time somebody notices, you may have already replied to the faker and sent some money.<\/li>\n<\/ul>\n<p>These tips should help you steer clear of the worst kind of scammers. Please do everything you can to ensure your donations reach those who need it the most, and leave the phishers with what they deserve: a big stack of nothing.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/scams\/2022\/04\/beware-ukraine-themed-fundraising-scams\/\">Beware Ukraine-themed fundraising scams<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/scams\/2022\/04\/beware-ukraine-themed-fundraising-scams\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Christopher Boyd| Date: Wed, 06 Apr 2022 11:16:07 +0000<\/strong><\/p>\n<p>Scammers are setting up bogus fundraising sites in an effort to divert donations from Ukraine to their own pockets.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/scams\/2022\/04\/beware-ukraine-themed-fundraising-scams\/\">Beware Ukraine-themed fundraising scams<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[11052,25606,4215,10511,3924,3985,10574,8642],"class_list":["post-18686","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-cryptocurrency","tag-donate","tag-donation","tag-phish","tag-phishing","tag-scam","tag-scams","tag-ukraine"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18686","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=18686"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18686\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=18686"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=18686"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=18686"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}