Categories
Cyber Security Data Protection

Ukraine Charity Phishing Scams Are Hitting Employee Inboxes

In times of trouble, it’s heart-warming to see people band together to help other people who are suffering, a welcome reminder that there’s more good in this world than we may sometimes think. But for every group of people trying to make a difference by doing good deeds, there’s another group of people doing bad deeds, and the only thing they want to make a difference in is your wallet – and if they can perpetrate some profitable cybercrime at the same time, they won’t hesitate to capitalise on the opportunity, which has resulted in a host of fresh Ukraine charity phishing scams.

It’s unfortunate that tragedies like Russia’s invasion of Ukraine can lead to increase in cybercrime like phishing, but it is the sad truth. Scammers started working on fleecing sympathetic people right away, just like they do whenever there’s a crisis. Russian cybercriminals got right to work too.

Phishing attacks from Russia-based sources have boomed, increasing eight-fold since their attack on Ukraine began. Suspected Russian threat actors also used a stolen legitimate Ukrainian military email address to phish EU personnel working on the scene in Ukraine. Bad actors know that tumultuous times are golden opportunities for social engineering with loads of victims ripe for the picking. With people already unsettled, the bad guys just have to push a little bit to put their victims where they want them.

This was evident from the start of the COVID-19 pandemic, as COVID-19 themed phishing scams bombarded inboxes using fake COVID-19 tracking maps, spoofed government notices, bogus company policy updates and other scams to phish for credentials and spread malware like ransomware. Another major wave of scams hit with the Omicron variant, with email phishing abounding using even more ghoulish lues like spurious layoff or termination announcements, malicious exposure notices and even false information about funeral expense assistance.

Now the bad guys are back at it, and a Ukraine charity phishing scam is sure to be popping up in an inbox near you soon. Make no mistake – scams like these are just as much of a risk to businesses as they are to consumers. With the lines between work and personal devices becoming more invisible every day, chances are high that employees are using work devices for personal business like charitable donations. Plus, with millions around the world still working from home, cybercriminals will be quick to exploit the fact that remote workers are more susceptible to phishing than office workers. Altogether, this is the perfect opportunity for cybercriminals to do a little phishing.

Please don’t let the fact that there are bad actors exploiting this tragedy put you off from helping the millions of Ukrainian victims of Russian aggression. The US Federal Trade Commission (FTC) has guidance available for spotting fake charities.


Fake Email & Website Phishing

There are a host of scams in action doing some old-fashioned email phishing, clever spoofing and malware distribution that are risky for both individuals and businesses. Here are a few Ukraine charity phishing scams to be on the lookout for to avoid ending up on their hooks.

  • Approach emails asking for help for very specific population segments or causes, like orphaned children or homeless pets with extreme caution. While most are generic (everyone wants to help kittens and kids), some of these are tailored spear-phishing efforts. It’s not hard for bad actors to find out what their target is interested in from their social media accounts to up the chance that they’ll successfully snatch the recipient’s credentials.
  • Of course, beware of malicious attachments purporting to share things like war photos, maps, and in one scam, information about companies that are still doing business in Russia. Of course, the only thing these attachments have to offer is malware including ransomware.
  • Be on the alert for sophisticated emails loaded with legitimate-looking formatting like the Ukrainian flag and fancy logos that are supposedly from humanitarian organizations including fake UNICEF and UNHCR abound.
  • Analysts warn of a scheme that uses a Microsoft sign-in theme. In the bogus email, users are warned that there have been unauthorized log in attempts on the recipient’s account, and the location of those attempts was listed as “Russia/Moscow”. The user is urged to update their login info, giving the bad guys their credentials.
  • Another Ukraine email phishing scam discovered in the wild targets organizations in the manufacturing sector for malware using a .zip attachment named “REQ Supplier Survey”. The attackers ask recipients to fill out a survey concerning their backup plans in response to the war in Ukraine. When the target proceeds to open the attached survey, the malicious payload is downloaded and deployed from a Discord link immediately. This attack aims to infect recipients with two well-known remote access Trojans – Agent Tesla and Remcos.
  • Fake charity websites are popping up, too. MSN reported that researchers had discovered a handful of sites decked out in trappings like Ukraine’s colours and war or refugee images that solicit donations but are actually scams. Sites like these often host ransomware.
Categories
Data Protection

How can you lose Microsoft 365 data? tip 1

How to lose Microsoft 365 data, tip 1: accidentally delete your files, it happens all the time! We can help #MSnetUk https://datto-content.amp.vg/web/c5116e7wtrcs8

Categories
Data Protection

Oops. What happened to my 365 data?

Oops you just deleted your #Office365 data…now what? #saas #backup We can help #MSnetUk https://datto-content.amp.vg/web/bo9ctcu987k9h

Categories
Data Protection

Microsoft 365 – Is your data safe?

Think Microsoft 365 back up your data? Think again! Learn why you need business continuity. We can help #MSnetUk https://datto-content.amp.vg/web/plf0t5u14xnl

Categories
Data Protection Microsoft

How can you lose Microsoft 365 data? tip 4

Microsoft 365 may host your data in the cloud, but how do they back it up? We can help #MSnetUk https://datto-content.amp.vg/web/0nq6vl70j39q

Categories
Data Protection

Is your business data is in danger?

If your business is hit by a #disaster, you need to recover quickly! Find out how MSnet can help! https://datto-content.amp.vg/web/bg9wimtm48ljm We can help #MSnetUk

Categories
Data Protection

How can you lose Microsoft 365 data? tip 3

How to lose Microsoft 365 data? tip 3: make an employee angry…really really angry.We can help #MSnetUk https://datto-content.amp.vg/web/yc8v57yi7o6s

Categories
Data Protection

Is your business prepared? – Disaster Recovery campaign

Power outage or system failure? These can be hugely damaging to your business. Make sure you’re taking the right steps. We can help #MSnetUk https://datto-content.amp.vg/web/zdrpe03boksk

Categories
Data Protection

Oops. What happened to my 365 data?

Oops you just deleted your #Office365 data…now what? #saas #backup We can help #MSnetUk

http://datto-content.amp.vg/web/cpw93k4zm47a5

Categories
Data Protection

Can your business afford downtime?

Disasters can take place in any shape or form, it’s not always the obvious. Discover the other threats to your business: http://datto-content.amp.vg/web/cuw13k4ftrytv

We can help #MSnetUk