The current geopolitical climate is driving ordinary cybercriminals to devise new ways to seek victims. The unrest only gives them another pretext to dangle in front of the unwary.
That’s happening right now. Avast warns that criminals have begun to exploit people’s sympathies for those in Ukraine. “As cybercriminals seek to take advantage of the chaos,” the company writes in its blog, “we have tracked in the last 48 hours a number of scammers who are tricking people out of money by pretending they are Ukrainians in desperate need of financial help. We have seen similar scams in the past for people stuck while traveling or looking for love. Unfortunately, these attackers do not operate ethically and will use any opportunity to get money out of people willing to help others in need. What’s suspicious is the immediate mention of Bitcoin, as well as the usernames that consist only of letters and numbers.”
Other criminals are hawking “UkraineTokens.” In this scam, the crooks are combining sympathy with fashion. It’s easy to imagine the marks thinking, well, we’d like to help, and didn’t we see ads for tokens or something on TV? Maybe that’s how things are done nowadays. The UkraineToken scam is relatively easy to see through since it’s marked with poor grammar and loose idiomatic control that usually distinguishes fraudulent pitches.
This kind of social engineering hasn’t been confined to any one channel, Avast points out. “There have also been reports of similar scams spreading on TikTok and other social media sites. In general, we strongly advise not to send any money to unknown people directly, especially in any form of cryptocurrency, as it is virtually impossible to deduce if it is a person in need or a scammer.”
If you’re moved to help, Avast advises doing so through well-known, credible, trusted organizations, and doing so through those organizations’ official websites, not through links shared in social media.
Are you concerned about keeping your data safe?
Do a full assessment of your cybersecurity posture and capability, review your cyber insurance coverage, ensure your vendors are secure, and firm up your incident response plan. Regardless of the disruptions taking place in the world, these are the most prudent and impactful actions your organization can take.
Information in this article was provided by our partners at KnowBe4.