Ukraine scammers are expanding their campaign repertoire. Bitdefender's Antispam Lab monitors new scam mail campaigns related to the Ukraine war. Donation fraud with fake emails from aid organizations, welfare organizations, fake websites, fraudulent crowdfunding.
Since the outbreak of the war, Bitdefender Anti Spam Lab's filters have been finding e-mails that seek to exploit the willingness of the general public to help. And the trend is rising: spam mails on the back of the tragedy are becoming more, more sophisticated and cynically better and better tailored to the target group, as the following examples show.
Calls for crypto donations
In a campaign, the authors are asking for donations to crypto wallets. The first two paragraphs of the letter are a copy of a February 25 Fortune.com report. Only in the last paragraph with the call for crypto donations does it become clear that the writers are by no means native speakers and apparently misuse the reporting for their own purposes. The key indicator, in addition to the very poor English, is the promise of a later reward.
86 percent of these fraudulent messages were sent from Lithuanian IP addresses. 40% of recipient mailboxes are located in South Korea, followed by the Czech Republic (16%), Germany (7%), the US and UK (5% each), India (4%), and Romania and Italy (2% each).
Fraud on behalf of known charities
These scammers pretend to be The Courage Fund Foundation, a Singapore-based charity founded in 2003. Those willing to donate should send their donations to a Gmail address. No matter what further intentions the authors have: It is not advisable to make such contact.
Half of the country IP addresses are from South Africa, reaching potential donors in the United States (33%), the United Kingdom (33%) and Germany (24%).
Cloned websites are asking for donations
Fake crowdfunding for Ukraine asking for crypto donation (Image: Bitdefender).
Online scammers use United Help Ukraine organization layout. Anyone who clicks on the "Donate Now" donation button ends up on a replica of the aid organization's website. Here again, donations in crypto money are asked for.
Fake crowdfunding for Ukraine
Other e-mails refer to a supposed crowdfunding organization - and that too in German. The website is well made, but already blocked by the Bitdefender security spam filters. The donation form is also professionally designed and collects additional information. The request for crypto money should also be a caution here.
The e-mails come from the USA and Japan. Despite the different versions in English, German, French and Spanish, 40 percent of the mails ended up in Belarus, 19% in Japan, 15% in South Korea, 5% in the USA, 4% in Austria, 3% in Germany and 2% in the UK .
More at Bitdefender.com
About Bitdefender Bitdefender is a leading global provider of cybersecurity solutions and antivirus software, protecting over 500 million systems in more than 150 countries. Since it was founded in 2001, the company's innovations have consistently ensured excellent security products and intelligent protection for devices, networks and cloud services for private customers and companies. As the supplier of choice, Bitdefender technology is found in 38 percent of security solutions deployed around the world and is trusted and recognized by industry experts, manufacturers and customers alike. www.bitdefender.de