Ukraine Donation Scams are Rampant

Posted in Announcements

Mar 10,2022

woman at laptop giving online

“We expect the variety of phishing and malware campaigns, as well as the volume of messages sent daily, to increase steadily, and the attackers to adapt their persuasion methods accordingly.”

Adrian Miron, BitDefender

Ukraine and charities supporting the nation have turned to soliciting cryptocurrency donations during Russia’s invasion of the country. Within a week of launching wallets to receive donations directly, the Ukrainian government raised more than $50 million worth of cryptocurrency.

Sadly, this also means that this type of fundraising has also introduced opportunities for cybercriminals to scam good-intentioned donors.  Tom Robinson, a cryptocurrency compliance expert, has seen more than a dozen scams on Twitter where users pose as verified organizations to solicit donations to a specific crypto address. “It’s a very common type of crypto scam that has been repurposed to exploit Ukraine fundraising,” he said.

Telegram, a known hunting ground for cryptocurrency scammers, saw an uptick in accounts themed around Ukraine right before and after Russia invaded the country. Scammers were quick to take advantage.

Fraud experts say the scams fall into three buckets:

  • Users pretending to be in need of donations
  • Users pretending to be companies collecting donations
  • Offers to help others create fake donation websites

Multiple firms have noticed an uptick in email scams where hackers pose as legit charities to solicit cash or bitcoin. Organizations scammers have impersonated include Act for Peace, UNICEF, the Ukraine Red Cross Society, and Ukraine Crisis Relief Fund.[1]

Have Compassion, Do Your Part — But Be Cyber Smart

  • Experts say that the best way to prevent scams is vigilance by donors and companies to only trust verified organizations. Recovering stolen cryptocurrency is also much more difficult than money sent from a traditional financial institution, adding additional risks to donors sending cryptocurrency.
  • “The more sophisticated the tactics that these legitimate groups use to try and fundraise, the more attack vectors open up,” said cryptocurrency expert, Tom Robinson. “I think if the fundraising is just kept straightforward and simple, then that would minimize the potential for fraud.”
  • Robinson says he’s watching for potential scams around a Ukraine NFT –  the non-fungible token that has been a popular target for cybercrime.

More information on avoiding Ukraine charity scams:

FTC.gov

Malwarebytes Labs

Tom’s Guide

[1] Riley, Tonya. Mar 3, 2022. “Cybercriminals are posing as Ukraine fundraisers to steal cryptocurrency”. Retrieved from cyberscoop.com. https://www.cyberscoop.com/cybercriminals-are-posing-as-ukraine-fundraisers-to-steal-cryptocurrency/