Cryptocurrency scams pose as Ukraine aid organizations

Cybersecurity threat actors have used the Russian invasion of Ukraine to target phishing victims, according to a new report.

The February 2022 Top Attack Vector Report from Expel identified the trend, noting that phishing was the largest attack vector observed during the month. Of the incidents investigated by the research team, 57% were the effect of phishing.

The report found threat actors posing as legitimate Ukraine aid organizations. In one examined case, a threat actor posed as a children's hospital director asking for assistance for staff and patients. The report found the following common phrases in the subject lines of these cryptocurrency scam emails:

“Help - Bitcoin”
“Payment from your account”
“Help save children in ukraine”
“Crypto - Account”
“Ukraine Donations”

There are ways to ensure that cryptocurrency donations meant for Ukraine aid are sent to the correct wallet, according to Jon Hencinski, Director of Global Operations at Expel. "It's horrible that bad actors are trying to take advantage of the crisis in Ukraine for personal gain. We want people to be aware of these scams at play so those thinking of donating can verify their donations are going to a legitimate place to help those in need," he said.

"If you're thinking about donating crypto, double-check the public wallet address and transaction history before hitting 'send.' You can review transaction history of a public wallet address using block chain explorer sites like blockchain.com and Polkascan."

Users and organizations looking to donate can also check the Ukraine government's verified Twitter account, where the information for multiple cryptocurrency wallets has been shared, according to Hencinski.

For more ways to deter phishing attacks, read the full report.

Madeline Lauver is the Editor in Chief of Security magazine. Lauver joined Security in 2021 as its Assistant Editor, and she covers news affecting enterprise security leaders, including physical security, cybersecurity, leadership and management, risk and resilience and more. Within her role at Security, Lauver focuses on news articles, web exclusives, features and several departments for Security’s monthly digital edition, as well as managing social media and multimedia content. Lauver graduated in 2019 with a B.A. in English, German and Media Studies from Kalamazoo College.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.