Malicious actors have historically taken advantage of global events for their gain. The war in Ukraine is no different. Cybercriminals have been using spam emails that leverage crises to lure targets into opening messages containing malware attacks, phishing schemes, and cryptocurrency scams, to name a few.
In the past, digital thieves have engineered their attacks around social events like Covid-19, the Olympics, natural disasters, etc. So, it’s not shocking that the current war between Russia and Ukraine is also being used in a global digital war.
Reeling in the Phish During War
Since the media keeps the public informed on the happenings of the war, people feel the human need to help in any way they can. From far away, that means donating to an involved cause. Unfortunately, scammers have noticed this beautiful human undertaking and use people’s kindness against them.
Cybercriminals are sending fraudulent emails asking for donations in cryptocurrency, claiming that it is the only way they can accept financial assistance.
In this way, these criminals play with people’s emotions and use fake heart-wrenching cries for help to steal.
Malicious Emails in a Time of War
In addition to scam emails, bad actors also send spam messages containing malware. One of the main reported pretexts for these messages is an urgent notice that business transactions will be canceled or postponed due to the war in Ukraine.
For example, emails showing a delayed shipment direct you to click a link for more information. These malicious links exploit your system and can give the attacker complete control.
Apparent Money Bag Scheme
Cybercriminals are also sending fraudulent messages offering once-in-a-lifetime investment opportunities. The spam messages offer their targets a false promise of an inheritance or investment to manipulate them into sending money or bank information. This is very much like the classic “Nigerian Prince” scam that most people already know about, but when there is a current crisis, you may not expect such a scam to be circulating.
Finding signs that these emails are scams is straightforward, but you have to know what to look for. For example, if the email claims to be coming from a company in Ukraine, but a quick search shows it’s not based in Ukraine – odds are it’s a scam.
Another basic tactic criminals use is email spoofing. The scammer creates a variation of a valid sender’s address because people are more likely to engage with the email if the sender appears legitimate. Be sure to check the sender’s address carefully to confirm their authenticity.
Using Encrypted Email Services for Scam Filtering
Encrypted email providers do more than code your messages.
Research shows that 14.5 billion spam emails are sent every single day, allowing scammers to exploit their targets for a daily average of $7,000.
An effective encrypted email service provider will offer a top-of-the-line spam filter to protect email users from threats. In addition, these providers have the potential to block the spread of viruses, phishing attacks, and automate the separation of emails that are safe to open from the ones that are dangerous for your system.
Name: Michael Bertini
Job Title: Consultant