Hackers are taking advantage of Ukraine war with charity scams

Hackers are taking advantage of Ukraine war with charity scams


It’s unfortunate and heartbreaking to see what’s happening with Russia’s invasion of Ukraine. People around the world have come together to show support by fundraising and spreading awareness. Although there is a large group of people who want to make a difference, there are unfortunately a handful of people who are deceitful and will take your donations and make a run for it- and if they can get into your systems and ask for ransom, they won’t miss that opportunity!

Since the invasion, there has been a host of Ukraine charity phishing schemes. You may have seen emails with the subject: “Ukraine needs your support” or “It’s time to take action!”. Hackers started working on sending emails to target individuals’ sympathetic nature. Cybercriminals have found this crisis the perfect opportunity to conduct phishing scams and you need to be prepared. Make sure your business is equipped with cybersecurity tools so that these scams don’t reach your inbox. One security tool your business should STRONGLY consider is email filtering. Email filtering evaluates incoming messages to detect emails that could be considered suspicious, unsecure, dangerous, or bogus. It prevents these emails from reaching your inbox and filters them out. You can then review these emails and if they are legitimate, you can approve and open them. But the filter does the heavy lifting of sorting out malicious messages before you or your team can click on a link or provide confidential information.

That said, even with email filtering, a malicious message will occasionally get through. Here are some tips you should use before opening any email and clicking on attachments or links. First, double check the sender’s email address. Phishing emails tend to have spelling errors or a long email address that doesn’t match the sender’s name. This is one indication that the email is infected. Second, check the greeting. If your bank is emailing you, but the message says “Dear Customer” that’s likely a dead giveaway – the bank already knows your name. Third, if an email contains a link to a website, try to navigate to that site directly, even if the message looks legitimate. The URL in the email may be bogus and could take you to a page that downloads a virus or foothold on your computer, or to a page where all your information and keystrokes are being tracked. Fourth, you should always read through the email to see if there are any spelling or grammar mistakes since many of these attacks come from nations where English is not the native language. And finally, consider a cybersecurity training program for you and your staff. There are lots of inexpensive options out there, and a little bit of training around security can go a long way.

When you know what to look for, you’re much less likely to get caught by phishing scams. Keep your business safe by being aware of the current phishing trends. Regular, employee security awareness training will improve phishing awareness and will prevent your business being a victim of a cyber-attack. Connectability offers a security training stimulation for businesses and their employees. Give us a call us at (416) 966-3306 to learn more about our training program.