Want to Help the Humanitarian Effort in the Ukraine? Go Ahead, but Watch out for These Traps.
The armed conflict in the Ukraine has sparked a humanitarian crisis like Europe hasn’t seen in decades. Millions of people have been forced to leave their homes and wander into the unknown, looking for safety. Often, they did it with just the clothes on their back, and family members left behind.
So far, the international response has been staggering, attracting supplies, money and volunteers from all over the world, but the situation is quickly deteriorating.
That’s why even a small gesture can make a big difference to the people displaced by war. However, in the current emotional environment, many unscrupulous individuals are looking to divert your money and attention. Watch out for hidden traps like:
Crooks heavily rely on charity scams during crises like wars and pandemics. This type of fraud consists of people impersonating legitimate fundraisers and asking for money to help the needy, only to keep it for themselves.
Right now, thousands of honest, hard-working volunteers and non-profit organizations are collecting money and supplies for the refugees. They’re organizing on Facebook, Twitter, WhatsApp and other platforms. However, many fake entities are looking to tap your wallet. Filtering them out isn’t easy - it relies greatly on your power of observation.
- Is the person or organization you’re giving money to trustworthy?
- Can you find more information about them online?
- Does the community trust them?
- Are they open to questions?
- Are they transparent with the funds they receive?
- Do they ask for PayPal or gift certificates?
- Do they ask for your credit card information?
- Did you find them, or did they reach out to you?
Journalist and security experts have recently discovered a “Help Ukraine” crypto scam in which people are contacted over social media, via e-mail, or on forums, and asked to make a crypto donation to the Ukrainian government, the United Nations, UNICEF or other organizations helping the refugees.
The problem is the messages come from fraudulent domains that have no affiliation with those organizations. The fact that most of the messages invoke powerful emotions and that the Ukrainian government did actually ask for crypto donations on Twitter doesn’t help winnow out the frauds, but you can still look for red flags:
- Scammers use domains that closely resemble legitimate organizations. Always double-check the email sender or the link you want to click.
- Don’t make donations, in crypto or money, using links you receive via message or email
- Most charitable organizations don’t ask for crypto and don’t reach out
- A reputable organization won’t contact you directly via email or messenger unless you have collaborated with them already, and they have your contact details. On the other hand, scammers and criminals will try their luck with almost any information they find
Personal information being leaked
When human lives are at stake, guarding personal information often isn’t the highest priority. But keeping personal information safe might in turn save lives, as cyberwar is as dangerous as actual war.
As refugees and volunteers coordinate to move people over the border and deliver supplies, Google docs lists containing full names, addresses, phone numbers and email addresses have become common.
However, these lists are publicly available to virtually anyone, friend or foe. If they fall into the wrong hands, they can be used to carry out scams and, even worse, to identify and persecute civilians.
For example, in January, a state actor is thought to have breached a data base of the Committee of the Red Cross (ICRC) to steal the personal information of over 500,000 vulnerable people from the “Restoring family links” program.
What to do:
- Don’t share personal identification numbers or financial information publicly
- Think twice before sharing access to documents containing vulnerable data
- Password-protect databases, or restrict access
- Shared documents are great but try keeping them accessible only to your group/organization
- Don’t share more personal information than needed with anyone
Phishing for intel and remote access
As the war unfolded and people started leaving their homes, they also became easy targets for cyberattacks and malicious groups targeting them to gain data or disseminate false information. For example, a threat actor linked to Belarus was identified carrying out a phishing campaign against refugees, military personnel and European government personnel involved in managing the outflow of refugees from Ukraine. The goal: to gain intel on logistic capabilities and access to official accounts.
Similarly, Bitdefender researchers have identified active phishing campaigns, disguised as a surveys related to the Ukraine war, that aim to infect computers with remote-access Trojans.
What you can do:
- Be wary of any email, message or phone call you get about the conflict in the Ukraine
- Don’t tap suspicious links
- Avoid downloading suspicious mail attachments
- Don’t react impulsively to messages urging you to take immediate action
- Be suspicious of people you just met online who are asking for lots of personal information
Misinformation and disinformation
The actual war is doubled by an information war, and one of the easiest ways to fall victim is fake news. “There is no war in the Ukraine,” “The Ukraine is attacking itself,” and “Those refugees are actors”are popular narrative lines pushed by bots, trolls and instigators. Similarly, a video claiming a Ukrainian pilot shot down a Russian plane gained more than 1 million views, although it was a short clip taken from the video game Arma 3.
With thousands of conflicting messages, images and videos circulating on social media and on the news every day, it’s easy to feel confused and overwhelmed. However, it’s crucial to keep a firm grip on reality and stop fake news in its tracks.
What you can do:
- Double check that your information comes from reliable sources. Just because a friend on Facebook or a random website says something is true doesn’t mean it really is.
- Don’t spread fake news. Before sharing a revolting article or clip with your friends and family, take a second to check whether it’s true or not.
- Take a break. Many times, it feels like you have a moral obligation to be connected 24/7 to everything happening around us. Although staying informed is vital, it’s equally important to take breaks and clear your mind. You can’t help anyone if you’re overwhelmed by information.
For more tips, please check our dedicated cybersecurity guide in armed conflict zones.
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns
January 19, 2023
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
November 29, 2022
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022