Beware of Ukraine Relief Charity Scams and Phishing Messages

Beware of Ukraine Relief Charity Scams and Phishing Messages

February 25, 2022

In the wake of the recent Russian invasion of Ukraine, concerns grow about the emergency needs of the Ukrainian people. Many want to help by donating. Knowing this, cybercriminals will strike when vulnerability is high, and prey on generosity and compassion. Before donating to an unknown charity, or responding to an unsolicited email about Ukrainian relief efforts, consider the following important reminders:

Charity scams

Generous donors want to help by supporting charities that are raising funds for assistance. We certainly encourage generosity to help the people in Ukraine but caution donors to avoid questionable appeals, as recommended by the BBB Wise Giving Alliance:

  • Can the charity get to the impacted area?
  • Is the charity experienced in providing emergency relief?
  • Are you considering crowdfunding appeals?
    • Some crowdfunding sites do little to verify that the money goes where the organizer says it will so exercise caution before giving.
  • Does the appeal make exaggerated financial claims such as, “100% will be spent on relief”?

There are genuine charities engaging in relief efforts to help support the emergency needs of the Ukrainian people. Some certified relief effort organizations include, but are not limited to:

 

Phishing Messages

Sadly, cybercriminals are taking advantage of the outpouring of concern for Ukraine as a thematic lure for their malicious activities. They know that when people are emotional about a certain situation, they can be less likely to act prudently when presented with emails, SMS text messages, or advertisements involving relief efforts for Ukraine that would otherwise seem suspicious.

Criminals have developed enticing relief-related content to trick victims into clicking on malicious links and attachments. Lures are commonly found in phishing email campaigns attempting to distribute information-stealing malware or ransomware on personal computers and mobile devices.

What to watch for

Beware of fraudulent emails, texts or calls asking you for money to help support Ukraine relief efforts. Many cybercriminals will attempt to mimic certified relief effort organizations to gain access to your personal and financial information. Legitimate charities will not reach out to you directly to ask you to donate.

 

Do not let your guard down

  • Beware of requests for personal information
    • If you receive a message from what appears to be a valid charity or relief organization, that requests for you to provide personal information or banking information of any kind, do not reply to the email. Report the email immediately to security@ubc.ca.

 

  • Avoid opening emails when your attention is divided
    • If you are in a meeting and simultaneously trying to keep up with emails, you could accidentally open a message or click on a malicious link that you otherwise would have avoided. Wait until your meeting is over when you can review the email with your full attention and respond accordingly.

 

  • Do not click or tap on any links in emails while on your phone
    • Many faculty and staff choose to have their FASmail messages available to read on their phone. While this is a convenient option, some messages are not fully displayed on mobile devices, meaning clues that would normally alert you to the suspicious nature of a message may be hidden.

 

Take immediate action if you accidentally fall for a phishing email

If you respond to a phishing email with your password, change it immediately and notify the UBC Cybersecurity team at security@ubc.ca so they can work with you to protect your account.

 

 

Go even further...

For a much more in-depth look at how to avoid becoming a victim of fraudulent schemes and phishing attacks please see the following information:

BACK TO NEWS