The news of Russian forces invading Ukraine has made headlines across the globe. As tens of thousands of frightened Ukrainians are fleeing for their lives, online scammers are attempting to ruthlessly cash in on the increasing number of citizens who seek refuge and asylum in neighboring countries. Less than 24 hours after the conflict escalated, Bitdefender Antispam Lab has seen the first signs of cybercriminals exploiting the ongoing crisis.
On the evening of Feb. 24, thousands of scam emails requesting “Urgent Relocation from Ukraine” have reached inboxes across Europe, Asia and the US.
According to our internal telemetry, 91% of the scam emails were sent from IP addresses in the Netherlands. Distribution-wise, 61% were directed to South Korea, 10% to Ireland, 6% to the US, 5% in Denmark, 5% in Sweden, and a limited number in the UK, Germany, Japan and India.
The message appears to be sent from a woman living in Lviv, a city in western Ukraine, who wants your advice on where she could relocate.
What happens if you respond to this email?
Although the initial email does not ask recipients to wire money or provide anything other than “advice”, the scammers behind this heartless attack will undoubtedly play with your emotions and ask you to send money that will allow them to secure safe passage from the country.
Therefore, instead of actually helping a Ukrainian citizen, you’re making a greedy scammer rich.
Catastrophic events that capture public interest or produce a strong emotional reaction are a bit part of a scammers’ agenda. Amid the Russian invasion, the digital community and world governments are preparing to provide humanitarian aid to Ukraine and its citizens, many of which have expressed their support online and on hundreds of social media groups set up within hours of the conflict.
So, it comes as no surprise that scammers and cybercriminals are impersonating Ukrainian citizens who seek refuge from the war.
Two years into the pandemic, we have learned that there is no limit to how low threat actors will go to defraud and harm us. Cybercriminals may use the war in Ukraine to deploy various attacks on individuals via scam tweets and spam emails that ask for donations or financial assistance, and even deploy malspam campaigns on unsuspecting users. There is no moral fiber when it comes to unlawful financial gain, and we advise our fellow cyber citizens to be wary of any unsolicited emails that leverage the war in Ukraine.
We urge all those who wish to provide any assistance to Ukrainian citizens to seek out local or official organizations that can truly help people affected by the crisis.