Cybercriminals pose as war charities to solicit donations

  • Cybercriminals pose as charity and humanitarian organisations in order to solicit donations from well-meaning people.
  • Emails designed to bypass scam filters tug on emotions and direct users to scam websites where they can lose their donations and financial information.
  • Be sure to check the charity or organisation independently before clicking a link in an email.

As war wages on between Israel and Hamas, cybercriminals are unsurprisingly leveraging the conflict for their own gain.

A new wave of scams identified by Kaspersky is trying to leverage the good nature of people to make a buck. According to the cybersecurity firm, the scam cons folks into making a donation to a good cause, only the cause is the scammer’s bank balance. To date, over 500 scam emails have been identified by Kaspersky.

“In these emails, scammers try to create multiple text variations to evade spam filters. For instance, they use various call-to-donate phrases like ‘we call to your compassion and benevolence’ or ‘we call to your empathy and generosity,’ and substitute words like ‘help’ with synonyms such as ‘support,’ ‘aid,’ etc. Besides, they alter links and sender addresses. Robust cybersecurity solutions guard against these tactics,” says Andrey Kovtun, a security expert at Kaspersky.

These scam emails contain links that, if clicked, direct the user to a donation website that look perfectly legitimate but any donations are highly unlikely to be sent to the claimed recipients. More so, these scams need to evolve, and as such one could fall foul of a donation scam that had previously been avoided.

An example of a scam website soliciting donations.
Another example of a scam website identified by Kaspersky.

Should you want to contribute to actual charity drives Kaspersky advises you take the following precautions before keying in your payment details:

  • Checking the charity’s website and credentials. Legitimate charities will be registered – you should cross-check an organisation’s credentials in a known database to confirm they are genuine.
  • Approaching charity organisations directly to donate or offer support. To donate online, type in the charity website address rather than clicking on a link.
  • If you are uncertain about the organisations you have checked, refer to well-known organisations that provide humanitarian support such as United Nations relief agencies.
  • Remember that individuals who have been affected by the crisis are unlikely to contact you directly for money – especially strangers you don’t know. Be extra cautious of requests to send money.
  • Staying vigilant. A fake website may look near identical to a genuine charity site, with the details of where to send donations being the only difference. Spelling or grammar mistakes often indicate fake pages.
  • Be careful on social media. Social media is a useful way for charities to communicate with the public and solicit donations. But do not assume that a donation request on Facebook, Twitter, Instagram, or YouTube is legitimate simply because a friend liked or shared it. Take the time to research the group before donating.

It’s also important to be aware that generative AI has flooded the market and these can be used to make scams appear even more legitimate through the avoidance of spelling errors and other telltale signs of deception. Alongside this, images can be faked as can video so it’s more important than ever to not be guided by emotion.

Be careful out there folks.

[Image – Markus Winkler on Unsplash]


About Author


Related News