Increased Malicious and Scam Activity Exploiting the Russia-Ukraine Conflict

Published on 08 Mar 2022

Updated on 16 Mar 2022

As the conflict in Russia and Ukraine intensifies, there is a rising number of reports globally involving scammers taking advantage of the crisis to trick users into sending money or spread malicious payloads through the use of phishing emails. Users are advised to be extra vigilant during these times.

Examples of the phishing emails reported include, but are not limited to:
- Scammers asking recipients to fill out a survey concerning their backup plans in response to the conflict, which, upon interaction, downloads a malicious payload
- Scammers impersonating companies (with Russian or Ukrainian clients) asking recipients if they want to put their orders on hold until shipments and flights reopen
- Scammers luring recipients through fraudulent donation emails, by impersonating entities such as the international humanitarian agency Act for Peace, UNICEF, and other donation projects
- Scammers seeking recipients' assistance to transfer money for their relocation out of Ukraine

Practising good cyber hygiene can help to mitigate the impact:
- Be vigilant about phishing attempts. Always be wary of suspicious emails especially those that try to induce a sense of urgency and verify before clicking any links or downloading any attachments. Look out if the email comes from an unfamiliar sender who could be disguised as a legitimate individual or reputable organisation
- Make sure that emails asking for donations are indeed from official organisations before proceeding with the donations
- Check your financial accounts regularly for any suspicious activity or unauthorised charges
- Change your passwords regularly; use a strong password of at least 12 characters which includes upper case, lower case, numbers and/or special characters. Avoid using the same password for different accounts, or using passwords that are derived from your Personally Identifiable Information (PII)
- Install anti-virus software and keep the software (and its virus definition files) updated. Perform a scan of the systems and networks at least once a week and scan all received files before opening them