Amazon UK

Friday, 4 March 2022

Sketchy domains try to trick Ukraine supporters out of would-be donations

Ukraine flag

Scammers and other bad actors are once again up to their old tricks in search of ill-gotten profits, and this time they've set their sights on Ukraine. In order to take advantage of the ongoing war in the country, they're using an old, reliable tool to trick internet users: Domain names.

More than 4,200 Ukraine-related domain names have been registered since Russian troops invaded the country last week, according to the domain monitoring service DomainTools. 

DomainTools has been tracking newly registered domain names that contain the terms "Ukraine" or "Ukrainian" for the past week. The company has made this data freely available to the public. 

Domain name registrations connected to the conflict have continued to rise, most notably jumping from 46 domains on Feb. 24, the day Russia's invasion began, to more than 200 the next day.

It's important to note that not all of these domain name registrations are malicious. However, preliminary research into the data by both DomainTools and Mashable have uncovered a number of likely scams. Within hours of the invasion of Feb 24, DomainTools discovered URLs, such as "support-ukraine.eu" and "donatetoukraine.org," set up to take donations for unspecified organizations. The Federal Trade Commission website warns against just these sorts of emotionally charged appeals for donations that don't include details about how the money will be used.

Mashable has uncovered similar Ukraine-related domains being used for apparent scams, particularly ones related to cryptocurrency. "Crypto4Ukraine.com" was registered eight days ago. A website at the URL was quickly setup using the hosting service Wix. Donation links and QR codes can be found on the site, which sends users to specific crypto wallets for Bitcoin, Ethereum, Dogecoin, and a number of other tokens.

"Crypto fundraising for all the victims of the gruesome events" reads the website, without any mention of where these donations will go. A Google search for the Bitcoin wallet address provided found it listed on a website where users can report crypto scams. At publishing time, the website is no longer resolving at the domain.

Another website posing as a crypto fundraiser for Ukraine, "cryptocurrency-helps-ukraine.com" lists a number of wallet addresses that have not previously been shared online. The website also does not specify which organization these donations will ostensibly be going to.

As Shoshana Wodinsky of Gizmodo pointed out on Twitter, other URLs registered related to the conflict in Ukraine seem to point to other possible scams. One domain pointed to a website for "Ukraine Brides." Another URL forwarded users to real estate listings in nearby countries.

Nefarious actors have long weaponized URLs in order to scam users out of money or steal their personal information. This tactic exploded during the COVID-19 pandemic, for example, as thousands of domain names were registered promoting COVID-19 vaccines in order to trick people into thinking they were visiting official health websites.

If you're looking for legitimate Ukraine aid organizations to donate to, you can find those here.



from Mashable https://ift.tt/mETFrN7
via IFTTT

No comments:

Post a Comment

CPA Cash Machine