News

IT NEWS

Watch out for Ukraine donation scammers in Twitter replies

The invasion of Ukraine has been a money making opportunity for scammers since the moment it began: Fake donation sites, bogus Red Cross portals, phishing pages, the works.

These scams can also be found on social media.

Faking donations on Twitter

Some users of social media have become very well-known for their tweets inside affected regions. Others who were already well-known have become even more so. The ones asking for medical assistance, donations, or replacements have had some success raising whatever has been required.

Unfortunately, we’re seeing scammers try to capitalise on these activities. One such request on social media came via a well known Twitter user, @Xenta777, asking for military equipment-related donations:

In the past we have seen Twitter scams where a fake account answers a question in the replies to a tweet by a well known organisation and pretends to be customer support, hijacking the conversation and directing victims to a phishing page.

A similar tactic is being used here.

Quoting your way to donation fraud

Somebody set up an imitation account (note the additional “7” in the username), and then posted this in response to someone asking where to donate:

donationphish2
The fake Xenta asks users to donate to their paypal address

Like many successful scams, it’s very simple, which can easily yield results.

We reported the account, and it was eventually suspended after having apparently cycled through several different usernames. Interestingly, it had been “suspended” on the 4th of April, then returned using the original username until a few days ago.

At any rate, the scammer (appears) to be gone now.

Keeping your donations safe

One unfortunate issue with donations related to the invasion of Ukraine is that a lot of people tweeting about events as they happen don’t have verified accounts. This means it’s very easy for scammers to impersonate genuine people. There are some ways to try and reduce (not eliminate) this, though:

  1. Check the account creation date. This is no guaranteed indicator of genuineness, but Twitter has been around a long time and a brand new account should make you suspicious.
  2. Look for people you know who follow an account you’re considering donating to. Mutual connections are, again, no guarantee. You can at least check with them as to their estimated genuine nature of an account before taking any action.
  3. Use a donation method that can give you a refund if required. This means various forms of cryptocurrency and/or wire transfers are probably not on the cards. Additionally, many people asking for help with things are using third-party payment tools which often come with money-back facilities. Someone asking you to send them bank info by email or something along those lines? Not the best of indicators.

Whenever possible, you should be donating through approved and well known channels. We realise this isn’t always possible under current circumstances, so hopefully the above tips will stop you wandering into sticky situations.

The post Watch out for Ukraine donation scammers in Twitter replies appeared first on Malwarebytes Labs.