NABU warns of phishing emails sent in the Bureau’s name: how to avoid falling victim to scammers
30 April 22:49
The National Anti-Corruption Bureau of Ukraine has issued a warning about phishing emails purporting to be sent on behalf of NABU. Such messages may contain malicious links or attachments, and their purpose is to steal users’ personal data or infect their devices. This was reported by NABU’s press service, according to "Komersant Ukrainian"
The Bureau emphasized that it has no connection to such emails and urged citizens to be vigilant when checking their email.
What happened
According to NABU, phishing messages disguised as official correspondence from the Bureau have been detected. Such emails may come from addresses similar to NABU’s genuine addresses and contain dangerous links or files.
“We have detected phishing emails purportedly sent on behalf of NABU. These messages contain malicious links/attachments and come from addresses similar to NABU’s official addresses,” the statement reads.
NABU emphasizes: this is a scam attempt that could lead to the theft of passwords, verification codes, personal data, or the infection of a computer or phone with malicious software.
From which addresses does NABU send emails?
NABU conducts official email correspondence exclusively from the domain: @nabu.gov.ua.
The Bureau also warned that scammers may use similar domains, such as:
- @nabu.org.ua;
- @enabu.gov.ua;
- other addresses that visually resemble the official ones.
NABU has drawn particular attention to owners of @ukr.net email accounts. They may receive emails from addresses that completely mimic NABU’s official addresses, including the domain.
Watch us on YouTube: important topics – without censorship
Why are such emails dangerous?
Phishing emails are usually designed to make the recipient believe they are official. The message may ask you to open a document, click a link, confirm your information, or enter a password or code from an SMS.
The consequences can be serious:
- theft of usernames and passwords;
- access to email or banking services;
- installation of malware;
- theft of personal or work-related data;
- further use of email to attack other people.
What NABU recommends
NABU urges you not to open attachments or links in suspicious emails, even if they appear to be official.
Key recommendations:
- do not click on suspicious links;
- Do not open attachments from unknown or suspicious emails;
- do not share passwords, verification codes, or personal information;
- verify the sender’s actual email address;
- if in doubt, contact NABU at 0 800 213 200.
How to check a suspicious email
If you receive an email purportedly from NABU, you should carefully check not only the sender’s name but also the full email address. Scammers often change a single letter, add extra characters, or use similar domains.
You should also pay attention to the content of the email. Urgent requests such as “open the file immediately,” “confirm your information,” “click the link,” “avoid liability,” or “provide your password” may be suspicious.
Official institutions do not ask you to send passwords or verification codes via email.
Read us on Telegram: important topics – without censorship
