A new scam: Ukrainians are being threatened with cyberattacks from Russia
28 March 07:35
Ukrainians are being warned about a new wave of cyber fraud involving mass email campaigns disguised as official notifications from CERT-UA, the government’s cyber incident response team. In these emails, attackers claim there is a massive cyberattack from Russia and urge recipients to immediately install “protective” software. In reality, the attachment contains malicious software.
The State Service for Special Communications and Information Protection of Ukraine reported the threat, according to "Komersant Ukrainian"
What kind of emails are Ukrainians receiving?
According to CERT-UA, scammers are sending emails with sensational subject lines such as: “URGENT! CERT-UA: Large-scale cyberattack from Russia – activate protection immediately.”
The main goal of such messages is to force people to act quickly without verifying the information. The email may contain a demand to immediately download a file, install a program, or follow step-by-step instructions to supposedly protect the computer.
This scheme is designed to exploit emotions and fear.
What is the danger?
Experts emphasize: the file that attackers offer to download has nothing to do with official security measures. It is malicious software that can:
- gain access to user data;
- steal passwords;
- infect a computer or corporate network;
- give attackers remote control over the device;
- use the system for further attacks.
CERT-UA specialists are currently investigating this malware.
How to tell if an email is fake
CERT-UA emphasizes: the team does not distribute software via email. This is one of the main signs that the email is fraudulent.
It is also important to check the sender’s address. Official CERT-UA email addresses have the @cert.gov.ua domain. If the email comes from a different address, this is a reason not to trust its content.
Signs of a fraudulent message may include:
- an overly alarming subject line;
- a demand to act immediately;
- a request to download an unknown file;
- a suspicious sender’s address;
- attachments or links without explanation;
- errors in the text or an unusual writing style.
What to do if you receive such an email
Experts advise against taking any action on the email if you have even the slightest suspicion.
If you receive such a message, do not:
- click on any links;
- open attachments;
- run downloaded files;
- follow the instructions in the email.
Suspicious messages should be forwarded to CERT-UA specialists at [email protected].
Why do cybercriminals use the topic of Russian cyberattacks?
Scammers often tie their schemes to high-profile topics that evoke a strong emotional reaction. In the context of war, a message about an “urgent cyberattack by Russia” appears credible, so some users may believe it without further verification.
That is why experts urge people not to react hastily to sensational emails, even if they look official.
This is not the first wave of digital fraud
Recently, other online scams have been reported in Ukraine. In particular, Ukrainians were warned about fake messages regarding alleged cash payments for power outages, as well as the sale of counterfeit tickets in chat rooms and online communities.
All of this indicates that cybercriminals are actively exploiting current events to lure out data, money, or access to devices.
How to protect yourself
To avoid becoming a victim of such attacks, follow basic cyber hygiene rules:
- check the sender’s address;
- do not open unknown files;
- do not trust emails demanding immediate action;
- use antivirus software;
- update your system and software;
- verify information only on official sources.
Read us on Telegram: important topics – without censorship
