Scammers are impersonating “Ukrenergo”: how to keep your passwords and banking information safe
12 June 14:37
A new wave of fraudulent emails has been detected in Ukraine, in which cybercriminals pose as official communications from NPC “Ukrenergo.” In these emails, users are asked to click on a link or download a supposedly important document. In reality, however, the files may contain malware capable of stealing personal data. This was reported by the Ukrenergo press service, according to "Komersant Ukrainian"
The company emphasizes: the energy company does not send out power outage schedules or payment documents via personal emails.
How the new scam works
Cybercriminals are sending Ukrainians emails that appear to be official communications from Ukrenergo. In these emails, users are asked to download a document supposedly from the company’s official website.
However, such a file may contain a virus or other malicious software. Once opened, it can gain access to the user’s device and steal confidential information.
The following may be at risk:
- passwords for email, social media, and banking apps;
- banking details;
- personal files;
- account login credentials;
- access to the device itself.
In addition, an infected computer or phone can be used for further cyberattacks.
Who is at risk
According to cybersecurity experts, users of email services with the domains @i.ua, @ua.fm, and @email.ua should be especially vigilant.
At the same time, Ukrenergo warns that fraudulent emails may also be sent to other email services.
Therefore, you should verify any messages that contain links, attachments, or requests to download a file immediately.
Scammers are forging Ukrenergo’s email address
To gain the recipients’ trust, attackers may forge the sender’s address and mimic the appearance of an official email from NPC “Ukrenergo”—[email protected].
That is why users are advised not to rely solely on the sender’s name. Even if the email looks official, you should check its content, links, and attachments.
According to cybersecurity experts, such emails may be sent from outside Ukraine.
Watch us on YouTube: important topics – without censorship
“Ukrenergo” does not send power outage schedules in private emails
The company specifically emphasized that NPC “Ukrenergo” does not send citizens power outage schedules, payment documents, or other similar files in personal emails.
Up-to-date information on possible power supply restrictions should only be checked on Ukrenergo’s official Facebook and Telegram pages.
Power outage schedules for specific addresses are published by the relevant local power distribution companies.
How to protect yourself from fake emails
Experts advise following basic cybersecurity rules:
- do not click on suspicious links;
- do not open attachments from unknown or suspicious emails;
- do not download files, even if the email looks official;
- delete suspicious messages immediately;
- verify information about outages only on official sources;
- if you accidentally open a file, immediately scan your device with antivirus software.
What to do if the file has already been opened
If a user accidentally downloaded or opened a file from a suspicious email, they should scan their device with antivirus software as soon as possible.
You should also change passwords for important accounts, especially email, banking services, and social media.
If you suspect that scammers may have gained access to your banking information, contact your bank to temporarily block your cards or restrict transactions.
Read us on Telegram: important topics – without censorship
