Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa.
Israeli-Hamas Conflict Spells Opportunity for Online ScammersIsraeli-Hamas Conflict Spells Opportunity for Online Scammers
As the conflict in the Middle East rages, malicious actors look to exploit the situation with bogus charity sites encouraging donations.
October 24, 2023
Researchers have uncovered hundreds of cyber scams leveraging the Israeli-Hamas conflict, including more than 500 scam emails and fraudulent websites capitalizing on people's willingness to aid those affected by the war.
Many of these emails contain links to scam websites that provide information about the ongoing situation and encourage individuals to make contributions, with the added convenience of various cryptocurrency payment options, according to Kaspersky researchers.
By tracking the wallet addresses used, security experts found additional fraudulent Web pages claiming to collect aid for various groups within the conflict area.
Andrey Kovtun, security expert at Kaspersky, says attackers often attempt to intimidate recipients by threatening severe consequences, such as financial losses, account suspensions, or even legal action, if the potential victims fail to click links, open attachments, or call specified phone numbers.
"Urgency often compels recipients to act swiftly," he adds. "In some instances, such as the recent campaign exploiting the Israeli-Hamas conflict, scammers try to appeal to sympathy, soliciting funds while presenting their actions as noble endeavors."
Callie Guenther, senior manager of cyber threat research at Critical Start, says threat actors have an uncanny ability to adapt their tactics based on current events and societal concerns. This emotional appeal, rooted in compassion and moral responsibility, often overshadows rational decision-making, rendering potential victims more susceptible.
A Multitude of Tactics
Fake charity scams often emerge during real disasters, with scammers posing as charitable organizations and using emotional language to lure users in. Tactics include the common methods of multiple text variations to evade spam filters or altered links and sender addresses.
"During conflicts or emergencies, situations can change rapidly, and news travels quickly," Kovtun says. "Fraudulent pages may adapt to the latest developments, such as incorporating current facts or photos to appear more credible."
They can also evolve with more sophisticated designs, aiming to resemble legitimate organizations — for example, they may replicate the visual layout of other well known charities or humanitarian organizations. "Additionally, scammers could add content to the fraudulent websites, for example, news updates, and more, to diversify it with pages other than a money transfer one," Kovtun adds.
Ferreting Out the Fraud
To protect against such scams, users are urged to thoroughly scrutinize websites before donating, as fake sites often lack essential information about the organizers, recipients, legitimacy, or transparency regarding fund usage.
"Apart from the simple use of a search engine to find reports of an organization being a scam, look up the provenance of the domain names involved using whois.com or another domain registrar's records," Hamilton advises. "If domains were recently registered it is less likely that the organizations are legitimate."
He also recommends looking for the owner of the IP address space used by the Web properties involved and the country where the hosting service originates.
"Legitimate charity organizations' websites rarely consist of a single page," Kovtun points outs. "Encountering such a landing page should prompt a search for the organization's name to explore the search results."
Upon discovering additional information in the search results, it is advisable to cross-reference the recipient's details on the website received in the email with the information on the official site from search results.
"Spelling or grammar errors often serve as indicators of fraudulent pages," Kovtun says. "If there is still uncertainty about the organizations you have checked, it is better to donate to well-known humanitarian support organizations."
Guenther says it's also beneficial to remember that while the guise may change — be it the Israeli-Hamas conflict, the Haiti earthquake, or the Syrian Refugee Crisis — the underlying strategies remain consistent. "Being informed and maintaining a healthy skepticism can be our strongest defenses against these opportunistic scams," she notes.
Read more about:DR Global Middle East & Africa
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023