The invasion of Ukraine has been a money making opportunity for scammers since the moment it began: Fake donation sites, bogus Red Cross portals, phishing pages, the works.
These scams can also be found on social media.
Some users of social media have become very well-known for their tweets inside affected regions. Others who were already well-known have become even more so. The ones asking for medical assistance, donations, or replacements have had some success raising whatever has been required.
Unfortunately, weβre seeing scammers try to capitalise on these activities. One such request on social media came via a well known Twitter user, @Xenta777, asking for military equipment-related donations:
> Friends, Iβm afraid that I really burden you with different requests, but I need your help
My good friend (ex-boss) asks to help with raising money for their special unit
Here is the invoice with special devices they need right now
If you can donate even 1$, please DM me
pic.twitter.com/0a6mcfSASb
>
> β Xenta (@Xenta777) April 12, 2022
In the past we have seen Twitter scams where a fake account answers a question in the replies to a tweet by a well known organisation and pretends to be customer support, hijacking the conversation and directing victims to a phishing page.
A similar tactic is being used here.
Somebody set up an imitation account (note the additional β7β in the username), and then posted this in response to someone asking where to donate:
The fake Xenta asks users to donate to their paypal address
Like many successful scams, it's very simple, which can easily yield results.
We reported the account, and it was eventually suspended after having apparently cycled through several different usernames. Interestingly, it had been "suspended" on the 4th of April, then returned using the original username until a few days ago.
At any rate, the scammer (appears) to be gone now.
One unfortunate issue with donations related to the invasion of Ukraine is that a lot of people tweeting about events as they happen donβt have verified accounts. This means itβs very easy for scammers to impersonate genuine people. There are some ways to try and reduce (not eliminate) this, though:
Whenever possible, you should be donating through approved and well known channels. We realise this isn't always possible under current circumstances, so hopefully the above tips will stop you wandering into sticky situations.
The post Watch out for Ukraine donation scammers in Twitter replies appeared first on Malwarebytes Labs.