Cybersecurity researchers reveal a new crypto donation scam manipulating the humanitarian crisis in Gaza, with scammers preying on sympathy for Palestinian children to solicit funds – Over 200 individuals and numerous organizations have fallen victim to the elaborate scheme.
Cybersecurity researchers at Abnormal Security have uncovered a deceptive new crypto donation scam exploiting the humanitarian crisis in Gaza where scammers trick users by generating sympathy for Palestinian children to request donations. Around 212 individuals across 88 organizations have become targets of this charity attack.
Threat actors like to capitalize on geopolitical events as trapping people and gaining sympathy becomes easier. We witnessed the same in the case of the missing Malaysian flight MH370, how scammers propagated fake videos and images, falsely claiming that the missing jet was found in the Bermuda Triangle. In reality, they exploited the incident to spread malicious links.
In the latest fraud campaign, scammers send emails that are apparently sent by a group called “help-palestinecom.” The sender urges the recipients to contribute to their campaign to support Palestinian families.
It is worth noting that scammers ask for donations in cryptocurrency ranging from $100 to $5000 and include cryptocurrency wallet addresses for Bitcoin, Ethereum, and Litecoin to avoid being tracked.
Unsuspecting users fall for the lure and donate, thinking that this money would help provide Palestinian children with basic needs such as medical care, clean water, and internet access.
To enhance the email’s legitimacy, the scammers have included links to three of the latest news articles on the impact of the conflict on children. Moreover, they have strategically used emotionally stirring language to emphasize the challenges of children in Palestine.
For instance, they used “children in Palestine face unimaginable challenges daily,” “a lifeline for these children caught in the crossfire,” and “the children in Palestine are dying.” To avoid detection, scammers have used multiple tactics, including spoofing the email address of an Indian stock brokerage firm Goodwill Wealth Management and creating a fake domain.
According to Abnormal Security’s CISO and advisory author, Mike Britton, legacy secure email gateways (SEGs) fail to detect this scam because of social engineering techniques used by scammers and the absence of apparent indicators such as grammatical errors or payloads. Britton emphasized the need for AI-based email security solutions that could distinguish between malicious and genuine content.
“AI-powered email security platform is trained to identify social engineering tactics, it recognizes that this email is attempting to leverage emotional manipulation to convince the target to bypass rational thinking and quickly transfer funds. It can also detect and flag the mismatch between the sender’s email and the reply-to address, as this is a common attack tactic,” Britton explained.
The scam is the latest to join the manipulative attacks exploiting ongoing geopolitical crises. The FBI issued warnings on 6 and 14 November 2023 to alert users about fraudsters attempting to exploit the war in Gaza.
The bureau highlighted that fraudsters can use emails, social media, cold calls, crowdfunding sites, and charities/fundraisers to solicit payments. FBI warnings noted that apart from opportunistic cybercriminals, terrorist organizations can also establish fake charities to “subsidize their operations.”
Users are, therefore, advised to exercise caution and verify the legitimacy of the sender and their claims before donating.
- Scammers using fake WHO Bitcoin wallet to steal donation
- Ransomware group donates $20,000 in BTC to two charities
- US disrupts 3 cryptocurrency campaigns run by terror groups
- Black Lives Matter movement exploited to spread Trickbot malware
- Indian PM Modi’s Twitter handle hacked to ask for Bitcoin donations