A mid-March search for Ukraine scams on the Better Business Bureau’s (BBB’s) scam-tracking site yielded more than 100 reports of bad actors attempting to exploit the crisis by running fake donation campaigns in the U.S. and Canada.
“The current situation is near and dear to many hearts, particularly here in the U.S.,” explains Shared Assessments Vice President Tom Garrubba. “We are seeing everything from community and school drives, to funding initiatives on social media to support those suffering in Ukraine. Sadly, many of these drives are bogus and are trying to outright defraud sympathetic donors. Those who wish to donate should do their best to vet those organizations to see if they truly have a ‘giving’ campaign prior to making their actual donation.”
Garrubba also recommends that potential donors check to see if well-established relief organizations are conducting similar campaigns.
Garrubba, fellow Shared Assessments Vice President Ron Bradley and Shared Assessments Senior Advisor Nasser Fattah recently shared their insights with a U.S. News & World Reports reporter who is researching an article on Ukraine-related scams.
Although these scams primarily target individuals rather than third parties and/or outsourcers, they reflect the war-related misinformation, disinformation, and malinformation (MDM) that U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) warned organizations and their third parties to remain alert to following Russia’s invasion of Ukraine. “Given the events in Ukraine and their ripple effects, it’s important for all companies to ensure that incident response and business continuity plans are current,” Shared Assessments Senior Advisor Charlie Miller notes in an article on the CISA’s MDM alert. “…In fact, it’s a good time to review the overall cyber hygiene of your and your vendors’ Third Party Risk Management programs.”
How To Avoid Ukraine-Related Scams
Similar vigilance is needed on an individual level as Bradley and Fattah shared with U.S. News and World Reports in their guidance on avoiding falling prey to Ukraine-related fundraising scams:
1. Acknowledge the MDM risk: Bradley notes that it is important to recognize the proliferation of fake news on social media outlets. “If something sounds too good to be true, it likely is,” he continues. “If something is highly controversial and compelling, users should seek information from multiple reliable sources to make an informed decision.” He also notes that bad actors in Russia are “master manipulators and extremely well-versed in the use of false flags. With the use of state-run media, deep capabilities in creating fake news on social media platforms, and the indiscriminate use of falsified materials should put everyone on guard related to the information they consume.”
2. Use an authentication resource: Bradley encourages potential donors to visit the Federal Trade Commission’s consumer information page that addresses these types of scams. “It’s important to authenticate the validity of any charitable organizations before making a contribution,” Fattah agrees, pointing to the BBB’s scam tracker along with Charity Navigator as helpful resources.
3. Pay, verify and protect: Fattah recommends against using cash, wire transfers, or gift cards for donations. “Often, these are red flags,” he notes. “And after making a contribution, either via credit card or check, make sure to review your bank account for any funny business.” Garrubba stresses that credit cards are often the best payment mode to use because defrauded donors “can at least attempt to dispute the charge due to fraudulence with the issuing organization later.” Bradley also advocates the use of credit freezes (free and convenient via the major credit bureaus), which provide a stout second line of defense against more damaging fraudulent activity if/when personal and financial information is pilfered. “This will help to protect against identity theft,” Bradley adds. “Users should also enable multi-factor authentication anywhere and everywhere they can, especially with applications capable of moving money.”
These practical steps can help consumers differentiate from bad actors and what Fattah emphasizes are “the many good causes and legitimate charities that spring up to alleviate this type of severe crisis.”