Phishing scams related to Ukraine are increasing. Although there are no current credible Russian cybersecurity threats to U.S. universities, the UW Cybersecurity Operations Center is prepared and following all recommended best practices to prevent cyberattacks. You can do your part by identifying and reporting phishing scams related to Ukraine.
How to identify a scam
The main types of Ukraine-themed scams are:
- Requests for cryptocurrency donations
- Fake online money contribution organizations or charities (such as fake Go Fund Me organizations)
- Requests to purchase merchandise with proceeds going to Ukraine
To check if the email is legitimate:
- Check the sender’s email address for anything suspicious such as it being from an individual instead of the organization named in the email.
- Hover over any links to see if they match the name of the organization that it allegedly represents. If it’s an organization you’re familiar with, type their URL into your web browser to go directly to their site.
- Review the text for grammatical errors.
If you are ever unsure whether an email message is legitimate, or what you should do with it, DO NOT RESPOND to it! Instead, contact the DoIT Help Desk for advice.
What to do if you receive a phishing scam
- Don’t reply
- Don’t click on links
- Don’t open any attachments
- Report the email
- To report phishing emails received via Outlook, please click the “Report Phish” button on the toolbar/ribbon located at the top of your page. This action will send the questionable email to the UW–Madison Cybersecurity Operations Center (CSOC).
- If you do not see the “Report Phishing” button, then forward the message as an attachment (Source: KB 34567) to firstname.lastname@example.org.
For more information
- Ukrainian cryptocurrency scams (Source: bleepingcomputer.com)
- Fake money contribution organizations (Source: cnet.com)
- How to recognize and report phishing (Source: it.wisc.edu)
- Office 365 – Submit a message as spam/phishing (Source: KB 45051)