Scammers use U.S Ukraine Foundation identity to gain cryptocurrency profits

Another day, and another cyber criminal is trying to steal known foundation identity and use it to scam people to gain some #cryptocurrency.?

As Russia invasion on Ukraine started, I noticed (and warned publicly about the problem) plenty of newly created domains and web pages created to help Ukraine citizens either with shelter information or by gathering other goods or money for direct help. But there is a catch - there are not only good people out there, some are trying to exploit this situation for their gain.

Today my little toolset noticed good case of that kind of activity. Someone fully copied U.S Ukraine Foundation identity by registering similiar domain name, copied and then modified the "donation" page with information to send donations to cryptocurrency wallet.

Here's example of original, legitimate donation page that you can find on https://usukraine.org/

As you can see, you can use direct Credit Card charge or use PayPal to donate. And now let's take a look at copied and modified scam website.

As you can see, the only option on the modified website is cryptocurrency method and payment to bitcoin wallet. At the time that i'm posting this, the wallet is empty so noone yet fell into this scam.

Original domain name for legitimate website is "usukraine.org", and scammer version with copied website is "us-ukraine.org" registered at 23.03.2022.

and attacker created a copy of the website using HTTRack software at 23.03.2022, so the same day the domain was created.

Stay safe, and verify all the websites that are using Ukraine Aid theme. There are plenty of scams out there.

PS: Fake website is still online. Of course i have reported it and hopefully it should be taken down soon.