Hackers exploit Israeli-Hamas conflict via fake donation emails

Cyber-security researchers on Monday, 23 October, said they have identified a scam donation campaign exploiting the Israel-Hamas conflict via malicious emails and fake websites.

To date, cybercriminals have disseminated over 500 scam emails and created fraudulent websites to expedite the money transfer process, according to the research by Kaspersky.

The experts observed a surge in scam emails written in the English language, falsely seeking donations for those affected by the conflict. The company’s security solutions detected more than 540 such emails.

“In these emails, scammers try to create multiple text variations to evade spam filters. For instance, they use various call-to-donate phrases like ‘we call to your compassion and benevolence’ or ‘we call to your empathy and generosity,’ and substitute words like 'help' with synonyms such as 'support,' 'aid,' etc,” said Andrey Kovtun, a security expert at Kaspersky.

Besides, they alter links and sender addresses. The links used in the emails lead to a scam website. This website provides users with context about the conflict, displays photos, and encourages them to make donations. Fraudsters facilitate easy money transfers, offering options for various cryptocurrency transactions -- Bitcoin, Ethereum, Tether, and Litecoin, said the report.

The experts discovered fraudulent web pages, claiming to collect aid for other various groups in the conflict area. These cyber-attackers are using advanced social engineering techniques to exploit people's desire to help and their compassion, trying to lure potential victims into making fake donations to steal money.

“To avoid scams, it is worth scrutinising pages thoroughly before donating. Fake sites often lack essential information about charity organisers, recipients, legitimacy documentation, or lack transparency regarding fund usage. It is worth implementing the following security measures,” the security researchers advised.