2 min read

Ukrainian military personnel targeted with phishing attacks

Graham CLULEY

February 26, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Ukrainian military personnel targeted with phishing attacks

CERT-UA, the national Computer Emergency Response Team for Ukraine, has issued a warning of a major phishing campaign launched against military personnel.

In a Facebook post, CERT-UA advised that it had seen an attack launched against the personal email accounts of military staff and related individuals.

According to the warning, the phishing campaigns have targeted free email accounts hosted at the i.ua and meta.ua internet portals, both popular in Ukraine.

The emails claim that the recipient needs to confirm their details in order to confirm that they are not a spambot, or their mailbox will be closed within two days.

In the following example, the email claims to come from i.ua:

[embed phishing-email.jpeg]

Here is an example of the malicious email which has been translated into English:

“Dear user! Your contact information or not you are a spam bot. Please, click the link below and verify your contact information. Otherwise, your account will be irretrievably deleted. Thank you for your understanding. Regards, I.UA Team”

As CERT-UA warns, if users are tricked into clicking on the link, and entering their login credentials, attackers can later exploit the credentials to spy on email communications and harvest the victims' address books:

"After the account is compromised, the attackers, by the IMAP protocol, get access to all the messages. Later, the attackers use contact details from the victim’s address book to send the phishing emails."

There is a real risk that during the current crisis many Ukrainians will be more anxious than ever of losing any method of communication, and that a phishing email which threatens their email account is about to shut down could be extremely effective.

One way in which users can better protect themselves against phishing attacks like this is to use a password manager.  Most good password managers only offer to enter your password for, say, your email account if it recognises that you are on the real website where your email account is hosted.

In other words, a good password manager will not prompt to enter your password if you are on a phishing webpage instead - and that should raise a red flag that you are in danger of being phished if you proceed.

CERT-UA has pointed the finger of blame for the attacks at the hacking group UNC1151, which is based in Minsk and whose members are said to be officers of the Ministry of Defence in Belarus.

tags


Author



Right now

Top posts

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
Cyber Tips for a Spook-Free Halloween

Cyber Tips for a Spook-Free Halloween

October 26, 2022

3 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

EU Privacy Watchdog Set to Prohibit Meta From Running Ads Based on Personal Data EU Privacy Watchdog Set to Prohibit Meta From Running Ads Based on Personal Data
Vlad CONSTANTINESCU

December 07, 2022

1 min read
Versailles hospital cancels operations after ransomware attack compromises computer systems Versailles hospital cancels operations after ransomware attack compromises computer systems
Alina BÎZGĂ

December 06, 2022

1 min read
Design Flaw Accidentally Turns Open-Source Ransomware Toolkit into Wiper Malware Design Flaw Accidentally Turns Open-Source Ransomware Toolkit into Wiper Malware
Vlad CONSTANTINESCU

December 06, 2022

2 min read